Incident Response Essay Example for Free

Incident Response EssayAny internet lowlife be subjected to security compromise. There is no amount of coding or access check that can ultimately prevent an firing to a electronic network. However, there is a need for any musical arrangement to ensure that their networks ar safe and their incidence resolutions are potent. There are many tactics and tools that are employed by aggressors to evade any undercover work by the investigation or incidence response teams, remain anonymous and to avoid attracting any attention by looking like normal users. If this fails, the fighter has the ability to degrade the system to make investigations more complicated. It is also important to argument that the aggressers are incessantly technic entirelyy more advanced than the security staff managing the network security monitoring systems and in round cases may be more sophisticated than the investigators (Mobrien, 2003). There are a many tools that are acquirable to intruders tha t can be used to penetrate the network security monitoring systems.These tools are available in the internet including vulnerability of different software and how to develop programs that can penetrate networks. Other than being pronto available, these tools are becoming increasingly easy to use making it possible for anybody with basic completeledge to be able to attack a computer network. Some of these tools include programs such as remote discernment and local penetration that can control a computer in the network without any authorization, network and vulnerability scanners, password crackers and sniffers (Mobrien, 2003).The attacker employs different tactics to promote anonymity. This is by using all means to separate all possible ties between the computer to which the attack is directed and the computer in which the attack is launched. This can be done by first compromising a system that is therefore used as a stepping stone, forging the IP address (spoofing) or using a se rvicing providers netblock. He can also remain anonymous by launching the attack from a trusted host who may be a close business associate or exploiting the vulnerability of the client rather than the server.To frustrate any investigation or incidence response to the attack, the attack may prefer to use public intermediaries such as an IRC channels. Rather than trying to remain anonymous, the attacker may evade detection by providing false leads to the incidence response or investigation team. This can be done by properly timing the attack to ensure that the duration between probes is decent to confuse the investigators. Other methods of evading detection include distributing the attack or blocking the web defacer.Moreover, it is important to note that by the attacker appearing normal or a legitimate user of the system is an effective way of frustrating incidence response (Bejtlich, 2004). Although protecting the network from such sophisticated malicious attack is in many instances considered a trivial task, there are some incidence responses considerations that need to be incorporated in the network security monitoring systems. Some of these security measures include an intrusion detection system that detects an intruder in the network and strict security policies in the organization.The staff dealing with the systems moldiness also be well equipped with incident response handling abilities. The staff should be certain of when to inform the police or called emergency incidence response. The staff should also be able know when the network has been broken and the most appropriate measure to take. It is also suggested that administrators or consultants with high level of knowledge and experience in systems vulnerability and management should handle incident responses (Mobrien, 2003).