Home > Free Essays > Tech & Engineering > Computer Science > Threats Facing Microsoft Products and ISA Server Security Settings

Threats Facing Microsoft Products and ISA Server Security Settings Presentation

Exclusively available on IvyPanda Available only on IvyPanda
Updated: Aug 17th, 2022

UNIT 6 Computer Security

  • Threats facing Microsoft products;
  • ISA server security settings.
UNIT 6 Computer Security

Overview

Characteristics of winNuke attacks:

  • Exploitation of windows network products.

Microsoft products threat and vulnerabilities:

  • LAND, Ping-of-death, TCP Half scans, UDP Bomb, Port scanning and DNS attack prevention.

ISA Server DNS Filter Settings:

  • Hostname overflow, length overflow and DNS Zone transfer.
Overview

WinNuke attack

  • Involves an array of data (out of band) being sent to a computer over the network to attack it .
  • Ms Windows 95, Windows NT and Windows 3.11 are vulnerable to winNuke attacks.
  • A computer that is attacked disconnects from the network.
  • The computer then crashes and display a blue screen.
  • When this happens, all unsaved data gets lost.
  • The computer then remains on panic mode with the blue screen displayed.
  • This can be avoided by installation of a patch created by Microsoft (Ankit & Zacharia, 2007).
WinNuke attack WinNuke attack

Microsoft threats and vulnerabilities

LAND attack:

  • In this attack, a string of TCP SYN packets are sent over a network using the same address on the source as the destination;
  • It makes the vulnerable machine to reply to itself, leading to network congestion due to IPv4 crash.

Ping-of-death:

  • In this attack, the attacking machine sends an IP packet (using ping utility) that is larger than the maximum size specified.
  • The system of attacked machine either crashes, becomes unresponsive or reboots itself.

TCP “IP half scans”:

  • The attacker creates a lot of connections to the target machine but does not log on. This explores all the ports that are open.

UDP Bomb:

  • UDP packets with corrupted data fields are sent to the target computers having old windows OS. This makes the system to crash.
  • The user cannot identify the cause of the crash.

Port scanning:

  • The attacker tries to use all the ports in the target machine with an aim of finding out ports that are open (Heiser & Kruse, 2002).
Microsoft threats and vulnerabilities Microsoft threats and vulnerabilities

Attack detection and prevention

There are two methods of intrusion detection:

  • Network-based intrusion detection systems (NIDS). These systems are engineered to protect against threats within a network.
  • Host-based intrusion detection system (HIDS). Are systems that safeguards against threats within the host machine or the server.

In the ISA Server filter settings tab, the following options should be checked for DNS attack detection and prevention:

  • Enable intrusion detection and DNS attack detection.
  • Enable detection and filtering of DNS attacks (Shinder & Behrens, 2007).

Once the above are checked, there will be round the clock protection against the following attacks:

  • DNS Hostname Overflow: This takes place when a DNS response meant for a host name is larger than the specified length.
  • DNS Length Overflow: Occurs when the length of DNS response is designed to reflect a value larger than the required 4 bytes.
  • DNS Zone Transfer: Takes place when databases containing DNS data are replicated.
Attack detection and prevention Attack detection and prevention

Conclusions

There are various DOS attacks that the windows operating systems are vulnerable to. These include winNuke, LAND, Ping-of-Death, TCP IP Half Scans, UDP Bomb and Port Scanning.

The attacked machine show various characteristics which include hanging, rebooting, network congestion and system crash.

The DNS server filter settings can be configured to detect and prevent attacks from DNS Hostname Overflow, DNS Length Overflow and Zone Transfer.

Attack detection and prevention

References

Ankit, F., & Zacharia, M. (2007). Network Intrusion Alert An Ethical Hacking Guide to Intrusion Detection. New York: Cengage.

Heiser, J. G., & Kruse, W. G. (2002). Computer Forensics Incident Response Essentials. Boston: Addison-Wesley.

Shinder, T. W., & Behrens, T. (2007). The Best Damn Firewall Book Period. New York: Syngress.

This presentation on Threats Facing Microsoft Products and ISA Server Security Settings was written and submitted by your fellow student. You are free to use it for research and reference purposes in order to write your own paper; however, you must cite it accordingly.
Removal Request
If you are the copyright owner of this paper and no longer wish to have your work published on IvyPanda.
Request the removal

Need a custom Presentation sample written from scratch by
professional specifically for you?

801 certified writers online

Cite This paper
Select a referencing style:

Reference

IvyPanda. (2022, August 17). Threats Facing Microsoft Products and ISA Server Security Settings. https://ivypanda.com/essays/threats-facing-microsoft-products-and-isa-server-security-settings/

Reference

IvyPanda. (2022, August 17). Threats Facing Microsoft Products and ISA Server Security Settings. Retrieved from https://ivypanda.com/essays/threats-facing-microsoft-products-and-isa-server-security-settings/

Work Cited

"Threats Facing Microsoft Products and ISA Server Security Settings." IvyPanda, 17 Aug. 2022, ivypanda.com/essays/threats-facing-microsoft-products-and-isa-server-security-settings/.

1. IvyPanda. "Threats Facing Microsoft Products and ISA Server Security Settings." August 17, 2022. https://ivypanda.com/essays/threats-facing-microsoft-products-and-isa-server-security-settings/.


Bibliography


IvyPanda. "Threats Facing Microsoft Products and ISA Server Security Settings." August 17, 2022. https://ivypanda.com/essays/threats-facing-microsoft-products-and-isa-server-security-settings/.

References

IvyPanda. 2022. "Threats Facing Microsoft Products and ISA Server Security Settings." August 17, 2022. https://ivypanda.com/essays/threats-facing-microsoft-products-and-isa-server-security-settings/.

References

IvyPanda. (2022) 'Threats Facing Microsoft Products and ISA Server Security Settings'. 17 August.

Powered by CiteTotal, bibliography tool
More related papers