What Makes a Network Vulnerable?

Slides:



Advertisements
Similar presentations
Attacks Framework Attacks Physical Access Attacks -- Wiretapping Server Hacking Vandalism Dialog Attacks -- Eavesdropping Impersonation Message Alteration.
Advertisements

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Lesson 3-Hacker Techniques
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
NS-H /11041 Attacks. NS-H /11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Intrusion Detection and Hackers Exploits IP Spoofing Attack Yousef Yahya & Ahmed Alkhamaisa Prepared for Arab Academy for Banking and Financial Sciences.
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Web server security Dr Jim Briggs WEBP security1.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
Chapter Threats in Networks Network Security / G. Steffen.
Lecture 24 Secure Communications CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Ian Goldberg.
PART THREE E-commerce in Action Norton University E-commerce in Action.
© Paradigm Publishing Inc. 8-1 Chapter 8 Security Issues and Strategies.
Being an Intermediary for Another Attack Prepared By : Muhammad Majali Supervised By : Dr. Lo’ai Tawalbeh New York Institute of Technology (winter 2007)
Firewalls. Evil Hackers FirewallYour network Firewalls mitigate risk Block many threats They have vulnerabilities.
Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.
CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The.
Lecture 24 Secure Communications CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Ian Goldberg.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
PRESENTED BY P. PRAVEEN Roll No: 1009 – 11 – NETWORK SECURITY M.C.A III Year II Sem.
Lecture 20 Hacking. Over the Internet Over LAN Locally Offline Theft Deception Modes of Hacker Attack.
CHAPTER 3 Classes of Attack. INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information.
Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.
Security in Computing Security in Networks. I.Threats in networks A. Vulnerabilities 1.Anonymity 2.Shared resources 3.Size (many points of attack) 4.Complexity.
1 Security. 2 Linux is not secure No computer system can ever be "completely secure". –make it increasingly difficult for someone to compromise your system.
Quality of Information System (IS) reflecting local correctness and reliability of the operating system; the logical completeness of the hardware and software.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 25 November 16, 2004.
Ingredients of Security
CSCE Farkas1 CSCE 522 Network Security. Reading Pfleeger and Pfleeger: Chapter 6 CSCE Farkas2.
DoS/DDoS attack and defense
Security in network Outline Threats in network Network security controls Firewalls Intrusion detection system Secure Networks and Cryptography Example.
Network Security Introduction
Replay Attacks.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.
By Billy Ripple.  Security requirements  Authentication  Integrity  Privacy  Security concerns  Security techniques  WEP  WPA/WPA2  Conclusion.
Denail of Service(Dos) Attacks & Distributed Denial of Service(DDos) Attacks Chun-Chung Chen.
Comparison of Network Attacks COSC 356 Kyler Rhoades.
SESSION HIJACKING It is a method of taking over a secure/unsecure Web user session by secretly obtaining the session ID and masquerading as an authorized.
Presentation on ip spoofing BY
Network security Vlasov Illia
Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.
Port Knocking Benjamin DiYanni.
DDoS Attacks on Financial Institutions Presentation
USAGE OF CRYPTOGRAPHY IN NETWORK SECURITY
Domain 4 – Communication and Network Security
Error and Control Messages in the Internet Protocol
Security Fundamentals
Spoofing Basics Presentation developed by A.F.M Bakabillah Cyber Security and Networking Consultant MCSA: Messaging, MCSE RHCE ITIL CEH.
Security in Networking
Network Security: IP Spoofing and Firewall
CCNA 2 v3.1 Module 10 Intermediate TCP/IP
امنیت شبکه علی فانیان
Figure 1-7: Eavesdropping on a Dialog
Threats in Networks Jagdish S. Gangolly School of Business
Faculty of Science IT Department By Raz Dara MA.
Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein
ONLINE SECURE DATA SERVICE
Intrusion Detection and Hackers Exploits IP Spoofing Attack
Computer Security By: Muhammed Anwar.
Presentation transcript:

What Makes a Network Vulnerable? Anonymity Many points of attack (targets & origins) Sharing Complexity of system Unknown perimeter Unknown path

Who Attacks Networks Hackers break into organizations from the outside Challenge Fame Money & Espionage Ideology However, most security breaches are internal, by employees and ex-employees

Threat Precursors Port Scan Social Engineering Reconnaissance Bulletin Board / Chat Docs Packet Sniffers (telnet/ftp in cleartext)

Network Security Threats Interception If interceptor cannot read, have confidentiality (privacy) If cannot modify without detection, have message integrity

Network Security Threats Impostors (Spoofing/ Masquerade) Claim to be someone else Need to authenticate the sender--prove that they are who they claim to be True Person Impostor

Network Security Threats Remotely Log in as Root User Requires cracking the root login password Then control the machine Read and/or steal information Damage data (erase hard disk) Create backdoor user account that will let them in easily later Root Login Command

Security Threats Content Threats Application layer content may cause problems Viruses In many ways, most severe security problem in corporations today Must examine application messages

Replay Attack First, attacker intercepts a message Not difficult to do

Replay Attack Later, attacker retransmits (replays) the message to the original destination host Does not have to be able to read a message to replay it

Replay Attack Why replay attacks? To gain access to resources by replaying an authentication message In a denial-of-service attack, to confuse the destination host

Thwarting Replay Attacks Put a time stamp in each message to ensure that the message is “fresh” Do not accept a message that is too old Place a sequence number in each message Do not accept a duplicated message Message Time Stamp Sequence Number

Thwarting Replay Attacks In request-response applications, Sender of request generates a nonce (random number) Places the nonce in the request Server places the nonce in the response Neither party accepts duplicate nonces Request Response Nonce Nonce

Network Security Threats Denial of Service (DOS) Attacks Overload system with a flood of messages Or, send a single message that crashes the machine

Denial of Service (DOS) Attacks Transmission Failure Connection Flooding Echo-Chargen Ping of Death Smurf Syn Flood Traffic Redirection DNS Attacks Distributed Denial of Service

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.