Learning Outcomes:
The following learning outcomes will be assessed by this assignment:
1. Critically analyse a network stack at all OSI layers for security vulnerabilities;
2. Circumvent current network implementation using current hacking tools;
3. Critically appraise network performance in light of current hacker threats determining best practice for security;
4. Develop simple hacking tools that can either penetrate a network or disable the function of a normal network;
5. Critically appraise the structure for Internet and Intranet systems.
This is achieved by analysing a network capture for security and performance anomalies, from that you will gain an understanding of how many internet services interact and how issues influence overall network security and performance.
Background:
“You are an IT network security analyst for a small local bank: Northumbria Bank plc. On arriving at work this morning, you have been informed by the customer service manager that there may have been some kind of 'cyber-attack' against the bank's computer systems overnight. The systems started running slowly during the evening when the customer service team at the call centre were trying to view customers' bank accounts. However, although performance was degraded, the systems remained operational throughout and it is unclear what actually happened, as apart from the time-outs, no other error messages were seen by the customer service team. You have been provided a sample packet capture from the IT network operations team for analysis. The IT manager (Joseph) has requested a full report by lunchtime on Friday, 27th March by 12:00, in order to take into a meeting with the Managing Director (Nailton). The IT manager has asked you to identify what was caused the issue, and to provide recommendations and/or solutions on how to prevent the issue happening again in the future, as it affected customer service.”
“One of the IT network operations team (Anthony ‘Tony’ Sterling) mentioned that he and a couple of IT colleagues were working late that evening. Tony did notice the network slowing down early in the evening but by the time he managed to pull together a packet capture, the network seemed fine again. However, this may be because most of the call centre staff had finished their shift by then (at 20:00). Tony also mentioned that it isn’t the first time the network has run slowly but they have been too busy working on the project to reconfigure access to the customer service system after a bank merger. Tony admitted, in trying to reduce the size of the files, he may have ‘screwed up’ a few things within the packet capture, but hopefully there will be enough information to work on*”
The Task:
Your task is to undertake a full and detailed analysis of the sample packet capture in order to try and establish what may have caused the operational issues. You are also required to suggest solutions for the root cause(s), which either may be technical or non-technical.
Report:
Your report should consist of two key elements: an executive summary for the Managing Director, and the main report which will contain the technical detail. NB: The Managing Director is not very IT-literature and therefore the executive summary should also be written in layman's terms. The executive summary should be no more than 500 words and the total length of the report should be approximately 1800 to 2000 words. Network diagrams, tables, packet capture snippets should be included as well as references in order to support any theory. You may also include examples from your laboratory portfolio. Be sure to include a proper title page and table of contents.