Chapter 1 Assignmnet

Ryan M. Kethcart INFOST-491 SEC-OL

Exercises
1. Look up the paper that started the study of computer security. Prepare a summary of the key points. What in this paper specifically addresses security in areas previously unexamined? a. A paper titled the Rand Report R-609 was sponsored by the Department of Defense and initiated the movement toward security that went beyond protecting physical locations. It attempted to define multiple controls and mechanisms necessary for the protection of a multilevel computer system; identifying the role of management and policy issues in computer security. This report/paper significantly expanded the scope of computer security to include the following: securing the data, limiting random and unauthorized access to said data, and involving personnel from multiple levels of the organization in matters pertaining to information security. 3. Consider the information stored on your personal computer. For each of the terms listed, find an example and document it: threat, threat agent, vulnerability, exposure, risk, attack, and exploit. a. Threat: i. Theft of Media b. Threat Agent: i. Hacker (Ex: Ima Hacker) c. Vulnerability: i. Unprotected system port d. Exposure: i. Using a website monitored by malicious hackers, reveals a vulnerability i.e. Unprotected system port e. Risk: i. Low level risk The probability that theft of media will occur is low f. Attack: i. Hacker is made aware of system vulnerability (unprotected system port) by monitoring the website mediamadness.com. The hacker then navigates to and enters the exposed port; the hackers continues to steal media files from the users computer. This results in the user experiencing a loss. g. Exploit: i. Hacker uses software tools to gain access to the unprotected system port; gaining access to the users computer. 5. Using the Web, find out more about Kevin Mitnick. What did he do? Who caught him? Write a short summary of his activities and explain why he is infamous.

a. Kevin Mitnick grew up in Los Angeles, California and is currently a computer security consultant. At a very young age, Mitnick used social engineering to successfully bypass the Los Angeles bus pass punch -card system; it was Mitnicks mastery of social engineering which once granted him the title of the most-wanted computer criminal in the United States. Overall, Mitnick of various crimes including: wire fraud, computer fraud, illegally intercepting a wire communication and more. Mitnicks confirmed criminal acts include: using the Los Angeles bus transfer system to get free rides, evading the FBI, hacking into DEC systems to view VMS source code, gaining full administrator privileges to an IBM minicomputer at the Computer Learning Center in Los Angeles in order to win a bet, and hacking Motorola, NEC, Nokia, Sun Microsystems, and Fujitsu Siemens systems. He is also accused of the following: stealing computer manuals from a Pacific Bell telephone switching center in Los Angeles, reading emails of computer security officials at MCI communications and Digital, wiretapping the California DMV, free cell phone calls, hacking Santa Cruz Operations, Pacific Bell, FBI, Pentagon, Novell, California DMV, University of Southern California and the Los Angeles Unified School District systems and also wiretapped NSA agents. On February 15th, 1995, the FBI arrested Mitnick at his apartment in Raleigh, North Carolina on federal offenses related to a 2 -year period of computer hacking. Overall, Mitnick spent a total of five years in prison and was released on January 21st, 2000 Mitnick is infamous for his method of hacking or gaining access to restricted information via social engineering.

Case Exercises
The next day at SLS found everyone in technical support busy restoring computer systems to their former state and installing new virus and worm control software. Amy found herself learning how to install desktop computer operating systems and applications as SLS made a heroic effort to recover from the attack of the previous day.

Questions:
1. Do you think this event was caused by an insider or outsider? Why do you think this? a. I believe this event was caused by an outsider because the event caused everyone to contact technical support. I assume, because of the widespread problems, the attack was from an outsider. 2. Other than installing virus and worm control software, what can SLS do to prepare for the next incident? a. SLS should implement the six layers of security: physical security, personnel security, operations security, communications security, network security, and information security. 3. Do you think this attack was the result of a virus or a worm? Why do you think this? a. I believe this attack was the result of a worm because it seemed like the problem continued to spread without human interaction the problems arose without the sharing of files and continued to grow.