meethiiiiii

8/3/2019 meethiiiiii

1/25

Network AttacksAnd

Their Solutions


2/25

Agenda

1.Understanding Network Attacks.

2.Reasons why attackers attack networks.

3.Different types of malicious activities.

4.Types of Network Attacks.


3/25

Understanding Network

Attacks1) A network attack can be defined as any

method, process or means used to

maliciously attempt to compromise thesecurity of the network.

2)There are a number of reasons why anindividual(s) would want to attack corporatenetworks. The individuals performingnetwork attacks are commonly referred toas network attackers or hackers orcrackers.


4/25

Reasons Why Attackers

Attack NetworkA few reasons why network attackers attemptto attack corporate networks are as follows :-

1)Displeased employees might seek to damagethe organization's data, reliability, or financialstanding.

2)There are though some network attackersthat simply enjoy the challenge of trying tocompromise the security systems of highlysecured networks. These types of attackerssimply see their actions as a means by which

existing security vulnerabilities can be exposed.


5/25

Possible motives for structured external threatsinclude:-

Greed Politics

Terrorism

Racism

Criminal payoffs


6/25

DIFFERENT TYPES OF

MALLICIOUS ACTIVITIES

Different types of malicious activities performed bynetwork attackers and hackers are summarized here:-

1) Illegally using user accounts and privileges.

2) Running code to damage systems.

3) Running code to damage and corrupt data.


7/25

4)Modifying stored data.

5) Stealing data.

6)Performing actions that prevent authorizeduser from accessing network services andresources.


8/25

TYPES OF NETWORK

ATTACKS:-There are eight primary types of attacks, they

are:-

1. Reconnaissance

2. Network Access Attacks

3. Denial of Service

4. Worms, Viruses, and Trojan Horses.


9/25

5. Data Modification.

6. IP address spoofing or Identity spoofing.

7. Man-in-the-Middle Attack.

8. Application-Layer Attack.


10/25

1. Reconnaissance

1)Reconnaissance attack is a kind ofinformation gathering on network systemand services.

2)This enables the attacker to discovervulnerabilities or weaknesses on thenetwork.

3)It could be likened to a thief surveyingthrough a car parking lot for vulnerable unlocked cars to break into and steal.


11/25

Reconnaissance attacks can consist of:

1) Internet information lookup

2) Ping sweeps

3) Port scans

4) Packet sniffers


12/25

2. Network Access

Attacks1)Intruder gains unauthorized accessto resources on a network and uses

this access to carry out any numberof unauthorized or even illegalactivities.

2)Thing which is considered in networkattacks is the weaknesses in thenetwork authentication.


13/25

Types of access attacks:

Password attack

Trust Exploitation

Port Redirection

Man-in-the middle attack


14/25

Intruder gains unauthorized access to resources on a

network and uses this access to carry out any number

of unauthorized or even illegal activities.

Thing which is considered in network attacks is

the weaknesses in the network authentication


15/25

Types of access attacks:

Password attack

Trust Exploitation

Port Redirection

Man-in-the middle attack


16/25

Theimage partwith relationship ID rId2wasnotfound in thefile.

Fig : Port re-direction mechanism


17/25

3. Denial Of Service Attack

(DOS)1)Prevents authorized users from using servicesby consuming system resources.

2)Aims at gathering or collecting data.

3) Preventing the normal use of computers or thenetwork by authorized, legitimate users.

4)Easy to execute and most difficult to eliminate.


18/25

1)A DoS attack can be initiated by sending invaliddata to applications or network services until

the server hangs or simply crashes.

2)Most common form of a DoS attack is TCPattacks.

3)Types of DOS attacks :

E-mail bombs

Malicious applets


19/25

4. Worms, Viruses And

Trojan HorsesWorm, virus, and Trojan horse attacks constitute apotential threat to end-user workstations.

Worms -

A worm executes code and installs copies of itself in thememory of the infected computer, which can, in turn,infect other hosts on the network.

Viruses A virus is malicious software that is attached to anotherprogram file so that they can spread from one machine toanother. For your machine to be infected, you must haveor had run an infected program or software.


20/25

Trojan Horses

A Trojan is a software or program that has a

hidden agenda! It is a program written to looklike something else. When a software orprogram that contains Trojan virus is run onyour computer, it is doing something elsedifferent from what it is meant to do.


21/25

5. Data Modifications

Attack1)After an attacker has read your data,the next logical step is to alter it.

2)An attacker can modify the data inthe packet without the knowledge of thesender or receiver.

3)Another form of network attack iswhere confidential company data isinterpreted, deleted, or modified.


22/25

6. IP Address Spoofing Or

Identity Spoofing1)The intruder sends messages to a computer with an IPaddress indicating that the message is coming from atrusted host.

2)The majority of IP networks utilize the IP address ofthe user to verify identities, and routers also typicallyignore source IP addresses when routing packets.

3)Routers use the destination IP addresses to forwardpackets to the intended destination network.

4)These factors could enable an attacker to bypass arouter.


23/25

7. Man-in-the-middle attack

1)Attack occurs when a hacker eavesdrops on asecure communication session and monitors,captures and controls the data being sentbetween the two parties communicating.

2)The attacker attempts to obtain information sothat he/she can impersonate the receiver andsender communicating.

3)The attacker can thus re-route the dataexchange.

4)This attack is termed as an application layerattack.


24/25

It targets application servers by deliberately causing a fault in

a server's operating system or applications.

This results in the attacker gaining the ability to bypassnormal access controls.

The attacker takes advantage of this situation, gaining control

of your application, system, or network, and can do any of

the following:

Read, add, delete, or modify your data or operating

system.

Introduce a virus program that uses your computers and

software applications to copy viruses throughout your

network.


25/25

meethiiiiii

Documents

Transcript of meethiiiiii