ITNE2005 Assessment 1 Report: Network Attacks and Security Analysis

Verified

Added on 2022/10/01

AI Summary

This report presents an analysis of network attacks and security tools, focusing on the ITNE2005 assessment. The first part of the report examines the Heartland breach, a significant SQL injection attack, detailing its mechanics, impact, and potential mitigation strategies such as avoiding dynamic SQL and using web application firewalls. The second part delves into Wireshark, a network protocol analyzer, outlining its key features and capabilities for troubleshooting network issues. The report also reflects on the impact of network attacks on organizations, including financial losses and erosion of consumer trust, and suggests key steps for network protection, such as implementing top-down cybersecurity strategies and training staff. Finally, it discusses personal computer protection measures, including firewalls, antivirus software, and secure passwords. The report aims to provide a comprehensive understanding of network security threats and defenses.

Running Head: ITNE2005 ASSESSMENT 1
ITNE2005 ASSESSMENT
Student Name
Institution
Course
Date

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

ITNE2005 ASSESSMENT 2
Part 1: Network Attacks
Name of Attack: The Heartland Breach
Type of Attack: SQL Injection Attack
Date of Attack: March 2008
Organization Affected: Heartland Payment Systems Inc.
How it works and what it did:
SQL injections are among the network attack approaches that allow the attackers to have
full control over the organization web application databases, through the insertion of a SQL
codes into the database query to alter the normal functionality of the database queries (Som,
Sinha & Kataria, 2016). SQL injections exist in different forms, although they all involve the
insertion of arbitrary SQL codes into web application databases by the attackers. SQL injection
via user input is the simplest form. It works on the basis that a web application can accept user
input typically through forms before the front-end can pass the inputs to the back-end of the
database for processing purposes (McWhirter et al., 2018). However, web applications do not
sanitize user inputs, the attackers are able to inject and SQL into the back-end database to
compromise the integrity of the database.
Although the breach was reported in 2009, the breach had taken place in 2008. The
breach has been termed as among the slow moving event which had started in the year 2007
when a SQL injection was inserted into the company database to compromise it (Shu et al,
2017). The SQL injection appended additional database commands in their web application. The
injection modified the web login page code of the company which had been deployed some few

ITNE2005 ASSESSMENT 3
years earlier. The hackers are then said to have spent several months trying to compromise the
payment processing system of the company with great care to avoid detection from the various
antivirus systems of the company (Shu et al., 2017). They eventually managed to install a
spyware program known as sniffer to allow them capture card data as payments were being
processed. The breach was then discovered later when MasterCard and Visa notified the
company about suspicious transactions from accounts it was handling
Mitigation options (McWhirter et al., 2018)
Avoiding dynamic SQL as possible: these entail the parameterized queries, stored procedures
and prepared statements.
Through regular patch updates: most of the SQL injection vulnerabilities are as a result of
outdated applications and other database tools which can be revealed regular patch updates.
Use of web application firewalls: web application firewalls filter out malicious data as guided by
comprehensive set of rules which make it easier to add new rules
Part 2: Network Security Audit Tools and Attack Tools
Name of tool: Wireshark
Developer: The Wireshark Team
Type of tool: GUI
Used on: Network Device
Cost: Open Source Software

ITNE2005 ASSESSMENT 4
Description of key features and capabilities of the tool
Wireshark is among the foremost network protocol analyzer in the world which lets
network analysts to see what happens on their networks at a microscopic level. Some of its key
features which make it superb software include but not limited to deep inspection on hundreds of
protocols, standard three panel packet browsing capability, offline analysis of packets, it is a
multiplatform software, it can read and write different file formats and supports decryption for
many protocols (Chappell, 2017).
Wireshark allows network analysts to troubleshoot different network problems such as
latency issues, dropped packets and malicious activities on an organization network. It lets them
monitor network traffic closely and provide tools to drill down traffic, filter it and zoom it to
reveal the root cause of the problem (Chappell, 2017).
Reflection
What is the impact of network attacks on the operation of an organization? What are some key
steps organizations can take to help protect their networks and resources?
Successful network attacks have major damages on organization operations. They usually
affect the organization bottom line as well as its standing consumer trust. From the economic
point of view, network attacks may result into a substantial loss of finances which arise from
theft of money, disruption of trading and theft of corporate information (Sanders, 2017). Some of
the key steps which can be taken to help protect organization networks and resources include:
implementing cybersecurity strategies from top-down, creating strict policies on the allocation of
IT resources, coming up with a robust network protection perimeter, implementing strong

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

ITNE2005 ASSESSMENT 5
protection measures on the organization endpoints or servers and lastly to train the organization
staff on cybersecurity.
What steps can you take to protect your own PC or laptop computer?
In this world of persistent threats from hackers, protecting personal computers is a priority.
The main approach used by the hackers is through the internet and the popular web services
(Kernighan, 2017). The numerous ways I can use to protect and remove malwares from my
computer include: the installation of firewalls, antivirus, anti-spyware software, checking the
security settings of my browsers regularly and using complex secure passwords.
References
Chappell, L. (2017). Wireshark 101: Essential Skills for Network Analysis-Wireshark Solution
Series. Laura Chappell University.
Kernighan, B. W. (2017). Understanding the digital world: What you need to know about
computers, the internet, privacy, and security. Princeton University Press.
McWhirter, P. R., Kifayat, K., Shi, Q., & Askwith, B. (2018). SQL Injection Attack
classification through the feature extraction of SQL query strings using a Gap-Weighted String
Subsequence Kernel. Journal of information security and applications, 40, 199-216.
Sanders, W. H. (2017, November). A Case Study Assessing the Effects of Cyber Attacks on a
River Zonal Dispatcher. In Critical Information Infrastructures Security: 11th International
Conference, CRITIS 2016, Paris, France, October 10–12, 2016, Revised Selected Papers (Vol.
10242, p. 252). Springer.
Shu, X., Tian, K., Ciambrone, A., & Yao, D. (2017). Breaking the target: An analysis of target
data breach and lessons learned. arXiv preprint arXiv:1701.04940.

ITNE2005 ASSESSMENT 6
Som, S., Sinha, S., & Kataria, R. (2016). Study on sql injection attacks: Mode detection and
prevention. International Journal of Engineering Applied Sciences and Technology, Indexed in
Google Scholar, ISI etc., Impact Factor: 1.494, 1(8), 23-29.