Network Attacks and Defenses



Similar documents
Build Your Own Security Lab

Certified Ethical Hacker Exam Version Comparison. Version Comparison

CEH Version8 Course Outline

Security Awareness. Wireless Network Security

Ethical Hacking Course Layout

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Developing Network Security Strategies

CS2107 Introduction to Information and System Security (Slid. (Slide set 8)

SONDRA SCHNEIDER JOHN NUNES

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

This Lecture. The Internet and Sockets. The Start If everyone just sends a small packet of data, they can all use the line at the same.

Description: Objective: Attending students will learn:

CRYPTUS DIPLOMA IN IT SECURITY

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

ETHICAL HACKING. By REAL TIME FACULTY

Presented By: Holes in the Fence. Agenda. IPCCTV Attack. DDos Attack. Why Network Security is Important

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Linux Network Security

Assessing Network Security

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Professional Penetration Testing Techniques and Vulnerability Assessment ...

Security. TestOut Modules

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

More Practical Projects

INTRUSION DETECTION SYSTEM (IDS) by Kilausuria Abdullah (GCIH) Cyberspace Security Lab, MIMOS Berhad

Section 12 MUST BE COMPLETED BY: 4/22

CSE331: Introduction to Networks and Security. Lecture 17 Fall 2006

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

CSE331: Introduction to Networks and Security. Lecture 32 Fall 2004

CYBERTRON NETWORK SOLUTIONS

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

9 Simple steps to secure your Wi-Fi Network.

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

Network Incident Report

Securing Cisco Network Devices (SND)

Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Firewall

Chapter 15. Firewalls, IDS and IPS

Intrusion Detection Systems. Darren R. Davis Student Computing Labs

INTRUSION DETECTION SYSTEMS and Network Security

Chapter 1 Network Security

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

IDS / IPS. James E. Thiel S.W.A.T.

CSE331: Introduction to Networks and Security. Lecture 18 Fall 2006

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

FSP-201: Ethical Hacking & IT Security

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Architecture Overview

Detailed Description about course module wise:

Security: Attack and Defense

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

Firewalls, IDS and IPS

Course Outline: Certified Ethical Hacker v8. Learning Method: Instructor-led Classroom Learning

Network Access Security. Lesson 10

Firewalls, Tunnels, and Network Intrusion Detection

Chapter 6 Phase 2: Scanning

McAfee Certified Assessment Specialist Network

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

Tutorial 3. June 8, 2015

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

Venue. Dates. Certified Ethical Hacker (CEH) boot camp. Inovatec College. Nairobi Kenya (exact hotel name to be confirmed

Certified Ethical Hacker (CEH)

Firewalls & Intrusion Detection

SCP - Strategic Infrastructure Security

Introduction Open Source Security Tools for Information Technology Professionals

8 steps to protect your Cisco router

Course Title: Penetration Testing: Security Analysis

Firewalls. Firewalls. Idea: separate local network from the Internet 2/24/15. Intranet DMZ. Trusted hosts and networks. Firewall.

Some Tools for Computer Security Incident Response Team (CSIRT)

How To Protect Your Firewall From Attack From A Malicious Computer Or Network Device

Chapter 9 Firewalls and Intrusion Prevention Systems

Nessus. A short review of the Nessus computer network vulnerability analysing tool. Authors: Henrik Andersson Johannes Gumbel Martin Andersson

Chapter 4 Customizing Your Network Settings

Wireless Security: Secure and Public Networks Kory Kirk

8. Firewall Design & Implementation

Network Security Topologies. Chapter 11

Network Security. Computer Security & Forensics. Security in Compu5ng, Chapter 7. l Network Defences. l Firewalls. l Demilitarised Zones

All You Wanted to Know About WiFi Rogue Access Points

Configuring Personal Firewalls and Understanding IDS. Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA

Black Box Penetration Testing For GPEN.KM V1.0 Month dd "#$!%&'(#)*)&'+!,!-./0!.-12!1.03!0045!.567!5895!.467!:;83!-/;0!383;!

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

CS5008: Internet Computing

Networking: EC Council Network Security Administrator NSA

Internet infrastructure. Prof. dr. ir. André Mariën

Computer Networks. Secure Systems

CTS2134 Introduction to Networking. Module Network Security

PROFESSIONAL SECURITY SYSTEMS

Lab Configuring Access Policies and DMZ Settings

Reverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Network Security Concepts: Review

Intrusion Detection System (IDS)

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

NETWORK SECURITY (W/LAB) Course Syllabus


Firewall Environments. Name

Transcription:

Network Attacks and Defenses Tuesday, November 25, 2008 Sources: Skoudis, CounterHack; S&M Chapter 5 (including many images) CS342 Computer Security Department of Computer Science Wellesley College Networks Complicate Security Smith and Marchesini, p. 96: Network Attacks and Defenses 23-2

Attack Phases 1. Reconnaissance: learn about target system 2. Scan: rattle doorknobs, looking for opening 3. Gain Access 4. Maintain Access 5. Covering Tracks and Hiding Network Attacks and Defenses 23-3 Reconnaissance Ways for attacker to learn about the target organization/system: social engineering dumpster diving physical break-in search the fine web (STFW) social networking sites, blogs, etc. whois databases DNS Network Attacks and Defenses 23-4

Scanning Goals of scanning: network topology of target system OSs used by target system which ports/services running on individual machines Techniques: send TCP/UDP packets to standard port numbers to see if active banner grabbing from active ports TCP stack fingerprinting to deduce target machine OS search for application-level remote procedure calls (RPC) on target ping sweeping/traceroute to determine network topology nmap and other high-level tools automate some steps Network Attacks and Defenses 23-5 Scanning Defense: Disabling & Firewalls Disable nonessential services/ports especially ones with known problems (e.g. FTP, Telnet) Use firewall on individual machines and/or network border to filter undesirable packets. Some firewalls can perform state-based packet filtering Network Attacks and Defenses 23-6

Scanning Defense: Subnets and DMZs Bad idea to depend only on firewall at network boundary. Provide defense in depth by decomposing internal network into subnets Put publicly accessible Web servers in a demilitarized zone (DMZ) outside firewall. Network Attacks and Defenses 23-7 Scanning Defense: Other Approaches Vulnerability scanners: scan own system with tools like SARA, SAINT, VLAD the Scanner, Nessus. Intrusion detection systems (IDS): tools like Snort can match can match real-time network traffic against signatures = known attack patterns. Problems: Arms race between attackers and targets Attacker triggers false attack detected by IDS, and then launches real attack. Clever use of IP fragmenting can evade IDS. Packet flooding can overwhelm IDS Host-based intrusion prevention systems (HIPS): IDS on end host that can analyze and block traffic in real time. Honeypots: Distract attackers (and learn obout their attacks) with unsecured decoys Network Attacks and Defenses 23-8

Scanning Defense: Intrusion Detection Bad idea to depend only on firewall at network boundary. Provide defense in depth by decomposing internal network into subnets Put publicly accessible Web servers in a demilitarized zone (DMZ) outside firewall. Network Attacks and Defenses 23-9 Scanning for Access Points Old days: war dialing to find modems connected to intranet networks Today: war driving to find unsecured access points, especially rougue access points connected to organization intranet Network Attacks and Defenses 23-10

War Driving World Wide War Drive War Driving in Wellesley Reema Siyam 03 Erin Stadler 03 Outfitted with a Sony Viao, a Lucent Orinoco wireless network, a MaxRad antenna, and Netstumbler software, we jumped into a car with the antenna on the roof and were on our way to find some networks. 2001 2002 % Change WEP Disabled 69.86% 72.07% +2.21% SSIDs Default 29.53% 35.24% +5.71% Disabled 26.64% 31.44% +4.8 WEP Default SSIDs 31 of 55 56.4% AND WEP disabled 41 of 55 74.5% Default SSID Network Attacks and Defenses 23-11 Wireless Protection Require supplicant to authenticate by MAC address and/or password (but MAC addresses can be spoofed). Put wireless access points outside organization firewall. Network Attacks and Defenses 23-12

Gaining Access Implementation attacks: buffer overflow, printf exploits, etc. Password attacks Application attacks Sniffing attacks tools like Wireshark allow sniffing traffic, which can find usernames/passwords, especially on unsecured wireless networks. Network Attacks and Defenses 23-13 Wireless Sniffing in a Hotel Wireless access points in public places are often unsecured. Network Attacks and Defenses 23-14

Wireless Sniffing in a Dormitory Even though many dorm rooms have wired internet access, students prefer the convenience of wireless access. But this is often much less secure! Network Attacks and Defenses 23-15 Sniffing Defense Wired world: Use switches rather than hubs. But still problems MAC flooding ARP cache poisoning Encrypt traffic e.g. SSH, SSL/TLS, etc. Wireless world: Encrypt traffic Wired Equivalent Privacy (WEP) is easily crackable Wi-Fi Protected Access (WPA) is much stronger Network Attacks and Defenses 23-16

Maintaining Access Backdoors Trojan horses Keyloggers Rootkits More coverage in malware lecture (next), individual presentations. Network Attacks and Defenses 23-17 Covering Tracks and Hiding Alter event logs & history files. Defenses: set proper file permissions append-only log files redirect logs to separate logging server encrypt log files write-once log media Create obscure/hidden files Defense: integrity-checking tools (e.g. Tripwire) Covert channels for communicating with cracked system: squirrel information away in protocols steganography Network Attacks and Defenses 23-18

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information