Case 1: Determining Software Engineering Risks for Alexander Rocco
After reviewing all the applications Alexander Rocco uses, you notice that many have been modified or changed during the past couple of months. Two of the company’s financial applications are written in C and, according to Randy Stegner, the IT security administrator, monitor the company’s accounts and financial data. Mr. Stegner discovered that several modifications were made to one program, with no documentation indicating who made the changes or why.
a. Based on this information, write a memo to Mr. Stegner with your findings and any recommendations you might have for improving the security of the company’s software engineering practices.
b. Search the Internet for any information on securing company software. Does the OSSTMM address any of these issues?
c. What improvements should you recommend to better protect this information?
Case 2: Developing a Security-Testing Tool
Your manager at Security Consulting Company has asked you to develop a tool that can gather information from several hundred computers running Windows 10 at Alexander Rocco. The tool needs to verify whether any computers are left running at certain hours in the evening, because management has requested that all computers be turned off no later than 6:00 p.m.
a. Write a memo to your supervisor describing the programming language you would use to develop this tool and the method for verifying the information Alexander Rocco management requested.
Case 3: Securing an Older Linux OS
After conducting footprinting and using social-engineering techniques on the Alexander Rocco network, you have determined that the company is running several applications on Linux computers. You also discover that the payroll system runs on several Red Hat Enterprise Linux 5.8 (RHEL 5.8) servers. You need to ensure that this version will be supported with patches from the vendor until the new payroll system is installed in 2017.
a. Based on this information, write a brief report stating whether the systems can be secured until they’re replaced in 2017, and include recommendations for securing these systems.
Case 4: Detecting Unauthorized Applications
In conducting a review of the OSs running on the Alexander Rocco network, you detect a program that appears to be unauthorized. No one in the department knows how this program got on the Linux computer. The department manager thinks the program was installed before his start date three years ago. When you review the program’s source code, you discover that it contains a buffer overflow vulnerability.
a. Based on this information, write a report to the IT manager stating what course of action should be taken and listing recommendations for management.
Case 5: Validating Password Strength for Alexander Rocco Corporation
After discovering that most computers and servers at Alexander Rocco run many different versions of Windows, your supervisor has asked you to write a report on the issue of password vulnerabilities.
a. Write a one-page memo to your supervisor describing the password-cracking areas you will test. Your memo should be based on the information you find in Section 11, “Password Cracking,” of the OSSTMM.