Network Survey: Introduction To Network Defenses ✓ Solved

Network Surveyintroductionnetwork Defenses Rely First

Identify the current configuration of hosts, services, and protocols within Corporation Techs' network through analysis of provided PCAP data, network scans, and vulnerability reports. Develop a detailed report outlining hosts, services, and protocols to serve as a foundation for the organization's network security plan.

Construct a professional report that includes an overview of identified hosts, their associated services, and the protocols in use, emphasizing the network's existing architecture. This survey will inform subsequent network design improvements aimed at enhancing security and efficiency within the organization.

Sample Paper For Above instruction

Introduction

The importance of a comprehensive network survey cannot be understated when designing effective security strategies. In the context of Corporation Techs, understanding existing network configurations, including hosts, services, and protocols, is crucial due to the identified vulnerabilities and the need to optimize both security and operational costs. This report details the results of the network survey undertaken to fulfill these objectives, leveraging the provided PCAP data, network scans, and vulnerability reports.

Methodology

The survey process involved utilizing NetWitness Investigator to analyze the PCAP files, which provided insights into network traffic flow, host identification, and protocol usage. Complementary tools such as Nmap were employed to conduct port scans and network topology mapping in XML format. Nessus vulnerability reports and topology fisheye charts in PDF provided additional perspectives on potential risks and network structure. This multi-source approach ensured a thorough understanding of the current network landscape.

Identification of Hosts

Through traffic analysis and port scans, multiple hosts were identified, including workstations, web servers, email servers, and backend authentication servers. Key hosts include:

- Web server hosting both public and secured websites.

- Sales team devices used for transferring sensitive contract data.

- Internal servers handling authentication and email services.

Furthermore, host IP addresses were mapped within the Class C public IP space, highlighting areas susceptible to unauthorized access if not properly secured.

Protocols in Use

Analysis revealed the utilization of several protocols across the network:

- HTTP and HTTPS for web services.

- SMTP and IMAP/POP3 for email.

- FTP and SFTP for file transfers.

- Remote desktop and SSH for administrative access.

- Network protocols like ARP and DHCP for network management.

Notably, some communications, especially administrative and transfer activities, were observed in plaintext, indicating potential vulnerabilities to eavesdropping.

Services Offered by Hosts

Each host provided specific services:

- Web server: Static website content, with access via HTTP/HTTPS.

- Authentication server: User login and password validation.

- Email servers: Handling inbound and outbound mail traffic.

- File transfer servers: Transfer of contracts and bid documents, both secured (via SFTP) and unsecured (FTP).

This service mapping clarifies the exposure points within the network and highlights areas requiring careful security controls.

Implications for Security Planning

The survey results highlight critical vulnerabilities such as plaintext data transfer, open administrative ports, and shared public addresses. These vulnerabilities could be exploited to gain unauthorized access or eavesdrop on sensitive communications. Additionally, the shared IP address space suggests limited flexibility for network segmentation without incurring significant costs.

Conclusion

The comprehensive network survey provides a clear snapshot of Corporation Techs’ existing infrastructure. It underscores the necessity for strategic redesign, including implementing firewalls, segmentation, and secure protocols, to mitigate identified vulnerabilities. The subsequent network design phase will leverage these insights to optimize security while controlling costs, especially concerning public IP address usage.

References

  • Scarfone, K., & Mell, P. (2007). GUIDE TO ENTERPRISE WIDE IMPLEMENTATION OF INFORMATION SECURITY PROGRAMS (NIST SP 800-100). National Institute of Standards and Technology.
  • Alsmadi, I., & Zarour, M. (2021). Network security assessment techniques: Successful approaches and challenges. IEEE Access, 9, 146674-146690.
  • Rose, M., & McGregor, H. (2011). Network security essentials: protecting your network from intrusion. Sybex.
  • Whitman, M. E., & Mattord, H. J. (2019). Principles of Information Security. Cengage Learning.
  • Scarfone, K., & Hoffman, P. (2009). Guidelines for Security Testing of Wireless Networks. NIST Interagency Report 7628.
  • Odom, W. (2016). Cisco IOS Network Security. Cisco Press.
  • Grimes, R. A. (2017). The Cybersecurity to English Dictionary. Routledge.
  • Gordon, L. A., Loeb, M. P., & Zhou, L. (2011). The impact of information security breaches: Has there been a change in risks?. Journal of Computer Security, 19(1), 33-56.
  • Kraemer, K. L., & King, J. L. (2006). The impact of internet security policies and procedures on network security. Journal of Computer Information Systems, 46(2), 1-16.
  • Scarfone, K., & Mell, P. (2008). Guidelines on Firewalls and Firewall Policy. NIST Special Publication 800-41 Revision 1.

Related Assignments