ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the Internet and Attack Your PC
Introduction Hackers attack targets of opportunity Individuals Corporate Web sites ISPs Why? Might want to shut down a site Revenge Prove they can
Denial of Service DOS attacks attempt to shut down a site DDOS – Distributed Denial of Service Incapacitates a network by flooding it with extraneous traffic Might be requests for service
Denial of Service Smurf attack Uses ICMP – Internet Control Message Protocol Fraggle attack Re-write of a Smurf attack using UDP – User Datagram Protocol
Example uses SubSeven Installed via a virus onto your computer Opens port 7374 Hacker can query your computer to see if port is open If so, they have access as if they were sitting at your keyboard How Hackers Can Attack Your Computer
Hacker can Copy or delete files or programs Examine and use personal data, credit card information, for example Access your passwords Upload files to your computer Store illegal files on your computer and direct others to access them from you Use your computer to launch attacks How Hackers Can Attack Your Computer
How Viruses Travel in Your Malware authors are often good social engineers They know what kinds of things we will respond to Cute Greed “Personal” Hidden with the could be any of a number of types of viruses
How Viruses Travel in Your Attachment virus Pretends to be something like a photo, sound, or movie file May be able to determine based on file name of attachment Example: Melissa virus HTML virus might be active content Used in processing forms, other interactivity
How Viruses Travel in Your MIME virus Mul.ti-Purpose Internet Mail Extension Takes advantage of security vulnerabilities in Outlook Express and Internet Explorer Forms in the header contain more content than will fit in buffer Overflow content spills into another holding area from which the processor talkes its instructions Virus is then executed as if it were legitimate code
How Viruses Travel in Your Viruses attack in different ways Attachment virus launches when attachment is run, usually by double-clicking the attachment HTML viruses run when the user opens the message to read it Might run when viewed in the preview window MIME viruses can run without the user doing anything
How Viruses Travel in Your Typical virus first propagates itself Searches address book, old , even documents Identifies names and addresses Sends duplicates of itself to those addresses This process repeats itself on all those destination computers
How Viruses Travel in Your Results might be just an irritating message or something much more serious Deleted files Slow processing
How Zombies and Bot Networks Work A zombie or a bot is a computer that can be controlled by someone remotely A single controller might have a network of thousands of infected computers A typical zombie connects to an IRC (Internet Relay Chat) channel Lets controller know it is available
How Zombies and Bot Networks Work Controller sends commands telling all his/her zombies to perform a certain command Send out a spam or phishing attack Because attacks are carried out by the zombies, the actual attacker is insulated Attacks can’t be traced back to him/her
How Zombies and Bot Networks Work After the attacks, the zombies can be placed into hibernation until needed again Attackers look for computers with constant network cnnections (DSL or RoadRunner) and fairly high-speed connections
How Hackers Exploit Browsers Browser attacks take advantage of security vulnerabilities in certain commonly-used browsers Internet Explorer Firefox Buffer overflow attack Buffers are areas of memory used to hold data
How Hackers Exploit Browsers Buffer overflow attack (cont.) If too much data is placed into the buffer it overflows into adjacent areas of memory That data might be malicious code that can executed as if it were a normal program Malicious code can damage computers in numerous ways Allows a hacker to gain control
How Hackers Exploit Browsers Drive-by downloads often occur without the user’s knowledge Might be spyware or a Trojan Often infects a computer as a result of clicking a pop-up generated by a Web site you’re visiting.
How Hackers Exploit Browsers ActiveX is often used A way to allow software to be downloaded and run inside the browser Can be used to steal information, install spyware, run Trojans, etc.