CHAPTER 3 Classes of Attack. INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information.

Slides:



Advertisements
Similar presentations
Module VIII Denial Of Service
Advertisements

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
System Security Scanning and Discovery Chapter 14.
Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Web Server Administration TEC 236 Securing the Web Environment.
Firewall Lalitha Jammalamadaka. Agenda 1. Introduction 2.Types of firewalls 3.How a software firewall works 4.Methods to control traffic 5.Making the.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Firewalls and Intrusion Detection Systems
Computer Security and Penetration Testing
Chapter 7 HARDENING SERVERS.
Distributed Denial of Service Attacks CMPT Distributed Denial of Service Attacks Darius Law.
Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by.
Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Web server security Dr Jim Briggs WEBP security1.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.
Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,
Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Forensic and Investigative Accounting
1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.
Workshop 1: Introduction to TCP/IP
FIREWALL Mạng máy tính nâng cao-V1.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
1 Guide to Network Defense and Countermeasures Chapter 2.
Computer Security and Penetration Testing
Hands-On Microsoft Windows Server 2003 Networking Chapter Three TCP/IP Architecture.
Overview: Identify the Internet protocols and standards Identify common vulnerabilities and countermeasures Identify specific IIS/WWW/FTP concerns Identify.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 3: TCP/IP Architecture.
Chapter 9.
HOW WEB SERVER WORKS? By- PUSHPENDU MONDAL RAJAT CHAUHAN RAHUL YADAV RANJIT MEENA RAHUL TYAGI.
Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.
CIS 450 – Network Security Chapter 3 – Information Gathering.
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
Denial-of-Service Attacks Justin Steele Definition “A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate.
ICOM 6115©Manuel Rodriguez-Martinez ICOM 6115 – Computer Networks and the WWW Manuel Rodriguez-Martinez, Ph.D. Lecture 26.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.
Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.
1 Networking Chapter Distributed Capabilities Communications architectures –Software that supports a group of networked computers Network operating.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
Linux Networking and Security
Application Layer Khondaker Abdullah-Al-Mamun Lecturer, CSE Instructor, CNAP AUST.
Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.
Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
CHAPTER 9 Sniffing.
Denial of Service Datakom Ht08 Jesper Christensen, Patrick Johansson, Robert Kajic A short introduction to DoS.
Denial of Service Attacks
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 3: TCP/IP Architecture.
________________ CS3235, Nov 2002 (Distributed) Denial of Service Relatively new development. –Feb 2000 saw attacks on Yahoo, buy.com, ebay, Amazon, CNN.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 25 November 16, 2004.
Cisco Discovery Semester 1 Chapter 6 JEOPADY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
DoS/DDoS attack and defense
Network Security Threats KAMI VANIEA 18 JANUARY KAMI VANIEA 1.
Page 12/9/2016 Chapter 10 Intermediate TCP : TCP and UDP segments, Transport Layer Ports CCNA2 Chapter 10.
DOS Attacks Lyle YapDiangco COEN 150 5/21/04. Background DOS attacks have been around for decades Usually intentional and malicious Can cost a target.
Denial of Service A comparison of DoS schemes Kevin LaMantia COSC 316.
Denail of Service(Dos) Attacks & Distributed Denial of Service(DDos) Attacks Chun-Chung Chen.
Comparison of Network Attacks COSC 356 Kyler Rhoades.
IST 201 Chapter 11 Lecture 2. Ports Used by TCP & UDP Keep track of different types of transmissions crossing the network simultaneously. Combination.
CompTIA Security+ Study Guide (SY0-401)
CompTIA Security+ Study Guide (SY0-401)
Computer Networks Protocols
Presentation transcript:

CHAPTER 3 Classes of Attack

INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information Leakage 3. File Alteration 4. Misinformation 5. Database Access

DENIAL-OF-SERVICE (DoS) This kind of attack unauthorized the availability of the resource to its regular authorized users. Types of DoS: 1. Degrading Processes 2. Degrading Storage Capability 3. Destroying Files 4. Shutting Down

DENIAL-OF-SERVICE (DoS) Degrading Processes 1. The attacker reduces performance by overloading the target system, either by spawning multiple processes to eat up all available resources or spawning enough processes to overload CPU. Example: A simple UNIX fork bomb. 2. The attacker attack a network application such as File Transfer protocol (FTP) or Simple Mal Transfer Protocol (SMTP) by sending a flood of network.

DENIAL-OF-SERVICE (DoS) 3. The attacker attack a network service such as Internet protocol (IP) or the Internet Control Message Protocol (ICMP) also by sending a flood of network. Examples of DoS attacks that degrade processes are: 1. Snork 2. Chargen 3. Smurf 4. SYN flood

DENIAL-OF-SERVICE (DoS) Snork and Chargen affect Windows NT. Snork enables the attacker to send spoofed Remote Procedure Call (RPC) datagrams to the User Datagram Protocol (UDP) destination port 135. Chargen enables attacker sent a flood of UDP datagrams from a spoofed source IP to port 19. Smurf performs a network-level against the target host. SYN flood is accomplished by sending TCP connection request faster than a system can process them.

DENIAL-OF-SERVICE (DoS) Degrading Storage Capability Attacker uses all of the given storage resources on the target machine, such as spamming a mail server. For example: The Love Letter worm that use Windows and Exchange Server as their mail platform. Destroying Files This type of DoS attack is a less often occur. The attacker delete files on the target server to render it unusable. For example: A strain of Love Bug worm that overwrites all.bat,.com and.sys files on the system.

DENIAL-OF-SERVICE (DoS) Shut Down Systems This kind of DoS enable attacker shutting down the computer systems. For example: Ping of Death caused a great many windows NT machines to face the blue screen of death. Distributed Denial-of-Service (DDoS) This is the newest threat of DoS and depends on the use of a client, masters and daemons. The attackers use the client to initiate the attack by using masters, which are compromised hosts that have a special programs running on them.

DENIAL-OF-SERVICE (DoS) Some of the DDoS tools includes: 1. Trinoo 2. Tribe Flood Network 3. Stacheldraht 4. Shaft 5. Mstream

INFORMATION LEAKAGE The attacker enable to get much information on the target as possible. This class of attack can occur in many ways: 1. The attacker may use finger or Domain Name System (DNS) to gather information about the users on your network. 2. The advertising of search engine can help attacker determine the type of web server being used.

INFORMATION LEAKAGE 3. It also can occur in SMTP or application banners (from telnet) because these items can give a piece of information about network. Some tools used by individuals to gain information about network include port scanners and operating system detection software. For example, one of the best tool is nmap by Fyodor.

FILE ALTERATION The attacker have capability to alter file includes create, read, modify and remove files from systems on the network. In the past, attacker can create and remove files on systems utilizing Network File System (NFS) by utilizing vulnerabilities in statd (NFS file- locking status monitor).

MISINFORMATION The attacker erase all their tracks to the system. Bad logs The attacker go to the log files (after gaining root server) to remove all traces of themselves. Attack noise It can be designed as simply diversionary tactic. It means while user concentrate on defending area that being attacked, the reality is the attacker comes from the area which the defense are low.

DATABASE ACCESS The attacker may try to gain access to a special file or database. There are some area concerned by attackers to attack: 1. Use system’s operating system. For example: Attacker attack Registry (use to store operating parameters in Windows NT). By default, it can be controlled by Service Pack. 2. Attacker use the database user permission to gain the access.

To be continued…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.