Presentation is loading. Please wait.

Presentation is loading. Please wait.

What Makes a Network Vulnerable?

Published byBranden Gardner Modified over 5 years ago

Similar presentations

Presentation on theme: "What Makes a Network Vulnerable?"— Presentation transcript:

1 What Makes a Network Vulnerable?
Anonymity Many points of attack (targets & origins) Sharing Complexity of system Unknown perimeter Unknown path

2 Who Attacks Networks Hackers break into organizations from the outside
Challenge Fame Money & Espionage Ideology However, most security breaches are internal, by employees and ex-employees

3 Threat Precursors Port Scan Social Engineering
Reconnaissance Bulletin Board / Chat Docs Packet Sniffers (telnet/ftp in cleartext)

4 Network Security Threats
Interception If interceptor cannot read, have confidentiality (privacy) If cannot modify without detection, have message integrity

5 Network Security Threats
Impostors (Spoofing/ Masquerade) Claim to be someone else Need to authenticate the sender--prove that they are who they claim to be True Person Impostor

6 Network Security Threats
Remotely Log in as Root User Requires cracking the root login password Then control the machine Read and/or steal information Damage data (erase hard disk) Create backdoor user account that will let them in easily later Root Login Command

7 Security Threats Content Threats
Application layer content may cause problems Viruses In many ways, most severe security problem in corporations today Must examine application messages

8 Replay Attack First, attacker intercepts a message Not difficult to do

9 Replay Attack Later, attacker retransmits (replays) the message to the original destination host Does not have to be able to read a message to replay it

10 Replay Attack Why replay attacks?
To gain access to resources by replaying an authentication message In a denial-of-service attack, to confuse the destination host

11 Thwarting Replay Attacks
Put a time stamp in each message to ensure that the message is “fresh” Do not accept a message that is too old Place a sequence number in each message Do not accept a duplicated message Message Time Stamp Sequence Number

12 Thwarting Replay Attacks
In request-response applications, Sender of request generates a nonce (random number) Places the nonce in the request Server places the nonce in the response Neither party accepts duplicate nonces Request Response Nonce Nonce

13 Network Security Threats
Denial of Service (DOS) Attacks Overload system with a flood of messages Or, send a single message that crashes the machine

14 Denial of Service (DOS) Attacks
Transmission Failure Connection Flooding Echo-Chargen Ping of Death Smurf Syn Flood Traffic Redirection DNS Attacks Distributed Denial of Service

Download ppt "What Makes a Network Vulnerable?"

Similar presentations

Attacks Framework Attacks Physical Access Attacks -- Wiretapping Server Hacking Vandalism Dialog Attacks -- Eavesdropping Impersonation Message Alteration.

Attacks Framework Attacks Physical Access Attacks -- Wiretapping Server Hacking Vandalism Dialog Attacks -- Eavesdropping Impersonation Message Alteration.
Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Lesson 3-Hacker Techniques

Lesson 3-Hacker Techniques
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
NS-H0503-02/11041 Attacks. NS-H0503-02/11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.

NS-H /11041 Attacks. NS-H /11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Intrusion Detection and Hackers Exploits IP Spoofing Attack Yousef Yahya & Ahmed Alkhamaisa Prepared for Arab Academy for Banking and Financial Sciences.

Intrusion Detection and Hackers Exploits IP Spoofing Attack Yousef Yahya & Ahmed Alkhamaisa Prepared for Arab Academy for Banking and Financial Sciences.
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.

Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Security (Continued) V.T. Raja, Ph.D., Oregon State University.

Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.

Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
Chapter 7 7.2 Threats in Networks Network Security / G. Steffen.

Chapter Threats in Networks Network Security / G. Steffen.
Lecture 24 Secure Communications CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Ian Goldberg.

Lecture 24 Secure Communications CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Ian Goldberg.

Similar presentations

Ads by Google