Security+ Guide to Network Security Fundamentals, Fourth Edition

Slides:



Advertisements
Similar presentations
What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.
Advertisements

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
WebGoat & WebScarab “What is computer security for $1000 Alex?”
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Security+ Guide to Network Security Fundamentals, Third Edition
1 Chapter 12 Working With Access 2000 on the Internet.
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Security+ Guide to Network Security Fundamentals, Third Edition
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.
Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA © Abdou Illia.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
Security+ Guide to Network Security Fundamentals, Third Edition
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Injection Attacks by Example SQL Injection and XSS Adam Forsythe Thomas Hollingsworth.
Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.
Linux Operations and Administration
INTRODUCTION TO WEB DATABASE PROGRAMMING
Computer Concepts 2014 Chapter 7 The Web and .
8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Security.NET Chapter 1. How Do Attacks Occur? Stages of attack Examples of attacker actions 1. FootprintRuns a port scan on the firewall 2. PenetrationExploits.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Security Awareness Chapter 3 Internet Security. Security Awareness, 3 rd Edition2 Objectives After completing this chapter, you should be able to do the.
CSCI 6962: Server-side Design and Programming Secure Web Programming.
1-Vulnerabilities 2-Hackers 3-Categories of attacks 4-What a malicious hacker do? 5-Security mechanisms 6-HTTP Web Servers 7-Web applications attacks.
Robust Defenses for Cross-Site Request Forgery CS6V Presented by Saravana M Subramanian.
JavaScript, Fourth Edition
November 13, 2008 Ohio Information Security Forum Attack Surface of Web Applications James Walden Northern Kentucky University
5 Chapter Five Web Servers. 5 Chapter Objectives Learn about the Microsoft Personal Web Server Software Learn how to improve Web site performance Learn.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.
3-Protecting Systems Dr. John P. Abraham Professor UTPA.
OSI and TCP/IP Models And Some Vulnerabilities AfNOG th May 2011 – 10 th June 2011 Tanzania By Marcus K. G. Adomey.
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
Chapter 8 Cookies And Security JavaScript, Third Edition.
Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.
Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.
Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim
CSCE 201 Web Browser Security Fall CSCE Farkas2 Web Evolution Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human.
Lecture 20 Hacking. Over the Internet Over LAN Locally Offline Theft Deception Modes of Hacker Attack.
October 3, 2008IMI Security Symposium Application Security through a Hacker’s Eyes James Walden Northern Kentucky University
Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.
CIS 450 – Network Security Chapter 4 - Spoofing. Definition - To fool. In networking, the term is used to describe a variety of ways in which hardware.
By Sean Rose and Erik Hazzard.  SQL Injection is a technique that exploits security weaknesses of the database layer of an application in order to gain.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 4 Network Vulnerabilities and Attacks.
Presented By: Chandra Kollipara. Cross-Site Scripting: Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected.
Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.
Security Attacks CS 795. Buffer Overflow Problem Buffer overflow Analysis of Buffer Overflow Attacks.
8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.
CLOUD COMPUTING-3.
Web Application (In)security Note: Unless noted differently, all scanned figures were from the textbook, Stuttard & Pinto, 2011.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
By Collin Donaldson. Hacking is only legal under the following circumstances: 1.You hack (penetration test) a device/network you own. 2.You gain explicit,
Carrie Estes Collin Donaldson.  Zero day attacks  “zero day”  Web application attacks  Signing up for a class  Hardening the web server  Enhancing.
Comparison of Network Attacks COSC 356 Kyler Rhoades.
SlideSet #20: Input Validation and Cross-site Scripting Attacks (XSS) SY306 Web and Databases for Cyber Operations.
SESSION HIJACKING It is a method of taking over a secure/unsecure Web user session by secretly obtaining the session ID and masquerading as an authorized.
Security+ Guide to Network Security Fundamentals, Fifth Edition
Chapter 7: Identifying Advanced Attacks
World Wide Web policy.
Network Security: DNS Spoofing, SQL Injection, ARP Poisoning
Lecture 2 - SQL Injection
Presentation transcript:

Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 3 Application and Network Attacks

Objectives List and explain the different types of Web application attacks Define client-side attacks Explain how a buffer overflow attack works List different types of denial of service attacks Describe interception and poisoning attacks Security+ Guide to Network Security Fundamentals, Fourth Edition

Application Attacks Attacks that target applications Zero day attacks Category continues to grow Web application attacks Client-side attacks Buffer overflow attacks Zero day attacks Exploit previously unknown vulnerabilities Victims have no time to prepare or defend Security+ Guide to Network Security Fundamentals, Fourth Edition

Web Application Attacks Web applications an essential element of organizations today Approach to securing Web applications Hardening the Web server Protecting the network Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 3-1 Web application infrastructure © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Web Application Attacks (cont’d.) Common Web application attacks Cross-site scripting SQL injection XML injection Command injection / directory traversal Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 3-2 Web application security © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Cross-Site Scripting (XSS) Injecting scripts into a Web application server Directs attacks at clients Figure 3-3 XSS attacks © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Cross-Site Scripting (cont’d.) When victim visits injected Web site: Malicious instructions sent to victim’s browser Browser cannot distinguish between valid code and malicious script Requirements of the targeted Web site Accepts user input without validation Uses input in a response without encoding it Some XSS attacks designed to steal information: Retained by the browser Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 3-4 Bookmark page that accepts user input without validating and provides unencoded response © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 3-5 Input used as response © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

SQL Injection Targets SQL servers by injecting commands SQL (Structured Query Language) Used to manipulate data stored in relational database Forgotten password example Attacker enters incorrectly formatted e-mail address Response lets attacker know whether input is being validated Security+ Guide to Network Security Fundamentals, Fourth Edition

SQL Injection (cont’d.) Forgotten password example (cont’d.) Attacker enters email field in SQL statement Statement processed by the database Example statement: SELECT fieldlist FROM table WHERE field = ‘whatever’ or ‘a’=‘a’ Result: All user email addresses will be displayed Security+ Guide to Network Security Fundamentals, Fourth Edition

SQL Injection (cont’d.) Table 3-1 SQL injection statements Security+ Guide to Network Security Fundamentals, Fourth Edition

XML Injection Markup language HTML XML Method for adding annotations to text HTML Uses tags surrounded by brackets Instructs browser to display text in specific format XML Carries data instead of indicating how to display it No predefined set of tags Users define their own tags Security+ Guide to Network Security Fundamentals, Fourth Edition

XML Injection (cont’d.) XML attack Similar to SQL injection attack Attacker discovers Web site that does not filter user data Injects XML tags and data into the database Xpath injection Specific type of XML injection attack Attempts to exploit XML Path Language queries Security+ Guide to Network Security Fundamentals, Fourth Edition

Command Injection / Directory Traversal Web server users typically restricted to root directory Users may be able to access subdirectories: But not parallel or higher level directories Sensitive files to protect from unauthorized user access Cmd.exe can be used to enter text-based commands Passwd (Linux) contains user account information Security+ Guide to Network Security Fundamentals, Fourth Edition

Command Injection / Directory Traversal (cont’d.) Directory traversal attack Takes advantage of software vulnerability Attacker moves from root directory to restricted directories Command injection attack Attacker enters commands to execute on a server Security+ Guide to Network Security Fundamentals, Fourth Edition

Client-Side Attacks Web application attacks are server-side attacks Client-side attacks target vulnerabilities in client applications Interacting with a compromised server Client initiates connection with server, which could result in an attack Security+ Guide to Network Security Fundamentals, Fourth Edition

Client-Side Attacks (cont’d.) Drive-by download Client computer compromised simply by viewing a Web page Attackers inject content into vulnerable Web server Gain access to server’s operating system Attackers craft a zero pixel frame to avoid visual detection Embed an HTML document inside main document Client’s browser downloads malicious script Instructs computer to download malware Security+ Guide to Network Security Fundamentals, Fourth Edition

Client-Side Attacks (cont’d.) Header manipulation HTTP header contains fields that characterize data being transmitted Headers can originate from a Web browser Browsers do not normally allow this Attacker’s short program can allow modification Examples of header manipulation Referer Accept-language Security+ Guide to Network Security Fundamentals, Fourth Edition

Client-Side Attacks (cont’d.) Referer field indicates site that generated the Web page Attacker can modify this field to hide fact it came from another site Modified Web page hosted from attacker’s computer Accept-language Some Web applications pass contents of this field directly to database Attacker could inject SQL command by modifying this header Security+ Guide to Network Security Fundamentals, Fourth Edition

Client-Side Attacks (cont’d.) Cookies and Attachments Cookies store user-specific information on user’s local computer Web sites use cookies to identify repeat visitors Examples of information stored in a cookie Travel Web sites may store user’s travel itinerary Personal information provided when visiting a site Only the Web site that created a cookie can read it Security+ Guide to Network Security Fundamentals, Fourth Edition

Client-Side Attacks (cont’d.) First-party cookie Cookie created by Web site user is currently visiting Third-party cookie Site advertisers place a cookie to record user preferences Session cookie Stored in RAM and expires when browser is closed Security+ Guide to Network Security Fundamentals, Fourth Edition

Client-Side Attacks (cont’d.) Persistent cookie Recorded on computer’s hard drive Does not expire when browser closes Secure cookie Used only when browser visits server over secure connection Always encrypted Security+ Guide to Network Security Fundamentals, Fourth Edition

Client-Side Attacks (cont’d.) Flash cookie Uses more memory than traditional cookie Cannot be deleted through browser configuration settings See Project 3-6 to change Flash cookie settings Cookies pose security and privacy risks May be stolen and used to impersonate user Used to tailor advertising Can be exploited by attackers Security+ Guide to Network Security Fundamentals, Fourth Edition

Client-Side Attacks (cont’d.) Session hijacking Attacker attempts to impersonate user by stealing or guessing session token Malicious add-ons Browser extensions provide multimedia or interactive Web content Active X add-ons have several security concerns Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 3-7 Session hijacking © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Client-Side Attacks (cont’d.) Buffer overflow attacks Process attempts to store data in RAM beyond boundaries of fixed-length storage buffer Data overflows into adjacent memory locations May cause computer to stop functioning Attacker can change “return address” Redirects to memory address containing malware code Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 3-8 Buffer overflow attack © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Network Attacks Denial of service (DoS) Attempts to prevent system from performing normal functions Ping flood attack Ping utility used to send large number of echo request messages Overwhelms Web server Smurf attack Ping request with originating address changed Appears as if target computer is asking for response from all computers on the network Security+ Guide to Network Security Fundamentals, Fourth Edition

Network Attacks Denial of service (DoS) (cont’d.) SYN flood attack Takes advantage of procedures for establishing a connection Distributed denial of service (DDoS) Attacker uses many zombie computers in a botnet to flood a device with requests Virtually impossible to identify and block source of attack Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 3-9 SYN flood attack © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Interception Man-in-the-middle Replay attacks Interception of legitimate communication Forging a fictitious response to the sender Passive attack records transmitted data Active attack alters contents of transmission before sending to recipient Replay attacks Similar to passive man-in-the-middle attack Security+ Guide to Network Security Fundamentals, Fourth Edition

Interception (cont’d.) Replay attacks (cont’d.) Attacker makes copy of transmission Uses copy at a later time Example: capturing logon credentials More sophisticated replay attacks Attacker captures network device’s message to server Later sends original, valid message to server Establishes trust relationship between attacker and server Security+ Guide to Network Security Fundamentals, Fourth Edition

Poisoning ARP poisoning Attacker modifies MAC address in ARP cache to point to different computer Table 3-3 ARP poisoning attack Security+ Guide to Network Security Fundamentals, Fourth Edition

Poisoning (cont’d.) Table 3-4 Attacks from ARP poisoning Security+ Guide to Network Security Fundamentals, Fourth Edition

Poisoning (cont’d.) DNS poisoning Two locations for DNS poisoning Domain Name System is current basis for name resolution to IP address DNS poisoning substitutes DNS addresses to redirect computer to another device Two locations for DNS poisoning Local host table External DNS server Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 3-12 DNS poisoning © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Attacks on Access Rights Privilege escalation Exploiting software vulnerability to gain access to restricted data Lower privilege user accesses functions restricted to higher privilege users User with restricted privilege accesses different restricted privilege of a similar user Security+ Guide to Network Security Fundamentals, Fourth Edition

Attacks on Access Rights (cont’d.) Transitive access Attack involving a third party to gain access rights Has to do with whose credentials should be used when accessing services Different users have different access rights Security+ Guide to Network Security Fundamentals, Fourth Edition

Summary Web application flaws are exploited through normal communication channels XSS attack uses Web sites that accept user input without validating it Uses server to launch attacks on computers that access it Client-side attack targets vulnerabilities in client applications Client interacts with compromised server Security+ Guide to Network Security Fundamentals, Fourth Edition

Summary (cont’d.) Session hijacking Buffer overflow attack Attacker steals session token and impersonates user Buffer overflow attack Attempts to compromise computer by pushing data into inappropriate memory locations Denial of service attack attempts to overwhelm system so that it cannot perform normal functions In ARP and DNS poisoning, valid addresses are replaced with fraudulent addresses Access rights and privileges may also be exploited Security+ Guide to Network Security Fundamentals, Fourth Edition

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.