Download presentation
Published byOsborne Grant Modified over 9 years ago
1
Chapter 7 7.2 Threats in Networks Network Security / G. Steffen
2
In This Section What makes a network Vulnerable Who Attacks Networks?
Reasons for network attacks Who Attacks Networks? Who are the attackers? Why people attack? Threats in Transit: Eavesdropping and Wiretapping Different ways attackers attack a victim Network Security / G. Steffen
3
What Makes a Network Vulnerable 1
How network differ from a stand-alone environment: Anonymity Attacker can mount an attack from thousands of miles away; passes through many hosts Many points of attack Both targets and origins An attack can come from any host to any host Sharing More users have the potential to access networked systems than on single computers Network Security / G. Steffen
4
What Makes a Network Vulnerable 2
How network differ from a stand-alone environment: Complexity of System Reliable security is difficult to obtain Complex as many users do not know what their computers are doing at any moment Unknown Perimeter One host may be a node on two different networks Causing uncontrolled groups of possibly malicious users Unknown Path Can have multiple paths from one host to another. Network Security / G. Steffen
5
Who Attacks Networks Challenge – what would happen if I tried this approach or technique? Can I defeat this network? Fame Money and Espionage Organized Crime Ideaology Hacktivism – breaking into a computer system with the intent of disrupting normal operations but not causing serious damage Cyberterroism- more dangerous than hacktivism can cause grave harm such as loss of life or severe economic damage Network Security / G. Steffen
6
Reconnaissance 1 How attackers perpetrate attacks? Port Scan
For a particular IP address, the program will gather network information. It tells an attacker which standard ports are being used, which OS is installed on the target system, & what applications and which versions are present. Social Engineering It gives an external picture of the network to the attacker. Intelligence Gathering all the information and making a plan. Network Security / G. Steffen
7
Reconnaissance 2 How attackers perpetrate attacks?
Operating System & Application Fingerprinting Determining what commercial application server application is running, what version… Bulletin Boards & Charts Exchanging information and techniques online Availability of Documentation Vendors provide information on website about their product in order to develop compatible, complementary applications. For instance Microsoft Network Security / G. Steffen
8
Threats in Transit Eavesdropping Wiretapping
Overhearing without expending any extra effort Causing harm that can occur between a sender and a receiver Wiretapping Passive wiretapping Similar to eavesdropping Active wiretapping Injecting something into the communication Network Security / G. Steffen
9
Wiretapping Communication Mediums 1
Cable Packet sniffer – A device that can retrieve all packets of LAN Inductance – a process where an intruder can tap a wire and read radiated signals without making physical contact with the cable Microwave Signals are broadcasted through air, making more accessible to hackers Signals are not usually shielded or isolated to prevent interception Satellite Communication Dispersed over a great area than the indented point of reception Communications are multiplexed, the risk is small that any one communication will be interrupted Greater potential than microwave signals Network Security / G. Steffen
10
Wiretapping Communication Mediums 2
Optical Fiber Not possible to tap an optical signal without detection Inductive tap is not possible as optical fiber carries light energy Hackers can obtain data from repeaters, splices , and taps along a cable Wireless Major threat is interception Network Security / G. Steffen
11
Wiretap Vulnerabilities
Network Security / G. Steffen
12
Other Threats Protocol Flaws Authentication Foiled by Guessing
Authentication Thwarted by Eavesdropping or Wiretapping Authentication Foiled by Avoidance Nonexistent Authentication Well-Known Authentication Trusted Authentication Network Security / G. Steffen
13
Other Threats Impersonation Spoofing Masquerade Session hijacking
Easier than wiretapping for obtaining information on a network More significant threat in WAN than in LAN Spoofing An attacker obtains network credentials illegally and carries false conversations Masquerade One hosts pretends to be another Phishing is a variation of this kind of an attack. Session hijacking Intercepting & carrying a session begun by another entity Man-in-the-Middle Attack One entity intrudes between two others. Network Security / G. Steffen
14
Key Interception by a Man-in-the Middle Attack
Network Security / G. Steffen
15
Message Confidentiality Threats
Misdelivery Message can be delivered to someone other than the intended recipient Exposure Passive wiretapping is a source of message exposure Traffic Flow Analysis Protecting both the content of the message & the header information that identifies the sender and receiver Network Security / G. Steffen
16
Message Integrity Threats
Falsification of Messages An attacker may change content of the message on the way to the receiver An attacker may destroy or delete a message These attacks can be perpetrated by active wiretapping, Trojan horse, preempted hosts etc Noise These are unintentional interferences Network Security / G. Steffen
17
Denial of Service (DOS)/ Availability Attacks
Transmission Failure Line cut Network noise making a packet unrecognizable or undeliverable Connection Flooding Sending too much data Protocol attacks: TCP, UDP, ICMP (Internet Control Message Protocol) Network Security / G. Steffen
18
DOS Attacks 1 Echo-Chargen Ping of Death Smurf Syn Flood
Attack works between two hosts Ping of Death Flood network with ping packets Attack limited by the smallest bandwidth to victim Smurf It is a variation of ping attack Syn Flood Attack uses the TCP protocol suite Network Security / G. Steffen
19
Distributed Denial of Service (DDoS)
To perpetrate a DDoS attack, an attacker first plants a Trojan horse on a target machine. This process is repeated with many targets. Each of these targets systems then become what is known as zombie. Then the attacker chooses a victim and sends a signal to all the zombies to launch the attack. It means the victim counters n attacks from the n zombies all acting at once. Network Security / G. Steffen
20
Summary Threats are raised against the key aspects of security : confidentiality, integrity, and availability. Target Vulnerability Precursors to attack Port Scan Social Engineering Reconnaissance OS & Application Fingerprinting Authentication Failures Impersonation Guessing Eavesdropping Spoofing Man-in-the Middle Attack Network Security / G. Steffen
21
Summary Target Vulnerability Programming Flaws Buffer Overflow
Addressing Errors Parameter Modifications Cookie Malicious Typed Code Confidentiality Protocol Flaw Eavesdropping Passive Wiretap Misdelivery Network Security / G. Steffen
22
Summary Target Vulnerability Integrity Protocol Flaw Active Wiretap
Noise Impersonation Falsification of Message Availability Connection flooding, e.g., smurf DNS Attack Traffic Redirection DDoS Network Security / G. Steffen
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.