1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.

Slides:



Advertisements
Similar presentations
 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
Advertisements

Nmap Experiment.
Packets and Protocols Chapter Seven Real World Packet Captures.
1 Reading Log Files. 2 Segment Format
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
IP Network Scanning.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
Hacking Exposed 7 Network Security Secrets & Solutions Chapter 2 Scanning 1.
Trish Miller Network Security. Trish Miller Types of Attacks Attacks on the OSI & TCP/IP Model Attack Methods Prevention Switch Vulnerabilities and Hacking.
System Security Scanning and Discovery Chapter 14.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Vulnerability Analysis Borrowed from the CLICS group.
Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by.
Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet.
Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA © Abdou Illia.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Port Scanning Yiqian Zhang CS 265 Project. What is Port Scanning? port scanning is equivalent to knocking on the walls to find all the doors and windows.
Computer Security and Penetration Testing
DDos Distributed Denial of Service Attacks by Mark Schuchter.
Beyond Security Ltd. Port Knocking Beyond Security Noam Rathaus CTO Sunday, July 11, 2004 Presentation on.
COEN 252: Computer Forensics Router Investigation.
Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.
Port Scanning Prabhaker Mateti. Mateti, Port Scanning2 Port scanning Attackers wish to discover services they can break into. Attackers wish to discover.
Port Scanning.
Attack Methods Chapter 4 Corporate IT Security Copyright 2002 Prentice-Hall.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)
Scanning and Spoofing Lesson 7. Scanning Ping Sweeps Port Scanners Vulnerability Scanning tools.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
Overview Network communications exposes one to many different types of risks: No protection of the privacy, integrity, or authenticity of messages Traffic.
Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.
CERN’s Computer Security Challenge
ECE4112 Lab 7: Honeypots and Network Monitoring and Forensics Group 13 + Group 14 Allen Brewer Jiayue (Simon) Chen Daniel Chu Chinmay Patel.
CIS 450 – Network Security Chapter 3 – Information Gathering.
Targeted Break-in, DoS, & Malware attacks (I) (February 18, 2015) © Abdou Illia – Spring 2015.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Transmission Control Protocol TCP. Transport layer function.
Hands-On Ethical Hacking and Network Defense Chapter 2 TCP/IP Concepts Review.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
Chapter 2 Scanning Last modified Determining If The System Is Alive.
Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.
1 Lab 1: Reconnaissance, Network Mapping, and Vulnerability Assessment Reconnaissance Scanning Network Mapping Port Scanning OS detection Vulnerability.
Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.
1 Firewalls Types of Firewalls Inspection Methods  Static Packet Inspection  Stateful Packet Inspection  NAT  Application Firewalls Firewall Architecture.
TCOM Information Assurance Management System Hacking.
1 Figure 3-13: Internet Protocol (IP) IP Addresses and Security  IP address spoofing: Sending a message with a false IP address (Figure 3-17)  Gives.
Hands-On Ethical Hacking and Network Defense
Hands-On Ethical Hacking and Network Defense
Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 2 TCP/IP Concepts Review Last modified
CITA 352 Chapter 2 TCP/IP Concepts Review. Overview of TCP/IP Protocol –Language used by computers –Transmission Control Protocol/Internet Protocol (TCP/IP)
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Penetration Testing By Blaze Sterling. Roadmap What is Penetration Testing How is it done? Penetration Testing Tools Kali Linux In depth included tools.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.
Introduction to Information Security
Port Scanning James Tate II
Review Exam 2 Spring 2013.
Working at a Small-to-Medium Business or ISP – Chapter 8
General Classes of TCP/IP Problems
Backdoor Attacks.
Port Scanning (based on nmap tool)
Attack Methods Chapter 4
The Siphon Project An Implementation of Stealth Target Acquisition & Information Gathering Methodologies Introduction: Introduce self, Chris introduce.
Targeted Break-in, DoS, & Malware attacks (I)
A Distributed DoS in Action
Figure 3-23: Transmission Control Protocol (TCP) (Study Figure)
Presentation transcript:

1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments (Figure 4-8) These are carried in IP packets that reveal the potential victim’s IP address  Other RST-generating attacks (SYN/FIN segments)

2 Figure 4-8: TCP SYN/ACK Host Scanning Attack

3 Figure 4-1: Targeted System Penetration (Break-In Attacks) Network Scanning  To learn about router organization in a network  Send Traceroute messages (Tracert in Windows systems) Port Scanning  Most break-ins exploit specific services For instance, IIS webservers Services listen for connections on specific TCP or UDP ports (HTTP=80)

4 Figure 4-1: Targeted System Penetration (Break-In Attacks) Port Scanning  Scan servers for open ports (Figure 4-9) Send SYN segments to a particular port number Observe SYN/ACK or reset (RST) responses  May scan for all well-known TCP ports (1024) and all well- known UDP ports (1024)  Or may scan more selectively  Scan clients for Windows file sharing ports ( ) Stealth scanning  Scan fewer systems and ports and/or scan more slowly to avoid detection

5 Figure 4-1: Targeted System Penetration (Break-In Attacks) Fingerprinting  Identify a particular operating system or application program and (if possible) version For example, Microsoft Windows 2000 Server For example, BSD LINUX 4.2 For example, Microsoft IIS 5.0  Useful because most exploits are specific to particular programs or versions

6 Figure 4-1: Targeted System Penetration (Break-In Attacks) Fingerprinting  Active fingerprinting Send odd messages and observe replies Different operating systems and application programs respond differently Odd packets may set off alarms

7 Figure 4-1: Targeted System Penetration (Break-In Attacks) Fingerprinting  Passive fingerprinting Read packets and look at parameters (TTL, window size, etc.)  If TTL is 113, probably originally 128. Windows 9X, NT 4.0, 2000, or Novell NetWare  Window size field is 18,000. Must be Windows 2000 Server Less precise than active fingerprinting

8 Figure 4-9: NMAP Port Scanning and Operating Systems Fingerprinting

9 Figure 4-1: Targeted System Penetration (Break-In Attacks) The Break-In  Password Guessing Seldom works because attacker is locked our after a few guesses  Exploits that take advantage of known vulnerabilities that have not been patched Exploits are easy to use Frequently effective The most common break-in approach today  Session hijacking (Figure 4-10) Take over an existing TCP communication session Difficult to do (must guess TCP sequence numbers), so not commonly done

10 Figure 4-10: Session Hijacking

11 Figure 4-1: Targeted System Penetration (Break-In Attacks) After the Break-In  Install rootkit Usually downloaded through trivial file transfer protocol (TFTP)  Erase audit logs  Create backdoors for reentry if original hacking vulnerability is fixed Backdoor accounts Trojanized programs that permit reentry

12 Figure 4-1: Targeted System Penetration (Break-In Attacks) After the Break-In  Weaken security  Unfettered access to steal information  Install victimization software Keystroke capture programs Spyware Remote Administration Trojans (RATs) Attack software to use against other hosts

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.