Presentation is loading. Please wait.

Presentation is loading. Please wait.

Threats in Networks Jagdish S. Gangolly School of Business

Published byHanna Lahti Modified over 6 years ago

Similar presentations

Presentation on theme: "Threats in Networks Jagdish S. Gangolly School of Business"— Presentation transcript:

1 Threats in Networks Jagdish S. Gangolly School of Business
State University of New York at Albany NOTE: These notes are based on the book Security in Computing, by Charles & Shari Pfleeger, and are prepared solely for the students in the course Acc 661 at SUNY Albany. They are not to be used by others without the permission of the instructor. 1/11/2019 acc 661 Auditing of Adv Acctg Systems

2 acc 661 Auditing of Adv Acctg Systems
Threats in Networks I Protocols (Guessing sequence numbers) Impersonation Authentication foiled by guessing Authentication thwarted by eavesdropping or wiretapping Authentication foiled by avoidance Nonexistent authentication (trusted hosts: .rlogin, .rhosts) Well-known authentication (default passwords) Trusted authentication 1/11/2019 acc 661 Auditing of Adv Acctg Systems

3 acc 661 Auditing of Adv Acctg Systems
Threats in Networks II Spoofing Masquerade Session hijacking Man-in-the-middle attack Message confidentiality threats Misdelivery Exposure Traffic flow analysis 1/11/2019 acc 661 Auditing of Adv Acctg Systems

4 Threats in Networks III
Message integrity threats Falsification of messages Website defacement Buffer overflows Dot-Dot and address problems Application code errors (users can change context encoded in URL request) Server-side includes 1/11/2019 acc 661 Auditing of Adv Acctg Systems

5 Threats in Networks III
Denial of service Transmission failure Connection flooding ICMP protocols (ping, echo, destination unreachable, source quench) Smurf attack Syn flood (spoof return address in initial SYN packet, and not responding with ACKs, thus flooding SYN-RECV queue) 1/11/2019 acc 661 Auditing of Adv Acctg Systems

Download ppt "Threats in Networks Jagdish S. Gangolly School of Business"

Similar presentations

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
NS-H0503-02/11041 Attacks. NS-H0503-02/11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.

NS-H /11041 Attacks. NS-H /11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
1 Reading Log Files. 2 Segment Format

1 Reading Log Files. 2 Segment Format
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.

Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
Security (Continued) V.T. Raja, Ph.D., Oregon State University.

Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Network Attacks Mark Shtern.

Network Attacks Mark Shtern.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Slide 1 Attacks on TCP/IP. slide 2 Security Issues in TCP/IP uNetwork packets pass by untrusted hosts Eavesdropping (packet sniffing) uIP addresses are.

Slide 1 Attacks on TCP/IP. slide 2 Security Issues in TCP/IP uNetwork packets pass by untrusted hosts Eavesdropping (packet sniffing) uIP addresses are.
TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet.

TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet.
CS 5950/6030 Network Security Class 28 (F, 11/4/05) Leszek Lilien Department of Computer Science Western Michigan University Based on Security in Computing.

CS 5950/6030 Network Security Class 28 (F, 11/4/05) Leszek Lilien Department of Computer Science Western Michigan University Based on Security in Computing.
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.

Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Security in Networks— Their design, development, usage… Barbara Endicott-Popovsky CSSE592/491 In collaboration with: Deborah Frincke, Ph.D. Director, Center.

Security in Networks— Their design, development, usage… Barbara Endicott-Popovsky CSSE592/491 In collaboration with: Deborah Frincke, Ph.D. Director, Center.
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.

Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
WXES2106 Network Technology Semester 1 2004/2005 Chapter 8 Intermediate TCP CCNA2: Module 10.

WXES2106 Network Technology Semester /2005 Chapter 8 Intermediate TCP CCNA2: Module 10.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.

Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.

Similar presentations

Ads by Google