The site being audited has a total of 10 full time staff and an unspecified number of casual
staff. The back-office duties are only undertaken by full time staff, but the staff common
areas and offices are not locked or physically separated. Full time staffers handle payroll, HR
and scheduling tasks. The front counter/cashier duties are sometimes taken on by full timers
but also by casual staff. You have been informed that the turnover of casual staff is quite
large, although the reasons for this are unknown.
The computer systems in the back office are all networked via a Cisco small business series
ADSL router supplied by Telstra. To permit the owner(s) to check on files from home,
remote access services are enabled on some but not all of the machines. There is no
centralized authentication server and users logon locally to all machines. All machines
contain two local user accounts “admin” and “user”. These accounts are shared by staff to
ensure that files are always accessible to fellow staff. The server that will be used for hosting
the online presence will run on Ubuntu Linux. The server will also be used as print and file
server for other Windows 7 PCs which will run office applications (payroll, HR etc.).
An image of the server machine has been supplied to you as VirtualBox VM.
You will require your student number to download the VM. You should download your
own specific VM as there are multiple different VMs for different people.
The network interface of the VM is set to Host-only Adapter and you should leave it
that way. For the VM to run, it is necessary to have a Host-only Network configured in
VirtualBox. This may already exist, but if it does not exist you can configure it under
File->Preferences->Network->Host-only Networks. Make sure you enable the DHCP
server.
Your task is to assess the attack surface of this machine. The scope of your analysis is
limited to (1) network level attacks and (2) physical attacks. You should NOT logon to
the machine and analyse the individual software packages that have been installed. You
only need identify and describe any vulnerable services from a network level (using
suitable tools) and identify and describe any potential physical attacks given the
scenario description above.
It is not mandatory, but you may use a vulnerability scanner (e.g. Nessus) for the
network-level analysis. However, you are not allowed to simply copy and paste output of
these tools. Like in the real world you must synthesise the output of the tools into a form
appropriate for the audience and add textual descriptions.
Your report should outline possible weaknesses and vulnerabilities in the systems. The
report should include a summary of less than 1 page that summarizes the most
important findings and is understandable by a layperson. The following pages should
describe the details and should be presented in a format suitable for a general technical
audience – i.e. someone who is proficient in IT in general, but may not be a security expert. Citations should be used where appropriate.
Your report should include an overview of the potential vulnerable services and of the
physical attack points, reference specific CVE items (with brief explanations) and
demonstrate a prioritisation of the most important issues. An exhaustive list of CVEs is
not required (there are too many), but you should at least discuss the 10 most critical
and these must be relevant to the actual system and services. Based on your findings
you should also make some recommendation on how to improve the security.
The expected answer length is roughly 5-6 pages, the maximum length is 10 pages.
Do you need help with this assignment or any other? We got you! Place your order and leave the rest to our experts.