Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security+ Guide to Network Security Fundamentals, Third Edition

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Security+ Guide to Network Security Fundamentals, Third Edition"— Presentation transcript:

1 Security+ Guide to Network Security Fundamentals, Third Edition
Chapter 4 Network Vulnerabilities and Attacks

2 Objectives Explain the types of network vulnerabilities
List categories of network attacks Define different methods of network attacks Security+ Guide to Network Security Fundamentals, Third Edition

3 Network Vulnerabilities
There are _________ broad categories of network vulnerabilities: Those based on the network transport ________ Those found in the network ________ themselves Let’s take a look at each… Security+ Guide to Network Security Fundamentals, Third Edition

4 Media-Based Vulnerabilities
______________ network traffic Helps network administrator to _______________________ ________________________________ Monitoring traffic can be done in _________ ways: 1. Use a __________________________________ Configure a switch to ____________________ that flows through some or all ports ___________________________ on the switch See graphic on next slide… 2. Install a __________________ (test access point) A _______________________ that can be installed _____________ ___________________, such as a switch, router, or firewall, to ______________________ See graphic two slides down… Security+ Guide to Network Security Fundamentals, Third Edition

5 Media-Based Vulnerabilities (continued)
Security+ Guide to Network Security Fundamentals, Third Edition

6 Media-Based Vulnerabilities (continued)
Security+ Guide to Network Security Fundamentals, Third Edition

7 Media-Based Vulnerabilities (continued)
________________ computer Can be a ______________________________ Can be a regular computer running _____________________________ software Also known as a ____________________ _________________________________________________________________________- See example on next slide…

8 Security+ Guide to Network Security Fundamentals, Third Edition

9 Media-Based Vulnerabilities (continued)
Just as network taps and protocol analyzers can be used for legitimate purposes They also can be used by ______________ to intercept and view network traffic Attackers can access the wired network in the following ways: False ceilings Exposed wiring Unprotected RJ-45 jacks Security+ Guide to Network Security Fundamentals, Third Edition

10 Media-Based Vulnerabilities (continued)
Security+ Guide to Network Security Fundamentals, Third Edition

11 Four common Network Device Vulnerabilities
1. ___________________________ A password is a secret combination of letters and numbers that serves to _____________ (validate) a user by what he knows Password paradox Lengthy and complex passwords should be used and __________________________ It is very difficult to memorize these types of passwords Passwords can be set to expire after a set period of time, and a new one must be created Therefore a password can provide ___________ Security+ Guide to Network Security Fundamentals, Third Edition

12 Network Device Vulnerabilities (continued)
Characteristics of weak passwords: A _______________ used as a password ____________ passwords unless forced to do so Passwords that are _____________ __________________ in a password Using the __________________ for all accounts _____________ the password down Security+ Guide to Network Security Fundamentals, Third Edition

13 Four common Network Device Vulnerabilities (continued)
2. _______________________ A user account on a device that is ____________________ by the ______________ instead of by an administrator Used to make the _____________________ and installation of the device easier Intended to be __________________________ is completed, but often they are not Default accounts are often the first targets that attackers seek Why? Security+ Guide to Network Security Fundamentals, Third Edition

14 Four common Network Device Vulnerabilities (continued)
3. ________________________ An account that is ___________ without the administrator’s knowledge or permission, that _____________________, and that ____________________________________ Can by created by programmer of software to allow convenient access to device for troubleshooting Back doors can be created on a network device in two ways: The network device can be ____________________ using a virus, worm, or Trojan horse to insert the back door A ________________________________ creates a back door on the device Security+ Guide to Network Security Fundamentals, Third Edition

15 Four common Network Device Vulnerabilities (continued)
4. __________________ (talked about in Chapter 2) It is possible to _____________________ in the _______________________ to gain access to resources that the user would normally be restricted from obtaining Security+ Guide to Network Security Fundamentals, Third Edition

16 Categories of Attacks Conducted Against Networks..
Include Denial of service Spoofing Man-in-the-middle Replay attacks Security+ Guide to Network Security Fundamentals, Third Edition

17 Denial of Service (DoS)
Denial of service (DoS) attack Attempts to ___________________________________ __________________________________________________________________________________________ Distributed denial of service (DDoS) attack A _____________ of the DoS May use hundreds or thousands of ________________ in a botnet to _________________________________- Impossible to identify and block the source of the attack Example: _________________ attack See Figure 4-4 Security+ Guide to Network Security Fundamentals, Third Edition

18 - Server runs out of resources and can no longer function
SYN SYN+ ACK SYN SYN+ ACK SYN SYN+ ACK SYN SYN+ ACK SYN SYN+ ACK Server waiting several minutes for ACK replies but not receiving it from any computer - Server runs out of resources and can no longer function Security+ Guide to Network Security Fundamentals, Third Edition

19 Example #1 of DoS attack - Attacker can flood the radio frequency spectrum with interference to prevent legitimate communication from getting through Security+ Guide to Network Security Fundamentals, Third Edition

20 Example #2 of DoS attack If the ACK is not returned, the packet is resent 3. 1. 2. Security+ Guide to Network Security Fundamentals, Third Edition

21 Example #3 of DoS attack Forces device to temporarily disconnect from the wireless network Security+ Guide to Network Security Fundamentals, Third Edition

22 Spoofing AKA impersonation Variety of different attacks use spoofing
________________________________________ by ________________________________ Variety of different attacks use spoofing Attacker may _______________________ so that her malicious actions would be attributed to a valid user Attacker may _____________________________ _____________________________________ Attacker can set up his AP device and trick all ___________________________________________________________________________- Security+ Guide to Network Security Fundamentals, Third Edition

23 Man-in-the-Middle attack
Works by _________________ (attacker) ________________________________________________________________________ Makes it seem that two computers are communicating with each other directly when actually there is a “middle man” seeing/modifying the traffic ________ attacks _______________________ before they are sent on to the recipient ________ attacks ________________________, _____________ and _______ to original recipient Security+ Guide to Network Security Fundamentals, Third Edition

24 Replay attack Similar to a passive man-in-the-middle attack
Instead of sending traffic to the recipient immediately, the captured data is ________________________________________ A simple replay would involve the man-in-the-middle ____________________ between the computer and the server and attempting to login at a later time A more sophisticated attack takes advantage of the communications between a __________________ Administrative messages that contain specific network requests are frequently sent between a network device and a server A replay attack could _______________________________________ _____________________. The server might respond thinking the message came from a _______________________________________ Security+ Guide to Network Security Fundamentals

25 Methods of Network Attacks
Protocol-based Targeting vulnerabilities in network protocols is a common method of attack since the ___________ is ____________________________ itself Any system that uses this protocol is vulnerable Wireless Attacks unique to wireless networks have been created More to come… Security+ Guide to Network Security Fundamentals, Third Edition

26 Protocol-Based Attacks
Antiquated protocols _____________ protocols have been updated often to address __________________________ __________ is another updated protocol Used for __________________________ between networked devices The use of community strings in the first two versions of the protocol- SNMPv1 and SNMPv2- created several vulnerabilities Also information was not sent in encrypted fashion SNMPv3 is much more secure Uses ___________________________________ Security+ Guide to Network Security Fundamentals, Third Edition

27 Protocol-Based Attacks (continued)
DNS attacks Domain Name System (_______________) is the basis for ____________________________ today DNS ____________________ ___________ a ________________________ so that when a user enters a symbolic name, she is ____________________________________ Security+ Guide to Network Security Fundamentals, Third Edition

28 Protocol-Based Attacks (continued)
Fraudulent IP address How can this IP address substitution take place? Security+ Guide to Network Security Fundamentals, Third Edition

29 Protocol-Based Attacks (continued)
Substituting a fraudulent IP address can be done in one of two different _____________: 1. TCP/IP ___________________ name system If no entry exists for the requested name entered, the external DNS system is referenced Attackers can target the __________________ Or – the second location.. Security+ Guide to Network Security Fundamentals, Third Edition

30 Protocol-Based Attacks (continued)
2. External _____________________ Attack is called ____________________ (also called _________________) DNS servers exchange information between themselves AKA ________________________ Attacker attempts to convince the authentic DNS server to ______________________________ sent from the _____________________________________ See Figure 4-11 on following slide

31 Attacker sends a request to resolve a URL to IP address…
Valid DNS server doesn’t know and asks DNS server controlled by attacker Name server sends IP addresses to the valid (victim) DNS server- which are actually IP addresses to the attacker’s addresses. -These IP addresses map to legit URL’s Request from any users will go to attacker’s IP address Security+ Guide to Network Security Fundamentals, Third Edition 31 31

32 Protocol-Based Attacks (continued)
DNS poisoning can be ________________ ________________________ software, _______ (Berkeley Internet Name Domain) or __________ (DNS Security Extensions) ______________________ Almost the ___________________________ Attacker asks the _______________________ _______________, known as a DNS transfer Possible for the attacker to _____________________ ________ of the organization supporting the DNS server Security+ Guide to Network Security Fundamentals, Third Edition

33 Protocol-Based Attacks (continued)
Address Resolution Protocol (_______) _______________________________________________________________________________ The IP address and the corresponding MAC address are stored in an ARP cache for future reference ARP ____________________ An attacker could ________________________ ________________ so that the corresponding IP address would ______________________ Security+ Guide to Network Security Fundamentals, Third Edition

34 Protocol-Based Attacks (continued)
TCP/IP hijacking takes advantage of a weakness in the TCP/IP protocol The TCP header consists of _____________ that are used as _____________________________ Updated as packets are sent and received between devices Packets may arrive out of order ________________ any packets with ___________ sequence numbers than has been ____________________________ Receiving device will _______________ any packets with __________________________ numbers than has been received and acknowledged Security+ Guide to Network Security Fundamentals, Third Edition

35 Protocol-Based Attacks (continued)
If both sender and receiver have incorrect sequence numbers, the connection will “hang” TCP/IP hijacking In a TCP/IP hijacking attack, the attacker creates fictitious (“spoofed”) TCP packets to take advantage of the weaknesses See handout for example of TCP/IP hijacking Security+ Guide to Network Security Fundamentals, Third Edition

36 Wireless Attacks In addition to TCP/IP attacks such as TCP/IP hijacking and ARP poisoning, attacks _____ __________________ have been created

37 Rogue Access Points Access Point that is _________________ _________________ (in a vulnerable location) behind the firewall An attacker who can access the network through a rogue access point is _________ ________________________________ Can ________ attack all devices on the network Rogue APs ________________________ and opens the entire network and all users to direct attacks Security+ Guide to Network Security Fundamentals, Third Edition

38 Rogue Access Points (continued)
Security+ Guide to Network Security Fundamentals, Third Edition

39 War Driving ____________________ Scanning
At regular intervals, a wireless AP sends a beacon frame to ______________________________________________________________________ that want to join the network Used to establish and maintain communications Scanning Wireless devices which _______________________ Wireless location mapping AKA _____________ ______________________________________________ RF transmission Process of finding a WLAN signal and recording information about it Security+ Guide to Network Security Fundamentals, Third Edition

40 War Driving (continued)
War driving can involve using an ________ to search for wireless signals over a large area but also _________ or a ____________ could be used Tools for conducting war driving: __________________ device _________________ adapters ________________ Global positioning system receiver To precisely locate the wireless network _______________ to connect to the wireless network Security+ Guide to Network Security Fundamentals, Third Edition

41 What is Bluetooth? A wireless technology that uses short-range RF transmissions and ________________________ _____________________ to a wide range of computing / telecommuncation _____________ Provides for ________________________ between devices The __________________ standard was adapted and expanded from the existing Bluetooth standard Two types of network topologies ___________ – Same channel contains __________ and at _____________________ ______________ – Connection in which ____________ __________________________________________ Security+ Guide to Network Security Fundamentals, Third Edition

42 Bluesnarfing and Blue Jacking
____________________ The ___________________________ from a wireless device __________________________ Allows an attacker to _____________________, contact lists, etc By simply connecting to that Bluetooth device _________ the _____________________________ __________________ _______________________ from Bluetooth to Bluetooth-enabled devices No data is stolen Security+ Guide to Network Security Fundamentals, Third Edition

43 Other Attacks and Frauds
Null sessions _______________________ to a Microsoft __________________________ computer that ________________________________ Could allow an attacker to connect to open a channel over which he could gather information about the device Pose a serious ________________ to vulnerable computers and _______________________ to the operating systems Later versions of Windows are not vulnerable to null session attacks Security+ Guide to Network Security Fundamentals, Third Edition

44 Other Attacks and Frauds (continued)
Domain Name Kiting A type of fraud that involves _______________ ______________ to do something unscrupulous __________________________ ________________ are organizations that are ____________________________ ________________________________ A five-day Add Grade Period (AGP) permits registrars to delete any newly registered Internet domain names and give a full refund of the registration fee Security+ Guide to Network Security Fundamentals, Third Edition

45 Other Attacks and Frauds (continued)
Domain Name Kiting (continued) Unscrupulous registrants attempt to _________ _______________________ by ____________ _____________________________________ Recently expired domain names are indexed by search engines Visitors are _________________________________ Which is usually a single page Web with paid advertisement links Visitors who click on these links _____________ ___________________________________ Security+ Guide to Network Security Fundamentals, Third Edition

46 Summary Network vulnerabilities include media-based vulnerabilities and vulnerabilities in network devices The same tools that network administrators use to monitor network traffic and troubleshoot network problems can also be used by attackers Network devices often contain weak passwords, default accounts, back doors, and vulnerabilities that permit privilege escalation Network attacks can be grouped into four categories Security+ Guide to Network Security Fundamentals, Third Edition

47 Summary (continued) Protocol-based attacks take advantage of vulnerabilities in network protocols Attacks on wireless systems have increased along with the popularity of wireless networks Other network attacks include null sessions, which are unauthenticated connections to a system using a legacy version of Microsoft windows Domain Name Kiting is fraud that involves the use of a grace period to delete newly registered domain names Security+ Guide to Network Security Fundamentals, Third Edition

Download ppt "Security+ Guide to Network Security Fundamentals, Third Edition"

Similar presentations

Module X Session Hijacking

Module X Session Hijacking
Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism Titan Rain - Attacks on US gov't and military computers from China breached.

Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.
Network Vulnerabilities and Attacks Dr. John Abraham UTPA.

Network Vulnerabilities and Attacks Dr. John Abraham UTPA.
Security Lab 2 MAN IN THE MIDDLE ATTACK

Security Lab 2 MAN IN THE MIDDLE ATTACK
ARP Cache Poisoning How the outdated Address Resolution Protocol can be easily abused to carry out a Man In The Middle attack across an entire network.

ARP Cache Poisoning How the outdated Address Resolution Protocol can be easily abused to carry out a Man In The Middle attack across an entire network.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
CISCO NETWORKING ACADEMY PROGRAM (CNAP)

CISCO NETWORKING ACADEMY PROGRAM (CNAP)
Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.
LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.

LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Security (Continued) V.T. Raja, Ph.D., Oregon State University.

Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Network Attacks Mark Shtern.

Network Attacks Mark Shtern.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Distributed Denial of Service Attacks CMPT 471 1 Distributed Denial of Service Attacks Darius Law.

Distributed Denial of Service Attacks CMPT Distributed Denial of Service Attacks Darius Law.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Chapter Extension 7 How the Internet Works © 2008 Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 7 How the Internet Works © 2008 Prentice Hall, Experiencing MIS, David Kroenke.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World

Similar presentations

Ads by Google