Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 NETWORKS Lecture 13. 2 Review – Last Lecture Computer Crimes Typical Vulnerabilities Typical Attack Protocols.

Published byLogan Bridges Modified over 7 years ago

Similar presentations

Presentation on theme: "1 NETWORKS Lecture 13. 2 Review – Last Lecture Computer Crimes Typical Vulnerabilities Typical Attack Protocols."— Presentation transcript:

1 1 NETWORKS Lecture 13

2 2 Review – Last Lecture Computer Crimes Typical Vulnerabilities Typical Attack Protocols

3 3 Review -Vulnerability Exploit Cycle Advanced Intruders Discover Vulnerability Crude Exploit Tools Distributed Novice Intruders Use Crude Exploit Tools Automated Scanning/Exploit Tools Developed Widespread Use of Automated Scanning/Exploit Tools Intruders Begin Using New Types of Exploits

4 4 Outline Social Engineering Network Scanning

5 5 Social Engineering

6 6 Social Engineering The most common type of attack Basically: lying to someone to gain information on how to penetrate the network or systems Preys upon basic tendency in a company to trust other company personnel and believe what they are told over a phone or e-mail No detailed technical skills required - but must be creditable, knowledgeable of the organization and of methods and procedures to gain access | Easiest place to attack: users and support desk

7 7 Basics Social engineering preys on qualities of human nature: –the desire to be helpful –the tendency to trust people –the fear of getting into trouble The sign of a truly successful social engineer is they receive information without raising any suspicion as to what they are doing.

8 8 Types of Attacks 1 Impersonation - Case studies indicate that help desks are the most frequent targets of social engineering attacks. –A Social Engineer calls the help desk –Help desk is helpful –Social engineer will often know names of employees Important User - A common ploy is to pretend be not only an employee, but a vice president. –Help desk is less likely to turn down a request coming from a high-level official –Social engineer may threaten to report the employee to their supervisor.

9 9 Types of Attacks 2 Third-party Authorization - The social engineer may have obtained the name of someone in the organization who has the authority to grant access to information. –Ms. Shooter says its OK. –“Before he she went on vacation, Ms. Shooter said I should call you to get this information. Tech Support - Social engineer pretends to be someone from the infrastructure-support groups. –System is having a problem –Needs them to log on to test the connection

10 10 Types of Attacks 3 In Person - The social engineer may enter the building and pretend to be an employee, guest or service personnel. –May be dressed in a uniform –Allowed to roam –Become part of the cleaning crew Dumpster diving - Going through the trash Shoulder Surfing - Looking over a shoulder to see what they are typing. –Passwords –Phone-card numbers

11 11 Computer Based Attacks Popup Windows - A window will appear on the screen telling the user he has lost his network connection and needs to reenter their user name and password. –A program will the e-mail the intruder with the information. Mail attachments - Programs can be hidden in e-mail attachments. –Viruses Websites - A common ploy is to offer something free or a chance to win a sweepstakes on a Website. –To win requires an e-mail address and password. –Used with 401K come-on.

12 12 Example If I were to call up your office and claim I'm with your network consulting firm and I needed the person who picked up to help me run a test, would they help? –This sort of thing happens all the time: Could you log in and log out of the network please? OK, that looks fine. Could you do it again? Still not there... Maybe if I tried your account from here. Could I have your username and password?"

13 13 Real World Example (1) A women approached the CSO of her company with a disturbing story –A week earlier she received e-mail about the summer Olympics in Greece with a pointer to a web site –She visited the web site and it had some interesting information about the upcoming Olympics –Two days later she received an e-mail from an unknown address asking for $50 or they would tell her management that she had been surfing porn sites They even identified a directory on her system that contained child porn She check that directory and found a set of disgusting pictures

14 14 Real World Example (2) The company security team traced it down and found that the files had been transferred from an IP in Bulgaria It turn out that 15 others in the company had been hit by the same scam and some had paid the money The security team informed the CSO that this kind of thing happened about 10 times a year

15 15 Defense Recognize the signs Train your point of contact personnel to recognize key signs that they may be the target of a social engineering attack: –Refusal to give contact information –Rushing –Name-dropping –Intimidation –Small mistakes –Requesting forbidden information

16 16 Other Defenses Common defenses: –Require anyone there for service to show identification –Make a policy that passwords are never spoken over the phone. –Make a policy that passwords are not to be left lying around. –Implement caller ID technology. –Invest in shredders.

17 17 Network Scanning

18 18 Footprinting Before a hacker attempts to gain access to a system, time must be spent gathering information about the target. This process is known as footprinting –it is a critical step in subverting the security of a target system –Footprinting is the hacking equivalent to casing a potential robbery location. –Systematic footprinting allows the hacker to create a complete profile of the target system including information about the domain, network blocks, IP addresses exposed on the Internet, and system architecture. –Once the profile is known, a hacker will be able to focus on specific machines and ports to gain access to the system.

19 19 whois Network enumeration is the next step in gathering information about a target system. –A hacker will identify domain names and the network blocks associated with the target. whois is a simple directory service that can be accessed directly from machines with Internet access. –From the command line enter: whois –h whois.crsnic.net maury. whois server target w/wildcard

20 20 whois on the web From the web, whois can be activated at: –http://www.internic.net/whois.htmlhttp://www.internic.net/whois.html –http://www.allwhois.com/

21 21 Whois query The result of the query on plu:

22 22 Additional Information The American Registry for Internet Numbers (ARIN) is the source database for network blocks associated with domains. –A query can be performed from http://www.arin.net/whois/index.html or from a command line May not know the registration name

23 23 Result 1 The search provides 3 results – two of which are useful: Click here for more info

24 24 Result 2 This query provided some additional information:

25 25 Next Step Once the network block is known, the next step is to determine which IP addresses are accessible and what services are running on those machines. This is done via a process known as scanning. Scanning is usually performed with tools that attempt to disguise network reconnaissance.

26 26 Network Scanning What is network scanning? –Network Scanning is Proactively probe the network –Network Sniffing is Passively eavesdrop the network. –Both can help to gain a good picture of the network Why Scan? –Administrators: Scanning can discover vulnerabilities –Hackers: Helps gather network and OS information Why Sniff? –Administrators: Intrusion detection, Traffic logging, Fault Analysis –Hackers: Access sensitive information transmitted over the network Most attacks begin with a scan

27 27 Attackers Goal Vulnerabilities exist to allow an attacker to do the following remotely on many servers: execute arbitrary commands on the server gain unauthorized access to server files or directories gain shell access at the privilege level of the server process (often root) crash server daemon causing encrypted passwords to be dumped to the core file, from which the passwords may be retrieved and cracked deny service to regular server clients by consuming server resources corrupt information that the server needs (e.g. a nameserver cache) The GOAL is to locate a system with a vulnerability

28 28 Scanning Types There are four major types of scanning each with a different goal – looking for a different type of information –Ping sweeping (which host is alive?) –Port scanning (what services are available?) –OS detection (What platform sitting there?) –Firewalking (What’s behind the firewall)

Download ppt "1 NETWORKS Lecture 13. 2 Review – Last Lecture Computer Crimes Typical Vulnerabilities Typical Attack Protocols."

Similar presentations

Lesson 3-Hacker Techniques

Lesson 3-Hacker Techniques
Kelly Corning Julie Sharp.  Human-based techniques: impersonation  Computer-based techniques: malware and scams.

Kelly Corning Julie Sharp.  Human-based techniques: impersonation  Computer-based techniques: malware and scams.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Social Engineering Networks Reid Chapman Ciaran Hannigan.

Social Engineering Networks Reid Chapman Ciaran Hannigan.
Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.
 Single sign-on o Centralized and federated passport o Federated Liberty Alliance and Shibboleth  Authorization o Who can access which resource o ACM.

 Single sign-on o Centralized and federated passport o Federated Liberty Alliance and Shibboleth  Authorization o Who can access which resource o ACM.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
1 Social Engineering Dr.Talal Alkharobi. 2 Social Engineering - Definition Webster — management of human beings in accordance with their place and function.

1 Social Engineering Dr.Talal Alkharobi. 2 Social Engineering - Definition Webster — management of human beings in accordance with their place and function.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”

Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”
Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.
Penetration Testing.

Penetration Testing.
Sam Cook April 18, 2013. Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.

Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.
Hacking Windows Justin Bell Department of Computer Science University of Wisconsin, Platteville

Hacking Windows Justin Bell Department of Computer Science University of Wisconsin, Platteville
 Find out initial information ◦ Open Source ◦ Whois ◦ Nslookup  Find out address range of the network ◦ ARIN (American registry for internet numbers)

 Find out initial information ◦ Open Source ◦ Whois ◦ Nslookup  Find out address range of the network ◦ ARIN (American registry for internet numbers)
Information Gathering Lesson 4. Steps for Gathering Information Find out initial information Open Source Whois Nslookup Find out address range of the.

Information Gathering Lesson 4. Steps for Gathering Information Find out initial information Open Source Whois Nslookup Find out address range of the.

Similar presentations

Ads by Google