1 / 14

Understanding Network Vulnerabilities and Threats for Improved Security

Explore the vulnerabilities that make networks susceptible to attacks, including anonymity, multiple points of attack, sharing, and system complexity. Learn about different types of attacks, both internal and external, and key threats like port scans, social engineering, and impostors. Discover how to mitigate security threats through authentication, encryption, and preventing replay attacks.

jcuthbertson
Download Presentation

Understanding Network Vulnerabilities and Threats for Improved Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What Makes a Network Vulnerable? • Anonymity • Many points of attack (targets & origins) • Sharing • Complexity of system • Unknown perimeter • Unknown path

  2. Who Attacks Networks Hackers break into organizations from the outside Challenge Fame Money & Espionage Ideology However, most security breaches are internal, by employees and ex-employees

  3. Threat Precursors • Port Scan • Social Engineering • Reconnaissance • Bulletin Board / Chat • Docs • Packet Sniffers (telnet/ftp in cleartext)

  4. Network Security Threats • Interception • If interceptor cannot read, have confidentiality (privacy) • If cannot modify without detection, have message integrity

  5. Network Security Threats • Impostors (Spoofing/ Masquerade) • Claim to be someone else • Need to authenticate the sender--prove that they are who they claim to be Impostor True Person

  6. Network Security Threats • Remotely Log in as Root User • Requires cracking the root login password • Then control the machine • Read and/or steal information • Damage data (erase hard disk) • Create backdoor user account that will let them in easily later Root Login Command

  7. Security Threats • Content Threats • Application layer content may cause problems • Viruses • In many ways, most severe security problem in corporations today • Must examine application messages

  8. Replay Attack • First, attacker intercepts a message • Not difficult to do

  9. Replay Attack • Later, attacker retransmits (replays) the message to the original destination host • Does not have to be able to read a message to replay it

  10. Replay Attack • Why replay attacks? • To gain access to resources by replaying an authentication message • In a denial-of-service attack, to confuse the destination host

  11. Thwarting Replay Attacks • Put a time stamp in each message to ensure that the message is “fresh” • Do not accept a message that is too old • Place a sequence number in each message • Do not accept a duplicated message Message Time Stamp Sequence Number

  12. Thwarting Replay Attacks • In request-response applications, • Sender of request generates a nonce (random number) • Places the nonce in the request • Server places the nonce in the response • Neither party accepts duplicate nonces Request Response Nonce Nonce

  13. Network Security Threats • Denial of Service (DOS) Attacks • Overload system with a flood of messages • Or, send a single message that crashes the machine

  14. Denial of Service (DOS) Attacks • Transmission Failure • Connection Flooding • Echo-Chargen • Ping of Death • Smurf • Syn Flood • Traffic Redirection • DNS Attacks • Distributed Denial of Service

More Related