Identifying Potential Malicious Attacks, Threats, and Vulnerabilities

1132 words 5 pages
For a better understanding of the situation in the network of the company I decided to start the analysis by the vulnerabilities that this one presents. Many of these vulnerabilities are the cause for different types of network attacks. It should be noted that while many of these vulnerabilities may be mitigated or eliminated the possibility of an attack always exists.
The first vulnerability is the email server. Although very well controlled for been within the Demilitarized Zone (DMZ), this is always a vulnerability with which most companies have to deal with. This vulnerability opens the way for phishing attack. One way to mitigate this vulnerability is configuring the email server so that only authorized email may enter. This is
…show more content…

If this attack is successful, the attacker has access to the internal network of the company so in this case we can be under the three types of threat; it all depends on the intentions of the attacker. The most advisable is to change the password at least every 30 days and if possible relocating the WAP to a most protected location of the network.
Another possible attack that we can face when dealing with WAP is Address Spoofing. This attack consists of trying to seem at something that really is not. Is normally present a false network address to pretend to be an authorized machine of the system. If the WAP is not configured to filter out traffic with internal external addresses, the attack may be successful. The main objective of this attack is the destruction and / or alteration of the system and the information; although it remains the possibility of disclosure.
The last segment of analysis is the one were the users and data servers are located. The only visible attack in this area is Insider Attack. This type of attack is usually carried out by disgruntled or corrupt employees to take advantage of a situation. Although on a smaller scale, is always present in all companies and is more difficult to detect because the attacker has access to the system without having to perform any suspicious operation.
Eavesdrop, steal, or damage information, use information in a fraudulent manner, and deny accesses to other


  • Cis 333 Final Term Paper
    2543 words | 11 pages
  • Courses
    3414 words | 14 pages
  • Final Test
    3050 words | 13 pages
  • Nsa Capstone Project
    16275 words | 66 pages
  • MMT2 IT strategic solutionTask 2
    2757 words | 12 pages
  • Csec 650 Individual Assignment 2
    4263 words | 18 pages
  • A Study on Ecommerce : Gmarket
    5477 words | 22 pages
  • Application of Project Management Tools on the City School's Erp Project
    12943 words | 52 pages