This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
There are many Hacking tools which can get freely online, for example Nmap for port-scanning, Backtrack live CD for multipurpose, Wire Shark for Network sniffing and John the Ripper for password cracking.
Generally, hacking can be done on Computer system or Network so there can be forensic on computer system that can includes OS, file system, memory and the most importantly hard disk storage.
Humans are the weakest link in information system security. So I have planned to do social engineering by setting up email server create a fake well known domain and send phishing email to victim. If the user run the back door program, backdoor will be implemented in the system and I can manipulate the computer system.
Haking Tool for Case study
There are some backdoor programs for Windows, Netcat and Back orifice are famous among them. I will use Netcat as my hacking tool for the assignment. Netcat is a hacking tool that can be used to read and write the data across the network. It is also a tool for RFC 854 Telnet parser and responder.
Moreover, there should be backup plan for each hacking attempt so I will also use PSExec as my backup remote control tool if NetCat fail to run at target computer. PSExec is a program from PSTools which is the collection of Windows remote management tools from Sysinternals.
The main purpose of the Hackers is not to get caught so to protect myself I will change my MAC address when I am hacking from LAN or I will use more proxy as possible to get to my victim computer when I am on WAN. So if the security administrator traces my IP address to get me they will only know the IP address of the proxy server. I also need to clear the logs to avoid tracing my actions from log so I will use Clearlogs program that can clear logs remotely.
Steps for installing backdoor on remote Windows systems: (See Appendix - A).
Analysis and discussion
Attacks from network are usually filtered and protected by firewall.
Even though Server 2008 has separate firewall, user has been done social engineering from hacker.
So it is like user installs the backdoor for the hacker.
MT office has firewall that filter all incoming traffic from Internet so even if the user system infected with backdoor, hacker may not come in as firewall will deny his connection.
MT organization set security policy that most of the user only get the access permission to function their jobs so it the hacked account is not admin it would not be a big impact to the company business process.
Email traffic can also be authenticated by using digital signature on email as it is authenticated Root CA.
User can also check that despite the application said it was from Microsoft but user can check that the digital signature of the application cannot be valid because it is checked by Root CA.
After the testing of hacking the computer user's account, I learned how user's knowledge of IT security is critical in securing the company's information.
However we secured the network and educated the users about IT security there is one more thing we need to focus is securing the physical access the company's computer and network system.
If we do not have enough physical security then it is useless to encrypt the network connection or having perfect firewall because the hacker can just steal the hard disk which store data of the company.
Moreover, even the hard disk is not in good health we can't just format it and throw it away because data can be recovered by some software or even physically by using of advance hardware tools.
Hacker can even do anti forensics if he has high access level or on weak computer security system. For example hacker can delete the logs, delete the evidence file using file shredder which overwrite many times or write zero to free space which is the standard of Department of Defense; clearing and sanitizing standard DOD 5220.22-M.
According to the testing result from the Metaspolit penetration testing system there is no vulnerability found for MT office's system and network.
In security policy of the MT organization, there are some policy to prevent employee's malicious behaviors such as restricting the third party software usage and giving the minimum possible access to the organization's computer system.
These policies will be cover the anti forensics tools from installing and running on company's computer systems.
So Information security system for the MT organization is well covered for the malicious activity which is done from its own employees.
We can say that MT office's system is secured from most of the exploits and attacks methods available so far.