Presentation is loading. Please wait.

Presentation is loading. Please wait.

OV 13 - 1 Copyright © 2011 Element K Content LLC. All rights reserved. Network Security Threats and Attacks  Network-Based Security Threats and Attacks.

Published byMiles Lyons Modified over 8 years ago

Similar presentations

Presentation on theme: "OV 13 - 1 Copyright © 2011 Element K Content LLC. All rights reserved. Network Security Threats and Attacks  Network-Based Security Threats and Attacks."— Presentation transcript:

1 OV 13 - 1 Copyright © 2011 Element K Content LLC. All rights reserved. Network Security Threats and Attacks  Network-Based Security Threats and Attacks  Apply Threat Mitigation Techniques  Educate Users

2 OV 13 - 2 Copyright © 2011 Element K Content LLC. All rights reserved. Physical Security  The implementation and practice of various control mechanisms that are intended to restrict physical access to facilities.  Assuring the reliability of certain infrastructure elements such as electrical power, data networks, and fire suppression systems.  Physical security may be challenged by a wide variety of events or situations, including:  Facilities intrusions  Electrical grid failures  Fire  Personnel illnesses  Data network interruptions

3 OV 13 - 3 Copyright © 2011 Element K Content LLC. All rights reserved. Physical Security Threats and Vulnerabilities  Internal – It is important to always consider what is happening inside organizations, especially when physical security is concerned.  External – It is impossible for any organization to fully control external security threats.  Natural – Although natural threats are easy to overlook, they can pose a significant risk to the physical security of a facility.  Man-made – Whether intentional or accidental, people can cause a number of physical threats.

4 OV 13 - 4 Copyright © 2011 Element K Content LLC. All rights reserved. Social Engineering Attacks User Name Password Target Attacker An attacker gets sensitive data from unsuspecting users

5 OV 13 - 5 Copyright © 2011 Element K Content LLC. All rights reserved. Social Engineering Types  Spoofing - This is a human- or software-based attack where the goal is to pretend to be someone else for the purpose of concealing their identity.  Impersonation - This is a human-based attack where an attacker pretends to be someone he is not.  Phishing - This is a common type of email-based social engineering attack.  Vishing - This is a human-based attack where the goal is to extract personal, financial, or confidential information from the victim.  Whaling - This is a form of phishing that targets individuals who are known to possess a good deal of wealth.  Spam and spim - Spam is an email-based threat where the user’s inbox is flooded with emails. Spim is an IM-based attack similar to spam.  Hoax - Hoax is any type of incorrect or misleading information that is disseminated to multiple users through unofficial channels.

6 OV 13 - 6 Copyright © 2011 Element K Content LLC. All rights reserved. Malicious Code Attacks Attacker inserts unauthorized software or malware to attack target systems

7 OV 13 - 7 Copyright © 2011 Element K Content LLC. All rights reserved. Types of Malicious Code Attacks  Virus - A sample of code that spreads from one computer to another by attaching itself to other files.  Worm - A piece of code that spreads from one computer to another on its own, not by attaching itself to another file.  Trojan horse - An insidious type of malware that is itself a software attack and can pave the way for a number of other types of attacks.  Logic bomb - A piece of code that sits dormant on a target computer until it is triggered by a specific event, such as a specific date.

8 OV 13 - 8 Copyright © 2011 Element K Content LLC. All rights reserved. Types of Malicious Code Attacks (Cont.)  Spyware - Surreptitiously installed malicious software that is intended to track and report the usage of a target system, or collect other data the author wishes to obtain.  Adware - Software that automatically displays or downloads advertisements when it is used.  Rootkit - Code that is intended to take full or partial control of a system at the lowest levels.  Botnet - A set of computers that have been infected by a control program called a bot that enables attackers to exploit them to mount attacks.

9 OV 13 - 9 Copyright © 2011 Element K Content LLC. All rights reserved. Types of Viruses  Boot sector - Infects any disk based media.  Macro - A macro is a group of application-specific instructions that execute within a specific application.  Mailer and mass mailer - A mailer virus sends itself to other users through the email system.  Polymorphic - This type of virus can change as it moves around, acting differently on different systems.  Script - A small program that runs code using the Windows scripting host on Windows operating systems.  Stealth - A stealth virus moves and attempts to conceal itself until it can propagate.

10 OV 13 - 10 Copyright © 2011 Element K Content LLC. All rights reserved. Buffer Overflow An attack that:  Targets system vulnerability to cause the device operating system to crash or reboot  May result in loss of data or execute rogue code on devices  Typically targets desktop and server applications, but may target applications on wireless devices. RADIUS, Diameter and TACACS+ subject to buffer overflow attacks.

11 OV 13 - 11 Copyright © 2011 Element K Content LLC. All rights reserved. Wireless Security Security protocols prevent unauthorized network access

12 OV 13 - 12 Copyright © 2011 Element K Content LLC. All rights reserved. Wireless Vulnerabilities  Rogue access point - This is an unauthorized wireless access point on a corporate or private network.  Evil twins - These are rogue access points on a network that appear to be legitimate.  Interference - In wireless networking, this is the phenomenon by which radio waves interfere with the 802.11 wireless signals.  Bluejacking - This is a method used by attackers to send out unwanted Bluetooth signals from PDAs, mobile phones, and laptops to other Bluetooth-enabled devices.  Bluesnarfing - This is a method in which attackers gain access to unauthorized information on a wireless device using a Bluetooth connection within the 30-foot Bluetooth transmission limit.

13 OV 13 - 13 Copyright © 2011 Element K Content LLC. All rights reserved. Wireless Vulnerabilities (Cont.)  War driving - The act of searching for instances of wireless networks using wireless tracking devices such as PDAs, mobile phones, or laptops.  WEP and WPA cracking - The method used to crack the encryption keys used in WEP and WPA installations to gain access to private wireless networks.  War chalking - The act of using symbols to mark off a sidewalk or wall to indicate that there is an open wireless network which may be offering Internet access.  IV attack - In this attack, the attacker is able to predict or control the Initialization Vector (IV) of an encryption process.  Packet sniffing - An attack on wireless networks where an attacker captures data and registers data flows, which allow the attacker to analyze the data contained in a packet.

14 OV 13 - 14 Copyright © 2011 Element K Content LLC. All rights reserved. Password Attacks xxxxxxxxx xPxxxxxxx xPassxxxx xPass 1234 !Pass 1234 A password attack shows up as repeated failed logons and then a successful logon

15 OV 13 - 15 Copyright © 2011 Element K Content LLC. All rights reserved. Types of Password Attacks  Guessing - Is the simplest type of password attack and involves an individual making repeated attempts to guess a password by entering different common password values.  Stealing - Passwords can be stolen by various means, including sniffing network communications, reading handwritten password notes, or observing a user in the act of entering the password.  Dictionary attack - Automates password guessing by comparing encrypted passwords against a predetermined list of possible password values.  Brute force attack - The attacker uses password-cracking software to attempt every possible alphanumeric password combination.  Hybrid password attack - Utilizes multiple attack vectors including dictionary, brute-force, and other attack methodologies when trying to crack a password.

16 OV 13 - 16 Copyright © 2011 Element K Content LLC. All rights reserved. IP Spoofing Attacks IP packet Target 192.168.0.77 Real IP address: 10.10.10.25 Real IP address: 10.10.10.25 Source IP address: 192.168.0.10 Destination IP address: 192.168.0.77 Source IP address: 192.168.0.10 Destination IP address: 192.168.0.77

17 OV 13 - 17 Copyright © 2011 Element K Content LLC. All rights reserved. Session Hijacking Attacks Legitimate computer session Stealing an active session cookie

18 OV 13 - 18 Copyright © 2011 Element K Content LLC. All rights reserved. DoS Attacks Attempts to disrupt or disable systems that provide network services Attempts to disrupt or disable systems that provide network services

19 OV 13 - 19 Copyright © 2011 Element K Content LLC. All rights reserved. DDoS Attacks Drones Uses multiple computers to launch the attack from many sources Uses multiple computers to launch the attack from many sources

20 OV 13 - 20 Copyright © 2011 Element K Content LLC. All rights reserved. Man-in-the-Middle Attacks Controlling the information that travels between the two victims Controlling the information that travels between the two victims

21 OV 13 - 21 Copyright © 2011 Element K Content LLC. All rights reserved. Port Scanning Attacks PortProtocolState 21FTPOpen 53DNSClosed 80HTTPOpen 110POP3Closed 119NNTPClosed 443HTTPSOpen Scans the computers and devices to determine active TCP and UDP ports Scans the computers and devices to determine active TCP and UDP ports

22 OV 13 - 22 Copyright © 2011 Element K Content LLC. All rights reserved. Replay Attacks 1:00 P.M. 10:00 A.M. Captures network traffic and stores it for retransmission Retransmits later to gain unauthorized access

23 OV 13 - 23 Copyright © 2011 Element K Content LLC. All rights reserved. FTP Bounce Attacks  Target the FTP vulnerability, which permits connected clients to open other connections on any port on the FTP server.  Allow a user with anonymous FTP connection to attack other systems by opening a service port on the third system and sending commands to that service.

24 OV 13 - 24 Copyright © 2011 Element K Content LLC. All rights reserved. ARP Poisoning Attacks Redirects IP address to self IP address: 192.168.0.10 MAC address: 00-00-86-47-F6-65 IP address: 192.168.0.10 MAC address: 00-00-86-47-F6-65 IP address: 192.168.0.10 MAC address: 00-00-86-47-F6-65 IP address: 192.168.0.10 MAC address: 00-00-86-47-F6-65

25 OV 13 - 25 Copyright © 2011 Element K Content LLC. All rights reserved. Software Updates Software manufacturers regularly issue different types of system updates:  Patch - A small unit of supplemental code  Hotfix - Issued on an emergency basis to address a specific security flaw  Rollup - A collection of previously issued patches and hotfixes  Service pack - A larger compilation of system updates with new features

26 OV 13 - 26 Copyright © 2011 Element K Content LLC. All rights reserved. Patch Management Evaluate Test Implement Non-Production System

27 OV 13 - 27 Copyright © 2011 Element K Content LLC. All rights reserved. Antivirus Software Scans computer for malicious programs

28 OV 13 - 28 Copyright © 2011 Element K Content LLC. All rights reserved. Internet Email Virus Protection Antivirus deployed on Internet gateway Antivirus deployed on Internet gateway Antivirus deployed on mail connector Antivirus deployed on mail connector Antivirus deployed on systems

29 OV 13 - 29 Copyright © 2011 Element K Content LLC. All rights reserved. Anti-Spam Software Anti-spam solutions protect specific spam target areas such as:  End users – Protects end users against the flood of spam using different methods  Administrators – Enables administrators to use many different systems and services to guard against spam within their organization  Email senders – Protects email senders by using a number of automated methods  Research and law enforcement – Allows updated anti-spam solutions to be implemented

30 OV 13 - 30 Copyright © 2011 Element K Content LLC. All rights reserved. Security Policies Formal policy statement Formal policy statement Implementation measures Implementation measures Individual policy Resources to protect Resources to protect

31 OV 13 - 31 Copyright © 2011 Element K Content LLC. All rights reserved. Common Security Policy Types Common security policy types include:  Acceptable user policy - Defines the acceptable use of an organization’s physical and intellectual resources.  Audit policy - Details the requirements and parameters for risk assessment and audits of the organization’s information and resources.  Extranet policy - Sets the requirements for third-party entities that desire access to an organization’s networks.  Password policy - Defines standards for creating password complexity.  Wireless standards policy - Defines what wireless devices can connect to an organization’s network and how to use them in a safe manner.

32 OV 13 - 32 Copyright © 2011 Element K Content LLC. All rights reserved. Security Incident Management  A specific instance of a risk event occurring, whether or not it causes damage.  A set of practices and procedures that govern how an organization will respond to an incident in progress.  Goals of incident management:  Contain an incident appropriately.  Minimize any damage that may occur as a result of the incident.

33 OV 13 - 33 Copyright © 2011 Element K Content LLC. All rights reserved. IRPs Incident Response Policy (IRP) is the security policy that:  Determines the actions that an organization will take following a confirmed or potential security breach.  Usually specifies:  Who determines and declares if an actual security incident has occurred.  What individuals or departments will be notified.  How and when they are notified.  Who will respond to the incident.  Guidelines for the appropriate response.

34 OV 13 - 34 Copyright © 2011 Element K Content LLC. All rights reserved. Change Management Systematic way of approving and executing change to IT services

35 OV 13 - 35 Copyright © 2011 Element K Content LLC. All rights reserved. Employee Education The employee education process should include the following steps: 1.Awareness - Education begins with awareness. 2.Communication - Once employees are aware of security issues and the role they play in protecting the organization’s assets, the lines of communication between employees and the security team must remain open. 3.Education - Employees should be trained and educated in security procedures, practices, and expectations from the moment they walk through the door.

36 OV 13 - 36 Copyright © 2011 Element K Content LLC. All rights reserved. User Security Responsibilities User security responsibilities include:  Physical security - Employees should not allow anyone in the building without proper ID.  System security - Employees must use their user IDs and passwords properly.  Device security - Employees must use correct procedures to log off all systems and shut down computers when not in use.

37 OV 13 - 37 Copyright © 2011 Element K Content LLC. All rights reserved. Reflective Questions 1. What type of attack is of the most concern in your environment? 2. Which type of attack do you think might be the most difficult to guard against?

Download ppt "OV 13 - 1 Copyright © 2011 Element K Content LLC. All rights reserved. Network Security Threats and Attacks  Network-Based Security Threats and Attacks."

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.

Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.
Security Training Lunch ‘n Learn. Agenda  Threat Analysis  Legal Issues  Threat Mitigation  User Security  Mobile Security  Policy Enforcement.

Security Training Lunch ‘n Learn. Agenda  Threat Analysis  Legal Issues  Threat Mitigation  User Security  Mobile Security  Policy Enforcement.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
OV 2- 1 Copyright © 2005 Element K Content LLC. All rights reserved. Security Threats  Social Engineering  Software-based Threats  Hardware-based Threats.

OV 2- 1 Copyright © 2005 Element K Content LLC. All rights reserved. Security Threats  Social Engineering  Software-based Threats  Hardware-based Threats.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
Computer Viruses.

Computer Viruses.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Threats and Attacks Principles of Information Security, 2nd Edition

Threats and Attacks Principles of Information Security, 2nd Edition
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Similar presentations

Ads by Google