BY SYDNEY FERNANDES T.E COMP ROLL NO:411113. INTRODUCTION Networks are used as a medium inorder to exchange data packets between the server and clients.

Slides:

Advertisements

Similar presentations

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Advertisements

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

System Security Scanning and Discovery Chapter 14.

Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

Computer Security and Penetration Testing

Intrusion Detection Systems and Practices

Distributed Denial of Service Attacks CMPT Distributed Denial of Service Attacks Darius Law.

Network and Server Attacks and Penetration Chapter 12.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.

Web server security Dr Jim Briggs WEBP security1.

DDos Distributed Denial of Service Attacks by Mark Schuchter.

Lecture 15 Denial of Service Attacks

Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.

Department Of Computer Engineering

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )

LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.

Penetration Testing Security Analysis and Advanced Tools: Snort.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

1-Vulnerabilities 2-Hackers 3-Categories of attacks 4-What a malicious hacker do? 5-Security mechanisms 6-HTTP Web Servers 7-Web applications attacks.

Intrusion Prevention System. Module Objectives By the end of this module, participants will be able to: Use the FortiGate Intrusion Prevention System.

Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 4 Finding Network Vulnerabilities By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

--Harish Reddy Vemula Distributed Denial of Service.

Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

DISTRIBUTED tcpdump CAPABILITY FOR LINUX Research Paper EJAZ AHMED SYED Dr. JIM MARTIN Internet Research Group. Department Of Computer Science – Clemson.

Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.

Linux Networking and Security

INTRUDERS BY VISHAKHA RAUT TE COMP OUTLINE INTRODUCTION TYPES OF INTRUDERS INTRUDER BEHAVIOR PATTERNS INTRUSION TECHNIQUES QUESTIONS ON INTRUDERS.

HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.

Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.

1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.

Denial of Service Sharmistha Roy Adversarial challenges in Web Based Services.

DoS Suite and Raw Socket Programming Group 16 Thomas Losier Paul Obame Group 16 Thomas Losier Paul Obame.

What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.

Chapter 7 Denial-of-Service Attacks Denial-of-Service (DoS) Attack The NIST Computer Security Incident Handling Guide defines a DoS attack as: “An action.

Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.

________________ CS3235, Nov 2002 (Distributed) Denial of Service Relatively new development. –Feb 2000 saw attacks on Yahoo, buy.com, ebay, Amazon, CNN.

Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.

Malicious Software.

DoS/DDoS attack and defense

High Performance Research Network Dept. / Supercomputing Center 1 DDoS Detection and Response System NetWRAP : Running on KREONET Yoonjoo Kwon

I NTRUSION P REVENTION S YSTEM (IPS). O UTLINE Introduction Objectives IPS’s Detection methods Classifications IPS vs. IDS IPS vs. Firewall.

C OMPUTER THREATS, ATTACKS AND ASSETS DONE BY NISHANT NARVEKAR TE COMP

Role Of Network IDS in Network Perimeter Defense.

Intro to Network Security. Vocabulary Vulnerability Weakness that can be compromised Threat A method to exploit a vulnerability Attack Use of one or more.

-SHAMBHAVI PARADKAR TE COMP  PORT SCANNING.  DENIAL OF SERVICE(DoS). - DISTRIBUTED DENIAL OF SERVICE(DDoS). REFER Pg.637 & Pg.638.

Denial of Service A comparison of DoS schemes Kevin LaMantia COSC 316.

Network Devices and Firewalls Lesson 14. It applies to our class…

Comparison of Network Attacks COSC 356 Kyler Rhoades.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Network security Vlasov Illia

Port Knocking Benjamin DiYanni.

Working at a Small-to-Medium Business or ISP – Chapter 8

Red Team Exercise Part 3 Week 4

Presentation transcript:

BY SYDNEY FERNANDES T.E COMP ROLL NO:411113

INTRODUCTION Networks are used as a medium inorder to exchange data packets between the server and clients. Systems are connected are connected to network using PORTS,which are identified by their port id. Each system which is connected to the network has its own IP address.(A single system can have more than one IP address).

What is port scanning? The act of systematically scanning a computer's ports. Since a port is a place where information goes into and out of a computer, port scanning identifies open doors to a computer. Port scanning has legitimate uses in managing networks.portsnetworks Port scanning is not an attack but rather a means for a cracker to detect system vulneribilities.

How it can effect your system? Many CRACKERS rely upon port scans to find open ports and send specific data patterns in an attempt to trigger a condition known as a buffer overflow. Such behavior can compromise the security of a network and the computers therein, resulting in the loss or exposure of sensitive information and the ability to do work.buffer overflow

There are two general purposes of CRACKERS to conduct port scan:-  1) primary  2)secondry

The primary purpose is to get information of status of IP address of the system. The second is to flood intrusion detection alerts with intension of distracting network.

TOOL TOOLS are utilities for network exploration. The tool could attempt to connect to every port of one or more systems and for every service that answered, it could try to use each known bug. Frequently the ugs are buffer overflows allowing the the creation of priveledge command shell on the system. Then of course the cracker could install a backdoor program,trojan horse etc. Don’t worry there is no such tool.

o But there are tools that perform subset of those functionality. Like NMAP( A very versatile open-source utility for network exploration and security auditing. Functions include : determine what services are running including application names and versions, can identify host OS, can also provide information about defences such as what firewalls are defending the target Does not exploit any known bug.

NESSUS Performs similar functions but has database of bugs and their exploits. It can scan a range of systems,determine the service running on those systems and attempt to attack all appropriate bugs. It does not exploit the bug but a knowledgeable cracker or script kiddie could.

ZOMBIE SYSTEMS They are systems which do not allow port scans to be detected easily. Such systems are previously compromised, independent systems that are serving their owners while being used for nerfarious purposes. Zombies make crackers particularly difficult to prosecute because determining the source of attack and the person that launched it is challenging.

DENIAL OF SERVICE Denial of service attacks are aimed not at gaining information or stealing resources but rather disrupting legitimate use of system facility. Denial of service attacks are generally network based. Most such attacks involve systems that the attacker has not penetrated.

CATEGORIES They fall in two categories: The first category involves use of many facility resources that in essence no useful work can be done. The second category involves disrupting the network of the facility.

How the attack is caused? These attacks result from abuse of some of the functionality of TCP/IP. For eg: for instance if the attacker sends a part of the protocol which says “I want to start a TCP connection” but never follows with the standard “The connection is now complete”, the result can be partially started TCP session. If enough of these sessions were launched they can eat up all the network resources of the system, disabling any further legitimate TCP connections.Such attacks which can last hours or days have caused partial or full failure of attempts to use target resources.

DDOS(distributed denial- of - service attacks) Generally it is difficult to prevent Denial of service attacks. Even more difficult to prevent are the DDOS attacks. These attacks are launched from multiple sites at once toward a common target typically by zombies. DDOS attacks are become more common and are sometimes associated with blackmail attempts. A site comes under attack and the attackers offer to halt the attack in exchange for money. Eg: Consider an advertising campaign that greatly increases traffic to a site could be considered a DDOS.

More eg of DOS If an authentication algorithm locks an account for a period of time after several incorrect attempts to access the account, then an attacker could cause all authentications to be blocked by purposely making incorrect attempts to access all accounts. A firewall that automatically blocks certain kind of traffic could be induced to block that traffic when it should not.

REFRENCES Galvin: pg 173

THANKYOU