Hunter Wikstrom

ITS 370 CH 7




2. Zone Alarm is a PC-based firewall and IDPS tool. Visit the product manufacturer at and find the product specification for the IDPS features of Zone Alarm. Which Zone Alarm products offer these features?


5. Several online passphrase generators are available. Locate at least two on the Internet and try them. What did you observe? and are the two passphrase generators that I used.

When visiting it immediately generates a passphrase for you. The site also goes on to explain why passphrases are important and explains what makes a strong password and what does not. It even gives you the amount of time it would take a computer to crack the code on your password depending on variables. is the other site I used. This site is more barebones and isnít pleasant to look at but it gets the job done. You can change the criteria of your passphrase to meet certain requirements. It goes on to tell you possible combination counts and so on.


Case Exercises

1. Do you think Miller is out of options as he pursues his vendetta? If you think he could take additional actions in his effort to damage the SLS network, what are they?

I think Miller is at the end of his own capabilities. He was clearly let go from this company because he was trash and didnít know what he was doing. Everything he has attempted so far is all good first steps but he has gotten to the point where the system now acknowledges the threat and has likely already alerted the security team of the attempted intrusions which will only make Millerís attempts more difficult.

2. Suppose a system administrator at SLS read the details of this case. What steps should he or she take to improve the companyís information security program?

The System has been set up well to stop these attempts so theyíre on the right track. They do, however, need to increase their physical security onsite and make sure people arenít leaving important passwords written on sticky notes.

3. Consider Millerís hacking attempt in light of the intrusion kill chain described earlier and shown in Figure 7-1. At which phase in the kill chain has SLS countered his vendetta?

The phase that the attack was stopped at was the exploitation stage. Miller was able to get into the system but was shut down before he was able to do anything of consequence on the system.

Ethical Decision Making

Would such an action by SLS be ethical? Do you think that action would be legal?

I think itís not necessarily unethical, I think this would be an effective way to deter people from messing with them again in the future. Whether or not this is legal I am unsure, but it should be. I think itís a good way to protect the company and the employees working for them.

stopping any user of the ISP from connecting to the SLS network, would SLSís action be ethical?

The reasoning behind stopping the ISPs is ethical. They are attempting to protect their network and their employees and thatís whatís important.

What if SLS were part of an industry consortium that shared IP addresses flagged by its IDPS, and all companies in the group blocked all the ISPís users for 10 minutes? These users would be blocked from accessing perhaps hundreds of company networks. Would that be an ethical response by members of the consortium? What if these users were blocked for 24 hours?

I believe once again the theory behind the reasoning is ethical. It will disrupt traffic to other businesses which, if done intentionally, would be unethical but in this situation, it is likely protecting them. The block is temporary and shouldnít be too disruptive. However, if they moved to a 24-hour block, they would have to have a safeguard in place to help with unblocking the wrongfully blocked companies. Hopefully all these steps would help smoke out the culprit.