Presentation is loading. Please wait.

Presentation is loading. Please wait.

This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Published byNoel Singleton Modified over 8 years ago

Similar presentations

Presentation on theme: "This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to."— Presentation transcript:

1 This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to accompany the courseware may be copied, photocopied, reproduced, or re-used in any form or by any means without permission in writing from a director of gtslearning International Limited. Violation of these laws will lead to prosecution. All trademarks, service marks, products, or services are trademarks or registered trademarks of their respective holders and are acknowledged by the publisher. All gtslearning products are supplied on the basis of a single copy of a course per student. Additional resources that may be made available from gtslearning may only be used in conjunction with courses sold by gtslearning. No material changes to these resources are permitted without express written permission by a director of gtslearning. These resources may not be used in conjunction with content from any other supplier. If you suspect that this course has been copied or distributed illegally, please telephone or email gtslearning. 1.3 Network Attacks CompTIA Security+ Certification Support Skills

2 Objectives Understand the relevance of the OSI model to network technologies and protocols Describe the function of network sniffers and protocol analyzers Describe procedures and products used to survey and test security systems Describe network attacks, such as scanning, spoofing, Man-in-the- Middle, replay, and Denial of Service 1.3 Network Attacks 41

3 OSI Model 1.3 Network Attacks 41

4 TCP/IP Protocol Suite 1.3 Network Attacks 43

5 Network Boundaries 1.3 Network Attacks 44

6 Sniffers and Protocol Analyzers Sniffer o Captures frames from network o Hardware or software Hubs, switches, and promiscuous mode Protocol Analyzer o Decodes and presents frames for analysis o Network monitoring Packet injection Preventing eavesdropping 1.3 Network Attacks 45

7 ARP Attacks Address Resolution Protocol (ARP) Maps IPv4 addresses to hardware (MAC) interfaces ARP poisoning o Dsniff o Ettercap o Cain and Abel MAC flooding 1.3 Network Attacks 47

8 Spoofing / masquerade as a general attack (can take place at many levels) o Identity theft / social engineering Network spoofing attacks o Replay − Obtain some authentication data and use it to regain access o Man-in-the-Middle − Intercept packets (without sender or receiver knowing) − Can monitor contents of packets (unless encrypted) − Could modify packets and send on Replay and Man-in-the-Middle Attacks 1.3 Network Attacks 49

9 IP Spoofing and TCP/IP Hijacking Spoofing IP addresses TCP hijacking o 3-way handshake o Non-blind spoofing o Blind spoofing ICMP redirect 1.3 Network Attacks 50

10 Discover network / host configuration Footprinting (network mapping) o Protocols, services, and applications running on the network o Host workstation and server OS types and patch status o Network addresses and host names o Network interconnect device types and status o Network security appliances and software o User accounts and groups (especially administrative / root accounts) and passwords Footprinting 1.3 Network Attacks 53

11 Fingerprinting Identify host configuration Scan TCP and UDP ports Internet Assigned Numbers Authority (IANA) numbering o Well-known (0-1024) o Registered (to 49,151) o Ephemeral (to 65,535) Configure a non-default port Source versus destination port 1.3 Network Attacks 53

12 Port Scanners / Xmas Attack Port scanners o netstat o Nmap, Nessus, SuperScan, and Atelier Web Security Port Scanner Scanning techniques o Probe ports o Xmas attack o Open connections Block scans at firewall or with Intrusion Detection System (IDS) 1.3 Network Attacks 55

13 Banner Grabbing Probe server to analyze responses Identify application / version / possible configuration Configure servers and applications not to leak information 1.3 Network Attacks 56

14 Cause a service to fail or become unavailable Distributed (DDoS) attacks leverage bandwidth from compromised hosts / networks (botnet) TCP / ICMP / UDP / Application exploits Easy to use DoS tools Smurf Denial of Service (DoS) 1.3 Network Attacks 57

15 Review Understand the relevance of the OSI model to network technologies and protocols Describe the function of network sniffers and protocol analyzers Describe procedures and products used to survey and test security systems Describe network attacks, such as scanning, spoofing, Man-in-the-Middle, replay, and Denial of Service 1.3 Network Attacks 59

16 Labs Lab 3 / Network Vulnerabilities 1.3 Network Attacks

Download ppt "This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to."

Similar presentations

Network Vulnerabilities and Attacks Dr. John Abraham UTPA.

Network Vulnerabilities and Attacks Dr. John Abraham UTPA.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Network Attacks Mark Shtern.

Network Attacks Mark Shtern.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.

Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Chapter 7 7.2 Threats in Networks Network Security / G. Steffen.

Chapter Threats in Networks Network Security / G. Steffen.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
1/28/2010 Network Plus Security Review Identify and Describe Security Risks People –Phishing –Passwords Transmissions –Man in middle –Packet sniffing.

1/28/2010 Network Plus Security Review Identify and Describe Security Risks People –Phishing –Passwords Transmissions –Man in middle –Packet sniffing.
This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2011 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Similar presentations

Ads by Google