Download Methods of Attack

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
Document related concepts

Cyber-security regulation wikipedia , lookup

Wireless security wikipedia , lookup

Deep packet inspection wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Security-focused operating system wikipedia , lookup

Mobile security wikipedia , lookup

Denial-of-service attack wikipedia , lookup

Computer security wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Cyberattack wikipedia , lookup

Distributed firewall wikipedia , lookup

Unix security wikipedia , lookup

Transcript 
Basic Security
Networking for Home and Small Businesses – Chapter 8
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
1
Objectives

Identify and describe the various networking threats.

Identify different methods of attack.

Describe security procedures and applications.

Describe the features of a firewall and how it can be
used to protect against an attack.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
2
Networking Threats
 Describe major risks of network intrusion
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
3
Networking Threats
 Define the sources of network intrusion.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
4
Networking Threats
 Describe social engineering and phishing
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
5
Methods of Attack

Viruses

a program that runs and spreads by modifying other programs or
files

cannot start by itself; it needs to be activated

may do nothing more than replicate itself and spread

dangerous as it can quickly use all available memory and bring a
system to a halt

Worms

similar to a virus

does not need to attach itself to an existing program

uses the network to send copies of itself to any connected hosts

Trojan horse

non-self replicating program that is written to appear like a
legitimate program

it is an attack tool

deceive the victim into initiating the program
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
6
Methods of Attack
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
7
Methods of Attack
 Denial of Service and Brute Force attacks
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
8
Methods of Attack
 Denial of Service and Brute Force attacks
DoS attacks seek to:
•Flood a system or network with traffic to prevent legitimate network traffic from
flowing
•Disrupt connections between a client and server to prevent access to a service
Two common DoS attacks are:
SYN (synchronous) Flooding: a flood of packets are sent to a server requesting a
client connection. The packets contain invalid source IP addresses. The server
becomes occupied trying to respond to these fake requests and therefore cannot
respond to legitimate ones.
Ping of death: a packet that is greater in size than the maximum allowed by IP
(65,535 bytes) is sent to a device. This can cause the receiving system to crash.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
9
Methods of Attack
 Denial of Service and Brute Force attacks
Distributed Denial of Service (DDoS)
designed to saturate and overwhelm network links with useless data
hundreds or thousands of attack points attempt to overwhelm a target
Brute Force
a fast computer is used to try to guess passwords or decipher an encryption code
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
10
Methods of Attack
 Describe spyware, tracking cookies, adware and popups.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
11
Methods of Attack
 Describe spyware, tracking cookies, adware and popups.
Spyware
any program that gathers personal information from your computer without your permission or
knowledge
installed unknowingly when downloading a file
make changes to internal settings creating more vulnerabilities for other threats
Tracking Cookies
form of spyware
used to record information about an Internet user when they visit websites
may be useful or desirable
many web sites require that cookies be enabled in order to allow the user to connect
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
12
Methods of Attack
 Describe Spam
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
13
Security Procedures and Applications
 Defining a security policy
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
14
Security Procedures and Applications
 Define common security procedures
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
15
Security Procedures and Applications
 Describe how updates and patches relate to security
issues.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
16
Security Procedures and Applications
 Anti-virus software
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
17
Security Procedures and Applications
Some of the signs that a virus, worm or Trojan horse may be
present include:
 Computer starts acting abnormally
 Program does not respond to mouse and keystrokes
 Programs starting or shutting down on their own
 Email program begins sending out large quantities of email
 CPU usage is very high
 There are unidentifiable, or a large number of processes
running
 Computer slows down significantly or crashes
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
18
Security Procedures and Applications
 SPAM prevention
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
19
Security Procedures and Applications
 Anti-Spyware
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
20
Other preventative actions to prevent the spread of spam
include:
Apply OS and application updates when available.
Run an Antivirus program regularly and keep it up to date.
Do not forward suspect emails.
Do not open email attachments, especially from people you do not know.
Set up rules in your email to delete spam that by-pass the anti-spam software.
Identify sources of spam and report it to a network administrator so it can be
blocked.
Report incidents to the governmental agency that deals with abuse by spam.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
21
Firewall Features and How to Use them to
Protect Against an Attack
 What is a firewall?
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
22
Firewall Features and How to Use them to
Protect Against an Attack
 Using a Firewall to Protect Against an Attack
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
23
Firewall Features and How to Use them to
Protect Against an Attack
 Packet Filtering - Prevents or allows access based on IP
or MAC addresses.
 Application Filtering - Prevents or allows access to
specific application types based on port numbers.
 URL Filtering - Prevents or allows access to websites
based on specific URLs or keywords.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
24
Firewall Features and How to Use them to
Protect Against an Attack
 Stateful Packet Inspection (SPI) –
• Incoming packets must be legitimate responses to requests from
internal hosts.
• Unsolicited packets are blocked unless permitted specifically.
• SPI can also include the capability to recognize and filter out
specific types of attacks such as DoS.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
25
Firewall Features and How to Use them to
Protect Against an Attack
 Vulnerability Analysis
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
26
Firewall Features and How to Use them to
Protect Against an Attack
 Security Best Practices
There are several recommended practices to help mitigate the
risks they pose, including:
Define security policies
Physically secure servers and network equipment
Set login and file access permissions
Update OS and applications
Change permissive default settings
Run anti-virus and anti-spyware
Update antivirus software files
Activate browser tools - Popup stoppers, anti-phishing, plug-in
monitors
Use a firewall
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
27
Summary
 Networks can be open to intrusion through
vulnerabilities in software, hardware attacks, or the
weaknesses of individuals.
 Effective network security is based on a variety of
products and services, combined with a thorough
security policy.
 A firewall controls traffic between networks and helps
prevent unauthorized access.
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
28
ITE PC v4.0
Chapter 1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
29
Related documents
If your staff need to upgrade or re
If your staff need to upgrade or re
JOB DESCRIPTION NETWORK ADMINISTRATOR
JOB DESCRIPTION NETWORK ADMINISTRATOR
Research Scientist – Prague, Czech Republic Cisco Systems
Research Scientist – Prague, Czech Republic Cisco Systems
Cisco PWR-C45-1000AC= power supply unit (PWR
Cisco PWR-C45-1000AC= power supply unit (PWR
Career Highlights - University of the Pacific
Career Highlights - University of the Pacific
Course Overview
Course Overview
Ch10b
Ch10b
Alexander-Ereweles-CV
Alexander-Ereweles-CV
Learning Services
Learning Services
Rex Spell - rabidcat.org
Rex Spell - rabidcat.org