Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA 5880 - © Abdou Illia."— Presentation transcript:

1 Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA 5880 - © Abdou Illia

2 Objectives  Understand the types of network attacks and how the occur  Denial of Service attacks (DoS)  SYN Flood DoS  Distributed DoS attacks  Ping of Death attacks  Buffer Overflow attacks  Identify physical security attacks and vulnerabilities 2

3 Denial of Service (DoS)  What resources the web server would use to respond to each of the HTTP requests it receives?  What could be the consequences of the web server being invaded by too much requests from the attacker? Attacker’s Home Network 3  Attempt to make a computer resources unavailable to legitimate users

4 TCP opening and DoS  For each TCP connection request, server has to:  Respond to the request  Set resources aside in order respond to each data request........ SYN SYN/ACK ACK Waiting for request from Computer 1 1 SYN SYN/ACK ACK 2 SYN SYN/ACK ACK 3 Waiting for request from Computer 2 Waiting for request from Computer 3 Server...... 4

5 SYN Flood DoS  Attacker sends a series of TCP SYN opening requests  For each SYN, the target has to  Send back a SYN/ACK segment, and  set aside memory, and other resources to respond  When overwhelmed, target slows down or even crash  SYN takes advantage of client/server workload asymmetry Attacker Victim SYN 5

6 Web Server configuration 6

7 Ping of Death attacks  Take advantage of  Fact that TCP/IP allows large packets to be fragmented  Some network applications & operating systems’ inability to handle packets larger than 65536 bytes  Attacker sends IP packets that are larger than 65,536 bytes through IP fragmentation.  Ping of death attacks are rare today as most operating systems have been fixed to prevent this type of attack from occurring.  List of OS that were vulnerable:  http://insecure.org/sploits/ping-o-death.html http://insecure.org/sploits/ping-o-death.html  Fix  Add checks in the reassembly process or in firewall to protect hosts with bug not fixed  Check: Sum of Total Length fields for fragmented IP is < 65536 bytes Total Length (16 bits)FlagsFragment Offset (13 bits) Fragment offset: identify which fragment this packet is attached to. Flags: indicates whether packet could be fragmented or not 7

8 Distributed DoS (DDoS) Attack Server DoS Messages Computer with Zombie Computer with Zombie Handler Attack Command Attack Command  Attacker hacks into multiple clients and plants handler programs and Zombie programs on them  Attacker sends attack commands to Handlers and Zombie programs which execute the attacks  First appeared in 2000 with Mafiaboy attack against cnn.com, ebay.com, etrade.com, yahoo.com, etc. Attacker Attack Command 8

9 Buffer Overflow Attack  Occurs when ill-written programs allow data destined to a memory buffer to overwrite instructions in adjacent memory register that contains instructions.  If the data contains malware, the malware could run and creates a DoS  Example of input data: ABCDEF LET JOHN IN WITHOUT PASSWORD 9 BufferInstructions 123456 Print Run Program Accept input BufferInstructions 123456 ABCDEFLET JOHN IN WITHOUT PASSWORD Run Program Accept input

10 Addressing Physical Security  Protecting a network also requires physical security  Inside attacks are more likely than attacks from outside the company 10

11 Keyloggers  Used to capture keystrokes on a computer  Hardware  Software  Behaves like Trojan programs  Hardware  Easy to install  Goes between the keyboard and the CPU  KeyKatcher and KeyGhost 11

12 Keyloggers (continued)  Protection  Software-based  Antivirus  Hardware-based  Random visual tests 12

13 Behind Locked Doors  Lock up your servers  Average person can pick deadbolt locks in less than five minutes  After only a week or two of practice  Experienced hackers can pick deadbolt locks in under 30 seconds  Rotary locks are harder to pick  Keep a log of who enters and leaves the room  Security cards can be used instead of keys for better security 13

14 Summary Questions  Describe SYN flooding.  What is a Zombie program?  Explain how Ping of Death attack occurs?  Explain difference between DoS and DDoS.  Do DoS attacks primarily attempt to jeopardize confidentiality, integrity, or availability?  What is a Buffer Overflow attack?  What is a hardware keylogger? 14

Download ppt "Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA 5880 - © Abdou Illia."

Similar presentations

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Review For Exam 2 March 9, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Review For Exam 2 March 9, 2010 MIS 4600 – MBA © Abdou Illia.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
WARNING ! The system is either busy or has been unstable. You can wait and See if it becomes available again, or you can restart your computer. *

WARNING ! The system is either busy or has been unstable. You can wait and See if it becomes available again, or you can restart your computer. *
Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
1 Reading Log Files. 2 Segment Format

1 Reading Log Files. 2 Segment Format
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Security (Continued) V.T. Raja, Ph.D., Oregon State University.

Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Introduction to Security Computer Networks Computer Networks Term B10.

Introduction to Security Computer Networks Computer Networks Term B10.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Distributed Denial of Service Attacks CMPT 471 1 Distributed Denial of Service Attacks Darius Law.

Distributed Denial of Service Attacks CMPT Distributed Denial of Service Attacks Darius Law.
Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

Similar presentations

Ads by Google