CNA430/530: Firewall and Penetration Testing
St. Cloud State University
PROJECT-02: Security Root Causes Analysis and Prevention Techniques of Vulnerabilities in MongoDB with Singularity Linux Containers
Project Outline:
Copyright By PowCoder代写 加微信 powcoder
This is the second phase of “Project-01: Vulnerability Assessment of MongoDB in Linux Containers”. In the Project-02, you have to find security root causes for at least 15 vulnerabilities found in Project-01 and thereafter you have to propose a prevention technique for each vulnerability. Before selecting vulnerabilities to find root causes, based on your own criteria, you may need to first, prioritize them such as “Low”, “Medium”, and “High” according to their severity level. Finally, if you could implement few of the proposed prevention techniques, you would get some extra credit (In detail steps are required).
• Step-01. Prioritize, vulnerabilities found in all the categories (Application, Image Containers, Host, and Network) in Project-01 (Hope you have already categorized all the vulnerabilities in Project-01, when you do the vulnerability assessment using various different tools).
• Step-02. Select at least 15 vulnerabilities from prioritized list to cover all the above categories (The vulnerability categorization is totally up to you).
• Step-03. Plan, how to find root causes of each prioritized vulnerability.
• Step-04. Find the root cause of each prioritized vulnerability in the current system.
• Step-05. Propose a prevention technique as a security mechanism for each root cause of
each prioritized vulnerability in the current system.
• Step-06. Optional: If possible, implement the proposed security mechanism/technique in
previous Step-05 into the current system, to avoid the particular vulnerability.
• Step-07. Optional: After implementing proposed security mechanisms/technique in previous Step-06, Re-run all the experiments executed in Project-01 and make sure the
updated system is free from those particular vulnerabilities.
• Step-08. Write a Comprehensive report.
© , Mailewa 1
A. Vulnerability
B. Vulnerability Category
C. Severity (Priority)
D. Root Cause
E. Prevention Technique(s) : Change the MongoDB server listening port to different one
F. Implementation : Changed the MongoDB server listening port from 27017 to 35000
G. Security verification : Re-run the MongoAudit basic scan and see the results
NOTE-01: Do not just limit to one or two tools, add more tools to the testbed and try to generate more results (Vulnerabilities). Thereafter, find the root causes for those vulnerabilities. One good idea is to make tables to represent your results.
NOTE-02: Quality of results may directly affect your Project-02 grade, do not just work on more than 5 simple vulnerabilities with very low severity. I am expecting you to work on at least 5 vulnerabilities in each severity level such as 5 from “Low”, 5 from “Medium”, and 5 from “High”. If you have not found at least five in each category, in order to find that much you may try to introduce more new tools.
NOTE-03: With proper citations you may use some online resource and materials to find root causes of vulnerabilities. Highly encourage to refer, peer reviewed papers published in IEEE, ACM, Elsevier, Springerlink, and other well-known journals.
Report Outline:
Make a comprehensive report including the followings:
1. First page must include, Title, Group number, and Member’s names. 2. Second page, Table of Content.
3. Problem statement. (What you did?)
4. Organization/Flow. (How did you do? – Include Methods)
5. Results. (Include tables and graphs)
6. Conclusions/Findings.
7. References.
: MongoDB does not listens on a port different to default one : MongoDB Application
: The MongoDB server is currently listening on default port 27017
© , Mailewa 2
Submission Instruction:
1. Complete all the tasks assigned in the project.
2. Submit your report to the D2L “Project-02” drop-box by only one member of each group
within four weeks from the assigned date.
NOTE-1: Please add, 1.All group member’s names (LAST_NAME, FIRST_NAME), 2.Group number, and 3.Page numbers of the report.
NOTE-2: Please add all group member’s contributions to complete and submit this lab as a
percentage as shown below at the end of the report. (
Member-01: 100% Member-02: 75% Member-03: 100% Member-04: 50%
References:
Before submitting to D2L all of the group
members must know or aware their reported contribution as a percentage in the lab report
[1]. https://www.gb-advisors.com/vulnerability-prioritization/
[2]. https://www.dummies.com/programming/networking/how-to-prioritize-your-systems-security-vulnerabilities/ [3]. https://arch.simplicable.com/arch/new/10-root-causes-of-security-vulnerabilites
[4]. https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7861655
© , Mailewa 3
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com