Download Hands-On Ethical Hacking and Network Defense Second Edition

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
Document related concepts

Cyberwarfare wikipedia , lookup

Unix security wikipedia , lookup

Wireless security wikipedia , lookup

Denial-of-service attack wikipedia , lookup

Malware wikipedia , lookup

Network tap wikipedia , lookup

Hacker wikipedia , lookup

Mobile security wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Distributed firewall wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Computer security wikipedia , lookup

Cyberattack wikipedia , lookup

Cybercrime wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Transcript 
Hands-On Ethical Hacking
and Network Defense
Second Edition
Chapter 3
Network and Computer Attacks
Objectives
• After reading this chapter and completing the
exercises, you will be able to:
– Describe the different types of malicious software
and what damage they can do
– Describe methods of protecting against malware
attacks
– Describe the types of network attacks
– Identify physical security attacks and vulnerabilities
Hands-On Ethical Hacking and Network Defense, Second Edition
2
Malicious Software (Malware)
• Network attacks prevent a business from operating
– Malicious software (malware)
• Virus
• Worm
• Trojan program
– Goals
•
•
•
•
Destroy data
Corrupt data
Shutdown a network or system
Make money
Hands-On Ethical Hacking and Network Defense, Second Edition
3
Viruses
• Virus attaches itself to a file or program
– Needs host to replicate
– Does not stand on its own
– No foolproof prevention method
• Antivirus programs
– Detection based on virus signatures
• Signatures are kept in virus signature file
• Must update periodically
• Some offer automatic update feature
Hands-On Ethical Hacking and Network Defense, Second Edition
4
Table 3-1 Common computer viruses
Hands-On Ethical Hacking and Network Defense, Second Edition
5
Viruses (cont’d.)
• Encoding base 64
– Used to reduce size of e-mail attachments
– Represents zero to 63 using six bits
– A is 000000… Z is 011001
• Converting base-64 strings to decimal equivalent
–
–
–
–
Create groups of four characters
Convert decimal value of each letter to binary
Rewrite as three groups of eight bits
Convert binary into decimal
Hands-On Ethical Hacking and Network Defense, Second Edition
6
Hands-On Ethical Hacking and Network Defense, Second Edition
7
Viruses (cont’d.)
• Base-64 decoders
– Available for purchase
• Shell
– Executable piece of programming code
– Creates interface to OS for issuing commands
– Should not appear in an e-mail attachment
Hands-On Ethical Hacking and Network Defense, Second Edition
8
Macro Viruses
• Virus encoded as a macro
– Programs that support a macro programming
language (e.g., Visual Basic for Applications)
• Lists of commands
• Can be used in destructive ways
– Example: Melissa
• Appeared in 1999
• Even nonprogrammers can create macro viruses
– Instructions posted on Web sites
• Security professionals learn from thinking like attackers
Hands-On Ethical Hacking and Network Defense, Second Edition
9
Worms
• Replicates and propagates without a host
– Infamous examples:
• Code Red
• Nimda
• Theoretically can infect every computer in the world
over a short period
– Examples:
• Slammer and Nachi ATM worm attacks
Hands-On Ethical Hacking and Network Defense, Second Edition
10
Table 3-2 Common computer worms
Hands-On Ethical Hacking and Network Defense, Second Edition
11
Table 3-2 Common computer worms (cont’d.)
Hands-On Ethical Hacking and Network Defense, Second Edition
12
Trojan Programs
• Insidious attack against networks and computers
– Disguise themselves as useful programs
– Can install backdoors and rootkits
• Allow attackers remote access
• Good software or hardware firewall
– Identifies traffic on unfamiliar ports
• Trojan programs can use known ports
– TCP port 80 (HTTP) or UDP port 53 (DNS)
Hands-On Ethical Hacking and Network Defense, Second Edition
13
Table 3-3 Trojan programs and ports
Hands-On Ethical Hacking and Network Defense, Second Edition
14
Spyware
• Sends information from infected computer to
attacker
–
–
–
–
Confidential financial data
Passwords
PINs
Any other stored data
• Can register each keystroke entered
– Prevalent technology
• Educate users about spyware
Hands-On Ethical Hacking and Network Defense, Second Edition
15
Figure 3-2 A spyware initiation program
Hands-On Ethical Hacking and Network Defense, Second Edition
16
Adware
• Similar to spyware
– Installed without users being aware
• Sometimes displays a banner
• Main purpose
– Determine user’s purchasing habits
• Tailors advertisement
• Main problem
– Slows down computers
Hands-On Ethical Hacking and Network Defense, Second Edition
17
Protecting Against Malware Attacks
• Difficult task
– New viruses, worms, and Trojan programs appear
daily
• Antivirus programs
– Detected many malware programs
• Educate users about these attacks
Hands-On Ethical Hacking and Network Defense, Second Edition
18
Figure 3-3 Detecting a virus
Hands-On Ethical Hacking and Network Defense, Second Edition
19
Educating Your Users
• Structural training
– Includes all employees and management
– E-mail monthly security updates
– Recommend virus signature database updating
• Activate automatic updates
• SpyBot and Ad-Aware
– Help protect against spyware and adware
• Firewalls
– Software (personal) and hardware (enterprise)
Hands-On Ethical Hacking and Network Defense, Second Edition
20
Avoiding Fear Tactics
• Avoid scaring users into complying with security
measures
– Sometimes used by unethical security testers
• Against the OSSTMM’s Rules of Engagement
• Promote awareness rather than instilling fear
– Users should be aware of potential threats
– Build on users’ knowledge
• Makes training easier
Hands-On Ethical Hacking and Network Defense, Second Edition
21
Intruder Attacks on Networks and
Computers
• Attack
– Any attempt by an unauthorized person to access,
damage, or use network resources
• Network security
– Concern with security of network infrastructure
• Computer security
– Concerned with security of a stand alone computer
• Not part of a network infrastructure
• Computer crime
– Fastest growing type of crime worldwide
Hands-On Ethical Hacking and Network Defense, Second Edition
22
Denial-of-Service Attacks
• Denial-of-service (DoS) attack
– Prevents legitimate users from accessing network
resources
– Some forms do not involve computers
• Do not attempt to access information
– Cripples the network
– Makes it vulnerable to other attacks
• Installing an attack yourself is not wise
– Only explain how the attack could happen
Hands-On Ethical Hacking and Network Defense, Second Edition
23
Distributed Denial-of-Service Attacks
• Distributed denial-of-service (DDoS) attack
– Attack on host from multiple servers or workstations
– Network could be flooded with billions of packets
• Loss of bandwidth
• Degradation or loss of speed
– Often participants are not aware they are part of the
attack
• They, too, have been attacked
Hands-On Ethical Hacking and Network Defense, Second Edition
24
Buffer Overflow Attacks
• Vulnerability in poorly written code
– Doesn’t check for amount of memory space use
• Attacker writes code that overflows buffer
– OS runs this code
– Code elevates attacker’s permission
• Administrator, owner, or creator
• Train programmer in developing applications with
security in mind
Hands-On Ethical Hacking and Network Defense, Second Edition
25
Table 3-4 Buffer overflow vulnerabilities
Hands-On Ethical Hacking and Network Defense, Second Edition
26
Ping of Death Attacks
• Type of DoS attack
– Not as common as during the late 1990s
• How it works
– Attacker creates a large ICMP packet
• More than allowed 65,535 bytes
– Large packet is fragmented into small packets
• Reassembled at destination
– Destination point cannot handle reassembled
oversize packet
• Causes it to crash or freeze
Hands-On Ethical Hacking and Network Defense, Second Edition
27
Session Hijacking
• Enables attacker to join a TCP session
– Attacker makes both parties think he or she is the
other party
• Complex attack
– Beyond the scope of this book
Hands-On Ethical Hacking and Network Defense, Second Edition
28
Addressing Physical Security
• Protecting a network
– Requires physical security
• Inside attacks
– More likely than outside attacks
Hands-On Ethical Hacking and Network Defense, Second Edition
29
Keyloggers
• Used to capture keystrokes on a computer
– Software
• Loaded on to computer
• Behaves like Trojan programs
– Hardware
• Small and easy to install device
• Goes between keyboard and computer
• Examples: KeyKatcher and KeyGhost
• Available as software (spyware)
– Transfers information
Hands-On Ethical Hacking and Network Defense, Second Edition
30
Figure 3-4 An e-mail message captured by KeyKatcher
Hands-On Ethical Hacking and Network Defense, Second Edition
31
Figure 3-5 The KeyGhost menu
Hands-On Ethical Hacking and Network Defense, Second Edition
32
Behind Locked Doors
• Lock up servers
– Average person
• Can pick deadbolt lock in less than five minutes
• After only a week or two of practice
– Experienced hackers
• Can pick deadbolt lock in under 30 seconds
• Rotary locks are harder to pick
– Require pushing in a sequence of numbered bars
• Keep a record of who enters and leaves the room
– Security cards can be used for better security
Hands-On Ethical Hacking and Network Defense, Second Edition
33
Summary
• Be aware of attacks
– Network infrastructures and standalone computers
– Can be perpetrated by insiders or outside attackers
• Malicious software
–
–
–
–
–
Viruses
Worms
Trojan programs
Spyware
Adware
Hands-On Ethical Hacking and Network Defense, Second Edition
34
Summary (cont’d.)
• Attacks
–
–
–
–
–
Denial-of-Service (DoS)
Distributed Denial-of-Service (DDoS)
Buffer overflow
Ping of Death
Session hijacking
• Keyloggers
– Monitor computer system
• Physical security
– Everyone’s responsibility
Hands-On Ethical Hacking and Network Defense, Second Edition
35
Related documents
Growth Hacking - Roy Povarchik
Growth Hacking - Roy Povarchik
What can “Economics of Information Security” offer for SMEs
What can “Economics of Information Security” offer for SMEs
computer science technology
computer science technology
Challenges of Strategic Communication
Challenges of Strategic Communication
Trade: Free or Coerced?
Trade: Free or Coerced?
Streams, Lakes, and Oceans - ZIET MYSORE DIGITAL LIBRARY
Streams, Lakes, and Oceans - ZIET MYSORE DIGITAL LIBRARY
FOUR TOUGH ETHICAL DILEMMAS  RIGHT vs RIGHT DECISIONS  By RUSHWORTH KIDDER  HOW GOOD PEOPLE MAKE TOUGH CHOICES 
FOUR TOUGH ETHICAL DILEMMAS  RIGHT vs RIGHT DECISIONS  By RUSHWORTH KIDDER  HOW GOOD PEOPLE MAKE TOUGH CHOICES 
What Makes a Leader? - Bishop Kearney SharePoint
What Makes a Leader? - Bishop Kearney SharePoint
9781435486096_PPT_ch05
9781435486096_PPT_ch05
Introduction for Associate Professor Gevork Hartoonian
Introduction for Associate Professor Gevork Hartoonian