2.  ZoneAlarm is a PC-based firewall and IDPS tool. Visit the product manufacturer at www.zonelabs.com and find the product specifications for the IDPS features of ZoneAlarm. Which ZoneAlarm products offer these features?


-      ZoneAlarm Pro Antivirus + Firewall, ZoneAlarm Extreme Security


5.  Several online passphrase generators are available. Locate at least two on the Internet and try them. What did you observe?


-      They choose random words together and made them into a passphrase and one had its own seed generator too which helped the passphrase become different.


Case Exercises

1.  Do you think Miller is out of options as he pursues his vendetta? If you think he could take additional actions in his efforts to damage the SLS network, what are they?


-      No he still can IP spoof, Phishing, Tor browser and VPN since IDPS canít read encrypted packets. He could social engineer himself as a lower position as try to get access from someone who does grant access to the network.


2.  Suppose a system administrator at SLS read the details of this case. What steps should he or she take to improve the companyís information security program?


-      The information thatís stored out in the open on desks, giving out diagrams and describes of the network and to have other IT personal around contracted help. Keep on the look for suspicious downloads on all servers and secure all servers no matter what they do.


3.  Consider Millerís hacking attempt in light of the intrusion kill chain described earlier and shown in figure 7-1. At which phase in the kill chain has SLS countered his vendetta?


-      Reconnaissance, Command and Control, and Actions on Objectives


Ethical Decision Making

1.  It seems obvious that Miller is breaking at least a few laws in his attempt at revenge. Suppose that when his scanning efforts had been detected, SLS not only added his IP address to the list of sites banned from connection to the SLS network, the system also triggered a response to seek out his computer and delete key files on it to disable his operating system.

Would such an action by SLS be ethical? Do you think that action would be legal?


-      This would not be legal or ethical as they are also breaking the law by counter attacking/back hacking his computer.


2.  Suppose instead that Miller had written a routine to constantly change his assigned IP address to other addresses used by his ISP. If the SLS intrusion system determined what Miller was doing and then added the entire range of ISP addresses to banned list, thus stopping any user of the ISP from connection to the SLS network, would SLSís action be ethical.


-      In a sense yes, but also no as everyone from that ISP now have no service to your websites and what products you sell which is bad for business purposes.


3.  What if SLS were part of an industry consortium that shared IP addresses flagged by its IDPS, and all companies in the group blocked all of the ISPís users for 10 minutes? These users would be blocked from accessing perhaps hundreds of company networks. Would that be ethical response by members of the consortium? What if thee users were blocked for 24 hours?


-      This would not be an ethical response as business would suffer a loss of revenue and the length of a 24 hour blockage would be bad.