Security test
Solved
Serenity84
Posted messages
2
Status
Membre
-
sebsauvage Posted messages 33284 Registration date Status Modérateur Last intervention -
sebsauvage Posted messages 33284 Registration date Status Modérateur Last intervention -
Hello,
I have 2 questions regarding system security, here they are if you're interested in thinking about them with me:
Question 1:
Consider a worm W32/beagle that presents itself as an email with an attached .exe file that is compressed and encrypted. The password to decrypt it is contained in the email. If the victim executes the file using the password, the worm spreads by selecting the next victim from the current victim's address book.
Why is the compressed file encrypted since the password is provided in clear text in the message itself? And how can the mail server fend off this kind of attack?
Question 2:
Suppose a computer park includes several workstations connected to the Internet via a firewall. Several users report that their machines are rebooting unexpectedly. According to one of the users, this problem is caused by a virulent worm that exploits a vulnerability in the operating system. To spread, the worm seems to use TCP and UDP connections to other machines both within the local network and outside of it.
What emergency measures should be taken to stop the spread of the worm? What measures should be taken to restore the integrity of the system?
I look forward to your proposed answers!
Thank you
I have 2 questions regarding system security, here they are if you're interested in thinking about them with me:
Question 1:
Consider a worm W32/beagle that presents itself as an email with an attached .exe file that is compressed and encrypted. The password to decrypt it is contained in the email. If the victim executes the file using the password, the worm spreads by selecting the next victim from the current victim's address book.
Why is the compressed file encrypted since the password is provided in clear text in the message itself? And how can the mail server fend off this kind of attack?
Question 2:
Suppose a computer park includes several workstations connected to the Internet via a firewall. Several users report that their machines are rebooting unexpectedly. According to one of the users, this problem is caused by a virulent worm that exploits a vulnerability in the operating system. To spread, the worm seems to use TCP and UDP connections to other machines both within the local network and outside of it.
What emergency measures should be taken to stop the spread of the worm? What measures should be taken to restore the integrity of the system?
I look forward to your proposed answers!
Thank you
Configuration: Windows XP Firefox 2.0.0.13
