Detección y Evaluación de Vulnerabilidades en la Web con la Técnica Banner Grabbing en la Cooperativa de Ahorro y Crédito “Riobamba” Ltda
Today, information has become an extremely important asset and with this increased need to protect it from attacks that may affect its integrity or confidentiality. This need is more important if this information is about a banking entity such as the “Riobamba” Ltda. Savings and Credit Cooperative,...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | bachelorThesis |
| Sprache: | spa |
| Veröffentlicht: |
2020
|
| Schlagworte: | |
| Online Zugang: | http://dspace.unach.edu.ec/handle/51000/6594 |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Tag hinzufügen | Zusammenfassung: | Today, information has become an extremely important asset and with this increased need to protect it from attacks that may affect its integrity or confidentiality. This need is more important if this information is about a banking entity such as the “Riobamba” Ltda. Savings and Credit Cooperative, since it manages personal information, bank accounts and investments of its members, making these data a target Very tempting for cybercriminals. The methodology used in the investigation is inferential for pre and post analysis of vulnerabilities and risks. In addition, three scenarios are shown in the study: the first simulating the cooperative's network topology with a typical concurrence and without any type of computer attack; the second applying computer attacks using the banner grabbing technique to the aforementioned scenario in order to analyze how vulnerable the network topology is; and in the third scenario, defense mechanisms are implemented to measure how its has repercussions on computer security. Open / closed port scans were performed; In addition, response times of the web server were measured, obtaining an improvement of 14.8 milliseconds, CPU usage was reduced to 37% and RAM consumption was minimized to 39%. After applying the FortiWeb firewall, confirming the effectiveness of the implementation of defense mechanisms. |
|---|