Complete the tasks described in this worksheet. Read the instructions carefully
ID: 3876658 • Letter: C
Question
Complete the tasks described in this worksheet. Read the instructions carefully and submit evidence of your completed tasks (a screen shot is your evidence). Answer the questions below in the space provided. Showing Evidence of Completion: Your evidence of completion is a screen shot, as described in each exercise. Use the tool of your choice to take a screen shot of the required content. Screen shots should be pasted at the end of this document. Answering Questions: Your answers should be written in carefully edited college-level English, using complete sentences. Lab – Analyze and Differentiate Types of Malware Instructions and Evidence of Completion Answer a Question At the end of this document (not within this table) paste screen captures that show the following: the version of bash running on the Ubuntu system; the detection of the Shell Shock vulnerability found on the Apache server; the rkhunter tool displaying the Rootkit vulnerability it found. Be sure your screen shot(s) include the command executed and the resulting output. Answer each of the questions below; use the space to the right of each question for your answer. Make sure your answers are clear and complete. Questions Answer What command was used to determine the version of BASH running on the Ubuntu client? What version was in use there? What does the acronym “CVE” stand for and In your own words explain what it represents. It stands for Common Vulnerabilities and Exposures and basically it is a catalog of known security threats sponsored by the Department of Homeland Security. What was the specific BASH vulnerability found on the Ubuntu client? When this vulnerability was attacked what ability was provided to the attacking machine? What command was executed to start the web server service on the Security Onion? In a Linux file system, how are hidden files or directories named?
Explanation / Answer
1. To check the bash version of your Ubuntu using the command line :
Open the terminal by preesing ctrl+alt+T.
Type : . /etc/lsb-release and press Enter. or
lsb_release -r
this is the command to check the ubuntu version.
2. you can check the version using two ways :
Check with in unity: it gives the partial version.
Put a short command line: this method gives the full version.
3. The CVE stand for Common Vulnerabilities and Exposures .CVE system provides a reference-method for publicly known information-security vulnerabilities and exposures. the catalog is sponsored by the United States Department of Homeland Security (DHS).
Threats are divided into two categories: vulnerabilities and exposures.
Vulnerability : a vulnerability is a mistake in software code that gives opportunity to an attacker with direct access to a system or network. It allow an attacker to pose as a superuser or system administrator who has full access privileges.
Exposure : It is defined as a mistake in software code or configuration that provides an attacker with indirect access to a system or network. an exposure may allow an attacker to secretly gather customer information that could be sold.
4. If a security issue affects the releases of Ubuntu and its derivatives.
5. if an attacker were able to create an environment variable containing a function defintion with specific name. then these are used to bypass certain environment.this is the ability was provided to the attacking machine.
6.Security Onion for Splunk is designed to run on a Security Onion server, providing an alternative method for correlating events and incorporating field extractions and reporting.
Squert : Squert is a web application that is used to query and view event data stored in a Sguil database
to start all services
sudo service nsm start;
sudo nsm_server_ps_start.
Related Questions
drjack9650@gmail.com
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.