CIS 450 – Network Security Chapter 3 – Information Gathering.

Slides:



Advertisements
Similar presentations
Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
Advertisements

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Firewalls and Intrusion Detection Systems
Network Security Testing Techniques Presented By:- Sachin Vador.
Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
Week 3-1 Week 3 Scanning Determine if system is alive Determine which services are running or listening Determine the OS.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Computer Security and Penetration Testing
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
COEN 252: Computer Forensics Router Investigation.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Port Scanning.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Ana Chanaba Robert Huylo
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Troubleshooting Your Network Networking for Home and Small Businesses.
Data Gathering A hacker can’t do anything to you if they don’t know anything about you. The hacker requires: –A target –Your ip address –Your OS type –What.
 Find out initial information ◦ Open Source ◦ Whois ◦ Nslookup  Find out address range of the network ◦ ARIN (American registry for internet numbers)
Information Gathering Lesson 4. Steps for Gathering Information Find out initial information Open Source Whois Nslookup Find out address range of the.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
FIREWALL Mạng máy tính nâng cao-V1.
Computer Networking Part 1 CS 1 Rick Graziani Cabrillo College Fall 2005.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
1 IP: putting it all together Part 2 G53ACC Chris Greenhalgh.
Chapter 6: Packet Filtering
Attack Lifecycle Many attacks against information systems follow a standard lifecycle: –Stage 1: Info. gathering (reconnaissance) –Stage 2: Penetration.
Communication Between Networks How the Internet Got Its Name.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
DIYTP Assessing a System - Basics  Why?  Vulnerabilities  What to look at:  The six ‘P’s  Patch  Ports  Protect  Policies  Probe  Physical.
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.
MIS Week 4 Site:
# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
Linux Networking and Security
Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.
CHAPTER 3 Classes of Attack. INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information.
Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.
Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006.
1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
1 CSCD434 Lecture 7 Spring 2012 Scanning Activities Network Mapping and Scanning.
Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:
Footprinting and Scanning
Hands-On Ethical Hacking and Network Defense
Network Reconnaissance CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.
Telecommunications Networking II Lecture 41d Denial-of-Service Attacks.
Scanning.
Footprinting/Scanning/ Enumeration Lesson 9. Footprinting External attack: Enables attackers to create a profile of an organization’s security posture.
Kali Linux BY BLAZE STERLING. Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion.
General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Original slides prepared by Theo Benson
Footprinting and Scanning
CITA 352 Chapter 5 Port Scanning.
Footprinting (definition 1)
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
Footprinting and Scanning
6.6 Firewalls Packet Filter (=filtering router)
Firewalls Purpose of a Firewall Characteristic of a firewall
AbbottLink™ - IP Address Overview
Session 20 INST 346 Technologies, Infrastructure and Architecture
EVAPI - Enumeration Auburn Hacking club
Presentation transcript:

CIS 450 – Network Security Chapter 3 – Information Gathering

Attacker has to understand the environment he is going after

Steps for Gathering Information Find Out Initial Information Attacker has to have some initial information such as an IP address or domain name Open Source Information – company web site/related web sites Whois - s/index.jhtml s/index.jhtml Nslookup -

Find Out Address Range (or Subnet Mask) of Network Attacker wants to know is to make sure attack is concentrated on one, not several networks A larger address space might mean a larger company with better security ARIN (American Registry for Internet Numbers) - Traceroute – modifies the Time to Live (TTL) field to determine the path a packet takes through the network -

Find Active Machines Ping – finds active machines on a network Ping War – scan more than one machine at a time - l l

Find Open Ports or Access Points Port Scanners – runs through a series of ports to see which ones are open. TCP Connect Scan – tries to connect to each port on machine TCP SYN scan – stealthier than a connect scan FIN scan – Most systems do not log these packets ACK scan – gets around the firewall to scan an internal host Nmap War Dialers – programs for finding modems on a network THC-Scan -

Figure Out the Operating System Done by sending remote host unusual packets or packets that do not make sense Each OS handles these packets differently Queso Nmap

Figure Out Which Services Are Running on Each Port Knowing what specific service is running enables the attacker to look up exploits and launch known vulnerabilities against the service Default Port and OS – Based on common configuration and software attacker can make a best guess of what services are running on each port Telnet Vulnerability scanners – programs that can be run against a site that give a hacker a list of vulnerabilities on the target host

Map Out the Network Attacker maps out the network to figure out the best way to break in Traceroute – determines the path from source to destination Visual Ping Cheops -

Protection Whois Use a position title with a general number rather than a specific person List your phone number but make up a fictitious name and Run your own DNS server with split DNS Nslookup Minimize the records that appear in your DNS records Any IP address listed should be statically mapped through a firewall with only a specific port allowed through (e.g. mail server should be behind firewall with a non-routable address)

Protection ARIN Web Search Only use addresses that ARIN can trace for external devices such as routers and firewalls. All other devices should use a private address and should be behind a firewall Traceroute Use private addresses inside your firewall Ping Use private addresses inside your firewall

Protection Map the Network PortScan and Fingerprinting Have a firewall that properly blocks traffic and only allows traffic on specific ports to specific machines

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.