Paul Shaw


IT Security


5. Several online passphrase generators are available. Locate at least two on the internet and try them. What did you observe?

          There are lots of options, and most all of them are quite long. One site had options for word length and numbers instead of spaces between words while another just allowed the number of words used to change.

4. Use the internet to search for “live DVD security toolkit.” Read a few web sites to learn about this and their capabilities. Write a brief description of a live DVD security toolkit.

          The Live DVD security toolkit is a set of networking and computer security tools put onto a DVD or flash drive, used primarily for LINUX systems. It is used for security checks and network diagnostics mostly.

Discussion Questions

1.    Do you think Miller is out of options as he pursues his vendetta? If you think he could take additional actions in his effort to damage the SLS network, what are they?

While I do think he has options to continue trying to cause damage to the system, I don’t know what else he could do off the top of my head. Aside from trying other options from other IP addresses, I think SLS has done well to lock down their system.

2.    Suppose a system administrator at SLS read the details of this case. What steps should he or she take to improve the company’s information security program?

I think improving detection would be a good way to start, Miller appears to have gotten somewhat deep into their system before he was shut out. Better data collection may also be a good investment to find their weaker areas.

3.    Consider Miller’s Hacking Attempt in light of the intrusion kill chain described earlier and shown in figure 7-1. At which phase in the kill chain has SLS countered his vendetta.

I think they countered him at the command and control phase, since he installed a program but it wouldn’t work for him.

Ethical Decision Making

If SLS tried to delete Miller’s files in turn I would think that would be incredibly unethical, and also probably illegal, though both parties would be at fault if it went to court for different reasons.

If SLS disabled all the spoofed IP addresses I would think it would be ethical to do so. If it becomes a problem for anyone under those addresses, they could message SLS to see what the problem might be and have their address re-enabled.

I don’t think one company’s issues should be other company’s issues unless they’re directly related, the mass IP blacklist is pretty uncool. The ten minute lockout is kind of lame, but the 24 hour lock out is super unethical.