Comparison of Network Attacks COSC 356 Kyler Rhoades.

Slides:



Advertisements
Similar presentations
Network Vulnerabilities and Attacks Dr. John Abraham UTPA.
Advertisements

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Lesson 3-Hacker Techniques
CISCO NETWORKING ACADEMY PROGRAM (CNAP)
Are you secured in the network ?: a quick look at the TCP/IP protocols Based on: A look back at “Security Problems in the TCP/IP Protocol Suite” by Steven.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
1 Reading Log Files. 2 Segment Format
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Intrusion Detection and Hackers Exploits IP Spoofing Attack Yousef Yahya & Ahmed Alkhamaisa Prepared for Arab Academy for Banking and Financial Sciences.
Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Network Attacks Mark Shtern.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Introduction to Security Computer Networks Computer Networks Term B10.
Computer Security and Penetration Testing
Distributed Denial of Service Attacks CMPT Distributed Denial of Service Attacks Darius Law.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
Man in the Middle attacks and ARP poisoning explained
Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.
Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,
Chapter Threats in Networks Network Security / G. Steffen.
Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.
Being an Intermediary for Another Attack Prepared By : Muhammad Majali Supervised By : Dr. Lo’ai Tawalbeh New York Institute of Technology (winter 2007)
Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,
Denial of Service Bryan Oemler Web Enhanced Information Management March 22 nd, 2011.
CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The.
--Harish Reddy Vemula Distributed Denial of Service.
EC-Council Copyright © by EC-Council All Rights reserved. Reproduction is strictly prohibited Security News Source Courtesy:
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
1 The Internet and Networked Multimedia. 2 Layering  Internet protocols are designed to work in layers, with each layer building on the facilities provided.
Lecture 20 Hacking. Over the Internet Over LAN Locally Offline Theft Deception Modes of Hacker Attack.
ARP Spoofing Attacks Dr. Neminath Hubballi IIT Indore © Neminath Hubballi.
Distributed Denial of Service Attacks
CHAPTER 9 Sniffing.
NETWORK ATTACKS Dr. Andy Wu BCIS 4630 Fundamentals of IT Security.
Denial of Service Datakom Ht08 Jesper Christensen, Patrick Johansson, Robert Kajic A short introduction to DoS.
Department of Information Engineering1 About your assignment 5 -layers Model Application Layer(HTTP, DNS,...) TCP Layer(add sequence number to packets)
Denial of Service Attacks
McLean HIGHER COMPUTER NETWORKING Lesson 13 Denial of Service Attacks Description of the denial of service attack: effect: disruption or denial of.
Attacking on IPv6 W.lilakiatsakun Ref: ipv6-attack-defense-33904http://
DoS/DDoS attack and defense
SEMINAR ON IP SPOOFING. IP spoofing is the creation of IP packets using forged (spoofed) source IP address. In the April 1989, AT & T Bell a lab was among.
Network Security Threats KAMI VANIEA 18 JANUARY KAMI VANIEA 1.
ITP 457 Network Security Networking Technologies III IP, Subnets & NAT.
© 2002, Cisco Systems, Inc. All rights reserved..
Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.
Forms of Network Attacks Gabriel Owens COSC 352 February 24, 2011.
By Billy Ripple.  Security requirements  Authentication  Integrity  Privacy  Security concerns  Security techniques  WEP  WPA/WPA2  Conclusion.
Denial of Service A comparison of DoS schemes Kevin LaMantia COSC 316.
Carrie Estes Collin Donaldson.  Zero day attacks  “zero day”  Web application attacks  Signing up for a class  Hardening the web server  Enhancing.
Presentation on ip spoofing BY
Network security Vlasov Illia
An Introduction To ARP Spoofing & Other Attacks
DDoS Attacks on Financial Institutions Presentation
Network Security: IP Spoofing and Firewall
Threats in Networks Jagdish S. Gangolly School of Business
Red Team Exercise Part 3 Week 4
Presentation transcript:

Comparison of Network Attacks COSC 356 Kyler Rhoades

Two classes of Network Attacks ◦Passive ◦Active

Passive ◦Non-evasive monitoring of transmissions ◦Traffic Analysis ◦Tricky to detect because data is unaffected

Active ◦Attacker tries to bypass or break into a secured system ◦Results in the disclosure or dissemination of data

Sniffing (Passive) ◦AKA  Eavesdropping  Mapping

Sniffing ◦Goals  Intercept information traveling throughout a network  To gather information about a network

Sniffing ◦How It Works  Attacker gains access to a network path  “Listen” to the data being transmitted back and forth ◦ Plaintext format ◦ messages, User names, Passwords, Documents

Sniffing

◦How To Combat Sniffing  Strong encryption methods ◦ Key-agreement protocol  Don’t use passive HUBS

Spoofing (Active) ◦Impersonates another host ◦IP Spoofing  Trusted Source

Spoofing ◦Goals  Impersonate ◦ Malicious actions, if caught, will look as if another legitimate user was behind the attack

Spoofing ◦How It Works  Find an IP address of a host connected to a secure network  Fakes his IP address to that the known host  Any data transmitted will appear to becoming from the known host

Spoofing

◦Attacks can also set up a spoofed access point  Legitimate users will think they are connected to their network  Attacker can easily monitor traffic and attack the connected hosts

Man-In-The-Middle Attack (Active) ◦Weakness in the TCP/IP protocol  Headers ◦Relies on spoofing

Man-In-The-Middle Attack ◦How It Works  An attacker makes connections between two victims and controls the relay between them ◦ Victims appear that they are on a private connection ◦ Attacker must be able to impersonate both victims  The attacker intercepts all the data transferred between the victims  The attacker then can take the data and manipulate it and send it to the recipient

Man-In-The-Middle Attack

◦Defense  Strong mutual authentication protocols ◦ Key-agreement protocol

Denial of Service Attacks (DoS) (Active) ◦Aims to prevent the normal use of a network or device by legitimate users  Consume computational resources ◦ Bandwidth ◦ Disk Space ◦ CPU Time

Denial of Service Attacks (DoS) ◦How It Works  Buffer overflow attack ◦ Sends more traffic to a network address then the expected size of a given buffer. ◦ This can range from sending oversized internet control message protocol packets to as simple as sending s that contain attachments with over 256 character file names.

Denial of Service Attacks (DoS) ◦Smurfing attack  Sends an IP ping request to a site that tells it to send the number of hosts in a site’s local network  The request appears to be sent from the target host  The result is that a large number of ping replies flooding back to the target host with the intention that the host will not be able to tell between real and fake traffic.

Smurfing Attack

Denial of Service Attacks (DoS) ◦SYN Floods  When a computer wants to make a TCP/IP connection to another computer, there is an exchange of TCP/SYN and TCP/ACK packets.  The computer that is trying to connect will send a TCP/SYN packet to the client requesting to connect. The client will return a TCP/ACK packet telling the computer it is allowed to connect.  The client then reserves a space for the incoming connection and waits for the computer to respond with another TCP/ACK packet.  The address of the computer requesting a connection is spoofed and when the client sends the TCP/ACK packet it is never received by a device or is simply ignored. If you do this multiple times to a given client, you will take up all the reserved connections for unresolved hosts and other legitimate hosts will not be able to connection to the client.

SYN Floods

Distributed Denial of Service Attacks (DDoS) (Active) ◦Multiple attackers flood the resources and bandwidth of a target host. ◦This is done by gaining control over many other hosts first and then installing a slave program. ◦The master program, controlled by the attacker, will contact the slave programs on all the different hosts to coordinate a denial of service attack on a target host.

Distributed Denial of Service Attacks (DDoS)