Network Security

Task Type: ** (Easy - Medium)

Objective: Understand how real web application attacks work, and methods for mitigating

them.

For this question you must use virtnet (as used in the workshops) to study web application

attacks. This assumes you have already setup and are familiar with virtnet. See Moodle and

workshop instructions for information on setting up and using virtnet, deploying the website,

and performing the attack.

Your task is to:

? Create topology 7 in virtnet

? Deploy the MyUni demo website on the nodes

? On node4, add a user to the grading web application with username set to your

student ID, and password set to your first name.

? Perform an unvalidated redirect attack, such that the attacker steals your

username/password.

? While performing the attack, take a screenshot of the window showing the stolen

username/password.

After performing and understanding the attack, answer the following sub-questions.

(a) Give a short description of an unvalidated redirect attack, referring to the steps you

performed in the attack and the vulnerability your attack exploited.

(b) Assuming a website must use redirects, recommend a technique that can be used to

minimise the impact of unvalidated redirect attacks.

(c) In the attack you performed in virtnet, describe what methods the attacker used (other

than an unvalidated redirect) and how the attacker benefits from the attack (that is, what

do they gain and how?).

(d) Include the screenshot of the stolen username/password obtained during the attack.

Kỹ năng: Bảo mật Internet, Quản trị mạng

Xem thêm: security network, network work, security network design, logo security network, security network logo, security network using snmp, joomla answer questions component, multiple answer questions flash, network security lahore, aspnet answer questions yahoo, random multiple answer questions, network security consulting freelancing, answer questions job review, basic network security designs

Mã Dự Án: #13795542