A)

1)

Threat/ Asset Existing Likelihood Consequence Level

Vulnerability Controls of
Risk

Corruptionof Integrityof ACLwithout Duetono Financialdata High

Filesby Customer proper authentication thatiscrucial
altering authentication mechanism forthe
records mechanism exploitingis organsiation
madesimple
here
Alteringof IntegrityofPoorPassword SQLisanold Alteringrecords High
account case Management conceptandnot wouldlead
records investigatio policies muchskillsis organization
nonsame without neededto wronginsights
recordson biometricsto exploitusing intogrowthof
theserver allowproper thistechnique organisation
login
Theftof Copyof Database SQLisanold Theattacker Mediu
personal information without conceptandnot mayusethisto m
information from recommended muchskillsis takearansom
andusingit Database Securitylevel neededto from
forpersonal mechanisms exploitusing organisationand
use this sellthedataof
technique.Effect organisation
ivenessofXSS
dependson
programming
knowledgeof
person
executingattack
Please note below is an extra information apart from above information that can also be added if
you wish

Threat/Vulnerab Levelof Conseque Likehood Asset ExistingControls

ility Risk nce
Broken Severe Secure Duetono Host Poor
Authentication and authentication System Authentication
Easyloginusing Important mechanism mechanism
anyrandom Informati exploitingis
usernameand onwould madesimple
password belost here
SQL Severe Any SQLisanold Databas PoorDatabase
Injection:Extract informati conceptand e securitypolicy
ionofvarious onlike notmuch without
dataontargetby financial skillsis encryption
queryexecution infocan neededto
be exploitusing
comprom thistechnique
ised
CROSSSITE Moderate Usermay Noteasyor Databas UsageofSpecial
SCRIPTING:Inv be notvery eand charactersallowed
olvesrunning trickedto difficult.Depe Host inusernamefield
randomscripts givehis ndson System
intarget informati programming
machine on skillsof
person
ImproperACL Low Access Exploitationis Host Samepriveledges
Configuration maybe veryunlikely System toallusers
granted butpossibility
toany cantbe
random completely
user ruledout
2)Some Suitable Security Policies that can be in place to prevent the attacks include

i)ProperAuthenticationmechanismshouldbeimplementedwhereeverpossible

ii)Itsrecommendedtoclearhistory,cookies,cacheandrestrictpriveledgestopeople

iii)Specialcharactersmustnotbeusedforusernames.Allpagemusthaveoutputforaspecific
input

iv)Modifypriveledgestoselectedusers

v)Asanadditionallevelofsecuritybiometricsecuritycanbeusedtoallowaccesstoemployees
oftheorganization

vi)Proper DatabaseSecurityPolicies withstrongencryption mechanism(employing256AES

encryptionmechanisms)shouldbeusedtoavoidexploitationofdata
vii)If required the Organisation can implement a mechanism where if un authorized people
accessthedatabase,itsoundsandalarmandshutsdownthedatabaseitself.Butthiswouldcause
disruptioninoperationshoweverifboottimeofdatabaseishigh

viii)DirectoryonwhichDatabaseismountedmusthaveMultifactorAuthenticationMechanism
forstrongersecuritypolicy

ix)PrivateVPNshouldbeusedwhereeverpossible

x)AccesstoTrafficmustbewhitelistedonlyforcertainIPaddressofhostsystems

ThemostcosteffectiveonewouldbeimplememtingMFA,strongsecuritypoliciesandusing
256bitAESencryption

3)TheGriffithPocliyaddressesthefollowing

Theintegrityandvalidityofinformation
TheprotectionofUniversityassetsusingauthenticationmechanisms

Thepocilcydoesntaddressalltheissuesjustbecauseitsaysprotectionofunibersityassets.

Wedontknowwhatkindofauthenticationandsecuritymechanismareimplaceandwhich
peoplehaveaccesstowhatcontrolsandsystems

Thepolicymustclearlyspecifythetypeofauthenticationusedandwhohasaccesstowhatto
avoidconfusion

1)DescribethepermissionofpingandhowdoyouknowifitsisSetUIDProgram

Firstofallpingneedstoberunfromrootlevelwhichislikeanadminlevel.Pingalsoallows
ustosetSETUID.Oneofthewaysthiscanbedoneisasfollows:

i)UsingthePasswdCommand

ii)UsingCronTabandAtCommand

WecancheckifSetUIDissetbytypingthefollowingcommandinterminal
Chmodu+smyfile.txt//myfileisasamplefileIcreated

lsl//lsisusedtolistfiles

ThiscommandcanbeusedtocheckifauserAinownerpermissionfieldisreplacedbysor
S

Examplelistingafilefile1.txtisasfollows

BeforeusingSUIDbit

AfterusingSUIDbit
 2)Describeyourobservation

Beforeusingsudochmodus/bin/pingwecanseepingworks

Afterusingsudochmodus/bin/ping

ThisisbecausepingneedstogenerateandreceiveICMPpackets,andusuallythat'sdone
using"rawsockets"afeaturelimitedtoroot(cap_net_raw)becauseitcouldalsobeabused
tosniffanddisruptothertrafficonthesystem.

Manydistributionsnowjustgivepingthecap_net_rawprivilegeinsteadoffullsetuidroot.
Thishoweverneedsboththekernelandthefilesystemtosupportextendedattributes(xattrs),
andsome"minimal"systemsdisablethose.

3)Describeyourobservation

Usingsudo setcap cap_net_raw=ep /bin/ping we

Wehaveaddedacapabilitytopinginbinaryfolderwhichallowspingpermissiontoopenaraw
socketallowingtotargetapingsystem

Note:Ihavenotaddedscreenshotoflastcommandduetoitssecurityimplicsationsofthe
command.Oncethepermissionisprovideditbecomesdifficulttodisableit

4)/usr/bin/passwdistofacilitatechangingofuser'spassword.Ifyouuseitasshelloftheuser,
theuserwillnotbeabletologinbutwillbeableto(orputtingitmorecorrectly,alwaysbe
forcedto)changehis/hberpasswordateveryloginattempt