Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Attacks. Topics Objectives Rogue Devices Rogue Infrastructure Hardware Placement Data Theft & Malicious Insertion Security Feature Weaknesses.

Published byIsabella Sheehan Modified over 10 years ago

Similar presentations

Presentation on theme: "Network Attacks. Topics Objectives Rogue Devices Rogue Infrastructure Hardware Placement Data Theft & Malicious Insertion Security Feature Weaknesses."— Presentation transcript:

1 Network Attacks

2 Topics Objectives Rogue Devices Rogue Infrastructure Hardware Placement Data Theft & Malicious Insertion Security Feature Weaknesses &Vulnerabilities Denial Of Service Conclusion

3 Objectives Demonstrate how to recognize, perform and prevent the following types of attacks: –Rogue infrastructure hardware placement. –Denial of Service attacks. – Hijacking and Peer-to-peer attacks –MAC Spoofing Understand Security Vulnerabilities associated with unsecured wireless networks.

4 Rogue Devices A Rogue Device is define as any device that is not authorized to be on the network. An intruder might perform data theft, data insertion, peer attacks etc,once he or she gains access to network potentially through a rogue device. It is common to see rogue access points, bridges, and Ad Hoc networks installed without authorization in a wireless networks.

5 Rogue Infrastructure Hardware Placement Rogue devices will be placed as if the device were designed to be there in the first place. Rogue Access points: –They will normally be placed out of site in the places like: Under a desk In, on top, or behind a cabinet. In the ceiling In a closet etc –They will likely use a channel that will not interfere surrounding access points.

6 Cont… –Encryption settings: Static WEP would be enabled if static or dynamic WEP already being used on the wireless network on which rogue is being placed. –SSID settings: The SSID of rogue device will be set to match that of the existing wireless LAN implementation. –Frequency: Intruders may use 900 MHz units instead of 2.4 GHz or 5 GHz Wi-fi compliant units. –Spectrum choice: Intruders may use FHSS technology instead of DSSS. –Antennas: Horizontally polarized antennas are often used on the rogue and the client.

7 Cont… Wireless Bridges: –Placement: A rogue bridge is placed with in the Fresnel zone of an existing bridge link. –Priority: The spanning tree priority of a rogue bridge must be set very high. –MAC spoofing and filter Identification: The MAC address of an authorized non-root bridge can be spoofed. –Antenna use: Intruders will use high-gain directional antennas.

8 Data Theft & Malicious Insertion Illegal, Unethical, or appropriate content: –What would be the result of a hacker obtained access to a network and deposited files on the network? Viruses and Spyware Peer to peer attacks Unauthorized Control

9 Viruses & Spyware Viruses are capable of disabling desktop PCs, taking web sites and even overloading email servers. Trojan Horse applications, Worms are specific types of viruses. A type of malware called spyware typically comes as a multi- featured software package that can : –Capture instant messenger, email, website traffic. –Capture sites visited. –Capture keystrokes and passwords. –And so on. Most widely used spware application in wireless environment is iSpyNow. www.symantec.com and www.mcafee.com are most popular sources dedicated to remove viruses and avoid re-infection by a virus.www.symantec.comwww.mcafee.com www.anti-spy.com is a popular anti-spy application.www.anti-spy.com

10 Peer-to-Peer Attacks Peer-to-peer attacks are attacks instigated by one host aimed at another host, both of which are clients of the same network system. aim at sensitive data files, password files

11 Unauthorized Control Attacker gains access to your network, reconfigures and manages your network. –Network management tools Whats Up Gold, SNMPc, Solarwinds –Configuration changes –Third party attacks

12 Spamming – 3 rd party attacks Real spam is generally e-mail advertising for some product sent to a mailing list or newsgroup. Some people define spam even more generally as any unsolicited e-mail. In addition to wasting people's time with unwanted e-mail, spam also eats up a lot of network bandwidth. Spamming has at least two major impacts to the network and organization and they are: –Performance Degradation and – Bad Public Relations. Source: http://www.webopedia.com/TERM/s/spam.htm

13 Security Feature Weaknesses and Vulnerabilities WEP (Wired Equivalent Privacy or Wireless Encryption Protocol ) : –WEP was intended to provide confidentiality comparable to that of a traditional wired network. –Several serious weaknesses were identified by cryptanalysts, a WEP connection can be cracked with readily available software within minutes. Pre-shared key (PSK, also known as WPA personal mode): –A pre-shared key is a password which is entered to access a secure Wi- Fi system using WEP or WPA. –Weak PSK passphrases can be broken using off-line dictionary attacks by capturing the messages in the four-way exchange when the client reconnects after being deauthenticated. – Wireless suites such as aircrack-ng can crack a weak passphrase in less than a minute –WPA Personal is secure when used with good passphrases or a full 64-character hexadecimal key. Source: http://en.wikipedia.org/wiki/Wireless_security#WPA

14 Cont… LEAP (Lightweight Extensible Authentication Protocol): –It is a proprietary Cisco authentication protocol. –THC-LeapCracker can be used to break Ciscos version of LEAP –It can be used against computers connected to an access point in the form of a dictionary attack. PPTP (Point-to-Point Tunneling Protocol): –It was created by Microsoft in windows NT and is used in many hardware and software systems today. –It is inherently insecure because there are too many unauthenticated control packets that are readily spoofed. Source: http://en.wikipedia.org/wiki/Wireless_security#WPA

15 Denial Of Service System will become unavailable to its intended users. It occurs when an attacker continually sends bogus requests and/or other commands. Wireless networks are susceptible to DoS attacks at two primary levels: –Physical Layer –MAC Layer.

16 Physical Layer DoS At the physical layer, DoS attack can be launched by generating RF energy in the same frequency as targets WLAN. RF Jamming: –Radio jamming is the (usually deliberate) transmission of radio signals that disrupt communications by decreasing the signal to noise ratio. –Jamming problems in a WLAN environment and they include: Microwave ovens, Bluetooth devices, other RF devices and WLAN devices. –Administrators only defense against this RF Jamming is the Physical Security.

17 MAC Layer DoS Hijacking. Data Flooding overwhelming a computer with more data than it can process.

18 Cont… Hijacking: –attacker takes control of a users wireless LAN layer 2 for denial of service layer 3 for attacking purposes.

19 Cont… Data flooding illustration

20 Conclusion Different types of unauthorized access discussed are: –Rogue Devices –Data theft/insertion –Peer-to-peer attacks –Unauthorized control Understood the weaknesses and vulnerabilities of different security technologies. Three types of wireless DoS attacks discussed are: –RF Jamming –Data Flooding –Hijacking The best defense is the Physical Security.

Download ppt "Network Attacks. Topics Objectives Rogue Devices Rogue Infrastructure Hardware Placement Data Theft & Malicious Insertion Security Feature Weaknesses."

Similar presentations

Wi-Fi Technology.

Wi-Fi Technology.
Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)

Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)
Wireless LAN Security Understanding and Preventing Network Attacks.

Wireless LAN Security Understanding and Preventing Network Attacks.
SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.
WiFi VS Cellular “Bringing Secure Payment to the Point Of Service”

WiFi VS Cellular “Bringing Secure Payment to the Point Of Service”
Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.

LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.

Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Man in the Middle Paul Box Beatrice Wilds Will Lefevers.

Man in the Middle Paul Box Beatrice Wilds Will Lefevers.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Wireless Security. Objective: Understand the benefits of a wireless network Understand security risks Examples of vulnerabilities Methods to protect your.

Wireless Security. Objective: Understand the benefits of a wireless network Understand security risks Examples of vulnerabilities Methods to protect your.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Similar presentations

Ads by Google