Presentation is loading. Please wait.

Presentation is loading. Please wait.

Attack Methods Chapter 4 Corporate IT Security Copyright 2002 Prentice-Hall.

Published byMiles Gilmore Modified over 8 years ago

Similar presentations

Presentation on theme: "Attack Methods Chapter 4 Corporate IT Security Copyright 2002 Prentice-Hall."— Presentation transcript:

1

2 Attack Methods Chapter 4 Corporate IT Security Copyright 2002 Prentice-Hall

3 2 Figure 4-1: Targeted System Penetration (Break-In Attacks) Unobtrusive Information Collection  Do research before sending any packets into the network Use in social engineering attacks Use as background for packet attacks  Corporate website  Trade press (often online and searchable)  Securities and Exchange Commission (SEC) web-enabled Internet financial database (Figure 4-2)

4 3 Figure 4-2: Securities and Exchange Commission's Edgar Service

5 4 Figure 4-1: Targeted System Penetration (Break-In Attacks) Unobtrusive Information Collection  Whois database (Figure 4-3) Information about responsible person Information about IP addresses of DNS servers, to find firm’s IP address block Easy if assigned a classful address block (Figure 4-4) Difficult is CIDR address block or a block of ISP addresses

6 5 Registrant: Panko, Ray (PUKANUI-DOM)PUKANUI-DOM 1000 Pukanui St. Honolulu, HI 96821 US Domain Name: PUKANUI.COM Administrative Contact: Panko, Ray (RP17477)Ray@Panko.comRP17477 1000 Pukanui St. Honolulu, HI 96821 US (808) 956-8111 Figure 4-3: Whois Entry for Pukanui.Com (from www.netsol.com)

7 6 Registrant: Technical Contact: VeriSign, Inc. (HOST-ORG) namehost@WORLDNIC.NETHOST-ORG VeriSign, Inc. 21355 Ridgetop Circle Dulles, VA 20166 US 1-888-642-9675 fax: - namehost@worldnic.netnamehost@worldnic.net Record expires on 07-Jul-2003 Record created on 07-Jul-2001 Database last updated on 7-Jun-2002 15:07:22 EDT. Domain servers in listed order: NS76.WORLDNIC.COM 216.168.225.216 NS75.WORLDNIC.COM 216.168.225.215 Figure 4-3: Whois Entry for Pukanui.Com (from www.netsol.com) DNS Servers

8 7 Figure 4-4: Classful IP Address Allocations Example  Suppose DNS server is 128.171.17.1  Must be a Class B address block (from table lookup)  Therefore, the network part is 16 bits: 128.171  Address block must be 128.171.0.1 to 128.171.255.254 ClassInitial IP Address in Class Last IP Address in Class Size or Network Part Addresses in Block Allocated to Firm A0.0.0.1127.255.255.254816,777,214 B128.0.0.1191.255.255.2541665,534 C192.0.0.1223.255.255.25424254

9 8 Figure 4-1: Targeted System Penetration (Break-In Attacks) IP Address Spoofing (Figure 3-17)  Put false IP addresses in outgoing attack packets Attacker is blind to replies  Use series of attack platforms (Figure 4-5)

10 9 Figure 4-5: Using a Chain of Attack Hosts Attacker 1.4.5.6 Victim 60.77.8.32 Compromised Host 123.67.8.23 Compromised Host 123.67.33.4 Attack Replies Allows Reading of Replies Without Exposing Attacker

11 10 Figure 4-5: Using a Chain of Attack Hosts Subsequent Trace Back Successful Connection Broken Connection Broken Compromised Host 123.67.8.23 Compromised Host 123.67.33.4 Attacker 1.4.5.6 Victim 60.77.8.32

12 11 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  To identify IP addresses of potential victims  Ping individual hosts (Figure 4-6)  Ping all IP addresses in block for live IP addresses (Figure 4-7)

13 12 Figure 4-6: Ping at the Windows Command Prompt

14 13 Figure 4-7: Ping Scanning With Ping Sweep

Download ppt "Attack Methods Chapter 4 Corporate IT Security Copyright 2002 Prentice-Hall."

Similar presentations

NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.

NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.
Media Access Control (MAC) addresses in the network access layer ▫ Associated w/ network interface card (NIC) ▫ 48 bits or 64 bits IP addresses for the.

Media Access Control (MAC) addresses in the network access layer ▫ Associated w/ network interface card (NIC) ▫ 48 bits or 64 bits IP addresses for the.
Chapter 21 Exercises 1. A router forwards packets between networks. (Given a destination host address, it must be able to figure out which network that.

Chapter 21 Exercises 1. A router forwards packets between networks. (Given a destination host address, it must be able to figure out which network that.
METEOROLOGICAL TELECOMMUNICATION AND METCAP A GLANCE TO NETWORK BRIEFLY Ömer Hüdai ALBAYRAK 2010ALANYA.

METEOROLOGICAL TELECOMMUNICATION AND METCAP A GLANCE TO NETWORK BRIEFLY Ömer Hüdai ALBAYRAK 2010ALANYA.
DHCP Dynamic Host Configuration Part 7 NVCC Professional Development TCP/IP.

DHCP Dynamic Host Configuration Part 7 NVCC Professional Development TCP/IP.
SYSTEM ADMINISTRATION Chapter 19

SYSTEM ADMINISTRATION Chapter 19
Operating Systems Concepts 1/e Ruth Watson Chapter 11 Chapter 11 Network Maintenance Ruth Watson.

Operating Systems Concepts 1/e Ruth Watson Chapter 11 Chapter 11 Network Maintenance Ruth Watson.
Copyright (c) 2005 Japan Network Information Center JPNIC IPv6 registry service experience Toshiyuki Hosaka Japan Network Information Center (JPNIC) September.

Copyright (c) 2005 Japan Network Information Center JPNIC IPv6 registry service experience Toshiyuki Hosaka Japan Network Information Center (JPNIC) September.
Week 5: Internet Protocol Continue to discuss Ethernet and ARP –MTU –Ethernet and ARP packet format IP: Internet Protocol –Datagram format –IPv4 addressing.

Week 5: Internet Protocol Continue to discuss Ethernet and ARP –MTU –Ethernet and ARP packet format IP: Internet Protocol –Datagram format –IPv4 addressing.
Week 2 -1 Week 2: Footprinting What is Footprinting? –Systematic collection of information on an intended target with the goal to create a complete profile.

Week 2 -1 Week 2: Footprinting What is Footprinting? –Systematic collection of information on an intended target with the goal to create a complete profile.
Ping and traceroute demonstration Skills: Use Ping and Traceroute and Query the Whois database IT concepts: network transit time, router hops, IP registration.

Ping and traceroute demonstration Skills: Use Ping and Traceroute and Query the Whois database IT concepts: network transit time, router hops, IP registration.
Computer Security Prevention and detection of unauthorized actions by users of a computer system Confidentiality Integrity Availability.

Computer Security Prevention and detection of unauthorized actions by users of a computer system Confidentiality Integrity Availability.
CSC586 Network Forensics IP Tracing/Domain Name Tracing.

CSC586 Network Forensics IP Tracing/Domain Name Tracing.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.

1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.
Reconnaissance Steps. EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms.

Reconnaissance Steps. EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.
Chabot College ELEC 99.08 Name Resolution.

Chabot College ELEC Name Resolution.
Networking Basics: DNS IP addresses are usually paired with more human-friendly names: Domain Name System (DNS). internet.rutgers.edu HostnameOrganizationTop-level.

Networking Basics: DNS IP addresses are usually paired with more human-friendly names: Domain Name System (DNS). internet.rutgers.edu HostnameOrganizationTop-level.
DNS.

DNS.

Similar presentations

Ads by Google