Presentation is loading. Please wait.

Presentation is loading. Please wait.

WARNING ! The system is either busy or has been unstable. You can wait and See if it becomes available again, or you can restart your computer. *

Published byClifford Horwood Modified over 9 years ago

Similar presentations

Presentation on theme: "WARNING ! The system is either busy or has been unstable. You can wait and See if it becomes available again, or you can restart your computer. *"— Presentation transcript:

1

2

3 WARNING ! The system is either busy or has been unstable. You can wait and See if it becomes available again, or you can restart your computer. * Press any key to return to Windows and wait. * Press CTRL+ALT+DEL again to restart your computer. You will Lose unsaved information in any programs that are running. Press any key to continue.

4 Carl the Happy Chatter Group 4 Presents: But not for long….
Carl Morris Andrew Snyder Ken Nguyen Dec User Attacks

5 User Attacks What is it? An attack mounted against an end user of the Internet Goals of an attacker Obtain access to systems Eavesdrop on communications Aggravate and annoy a household user Cause damage! Anything to annoy an end user

6 Context of Discussion Not meant to apply to “computer geeks”
Applies to average end user Attacks mounted easily by attackers with limited computer knowledge

7 Methods of choice Performed a search for phrases such as “How to find Windows NT passwords,” “Hacking into Computers” & “Easy Hacking” Used our own past experiences (world & class) Our own interests

8 We decided... The Big Three: Denial of Service (DoS) Packet Sniffing
Back Orifice 2000

9 What is DoS? Attacker consumes limited resources on victim’s machine
CPU time memory bandwidth

10 DoS Easy DoS Attack Ping Flooding Ping of Death WinNuke

11 Ping Flooding What is Ping Flooding?
Sending huge amounts of ICMP Echo Requests Used legitimately to test your connection

12 Ping Flooding (cont.) Ping Flooding’s impact
Ties up victim’s bandwidth Forces dialup users to disconnect May cause victim’s machine to crash

13 Ping Flooding (cont.) Ping Flooding is Hard! Need to know victim’s IP
Easily obtained from ICQ, IRC, message forums, etc... Must type “ping destination_IP –t –l huge#”

14 Ping of Death What is Ping of Death?
Carl receives a packet of illegal size Carl’s computer crashes 

15 Ping of Death (cont.) Ping of Death is also very hard Must type
“ping destination_IP –l 65550”

16 WinNuke What is WinNuke?
Takes advantage of Window’s Out of Band (OOB) bug Carl receives a pointer that is invalid Carl’s computer crashes 

17 WinNuke WinNuke is also very hard

18 Protect yourself Ping of Death & WinNuke
Get patches for your appropriate OS to prevent overflow/pointer error

19 Protect yourself Ping Flooding
Sets computer not to echo back, cuts by 50% Call your ISP, or set up your own firewall Stop it before it start: Do not give out your IP!

20 What Is Packet Sniffing?
Packet sniffing is eavesdropping on network traffic. It consists of capturing packets on the network and analyzing them to obtain information.

21 What Is in a Packet? Source and Destination (MAC)
A packet can contain information ranging from web addresses to passwords. However, it is all in binary form, and requires a protocol analyzer to make sense of it all.

22 MAC Each Ethernet card contains a 48-bit identifier – Media Access Control The first 24 bits identify the vendor The last 24 bits identify the card To find out your MAC: Win9x – winipcfg.exe WinNT – ipconfig /all Linux – ifconfig

23 How Is Packet Sniffing Used?
Packets are captured. -- Promiscuous mode Packets are analyzed. -- Protocol analyzer (LanSleuth, Neptune, Ethereal)

24 Malicious Effects Websites Passwords
Any unencrypted information sent over the network (Messages, Files)

25 Ease of Use Network Protocol Analyzers
LanSleuth, Ethereal, Neptune, snoop Easy installation and configuration Some analyzers require administrative permissions

26 Examples Packet captured using Ethereal

27 Analyzing Packet entered into Ethereal Decode

28 Preventions Encrypt all transfers SSL – Secure Socket Language
SSH – Secure Shell VPN – Virtual Private Networks

29 Detections In theory – impossible In practice – possible sometimes
Stand-alone packet sniffers don’t transfer packets Non-standard generate traffic (DNS reverse lookups in order to find names associated with IP addresses)

30 Ping Method Send a request Nobody should respond
Response --> Sniffer!

31 Packet Sniffing Re-visited
Packets are “captured” on the network They are then analyzed - Passwords - Web sites Impossible to stop Difficult to detect

32 Back Orifice 2000 What is it? “The most powerful network administration tool available for the Microsoft environment” How is it used? An “administrator” creates a custom server file installs this server on the target machine connects to the target machine perform various functions

33 Back Orifice 2000 Malicious effects A malicious attacker can:
Install the server on victim’s machine Take over computer Logging keystrokes Rebooting Viewing cached passwords the active screen etc Ease of use In the next few minutes, I will show you how to use BO2K

34 Back Orifice 2000 Create a server file…

35 Back Orifice 2000 Create a server file… (continued)

36 Back Orifice 2000 Time to connect

37 Back Orifice 2000 Some stuff…

38 Back Orifice 2000 Plugins Encryption (AES, IDEA, RC6, Serpent)
Communications Server Enhancement Client Enhancement

39 Back Orifice 2000 BO Peep Plugin

40 Back Orifice 2000 BO Tools Plugin

41 Prevention Measures Umgr32.Exe anyone ? 1) Antivirus 2) firewall
3) don’t trust anyone 4) look for umgr32.Exe (or registry) on your computer 5) Microsoft: get a clue

42 Summary Many user attacks are so easy that even your mom could figure them out Some attacks can’t be protected against based on current network protocol and system architecture Microsoft needs to tighten up security on their products

43 Conclusion Are you safe?
That kid next door could be screwing with you right now. You could be a victim of user attacks and not even know it. Practice online safety measures. You are not invincible: Don’t take security for granted

44 Questions

Download ppt "WARNING ! The system is either busy or has been unstable. You can wait and See if it becomes available again, or you can restart your computer. *"

Similar presentations

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Network Security.

Network Security.
Password Cracking, Network Sniffing, Man-in-the-Middle attacks, and Virtual Private Networks Lab 2 – Class Discussion Group 3 Ruhull Alam Bhuiyan Keon.

Password Cracking, Network Sniffing, Man-in-the-Middle attacks, and Virtual Private Networks Lab 2 – Class Discussion Group 3 Ruhull Alam Bhuiyan Keon.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Michelle J. Gosselin, Jennifer Schommer Guanzhong Wang.

Michelle J. Gosselin, Jennifer Schommer Guanzhong Wang.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
SYSTEM ADMINISTRATION Chapter 19

SYSTEM ADMINISTRATION Chapter 19
Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Network Attacks Mark Shtern.

Network Attacks Mark Shtern.
Introduction to Security Computer Networks Computer Networks Term B10.

Introduction to Security Computer Networks Computer Networks Term B10.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA © Abdou Illia.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.

Similar presentations

Ads by Google