Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security: DNS Spoofing, SQL Injection, ARP Poisoning

Published bySuharto Kusumo Modified over 5 years ago

Similar presentations

Presentation on theme: "Network Security: DNS Spoofing, SQL Injection, ARP Poisoning"— Presentation transcript:

1 Network Security: DNS Spoofing, SQL Injection, ARP Poisoning
By: Usman Jamil, Zach Black, Frank Brahmbhatt, Kurt Floyd, Jason James, Ross Stewart, Hunter Wall

2 DNS Spoofing - Overview
Domain Name Server (DNS) poisoning or spoofing is a type of cyber-attack that exploits system vulnerabilities in the domain name server to divert traffic away from legitimate servers and directs it towards fake ones The code for DNS spoofing is often found in URLs sent via spam s The s attempt to frighten users into clicking on the supplied URL, which in turn infects their computer Once poisoned, a user's computer will take them to fake websites that are spoofed to look like the real thing, exposing them to risks such as spyware, keyloggers or worms

3 DNS Spoofing - Cascading attack
If a high level DNS server is affected, all downstream servers may be affected as well If a single subdomain is spoofed, an entire domain can be hijacked for a period of time. For DNS now redirects to the attacker’s server for: Targetdomain.com Mail.targetdomain.com CDN.targetdomain.com Potato.targetdomain.com etc

4 DNS Spoofing - Cascading Attack
Affected machines at Location A Company location A DNS (Uses attacked DNS server for authoritative info) ISP DNS Company “root” DNS (containing spoofed records) Affected machines at Location B Company location B DNS (ditto)

5 SQL Injection - Overview
SQL injection weaknesses occur when an application uses untrusted data, such as data entered into web form fields, as part of a database query SQL injection (SQLi) is an application security weakness that allows attackers to control an application’s database This lets them access or delete data, change an application’s data-driven behavior, and do other undesirable things – by tricking the application into sending unexpected SQL commands

6 SQL Injection - Dual Defense
Application side: Input sanitation Trust nothing! Parameterized queries Procedures for everything SQL injection will usually throw an error if used as a procedure argument App-side validation of inputs App-side encrypted data Quality ORM SQL server side: Permission/access separation Separation of schemas Support for app-side encrypted data Separation of databases

7 Preventing SQLi Use parameterized queries
Escape inputs before adding them to the query Use of Prepared Statements (with Parameterized Queries) Use of Stored Procedures White List Input Validation Escaping All User Supplied Input Enforcing Least Privilege Performing Whitelist Input Validation as a Secondary Defense

8 ARP poisoning - Overview
ARP is short for Address Resolution Protocol. Address Resolution Protocol poisoning (ARP poisoning) is a form of attack in which an attacker changes the Media Access Control (MAC) address and attacks an Ethernet LAN by changing the target computer's ARP cache with a forged ARP request and reply packets. ARP spoofing can enable malicious parties to intercept, modify or even stop data in-transit. ARP spoofing attacks can only occur on local area networks that utilize the Address Resolution Protocol. ARP spoofing attacks typically follow a similar progression.

9 ARP poisoning - Basic Steps
ARP spoofing attack usually include: The attacker opens an ARP spoofing tool and sets the tool’s IP address to match the IP subnet of a target. Examples of popular ARP spoofing software include Arpspoof, Cain & Abel, Arpoison and Ettercap. The attacker uses the ARP spoofing tool to scan for the IP and MAC addresses of hosts in the target’s subnet. The attacker chooses its target and begins sending ARP packets across the LAN that contain the attacker’s MAC address and the target’s IP address. As other hosts on the LAN cache the spoofed ARP packets, data that those hosts send to the victim will go to the attacker instead. From here, the attacker can steal data or launch a more sophisticated follow-up attack.

10 ARP poisoning - OS Issues
Different OSs handle ARP differently Linux Ignores unsolicited replies Watches the network to update its own cache Solaris Only updates after timeout Windows Depends on OS/version/Service Pack/security updates/phases of moon/etc Can specify timeout length Built-in randomization for length of time until refresh

11 Sources http://linux-ip.net/html/ether-arp.html - ARP behavior
- DNS server hierarchy project.org/web/packages/RODBCext/vignettes/Parameterized_SQL_queries.html - SQL query parameterization protocol-arp-caching-behavior-in-win - Vista ARP cache behavior them-infographic - SQL Injection - Overview - Preventing SQLi - DNS Spoofing - Overview poisoning

Download ppt "Network Security: DNS Spoofing, SQL Injection, ARP Poisoning"

Similar presentations

Security Lab 2 MAN IN THE MIDDLE ATTACK

Security Lab 2 MAN IN THE MIDDLE ATTACK
Man in the Middle Attack

Man in the Middle Attack
ARP Spoofing.

ARP Spoofing.
SCADA Security, DNS Phishing

SCADA Security, DNS Phishing
1 Address Resolution Protocol (ARP) Relates to Lab 2. This module is about the address resolution protocol.

1 Address Resolution Protocol (ARP) Relates to Lab 2. This module is about the address resolution protocol.
Media Access Control (MAC) addresses in the network access layer ▫ Associated w/ network interface card (NIC) ▫ 48 bits or 64 bits IP addresses for the.

Media Access Control (MAC) addresses in the network access layer ▫ Associated w/ network interface card (NIC) ▫ 48 bits or 64 bits IP addresses for the.
Understand Database Security Concepts

Understand Database Security Concepts
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.

Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Network Attacks Mark Shtern.

Network Attacks Mark Shtern.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Chapter 9 Web Applications. Web Applications are public and available to the entire world. Easy access to the application means also easy access for malicious.

Chapter 9 Web Applications. Web Applications are public and available to the entire world. Easy access to the application means also easy access for malicious.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Annual Safety & Security Briefing - 9/22/04 Teresa Downey – SLAC Computer Security Group & SCS Applications Group.

Annual Safety & Security Briefing - 9/22/04 Teresa Downey – SLAC Computer Security Group & SCS Applications Group.
Foundations of Network and Computer Security J J ohn Black Lecture #35 Dec 9 th 2009 CSCI 6268/TLEN 5550, Fall 2009.

Foundations of Network and Computer Security J J ohn Black Lecture #35 Dec 9 th 2009 CSCI 6268/TLEN 5550, Fall 2009.
Injection Attacks by Example SQL Injection and XSS Adam Forsythe Thomas Hollingsworth.

Injection Attacks by Example SQL Injection and XSS Adam Forsythe Thomas Hollingsworth.
Man in the Middle attacks and ARP poisoning explained

Man in the Middle attacks and ARP poisoning explained
Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.
MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.

MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Similar presentations

Ads by Google