Network Security

Post #6 – Information & System Security

Introduction & Feedback Integration

In my Week Four draft, I highlighted the importance of information and system security and introduced pharming and HTTPS phishing. Based on Professor Kenneth Barr’s feedback, I’ve expanded the section on ping-based attacks and strengthened my evidence by citing authoritative sources.

1. Importance of Information & System Security

Information security upholds the confidentiality, integrity, and availability of data, while system security protects hardware, software, and communications from unauthorized access or disruption. Individuals risk identity theft and financial fraud; organizations face operational shutdowns, regulatory fines, and reputational harm (Tipton & Nozaki, 2017; NIST, 2015).

2. Ping-Based Attacks

Attackers can abuse ICMP (“ping”) in at least two classic ways:

• Ping Flood (ICMP Flood): Rapidly sends thousands of ICMP echo-requests to exhaust a target’s bandwidth and CPU. It succeeds when the attacker’s bandwidth exceeds the victim’s capacity :contentReference[oaicite:0]{index=0}.
• Ping of Death: Crafts oversized or fragmented ICMP packets that overflow the target’s buffers, causing crashes or reboots :contentReference[oaicite:1]{index=1}.

3. Threat 1: Pharming

Vulnerabilities: Pharming corrupts DNS or local host files, redirecting users to malicious look-alike sites without changing the URL they typed :contentReference[oaicite:3]{index=3}.

Symptoms & Damage: Users see legitimate URLs but unexpected login prompts, misspelled content, or unusual certificate warnings. Stolen credentials enable identity theft, unauthorized transfers, and large-scale data exfiltration.

Recommendations:

1. Deploy DNSSEC & Harden Routers: Authenticate DNS responses and enforce strong admin passwords on home/office routers :contentReference[oaicite:5]{index=5}.
2. Protect Host Files: Use endpoint tools to monitor or lock down system host files against unauthorized changes.

4. Threat 2: HTTPS Phishing

Vulnerabilities: Attackers obtain low-cost Domain-Validated SSL certificates, tricking users into trusting “https://” sites that harvest credentials :contentReference[oaicite:7]{index=7}; Keyfactor (2021) reports tens of thousands of such phishing sites worldwide.

Symptoms & Damage: Even savvy users overlook the padlock icon, entering credentials that attackers use for account takeover, lateral network movement, and malware deployment.

Recommendations:

1. Certificate Transparency & HSTS: Preload HSTS in browsers and monitor CT logs to detect and block unauthorized SSL certificates :contentReference[oaicite:9]{index=9}.
2. User Training & Email Filtering: Teach employees that SSL ≠ legitimacy, and deploy advanced email gateways to flag suspicious links and attachments.

References

• Tipton, H. F., & Nozaki, D. (2017). Information Security Management Handbook (7th ed.). Auerbach.
• National Institute of Standards and Technology. (2015). Framework for Improving Critical Infrastructure Cybersecurity (Version 1.0). https://doi.org/10.6028/NIST.CSWP.04162015
• What is an ICMP Flood Attack? (n.d.). Netscout. https://www.netscout.com/what-is-ddos/icmp-flood :contentReference[oaicite:10]{index=10}
• Ping of death. (n.d.). In Wikipedia. https://en.wikipedia.org/wiki/Ping_of_death :contentReference[oaicite:11]{index=11}
• Federal Deposit Insurance Corporation. (2005). Guidance on how financial institutions can protect against pharming attacks. https://www.fdic.gov/regulations/resources/director/guidance.html :contentReference[oaicite:13]{index=13}
• Keyfactor. (2021). HTTPS phishing attacks: How hackers use SSL certificates to feign trust. https://www.keyfactor.com/blog/https-phishing-attacks-how-hackers-use-ssl-certificates-to-feign-trust/ :contentReference[oaicite:15]{index=15}