Network security attacks. ARP Poisoning case study

Arp poisoning is one of the most common attacks in a switched network. A switch is a network device that limits the ability of attackers that use a packet sniffer to gain access to information from internal network traffic. However, using ARP poisoning the traffic between two computers can be intercepted even in a network that uses switches. This method is known as man in the middle attack. With this type of attack the affected stations from a network will have invalid entries in the ARP table. Thus, it will contain only the correspondence between the IP addresses of the stations from the same network and a single MAC address (the station that initiated the attack). In this paper we present step by step the initiation of such an attack in a network with three computers. We will intercept the traffic between two stations using the third one (the attacker).network, security, attacks, arp poisoning, mac.

VoIP security - attacks and solutions

Voice over IP (VoIP) technology is being extensively and rapidly deployed. Flexibility and cost efficiency are the key factors luring enterprises to transition to VoIP. Some security problems may surface with the widespread deployment of VoIP. This article presents an overview of VoIP systems and its security issues. First, we briefly describe basic VoIP architecture and its fundamental differences compared to PSTN. Next, basic VoIP protocols used for signaling and media transport, as well as defense mechanisms are described. Finally, current and potential VoIP attacks along with the approaches that have been adopted to counter the attacks are discussed

Students’ perceived ethical severity of e-learning security attacks

Over the past 15 years there has been a sharp increase in the use of e-learning systems both in education for degree delivery as well as corporate environment for training and certification purposes. Information systems security has been an important concern for most organizations. However, very little attention has been given to information security in the context of elearning systems. In this study, we conducted an investigation into students’ perceptions of ethical severity related to five common information security attacks in the context of e-learning. We have concentrated our investigation specifically in testing for differences over these five e-learning security attacks based on gender, age, and academic rank (undergraduate/graduate). Our findings indicate that majority of the students appears to self-report their perceptions as ethically driven across all five e-learning security attacks. However, we were somewhat alarmed to find that, although a small percentage, indeed some students reported these security attacks to be ethical. Our results indicated that overall males find these security attacks less severe than females. We also found that undergraduate students appear to perceive these attacks only slightly less severe than graduate. Age wise, our results indicated that there is an increase trend where the older the student is, the more severe s/he ranks the attacks. The paper concludes with a summary of the results and implication of this study for practice and research