Presentation is loading. Please wait.

Presentation is loading. Please wait.

CHAPTER 3 Classes of Attack. INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information.

Published byKerry Collins Modified over 8 years ago

Similar presentations

Presentation on theme: "CHAPTER 3 Classes of Attack. INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information."— Presentation transcript:

1 CHAPTER 3 Classes of Attack

2 INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information Leakage 3. File Alteration 4. Misinformation 5. Database Access

3 DENIAL-OF-SERVICE (DoS) This kind of attack unauthorized the availability of the resource to its regular authorized users. Types of DoS: 1. Degrading Processes 2. Degrading Storage Capability 3. Destroying Files 4. Shutting Down

4 DENIAL-OF-SERVICE (DoS) Degrading Processes 1. The attacker reduces performance by overloading the target system, either by spawning multiple processes to eat up all available resources or spawning enough processes to overload CPU. Example: A simple UNIX fork bomb. 2. The attacker attack a network application such as File Transfer protocol (FTP) or Simple Mal Transfer Protocol (SMTP) by sending a flood of network.

5 DENIAL-OF-SERVICE (DoS) 3. The attacker attack a network service such as Internet protocol (IP) or the Internet Control Message Protocol (ICMP) also by sending a flood of network. Examples of DoS attacks that degrade processes are: 1. Snork 2. Chargen 3. Smurf 4. SYN flood

6 DENIAL-OF-SERVICE (DoS) Snork and Chargen affect Windows NT. Snork enables the attacker to send spoofed Remote Procedure Call (RPC) datagrams to the User Datagram Protocol (UDP) destination port 135. Chargen enables attacker sent a flood of UDP datagrams from a spoofed source IP to port 19. Smurf performs a network-level against the target host. SYN flood is accomplished by sending TCP connection request faster than a system can process them.

7 DENIAL-OF-SERVICE (DoS) Degrading Storage Capability Attacker uses all of the given storage resources on the target machine, such as spamming a mail server. For example: The Love Letter worm that use Windows and Exchange Server as their mail platform. Destroying Files This type of DoS attack is a less often occur. The attacker delete files on the target server to render it unusable. For example: A strain of Love Bug worm that overwrites all.bat,.com and.sys files on the system.

8 DENIAL-OF-SERVICE (DoS) Shut Down Systems This kind of DoS enable attacker shutting down the computer systems. For example: Ping of Death caused a great many windows NT machines to face the blue screen of death. Distributed Denial-of-Service (DDoS) This is the newest threat of DoS and depends on the use of a client, masters and daemons. The attackers use the client to initiate the attack by using masters, which are compromised hosts that have a special programs running on them.

9 DENIAL-OF-SERVICE (DoS) Some of the DDoS tools includes: 1. Trinoo 2. Tribe Flood Network 3. Stacheldraht 4. Shaft 5. Mstream

10 INFORMATION LEAKAGE The attacker enable to get much information on the target as possible. This class of attack can occur in many ways: 1. The attacker may use finger or Domain Name System (DNS) to gather information about the users on your network. 2. The advertising of search engine can help attacker determine the type of web server being used.

11 INFORMATION LEAKAGE 3. It also can occur in SMTP or application banners (from telnet) because these items can give a piece of information about network. Some tools used by individuals to gain information about network include port scanners and operating system detection software. For example, one of the best tool is nmap by Fyodor.

12 FILE ALTERATION The attacker have capability to alter file includes create, read, modify and remove files from systems on the network. In the past, attacker can create and remove files on systems utilizing Network File System (NFS) by utilizing vulnerabilities in statd (NFS file- locking status monitor).

13 MISINFORMATION The attacker erase all their tracks to the system. Bad logs The attacker go to the log files (after gaining root server) to remove all traces of themselves. Attack noise It can be designed as simply diversionary tactic. It means while user concentrate on defending area that being attacked, the reality is the attacker comes from the area which the defense are low.

14 DATABASE ACCESS The attacker may try to gain access to a special file or database. There are some area concerned by attackers to attack: 1. Use system’s operating system. For example: Attacker attack Registry (use to store operating parameters in Windows NT). By default, it can be controlled by Service Pack. 2. Attacker use the database user permission to gain the access.

15 To be continued…

Download ppt "CHAPTER 3 Classes of Attack. INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information."

Similar presentations

Module VIII Denial Of Service

Module VIII Denial Of Service
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.

Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.

Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Security (Continued) V.T. Raja, Ph.D., Oregon State University.

Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Web Server Administration TEC 236 Securing the Web Environment.

Web Server Administration TEC 236 Securing the Web Environment.
Firewall Lalitha Jammalamadaka. Agenda 1. Introduction 2.Types of firewalls 3.How a software firewall works 4.Methods to control traffic 5.Making the.

Firewall Lalitha Jammalamadaka. Agenda 1. Introduction 2.Types of firewalls 3.How a software firewall works 4.Methods to control traffic 5.Making the.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Distributed Denial of Service Attacks CMPT 471 1 Distributed Denial of Service Attacks Darius Law.

Distributed Denial of Service Attacks CMPT Distributed Denial of Service Attacks Darius Law.
Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Sponsored by.

Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by.
Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.

Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.

Similar presentations

Ads by Google