CO4509 Computer Security: Security Evaluation of WidgetsInc System
VerifiedAdded on 2023/06/09
|16
|4166
|411
Report
AI Summary
This report details a security evaluation conducted on WidgetsInc's system, which was developed by Benny Vandergast Inc. The evaluation utilizes a VMware virtual machine to identify security vulnerabilities. The investigation process involves discovering the system's IP address, usernames, and passwords, followed by employing various tools and techniques, including Ubuntu commands, nmap for port scanning, and SQL injection testing. The report outlines the steps taken to access the system, change passwords, and assess network connectivity. It also discusses vulnerabilities found in ports 22 and 80, specifically related to SSH login and WebDAV. The report concludes with a proposal on securing the system, addressing each identified security issue to enhance the overall robustness of the platform. Desklib provides a platform for students to access a variety of solved assignments and study resources.
Running head: COMPUTER SECURITY
COMPUTER SECURITY
Name of the Student
Name of the University
Author Note:
COMPUTER SECURITY
Name of the Student
Name of the University
Author Note:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1COMPUTER SECURITY
Table of Contents
Introduction..........................................................................................................................2
Steps of investigating the project.........................................................................................2
Test case...............................................................................................................................4
Security Measures................................................................................................................8
Conclusion.........................................................................................................................11
References..........................................................................................................................13
Table of Contents
Introduction..........................................................................................................................2
Steps of investigating the project.........................................................................................2
Test case...............................................................................................................................4
Security Measures................................................................................................................8
Conclusion.........................................................................................................................11
References..........................................................................................................................13
2COMPUTER SECURITY
Introduction
Initiation of the protection process begins with the identification of the issues that are
present in the platform where the data if the client are stored. After identifying the issues that are
present in the platform the major concern of the project completion is the planning of the risk
mitigation techniques. In order to mitigate the risks that are present the plans that are evaluated
re deployed on the platform of the data storage and information center. VMware is one of the
leading brand that takes place in the processing of data management. The algorithms data are
used during the performing of the task helps in proper processing of the data management and
keeps the operating system protected and mitigates the risks. Due to the fact that there has been
a major growth in the process of the data management and the introduction of digital platform
will lead to the fact that the data management is done efficiently. This is also another reason that
will proclaim the fact that the data management is performed with much higher robustness. This
report will discuss about the processing of the investing terminologies that will be implemented
to take into consideration the processing of the data management. This report will also provide us
with the brief description of the data that is obtained in the processing of the data management
with the help of the VMware system. This report will also take into consideration the fact that the
data management regarding security if the platform is taken into consideration and proper
security techniques will be provided in the report.
Steps of investigating the project
Widgets Inc is one of the leading organization which has been dealing with the
terminologies that collaborates with Benny Vandergast Incorporation. This is the major reason
that the processing of data management will be processed with the help of web based stores.
Main purpose of the collaboration is that Benny Vandergast was capable to design a platform
Introduction
Initiation of the protection process begins with the identification of the issues that are
present in the platform where the data if the client are stored. After identifying the issues that are
present in the platform the major concern of the project completion is the planning of the risk
mitigation techniques. In order to mitigate the risks that are present the plans that are evaluated
re deployed on the platform of the data storage and information center. VMware is one of the
leading brand that takes place in the processing of data management. The algorithms data are
used during the performing of the task helps in proper processing of the data management and
keeps the operating system protected and mitigates the risks. Due to the fact that there has been
a major growth in the process of the data management and the introduction of digital platform
will lead to the fact that the data management is done efficiently. This is also another reason that
will proclaim the fact that the data management is performed with much higher robustness. This
report will discuss about the processing of the investing terminologies that will be implemented
to take into consideration the processing of the data management. This report will also provide us
with the brief description of the data that is obtained in the processing of the data management
with the help of the VMware system. This report will also take into consideration the fact that the
data management regarding security if the platform is taken into consideration and proper
security techniques will be provided in the report.
Steps of investigating the project
Widgets Inc is one of the leading organization which has been dealing with the
terminologies that collaborates with Benny Vandergast Incorporation. This is the major reason
that the processing of data management will be processed with the help of web based stores.
Main purpose of the collaboration is that Benny Vandergast was capable to design a platform
You're viewing a preview
Unlock full access by subscribing today!
3COMPUTER SECURITY
that helps in testing the security issues that are present in the operating system. Hence he was the
one who came up with the VMware ideology to test the proceeding of the project. Major concern
of this testing platform is to ensure the security and data testing of the clients leading to
projection of customer security
VMware runs with the help of the Ubuntu, dealing with the fact that the data management
is performed with the tools that are present in the operating system of Ubuntu. Initially the
VMware needs to be downloaded for processing of the entire security check purpose. This leads
to the fact that the installation of the entire downloaded data regarding the VMware software is
to be done for accessing the portal and the security indices that are performed for the completion
of the task. After installation of VMware the major questionnaire that it asks for the processing
of the project is that the requirement of the log in id and the user password will be required for
the initiation of the project. After implementation of the user name and the password, the major
issue that comes into vision is the dilemma of selecting either Ubuntu or the recovery mode of
Ubuntu. It is recommended to choose the recovery mode of Ubuntu. After logging into the
processing of the recovery mode of Ubuntu, root option is taken into consideration. Dropping of
root shell prompt is done in this section.
In the root widget, the code “whoami” is taken into consideration. After the completion
of the task, second code “cd/home” is used. After using both the codes, ‘ls’ command name is
applied to it. This leads to the fact that user name of the system will get displayed.
After completion of the command line of the code, the user name that is widgets gets
displayed.
The code that is searched and used in the processing of the project is as follows: -
that helps in testing the security issues that are present in the operating system. Hence he was the
one who came up with the VMware ideology to test the proceeding of the project. Major concern
of this testing platform is to ensure the security and data testing of the clients leading to
projection of customer security
VMware runs with the help of the Ubuntu, dealing with the fact that the data management
is performed with the tools that are present in the operating system of Ubuntu. Initially the
VMware needs to be downloaded for processing of the entire security check purpose. This leads
to the fact that the installation of the entire downloaded data regarding the VMware software is
to be done for accessing the portal and the security indices that are performed for the completion
of the task. After installation of VMware the major questionnaire that it asks for the processing
of the project is that the requirement of the log in id and the user password will be required for
the initiation of the project. After implementation of the user name and the password, the major
issue that comes into vision is the dilemma of selecting either Ubuntu or the recovery mode of
Ubuntu. It is recommended to choose the recovery mode of Ubuntu. After logging into the
processing of the recovery mode of Ubuntu, root option is taken into consideration. Dropping of
root shell prompt is done in this section.
In the root widget, the code “whoami” is taken into consideration. After the completion
of the task, second code “cd/home” is used. After using both the codes, ‘ls’ command name is
applied to it. This leads to the fact that user name of the system will get displayed.
After completion of the command line of the code, the user name that is widgets gets
displayed.
The code that is searched and used in the processing of the project is as follows: -
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4COMPUTER SECURITY
Run Level Command
Shutdown: init 0. Shutdown –h now.-a: Use file
/etc/shutdown.allow. –c: Cancel scheduled
shutdown. Halt –p. –p. Turn power off after
shutdown. poweroff.
Reboot: init 6.shutdown –r now. Reboot
Renter single user mode: init 1.
Check current runlevel: runlevel
Password that is initially set must be changed with the help of the command named
‘mount –n –o remount, rw /’. This command is required for entering the UNIX system and
altering the password. This leads to the fact that the data user can take entry in the server and use
the server as a platform in order to gain access to the platform and reset the password. After the
password is given a text pops up saying that password is updated successfully.
Test case
After successful change in the password, the UNIX system is booted in the normal mode,
leading to the fact that the normal mode gets booted. After performing proper booting, OK
button is clicked for completion of the task.
After completion of this process, the user can log in the server and the details of the
server is displayed in the display screen of the project
Run Level Command
Shutdown: init 0. Shutdown –h now.-a: Use file
/etc/shutdown.allow. –c: Cancel scheduled
shutdown. Halt –p. –p. Turn power off after
shutdown. poweroff.
Reboot: init 6.shutdown –r now. Reboot
Renter single user mode: init 1.
Check current runlevel: runlevel
Password that is initially set must be changed with the help of the command named
‘mount –n –o remount, rw /’. This command is required for entering the UNIX system and
altering the password. This leads to the fact that the data user can take entry in the server and use
the server as a platform in order to gain access to the platform and reset the password. After the
password is given a text pops up saying that password is updated successfully.
Test case
After successful change in the password, the UNIX system is booted in the normal mode,
leading to the fact that the normal mode gets booted. After performing proper booting, OK
button is clicked for completion of the task.
After completion of this process, the user can log in the server and the details of the
server is displayed in the display screen of the project
5COMPUTER SECURITY
For checking the IP address of projecting the data management will include the data
processing with respect to the IP addressing feature of the portal. ‘ifconfig’ is the command used
for checking the credentialed of the project collaboration with the IP address. This command will
not only help in understanding the collaboration of the server with the IP address but also will
ensure that the detailing of the Internet protocol addressing is processed in the terminology of the
project of UNIX system.
In case of using the virtual machine, the data that is provided will ensure the fact that the
data management regarding connectivity of the server with regards to internet facility will be
checked and the data that will be generated during the course of testing will ensure that the data
that are evaluated acts as the reference for the processing of the internet facility. This will show
whether the internet facility is available or not.
PING command will ensure the processing of the connectivity of the server. In case the
server does not support connectivity, it lead to the fact that the data that are to be transacted to
check the security of the project will fail and error statement will pop up. Packages that are
present in the server starts reading the information that are stated through the server connectivity,
leading to the fact that the data transaction is processed. Extra package installation leads to the
processing of the data analysis in a more efficient way. This is the reason extra packages are
installed.
Usage of nmap is done for the completion of detailed knowledge gaining of the
availability of the ports. This leads to the fact that the data that are present in the ports are
quantified as the open pots or closed ports. These informations are generally collected from the
For checking the IP address of projecting the data management will include the data
processing with respect to the IP addressing feature of the portal. ‘ifconfig’ is the command used
for checking the credentialed of the project collaboration with the IP address. This command will
not only help in understanding the collaboration of the server with the IP address but also will
ensure that the detailing of the Internet protocol addressing is processed in the terminology of the
project of UNIX system.
In case of using the virtual machine, the data that is provided will ensure the fact that the
data management regarding connectivity of the server with regards to internet facility will be
checked and the data that will be generated during the course of testing will ensure that the data
that are evaluated acts as the reference for the processing of the internet facility. This will show
whether the internet facility is available or not.
PING command will ensure the processing of the connectivity of the server. In case the
server does not support connectivity, it lead to the fact that the data that are to be transacted to
check the security of the project will fail and error statement will pop up. Packages that are
present in the server starts reading the information that are stated through the server connectivity,
leading to the fact that the data transaction is processed. Extra package installation leads to the
processing of the data analysis in a more efficient way. This is the reason extra packages are
installed.
Usage of nmap is done for the completion of detailed knowledge gaining of the
availability of the ports. This leads to the fact that the data that are present in the ports are
quantified as the open pots or closed ports. These informations are generally collected from the
You're viewing a preview
Unlock full access by subscribing today!
6COMPUTER SECURITY
UNIX server. The requirements that are estimated are used for the processing of the installation
of the UNIX system. ‘sudo apt-get install nmap’ code is used for the installation of nmap.
`After the installation of nmap, manual IP address is provided, leading to the fact that the
data processing and checking of the data management. After manual processing of the data
management, the successful updating of the IP address is done.
Injection in SQL
Injection related to the processing of the data management will lead to the fact that the
data that re sored in the processing of the data management will require security alerts regarding
the structured Query Language. This leads to the fact that the related input box will procure the
terminologies related to the admission gaining of the resource that will make change in the
processing of data termination.
Major disadvantage of data processing in case of injection of structured query language is
that the malicious code is injected in the processing, validating the data that is present in the data
base of the system. This leads ti the fact that corruption in the data base occurs. This is the main
reason that organizations need to stay protected from the SQL injections. This also leads to the
fact that the organization stat suffer from SQL injection will lead to data corruption and the data
that are required for the processing of the tasks in the organization and the data that is corrupted
in this process might not get recovered ever by the organization. Another advantage of this
process is that in case the organization themselves apply SQL injection, the data that are present
in the data base of the data base system will stay protected and the data management will be done
with the help of SQL injection. This leads to the fact that the data that are present in the data
UNIX server. The requirements that are estimated are used for the processing of the installation
of the UNIX system. ‘sudo apt-get install nmap’ code is used for the installation of nmap.
`After the installation of nmap, manual IP address is provided, leading to the fact that the
data processing and checking of the data management. After manual processing of the data
management, the successful updating of the IP address is done.
Injection in SQL
Injection related to the processing of the data management will lead to the fact that the
data that re sored in the processing of the data management will require security alerts regarding
the structured Query Language. This leads to the fact that the related input box will procure the
terminologies related to the admission gaining of the resource that will make change in the
processing of data termination.
Major disadvantage of data processing in case of injection of structured query language is
that the malicious code is injected in the processing, validating the data that is present in the data
base of the system. This leads ti the fact that corruption in the data base occurs. This is the main
reason that organizations need to stay protected from the SQL injections. This also leads to the
fact that the organization stat suffer from SQL injection will lead to data corruption and the data
that are required for the processing of the tasks in the organization and the data that is corrupted
in this process might not get recovered ever by the organization. Another advantage of this
process is that in case the organization themselves apply SQL injection, the data that are present
in the data base of the data base system will stay protected and the data management will be done
with the help of SQL injection. This leads to the fact that the data that are present in the data
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7COMPUTER SECURITY
center of the organization stays protected from the imposters and the imposters cannot gain
access to the data that are present in the data center.
Testing of the widgets are performed in 2 stages. The 1st stage being the stage that is completely
dependent on the testing of the Ubuntu terminal testing. This is the major test that is performed
in the processing of the data center in order to test the processing of the robustness of the project.
This is the main reason that leads to the processing of the terminology of the project and the data
that are stored in the data center of the organization. The password and the username is provided
in accord to the process that the data center of the UNIX server that is present in the data base if
the organization. Usage of RDBMS is also the major fact that ensures that the security of the data
that is present in the information with highest robustness.
After completion of the SQL injection testing the major process that is taken into
consideration is the data managing of the system with the help of the mkdir command in the
processing of the security of the data system. mkdir command is used for creation of the new
directory, leading to the fact that ted at base gets more allocating space.
Git repository terminology is used in the processing of the project. This is due to the fact that the
processing of the data management can be done with the help of installation of packages and
connecting the SQL map with the command that is present in the git.
One port testing
The main function of port 22, the major fact is that the projection of securing the SSH log
in system. Port number 80 finds its main advantage in the term of usage of the system ting for
testing the in terms of nmap system. nmap and WebDAV are the major terminologies that are
used for completion of the testing procedure.
center of the organization stays protected from the imposters and the imposters cannot gain
access to the data that are present in the data center.
Testing of the widgets are performed in 2 stages. The 1st stage being the stage that is completely
dependent on the testing of the Ubuntu terminal testing. This is the major test that is performed
in the processing of the data center in order to test the processing of the robustness of the project.
This is the main reason that leads to the processing of the terminology of the project and the data
that are stored in the data center of the organization. The password and the username is provided
in accord to the process that the data center of the UNIX server that is present in the data base if
the organization. Usage of RDBMS is also the major fact that ensures that the security of the data
that is present in the information with highest robustness.
After completion of the SQL injection testing the major process that is taken into
consideration is the data managing of the system with the help of the mkdir command in the
processing of the security of the data system. mkdir command is used for creation of the new
directory, leading to the fact that ted at base gets more allocating space.
Git repository terminology is used in the processing of the project. This is due to the fact that the
processing of the data management can be done with the help of installation of packages and
connecting the SQL map with the command that is present in the git.
One port testing
The main function of port 22, the major fact is that the projection of securing the SSH log
in system. Port number 80 finds its main advantage in the term of usage of the system ting for
testing the in terms of nmap system. nmap and WebDAV are the major terminologies that are
used for completion of the testing procedure.
8COMPUTER SECURITY
Installation of the nmap, MySQL and apache is done in the system in order to complete
the projection of the job.
‘nmap –T4 –p80 –script=http-iis-webdav-vuln 192.168.34.130’ code is the code that is used for
the processing of the testing of the project. Vulnerability of p80 is seen with regards to the
WebDAV. Port 22 is tested with the command ‘nmap –T4 –p22 –script=http-iis-webdav-vuln
192.168.34.130’. The test of port 22 proves that the vulnerability of the port is very high and the
robustness of the platform is comparatively low. . WebDAV also constitutes the fact that the
vulnerability of the ports are very low. The test that is conducted, uses the login.html code file.
Http queries are used by the processing of the data center of the organization. This leads to the
fact that the data that are generated in the terminology gets tested using the GET method.
Another major disadvantage is that the history of the surfing data center can be accessed
through this technology. This leads to the fact that the data that are very secretive in nature must
not be used and searched through this server as the data that are present in the search history of
the project can affect the genuine client in cas4 the imposter gains access to the processing of
data management
Another major issue is that the data that are being transcript, leads to the detection of the
password and the user id. This leads to the fact that the data transmission is not at all secured in
this server. User name and password revelation is also one of the major reason that leads to the
lack of robustness in the processing of the data management. Even the URL link that is generated
in the process, leads to the exposure if the user id of the client.
Installation of the nmap, MySQL and apache is done in the system in order to complete
the projection of the job.
‘nmap –T4 –p80 –script=http-iis-webdav-vuln 192.168.34.130’ code is the code that is used for
the processing of the testing of the project. Vulnerability of p80 is seen with regards to the
WebDAV. Port 22 is tested with the command ‘nmap –T4 –p22 –script=http-iis-webdav-vuln
192.168.34.130’. The test of port 22 proves that the vulnerability of the port is very high and the
robustness of the platform is comparatively low. . WebDAV also constitutes the fact that the
vulnerability of the ports are very low. The test that is conducted, uses the login.html code file.
Http queries are used by the processing of the data center of the organization. This leads to the
fact that the data that are generated in the terminology gets tested using the GET method.
Another major disadvantage is that the history of the surfing data center can be accessed
through this technology. This leads to the fact that the data that are very secretive in nature must
not be used and searched through this server as the data that are present in the search history of
the project can affect the genuine client in cas4 the imposter gains access to the processing of
data management
Another major issue is that the data that are being transcript, leads to the detection of the
password and the user id. This leads to the fact that the data transmission is not at all secured in
this server. User name and password revelation is also one of the major reason that leads to the
lack of robustness in the processing of the data management. Even the URL link that is generated
in the process, leads to the exposure if the user id of the client.
You're viewing a preview
Unlock full access by subscribing today!
9COMPUTER SECURITY
Security Measures
Vulnerability that are present in the process that are found in the processing of the
project
The results that are generated in the processing if the data management of the UNIX
server can be checked with the help of the widget README file that is present in the processing
of the data management. The major flaws are as follows: -
Enhancement of Security
From the above testing report it can be stated that the data management of the data
security is very low and the robustness of the platform is under test (Pathak, 2015). The security
of the entire system is very less in compared to the processing of the required security measures
that are required for maintaining the robustness of the platform for keeping the data secured.
Security enhancement is required for the processing of the data management (Howard, Malkhi
and Spiegelman, 2017). This leads to the fact that the processing of the entire project is
completed with privacy and secrecy. This is the reason that the data management is very
essential in the completion of the project efficiently.
Firewall implementation
Firewall installation can be acting as the major protection layer. On implementation of
the firewall the major advantage as protection layer that the firewall provides is very robust in
nature and the data that are stored in the platform are protected with the barrier that the fire wall
provides. This is the major reasons that the data management can be done in a better way and the
imposters’ fails to gain access to data that are present in the data base of the organization
(Shirinbab, Lundberg and Ilie, 2014). User id and the user password can be fetched with the data
Security Measures
Vulnerability that are present in the process that are found in the processing of the
project
The results that are generated in the processing if the data management of the UNIX
server can be checked with the help of the widget README file that is present in the processing
of the data management. The major flaws are as follows: -
Enhancement of Security
From the above testing report it can be stated that the data management of the data
security is very low and the robustness of the platform is under test (Pathak, 2015). The security
of the entire system is very less in compared to the processing of the required security measures
that are required for maintaining the robustness of the platform for keeping the data secured.
Security enhancement is required for the processing of the data management (Howard, Malkhi
and Spiegelman, 2017). This leads to the fact that the processing of the entire project is
completed with privacy and secrecy. This is the reason that the data management is very
essential in the completion of the project efficiently.
Firewall implementation
Firewall installation can be acting as the major protection layer. On implementation of
the firewall the major advantage as protection layer that the firewall provides is very robust in
nature and the data that are stored in the platform are protected with the barrier that the fire wall
provides. This is the major reasons that the data management can be done in a better way and the
imposters’ fails to gain access to data that are present in the data base of the organization
(Shirinbab, Lundberg and Ilie, 2014). User id and the user password can be fetched with the data
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10COMPUTER SECURITY
management can be processed due to the multiple layer protection that the firewall provides. The
presence of the UFW adds strengths to the firewall and the robustness of the entire database
increases.
The fact that the port number 22 is an open source, it acts as the major concern for the
security managers of the organization. Implementation of SSH helps in securing the project and
data management.
Malware detection
Malware detection includes the fact that the data that are present in the database of the
organization can get adversely affected due to the processing of the entire data and the
introduction of the malware will include the process of corrupting the data are stored the data
base of the organization (Eriksson and Hedlund, 2016). This is also one of the reason that
malware protection software are used for the protection of the data management. This leads to
the fact that the data that are present in the data base stays protected in terms of the business
management of the data base of the organization.
Thin provisioning
Thin provisioning includes the fact that the data that are stored in the Virtual machine are
mostly unstructured in nature, hence when the data is stored in the Virtual machine, in time of
installation gets large and unaligned in nature. This leads to decrease in robustness of the
framework of the platform. In order to decrease this excess loss in the robustness thin
provisioning is used for completion of the project in a structure way (Hogan and Epping, 2016).
2 factor security
management can be processed due to the multiple layer protection that the firewall provides. The
presence of the UFW adds strengths to the firewall and the robustness of the entire database
increases.
The fact that the port number 22 is an open source, it acts as the major concern for the
security managers of the organization. Implementation of SSH helps in securing the project and
data management.
Malware detection
Malware detection includes the fact that the data that are present in the database of the
organization can get adversely affected due to the processing of the entire data and the
introduction of the malware will include the process of corrupting the data are stored the data
base of the organization (Eriksson and Hedlund, 2016). This is also one of the reason that
malware protection software are used for the protection of the data management. This leads to
the fact that the data that are present in the data base stays protected in terms of the business
management of the data base of the organization.
Thin provisioning
Thin provisioning includes the fact that the data that are stored in the Virtual machine are
mostly unstructured in nature, hence when the data is stored in the Virtual machine, in time of
installation gets large and unaligned in nature. This leads to decrease in robustness of the
framework of the platform. In order to decrease this excess loss in the robustness thin
provisioning is used for completion of the project in a structure way (Hogan and Epping, 2016).
2 factor security
11COMPUTER SECURITY
Two factor security is also one of the best ways to complete the security process. In this
case the usage of security methodology that acts as the 2 factor methodology, the imposters
cannot gain access ti the data that are store in the virtual machine data base (Burke, la Quiante
and Moore, 2017). This is due to the fact that the data that are stored stays protected.
Conclusion
The above performed examination is providing a many information which is indicating
lots of vulnerability in the provided virtual machine. The total number of issues is increasing
when the investigation process is going deeper. All the vulnerabilities which are detected in this
system can be explained by the use of mitigation methods. The mitigation method is the
approach of reducing the risks related with a project. By this method total probability of the risk
occurrence can be reduced. The mitigation method can affect various types of risks and several
number of risks. By implementing a proper mitigation method most of the vulnerabilities issues
related with this project can be solved. From the investigation process the main vulnerabilities
founded are the security issues and the firewall issue. The security setup of the virtual machine is
much lower than the expectations. Hence, the security system of this experimented system must
be improved. With a improve security system the machine can defend itself from various types
of malicious attacks and from hackings. This project also consists a webpage which is used for
the online payment system. Hence, it is very much important to protect the payment information
and the customer information from the hackers. It only can be achieved by implementing a
strong secure network. The virtual machine filter all the request through its filter. So, an updated
firewall can help the system to identify the malicious requests, thus it can block those requests.
When a firewall is constructed with a UFW system then it is easy to implement the IPV4
firewall. Thus, the UFW system must be activated in the system. Also, the communication ports
Two factor security is also one of the best ways to complete the security process. In this
case the usage of security methodology that acts as the 2 factor methodology, the imposters
cannot gain access ti the data that are store in the virtual machine data base (Burke, la Quiante
and Moore, 2017). This is due to the fact that the data that are stored stays protected.
Conclusion
The above performed examination is providing a many information which is indicating
lots of vulnerability in the provided virtual machine. The total number of issues is increasing
when the investigation process is going deeper. All the vulnerabilities which are detected in this
system can be explained by the use of mitigation methods. The mitigation method is the
approach of reducing the risks related with a project. By this method total probability of the risk
occurrence can be reduced. The mitigation method can affect various types of risks and several
number of risks. By implementing a proper mitigation method most of the vulnerabilities issues
related with this project can be solved. From the investigation process the main vulnerabilities
founded are the security issues and the firewall issue. The security setup of the virtual machine is
much lower than the expectations. Hence, the security system of this experimented system must
be improved. With a improve security system the machine can defend itself from various types
of malicious attacks and from hackings. This project also consists a webpage which is used for
the online payment system. Hence, it is very much important to protect the payment information
and the customer information from the hackers. It only can be achieved by implementing a
strong secure network. The virtual machine filter all the request through its filter. So, an updated
firewall can help the system to identify the malicious requests, thus it can block those requests.
When a firewall is constructed with a UFW system then it is easy to implement the IPV4
firewall. Thus, the UFW system must be activated in the system. Also, the communication ports
You're viewing a preview
Unlock full access by subscribing today!
12COMPUTER SECURITY
must be secured because the open ports can create many vulnerabilities in the system. So, it is
also required to secure the ports. Thus all the experiments are reflecting that this system is a good
example for security testing purpose in the Linux environment also the solutions of the
respective issues are provided in this paper.
must be secured because the open ports can create many vulnerabilities in the system. So, it is
also required to secure the ports. Thus all the experiments are reflecting that this system is a good
example for security testing purpose in the Linux environment also the solutions of the
respective issues are provided in this paper.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13COMPUTER SECURITY
References
Apecechea, G.I., Inci, M.S., Eisenbarth, T. and Sunar, B., 2014. Fine grain cross-vm attacks on
xen and vmware are possible!. IACR Cryptology ePrint Archive, 2014, p.248.
Apecechea, G.I., Inci, M.S., Eisenbarth, T. and Sunar, B., 2014. Fine grain cross-vm attacks on
xen and vmware are possible!. IACR Cryptology ePrint Archive, 2014, p.248.
Howard, H., Malkhi, D. and Spiegelman, S., 2017. Revisiting the Paxos Foundations: A Look at
Summer Internship Work at VMware Research. ACM SIGOPS Operating Systems Review, 51(1),
pp.67-71.
Burke, A., la Quiante, A. and Moore, N., 2017. VMware NSX for vSphere Essentials: A practical
guide to implementing Network Virtualization. VMware Press.
Solaimani, M., Iftekhar, M., Khan, L., Thuraisingham, B. and Ingram, J.B., 2014, December.
Spark-based anomaly detection over multi-source VMware performance data in real-time.
In Computational Intelligence in Cyber Security (CICS), 2014 IEEE Symposium on (pp. 1-8).
IEEE.
Eriksson, J. and Hedlund, R., 2016. Cisco ACI and VMware NSX, a comparison between
Software Defined Networks.
Hogan, C. and Epping, D., 2016. Essential Virtual SAN (VSAN): Administrator's Guide to
VMware Virtual SAN. VMware Press.
Solaimani, M., Iftekhar, M., Khan, L. and Thuraisingham, B., 2014, October. Statistical
technique for online anomaly detection using spark over heterogeneous data from multi-source
References
Apecechea, G.I., Inci, M.S., Eisenbarth, T. and Sunar, B., 2014. Fine grain cross-vm attacks on
xen and vmware are possible!. IACR Cryptology ePrint Archive, 2014, p.248.
Apecechea, G.I., Inci, M.S., Eisenbarth, T. and Sunar, B., 2014. Fine grain cross-vm attacks on
xen and vmware are possible!. IACR Cryptology ePrint Archive, 2014, p.248.
Howard, H., Malkhi, D. and Spiegelman, S., 2017. Revisiting the Paxos Foundations: A Look at
Summer Internship Work at VMware Research. ACM SIGOPS Operating Systems Review, 51(1),
pp.67-71.
Burke, A., la Quiante, A. and Moore, N., 2017. VMware NSX for vSphere Essentials: A practical
guide to implementing Network Virtualization. VMware Press.
Solaimani, M., Iftekhar, M., Khan, L., Thuraisingham, B. and Ingram, J.B., 2014, December.
Spark-based anomaly detection over multi-source VMware performance data in real-time.
In Computational Intelligence in Cyber Security (CICS), 2014 IEEE Symposium on (pp. 1-8).
IEEE.
Eriksson, J. and Hedlund, R., 2016. Cisco ACI and VMware NSX, a comparison between
Software Defined Networks.
Hogan, C. and Epping, D., 2016. Essential Virtual SAN (VSAN): Administrator's Guide to
VMware Virtual SAN. VMware Press.
Solaimani, M., Iftekhar, M., Khan, L. and Thuraisingham, B., 2014, October. Statistical
technique for online anomaly detection using spark over heterogeneous data from multi-source
14COMPUTER SECURITY
vmware performance data. In Big Data (Big Data), 2014 IEEE International Conference on (pp.
1086-1094). IEEE.
Alshammari, M.M. and Alwan, A.A., 2016. IT Disaster Recovery and Business Continuity
Based On VMware SRM Solution for Kuwait Oil Company (KOC).
Solaimani, M., Khan, L. and Thuraisingham, B., 2014, August. Real-time anomaly detection
over VMware performance data using storm. In 2014 IEEE International Conference on
Information Reuse and Integration (IRI) (pp. 458-465). IEEE.
Shirinbab, S., Lundberg, L. and Ilie, D., 2014. Performance comparison of kvm, vmware and
xenserver using a large telecommunication application. In Cloud Computing. IARIA XPS Press.
Pathak, M., 2015. SAP Business Suite on Hitachi Unified Compute Platform for VMware
vSphere Using Hitachi Data Protection Suite.
Elsaid, M.E. and Meinel, C., 2016, April. Multiple Virtual Machines Live Migration
Performance Modelling--VMware vMotion Based Study. In Cloud Engineering (IC2E), 2016
IEEE International Conference on (pp. 212-213). IEEE.
Tesfamicael, A.D., Liu, V. and Caelli, W., 2015, December. Performance analysis of secure
unified communications in the VMware-based cloud. In Computational Intelligence and
Communication Networks (CICN), 2015 International Conference on (pp. 1135-1140). IEEE.
Solaimani, M., Iftekhar, M., Khan, L., Thuraisingham, B. and Ingram, J.B., 2015. Statistical
Techniques For Real-time Anomaly Detection Using Spark Over Multi-source VMware
Performance Data (No. SAND-2015-8150J). Sandia National Lab.(SNL-NM), Albuquerque,
NM (United States).
vmware performance data. In Big Data (Big Data), 2014 IEEE International Conference on (pp.
1086-1094). IEEE.
Alshammari, M.M. and Alwan, A.A., 2016. IT Disaster Recovery and Business Continuity
Based On VMware SRM Solution for Kuwait Oil Company (KOC).
Solaimani, M., Khan, L. and Thuraisingham, B., 2014, August. Real-time anomaly detection
over VMware performance data using storm. In 2014 IEEE International Conference on
Information Reuse and Integration (IRI) (pp. 458-465). IEEE.
Shirinbab, S., Lundberg, L. and Ilie, D., 2014. Performance comparison of kvm, vmware and
xenserver using a large telecommunication application. In Cloud Computing. IARIA XPS Press.
Pathak, M., 2015. SAP Business Suite on Hitachi Unified Compute Platform for VMware
vSphere Using Hitachi Data Protection Suite.
Elsaid, M.E. and Meinel, C., 2016, April. Multiple Virtual Machines Live Migration
Performance Modelling--VMware vMotion Based Study. In Cloud Engineering (IC2E), 2016
IEEE International Conference on (pp. 212-213). IEEE.
Tesfamicael, A.D., Liu, V. and Caelli, W., 2015, December. Performance analysis of secure
unified communications in the VMware-based cloud. In Computational Intelligence and
Communication Networks (CICN), 2015 International Conference on (pp. 1135-1140). IEEE.
Solaimani, M., Iftekhar, M., Khan, L., Thuraisingham, B. and Ingram, J.B., 2015. Statistical
Techniques For Real-time Anomaly Detection Using Spark Over Multi-source VMware
Performance Data (No. SAND-2015-8150J). Sandia National Lab.(SNL-NM), Albuquerque,
NM (United States).
You're viewing a preview
Unlock full access by subscribing today!
15COMPUTER SECURITY
Liu, D., Mi, N., Tai, J., Zhu, X. and Lo, J., 2014, May. VFRM: Flash resource manager in
vmware esx server. In Network Operations and Management Symposium (NOMS), 2014
IEEE (pp. 1-7). IEEE.
Ferrari, M., 2014. Release: VMware Mirage 5.1.
Shirinbab, S., Lundberg, L. and Håkansson, J., 2016, April. Comparing Automatic Load
Balancing Using VMware DRS with a Human Expert. In Cloud Engineering Workshop
(IC2EW), 2016 IEEE International Conference on (pp. 239-246). IEEE.
Marshall, N., 2015. Mastering VMware VSphere 6. John Wiley & Sons.
Mohtasin, R., Prasad, P.W.C., Alsadoon, A., Zajko, G., Elchouemi, A. and Singh, A.K., 2016,
March. Development of a virtualized networking lab using GNS3 and VMware workstation.
In Wireless Communications, Signal Processing and Networking (WiSPNET), International
Conference on (pp. 603-609). IEEE.
Liu, D., Mi, N., Tai, J., Zhu, X. and Lo, J., 2014, May. VFRM: Flash resource manager in
vmware esx server. In Network Operations and Management Symposium (NOMS), 2014
IEEE (pp. 1-7). IEEE.
Ferrari, M., 2014. Release: VMware Mirage 5.1.
Shirinbab, S., Lundberg, L. and Håkansson, J., 2016, April. Comparing Automatic Load
Balancing Using VMware DRS with a Human Expert. In Cloud Engineering Workshop
(IC2EW), 2016 IEEE International Conference on (pp. 239-246). IEEE.
Marshall, N., 2015. Mastering VMware VSphere 6. John Wiley & Sons.
Mohtasin, R., Prasad, P.W.C., Alsadoon, A., Zajko, G., Elchouemi, A. and Singh, A.K., 2016,
March. Development of a virtualized networking lab using GNS3 and VMware workstation.
In Wireless Communications, Signal Processing and Networking (WiSPNET), International
Conference on (pp. 603-609). IEEE.
1 out of 16
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.