©2002 TechRepublic, Inc. www.techrepublic.com. All rights reserved. How Hackers Attack Networks This presentation is based on a PowerPoint by security.

Slides:



Advertisements
Similar presentations
Module VIII Denial Of Service
Advertisements

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Lesson 3-Hacker Techniques
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
Sniffing, Spoofing, Hijacking This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added.
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Exploits Dalia Solomon. Categories Trojan Horse Attacks Trojan Horse Attacks Smurf Attack Smurf Attack Port Scan Port Scan Buffer Overflow Buffer Overflow.
Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Computer Security and Penetration Testing
Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Web server security Dr Jim Briggs WEBP security1.
Computer Security and Penetration Testing
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
DDos Distributed Denial of Service Attacks by Mark Schuchter.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
COEN 252: Computer Forensics Router Investigation.
Chapter 9 Phase 3: Denial-of-Service Attacks. Fig 9.1 Denial-of-Service attack categories.
Denial of Service attacks. Types of DoS attacks Bandwidth consumption attackers have more bandwidth than victim, e.g T3 (45Mpbs) attacks T1 (1.544 Mbps).
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,
Port Scanning.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Chapter 6 Enumeration Modified Objectives  Describe the enumeration step of security testing  Enumerate Microsoft OS targets  Enumerate NetWare.
1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.
Week 8-1 Week 8: Denial of Service (DoS) What is Denial of Service Attack? –Any attack that causes a system to be unavailability. This is a violation of.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.
Computer Security and Penetration Testing
Hands-On Ethical Hacking and Network Defense
Being an Intermediary for Another Attack Prepared By : Muhammad Majali Supervised By : Dr. Lo’ai Tawalbeh New York Institute of Technology (winter 2007)
Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
The Truth About Protecting Passwords COEN 150: Intro to Information Security Mary Le Carol Reiley.
ECE4112 Lab 7: Honeypots and Network Monitoring and Forensics Group 13 + Group 14 Allen Brewer Jiayue (Simon) Chen Daniel Chu Chinmay Patel.
--Harish Reddy Vemula Distributed Denial of Service.
How Hackers Attack Networks. Common platforms for attacks Windows 98/Me/XP Home Edition Linux, OpenBSD, Trinux, and other low-cost forms of UNIX LinuxOpenBSDTrinux.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Hacker’s Strategies Revealed WEST CHESTER UNIVERSITY Computer Science Department Yuchen Zhou March 22, 2002.
Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.
System Hacking Active System Intrusion. Aspects of System Hacking System password guessing Password cracking Key loggers Eavesdropping Sniffers Man in.
Linux Networking and Security
SCSC 555 Frank Li.  Introduction to Enumeration  Enumerate Microsoft OS  Enumerate *NIX OS  Enumerate NetWare OS (skip) 2.
CHAPTER 3 Classes of Attack. INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information.
Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.
Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.
Lecture 22 Network Security CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Hesham El-Rewini.
CHAPTER 9 Sniffing.
Denial of Service Sharmistha Roy Adversarial challenges in Web Based Services.
Denial of Service Attacks
TCOM Information Assurance Management System Hacking.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 25 November 16, 2004.
Retina Network Security Scanner
DoS/DDoS attack and defense
Hands-On Ethical Hacking and Network Defense
Network Security Threats KAMI VANIEA 18 JANUARY KAMI VANIEA 1.
Comparison of Network Attacks COSC 356 Kyler Rhoades.
Fall  Computer Crimes  Operating System Identification  Firewalking 2.
Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
An Introduction To ARP Spoofing & Other Attacks
CITA 352 Chapter 6 Enumeration.
Networks Fall 2009.
Click to edit Master subtitle style
Enumeration.
Packet Sniffers Lecture 10 - NETW4006 NETW4006-Lecture09.
Spoofing Basics Presentation developed by A.F.M Bakabillah Cyber Security and Networking Consultant MCSA: Messaging, MCSE RHCE ITIL CEH.
ARP Spoofing.
Presentation transcript:

©2002 TechRepublic, Inc. All rights reserved. How Hackers Attack Networks This presentation is based on a PowerPoint by security expert Adrian Crenshaw. You can view his original presentation here.here

©2002 TechRepublic, Inc. All rights reserved. Common platforms for attacks Windows 98/Me/XP Home Edition Linux, OpenBSD, Trinux, and other low-cost forms of UNIX LinuxOpenBSDTrinux

©2002 TechRepublic, Inc. All rights reserved. Local and remote attacks Local: Attacks performed with physical access to the machine Remote: Attacks launched over the network

©2002 TechRepublic, Inc. All rights reserved. Why worry about local attacks on workstations? Hackers can collect more information about a network and its users. Hackers can obtain the administrator password on a workstation, which can lead to server access. Spyware can be installed to gather more sensitive information.

©2002 TechRepublic, Inc. All rights reserved. Common local attacks Getting admin/root at the local machine Windows Workstation: Rename or delete c:\winnt\system32\config\SAM Linux: at LILO prompt, type linux s Cracking local passwords L0phtcrack (LC) Removing hard drive to install in another box Exploiting files or commands available upon login C:\Documents and Settings\All Users\Start Menu\Programs\Startup Registry commands, such as adding users

©2002 TechRepublic, Inc. All rights reserved. Cracking over the network: A four-step program 1. Footprinting 2. Scanning and enumerating 3. Researching 4. Exploiting

©2002 TechRepublic, Inc. All rights reserved. Footprinting Finding out what an organization owns: Find the network block. Ping the network broadcast address.

©2002 TechRepublic, Inc. All rights reserved. What services are running? What accounts exist? How are things set up? Scanning and enumerating

©2002 TechRepublic, Inc. All rights reserved. Scanning and enumerating: Methods and tools Port scanning Nmap Sniffing ngrep SNMP Solarwinds Null session NBTenum Nbtdump

©2002 TechRepublic, Inc. All rights reserved. Scanning and enumerating: Methods and tools (cont.) Null session NBTenum Nbtdump NetBIOS browsing Netview Legion Vulnerability scanners Nessus Winfingerprint LANGuard

©2002 TechRepublic, Inc. All rights reserved. Researching Researching security sites and hacker sites can reveal exploits that will work on the systems discovered during scanning and enumerating.

©2002 TechRepublic, Inc. All rights reserved. Exploits Brute force/dictionary attacks Software bugs Bad input Buffer overflows Sniffing

©2002 TechRepublic, Inc. All rights reserved. Countering hackers Port scanning Block all ports except those you need Block ICMP if practical NT: IPsec; Linux: iptables Sniffing Use switched media Use encrypted protocols Use fixed ARP entries

©2002 TechRepublic, Inc. All rights reserved. Countering hackers (cont.) Null sessions Set the following registry value to 2 [HKEY_LOCAL_MACHINE\SYSTEM\Current ControlSet\Control\Lsa\RestrictAnonymous] Use IDS Snort BlackICE

©2002 TechRepublic, Inc. All rights reserved. Identifying attacks On Windows, check the event log under Security. On Linux, check in /var/log/. Review IIS logs at \winnt\system32\LogFiles. Check Apache logs at /var/log/httpd.

©2002 TechRepublic, Inc. All rights reserved. Administrative shares: Make life easier for system admins. Can be exploited if a hacker knows the right passwords. Standard admin shares: Admin$ IPC$ C$ (and any other drive in the box)

©2002 TechRepublic, Inc. All rights reserved. Control the target Establish connection with target host. net use \\se-x-x\ipc$ /u:se-x-x\administrator Use Computer Management in MMC or Regedit to change system settings. Start Telnet session. at \\ se-x-x 12:08pm net start telnet Turning off file sharing thwarts these connections.

©2002 TechRepublic, Inc. All rights reserved. Counters to brute force/dictionary attacks Use good passwords. No dictionary words Combination of alpha and numeric characters At least eight-character length Use account lockouts. Limit services. If you don’t need, it turn it off. Limit scope.

©2002 TechRepublic, Inc. All rights reserved. Buffer overflow Cracker sends more data then the buffer can handle, at the end of which is the code he or she wants executed. Allotted space on stack Data sent Code Stack smashed; Egg may be run. Code

©2002 TechRepublic, Inc. All rights reserved. Hacker = Man in the middle

©2002 TechRepublic, Inc. All rights reserved. Sniffing on local networks On Ethernet without a switch, all traffic is sent to all computers. Computers with their NIC set to promiscuous mode can see everything that is sent on the wire. Common protocols like FTP, HTTP, SMTP, and POP3 are not encrypted, so you can read the passwords as plain text.

©2002 TechRepublic, Inc. All rights reserved. Sniffing: Switched networks Switches send data only to target hosts. Switched networks are more secure. Switches speed up the network.

©2002 TechRepublic, Inc. All rights reserved. ARP Spoofing Hackers can use programs like arpspoof to change the identify of a host on the network and thus receive traffic not intended for them.

©2002 TechRepublic, Inc. All rights reserved. ARP spoofing steps 1. Set your machine to forward packets: Linux: echo 1 > /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv4/ip_forward BSD: sysctl -w net.inet.ip.forwarding=1 2. Start arpspoofing (using two terminal windows) arpspoof -t x.x y.y arpspoof -t y.y x.x 3. Start sniffing ngrep host x.x | less OR Dsniff | less

©2002 TechRepublic, Inc. All rights reserved. Counters to ARP spoofing Static ARP tables ARPWatch Platforms: AIX, BSDI, DG-UX, FreeBSD, HP-UX, IRIX, Linux, NetBSD, OpenBSD, SCO, Solaris, SunOS, True64 UNIX, Ultrix, UNIX

©2002 TechRepublic, Inc. All rights reserved. IP spoofing: Fakes your IP address. Misdirects attention. Gets packets past filters. Confuses the network.

©2002 TechRepublic, Inc. All rights reserved. DoS Denial of service attacks make it slow or impossible for legitimate users to access resources. Consume resources Drive space Processor time Consume Bandwidth Smurf attack DDoS

©2002 TechRepublic, Inc. All rights reserved. SYN flooding Numerous SYN packets are transmitted, thus tying up connections. Spoofing IP prevents tracing back to source.

©2002 TechRepublic, Inc. All rights reserved. Smurf attack Ping requests are sent to the broadcast address of a Subnet with a spoofed packet pretending to be the target. All the machines on the network respond by sending replies to the target. Someone on a 56K line can flood a server on a T1 by using a network with a T3 as an amplifier. Example command: nemesis-icmp -I 8 -S D

©2002 TechRepublic, Inc. All rights reserved. Distributed denial of service Use agents (zombies) on computers connected to the Internet to flood targets. Client Agent Target Master

©2002 TechRepublic, Inc. All rights reserved. Common DDoS zombie tools: Trinoo TFN Stacheldraht Troj_Trinoo Shaft Sniff the network to detect them or use ZombieZapper from Razor Team to put them back in their graves. ZombieZapper

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.