meethiiiiii
-
Upload
sonam-soni -
Category
Documents
-
view
220 -
download
0
Transcript of meethiiiiii
-
8/3/2019 meethiiiiii
1/25
Network AttacksAnd
Their Solutions
-
8/3/2019 meethiiiiii
2/25
Agenda
1.Understanding Network Attacks.
2.Reasons why attackers attack networks.
3.Different types of malicious activities.
4.Types of Network Attacks.
-
8/3/2019 meethiiiiii
3/25
Understanding Network
Attacks1) A network attack can be defined as any
method, process or means used to
maliciously attempt to compromise thesecurity of the network.
2)There are a number of reasons why anindividual(s) would want to attack corporatenetworks. The individuals performingnetwork attacks are commonly referred toas network attackers or hackers orcrackers.
-
8/3/2019 meethiiiiii
4/25
Reasons Why Attackers
Attack NetworkA few reasons why network attackers attemptto attack corporate networks are as follows :-
1)Displeased employees might seek to damagethe organization's data, reliability, or financialstanding.
2)There are though some network attackersthat simply enjoy the challenge of trying tocompromise the security systems of highlysecured networks. These types of attackerssimply see their actions as a means by which
existing security vulnerabilities can be exposed.
-
8/3/2019 meethiiiiii
5/25
Possible motives for structured external threatsinclude:-
Greed Politics
Terrorism
Racism
Criminal payoffs
-
8/3/2019 meethiiiiii
6/25
DIFFERENT TYPES OF
MALLICIOUS ACTIVITIES
Different types of malicious activities performed bynetwork attackers and hackers are summarized here:-
1) Illegally using user accounts and privileges.
2) Running code to damage systems.
3) Running code to damage and corrupt data.
-
8/3/2019 meethiiiiii
7/25
4)Modifying stored data.
5) Stealing data.
6)Performing actions that prevent authorizeduser from accessing network services andresources.
-
8/3/2019 meethiiiiii
8/25
TYPES OF NETWORK
ATTACKS:-There are eight primary types of attacks, they
are:-
1. Reconnaissance
2. Network Access Attacks
3. Denial of Service
4. Worms, Viruses, and Trojan Horses.
-
8/3/2019 meethiiiiii
9/25
5. Data Modification.
6. IP address spoofing or Identity spoofing.
7. Man-in-the-Middle Attack.
8. Application-Layer Attack.
-
8/3/2019 meethiiiiii
10/25
1. Reconnaissance
1)Reconnaissance attack is a kind ofinformation gathering on network systemand services.
2)This enables the attacker to discovervulnerabilities or weaknesses on thenetwork.
3)It could be likened to a thief surveyingthrough a car parking lot for vulnerable unlocked cars to break into and steal.
-
8/3/2019 meethiiiiii
11/25
Reconnaissance attacks can consist of:
1) Internet information lookup
2) Ping sweeps
3) Port scans
4) Packet sniffers
-
8/3/2019 meethiiiiii
12/25
2. Network Access
Attacks1)Intruder gains unauthorized accessto resources on a network and uses
this access to carry out any numberof unauthorized or even illegalactivities.
2)Thing which is considered in networkattacks is the weaknesses in thenetwork authentication.
-
8/3/2019 meethiiiiii
13/25
Types of access attacks:
Password attack
Trust Exploitation
Port Redirection
Man-in-the middle attack
-
8/3/2019 meethiiiiii
14/25
Intruder gains unauthorized access to resources on a
network and uses this access to carry out any number
of unauthorized or even illegal activities.
Thing which is considered in network attacks is
the weaknesses in the network authentication
-
8/3/2019 meethiiiiii
15/25
Types of access attacks:
Password attack
Trust Exploitation
Port Redirection
Man-in-the middle attack
-
8/3/2019 meethiiiiii
16/25
Theimage partwith relationship ID rId2wasnotfound in thefile.
Fig : Port re-direction mechanism
-
8/3/2019 meethiiiiii
17/25
3. Denial Of Service Attack
(DOS)1)Prevents authorized users from using servicesby consuming system resources.
2)Aims at gathering or collecting data.
3) Preventing the normal use of computers or thenetwork by authorized, legitimate users.
4)Easy to execute and most difficult to eliminate.
-
8/3/2019 meethiiiiii
18/25
1)A DoS attack can be initiated by sending invaliddata to applications or network services until
the server hangs or simply crashes.
2)Most common form of a DoS attack is TCPattacks.
3)Types of DOS attacks :
E-mail bombs
Malicious applets
-
8/3/2019 meethiiiiii
19/25
4. Worms, Viruses And
Trojan HorsesWorm, virus, and Trojan horse attacks constitute apotential threat to end-user workstations.
Worms -
A worm executes code and installs copies of itself in thememory of the infected computer, which can, in turn,infect other hosts on the network.
Viruses A virus is malicious software that is attached to anotherprogram file so that they can spread from one machine toanother. For your machine to be infected, you must haveor had run an infected program or software.
-
8/3/2019 meethiiiiii
20/25
Trojan Horses
A Trojan is a software or program that has a
hidden agenda! It is a program written to looklike something else. When a software orprogram that contains Trojan virus is run onyour computer, it is doing something elsedifferent from what it is meant to do.
-
8/3/2019 meethiiiiii
21/25
5. Data Modifications
Attack1)After an attacker has read your data,the next logical step is to alter it.
2)An attacker can modify the data inthe packet without the knowledge of thesender or receiver.
3)Another form of network attack iswhere confidential company data isinterpreted, deleted, or modified.
-
8/3/2019 meethiiiiii
22/25
6. IP Address Spoofing Or
Identity Spoofing1)The intruder sends messages to a computer with an IPaddress indicating that the message is coming from atrusted host.
2)The majority of IP networks utilize the IP address ofthe user to verify identities, and routers also typicallyignore source IP addresses when routing packets.
3)Routers use the destination IP addresses to forwardpackets to the intended destination network.
4)These factors could enable an attacker to bypass arouter.
-
8/3/2019 meethiiiiii
23/25
7. Man-in-the-middle attack
1)Attack occurs when a hacker eavesdrops on asecure communication session and monitors,captures and controls the data being sentbetween the two parties communicating.
2)The attacker attempts to obtain information sothat he/she can impersonate the receiver andsender communicating.
3)The attacker can thus re-route the dataexchange.
4)This attack is termed as an application layerattack.
-
8/3/2019 meethiiiiii
24/25
It targets application servers by deliberately causing a fault in
a server's operating system or applications.
This results in the attacker gaining the ability to bypassnormal access controls.
The attacker takes advantage of this situation, gaining control
of your application, system, or network, and can do any of
the following:
Read, add, delete, or modify your data or operating
system.
Introduce a virus program that uses your computers and
software applications to copy viruses throughout your
network.
-
8/3/2019 meethiiiiii
25/25