Course Code / Subject Information Assurance Security

Assignment # Activity #4
Submitted by Mark T. Murillo
Professor Mr. Michael R. Mades
COLEGIO DE MONTALBAN
Kasiglahan Village, San Jose, Rodriguez, Rizal
INSTITUTE OF COMPUTER STUDIES

Department of Information Technology

1.Consider the statement: an individual threat agent, like a hacker, can be a factor in
more than one threat category. If a hacker hacks into a network, copies a few files,
defaces the Web page, and steals credit card numbers, how many different threat
categories does this attack fall into?
 Hacking into the network- This is a case of illegal trespassing. This attack could also

fall under deliberate acts of sabotage and action of theft.

 Copies a few files- Hacker was copying few files from a network into his system without

compromising intellectual property.

 Defacement of the web page results from malfunctioning source code. It compromises

the integrity of the information, also known as a software attack. This occurs when

software has an unknown trap door.

 Steals credit card numbers- Stealing credit card numbers due to vulnerabilities or

loopholes in the network, lack of sufficient planning to protect information this data

could be used for their profit.

2. Using the Web, research Mafiaboy's exploits. When and how did he compromise
sites? How was he caught?
Mafiaboy is known as the "bratty-kid" who took down the internet.
Michael Calce (Mafiaboy) was born in 1986 in West Island, Quebec. He brought down
several commercial websites, including Yahoo!, Fifa.com, Amazon.com, Dell, Inc.,
E*TRADE, eBay, and CNN. At the time, Yahoo! was the most popular search engine. In
2000, he compromised these sites when he was only 15 years old by creating denial-of-
service attacks on these companies. He was eventually caught by the FBI, which was
doing surveillance on him. He was charged with 50+ crimes and sentenced to eight
months in a youth group home. Today, Calce is called a white hat hacker, which means
companies hire him to help them recognize their company's security flaws and design
better security features.
3. Search the Web for the "The Official Phreaker's Manual." What information
contained in this manual might help a security administrator to protect a
communications system?
Official Phreaker's Manual is a document published after a particular time, contain the entire

encyclopedia of phone hacking. It explains all the necessary information regarding phone

working and company's management. It includes information on Electronic Toll Fraud (ETF),

mentions all the available toll frauds, and explains how they are performed. This information

may help the security administrator to identify any fraud and take necessary steps. It explains the

working of a blue box, black box, cheese box and red box. To keep pace with upcoming

technology, Security Administrators of various companies need to regularly review these

manuals and countercheck their telecom system against such threats discussed in the manual. All

the possible threats by a phreaker to a company is discussed in this manual thoroughly.

http://www.phreak.ch/files/phreakmanual.txt

4. Using the Web, find at least two other sources of information on threats and

vulnerabilities. Begin with www.securityfocus.com   and use a keyword search on

"threats." Foot Printing It is a technique of gathering information, i.e. the network's loopholes

or vulnerabilities where the hacker wants to intrude. First of all, the objective and location of

intrusion are known. After that, information is gathered through various social engineering

methods, conducting a whois query to check out for various associated networks, and enquiring

about the technologies being used by that network, such as hardware technology, IP addresses,

operating systems, etc.

http://searchsecurity.techtarget.com/definition/footprinting

Packet Sniffing is a technique that has been used since the original release of Ethernet. Packet

sniffing allows user to capture data which is being transmitted over the network. Network

professionals use this technique to resolve network issues and use malicious users to capture

unencrypted data such as password and username in network traffic. Packet sniffing can be done

only in the particular subnet, i.e. we cannot sniff packets from a remote network. To protect data,

one is advised to work on encrypted protocols and encrypt all sensitive data. Packet

modification.-involves one system intercepting and modifying a packet destined for another

system. Packet information may not only be changed, but it could also be destroyed.

5. Using the categories of threats, as well as the various attacks described, review
several current media sources, and identify examples of each.
 There are 12 categories of threats. An example of each threat is listed
below:
 Compromise to intellectual property – Stealing credit card information (like
in #1)
 Deviations in quality of service – Internet service provider, power, or WAN
service problems (Charter internet going down)
 Espionage or trespass – Unauthorized access and/or data collection
(Equifax security breach)
 Forces of nature – fire, floods, earthquakes, lightning, tornadoes,
hurricanes (not a person)
 Human error – accidents (mistakes)
 Information extortion – blackmail, information disclosure (information being
leaked)
 Sabotage or vandalism – defacing a webpage, ruining a system software
 Software attacks – viruses, worms, macros, denial of service
(Mafiaboy's attacks)
 Technical hardware failure or errors – equipment failure
 Technical software failure or errors – bugs, code problems, unknown
loopholes
 Technological obsolescence – outdated technology
 Theft – illegal confiscation of equipment or information (stealing personal
information such as credit card numbers, drivers licenses, social security
numbers, etc.)