Data Communication. Chapter # 5: Networking Threats. By: William Stalling

Similar documents
Unit 2 Assignment 2. Software Utilities?

Information Technology Enhancing Productivity and Securing Against Cyber Attacks

Chapter 4. Network Security. Part I

Define information security Define security as process, not point product.

Chapter 11: Networks

Chapter 11: It s a Network. Introduction to Networking

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

CISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8

Access Controls. CISSP Guide to Security Essentials Chapter 2

Ethics and Information Security. 10 주차 - 경영정보론 Spring 2014

CTS2134 Introduction to Networking. Module 08: Network Security

ANATOMY OF AN ATTACK!

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

A Review Paper on Network Security Attacks and Defences

Quick Heal Total Security Multi-Device (Mac) Simple, fast and seamless protection for Mac.

Exam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo

3.5 SECURITY. How can you reduce the risk of getting a virus?

INTRODUCTION ON D-DOS. Presentation by RAJKUMAR PATOLIYA

Technology in Action

Quick Heal Total Security for Mac. Simple, fast and seamless protection for Mac.

Quick Heal Total Security for Mac. Simple, fast and seamless protection for Mac.

UTM 5000 WannaCry Technote

Ethical Hacking and Prevention

Firewalls 1. Firewalls. Alexander Khodenko

Seqrite Antivirus for Server

SECURING INFORMATION SYSTEMS

CHAPTER 8 SECURING INFORMATION SYSTEMS

NETWORK SECURITY. Ch. 3: Network Attacks

Cyber Security Practice Questions. Varying Difficulty

Gladiator Incident Alert

GCIH. GIAC Certified Incident Handler.

The Security Problem

Internetwork Expert s CCNA Security Bootcamp. Common Security Threats

Overview. Computer Network Lab, SS Security. Type of attacks. Firewalls. Protocols. Packet filter

ACS / Computer Security And Privacy. Fall 2018 Mid-Term Review

Security+ Practice Questions Exam Cram 2 (Exam SYO-101) Copyright 2004 by Que Publishing. International Standard Book Number:

Basic Concepts in Intrusion Detection

Management of IT Infrastructure Security by Establishing Separate Functional Area with Spiral Security Model

ETHICAL HACKING & COMPUTER FORENSIC SECURITY

Quick Heal AntiVirus for Server. Optimized Antivirus Scanning. Low on Resources. Strong on Technology.

5. Execute the attack and obtain unauthorized access to the system.

Overview. Handling Security Incidents. Attack Terms and Concepts. Types of Attacks

Systems and Network Security (NETW-1002)

Copyright 2006 Prentice-Hall. All rights reserved. 1

Securing Information Systems

Language-Based Protection

Securing Information Systems

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

CompTIA Security+(2008 Edition) Exam

Online Security and Safety Protect Your Computer - and Yourself!

Whitepaper on AuthShield Two Factor Authentication with SAP

User s Guide. SingNet Desktop Security Copyright 2010 F-Secure Corporation. All rights reserved.

Introduction. Controlling Information Systems. Threats to Computerised Information System. Why System are Vulnerable?

Technology in Action 12/11/2014. Cybercrime and Identity Theft (cont.) Cybercrime and Identity Theft (cont.) Chapter Topics

CERTIFIED SECURE COMPUTER USER COURSE OUTLINE

Accounting Information Systems

Seqrite Endpoint Security

Securing Information Systems

Security Awareness. Presented by OSU Institute of Technology

2 ZyWALL UTM Application Note

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Computer Network Vulnerabilities

Security and Privacy. Xin Liu Computer Science University of California, Davis. Introduction 1-1

Chapter 1 B: Exploring the Network

Computer Security. Assoc. Prof. Pannipa Phaiboonnimit. Adapted for English Section by Kittipitch Kuptavanich and Prakarn Unachak

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

Chapter 4 Network and Internet Security

User Guide. This user guide explains how to use and update Max Secure Anti Virus Enterprise Client.

Introduction to Information Security Dr. Rick Jerz

Security+ Guide to Network Security Fundamentals, Fourth Edition. Network Attacks Denial of service Attacks

Denial of Service (DoS)

NETWORK THREATS DEMAN

Chapter 7. Denial of Service Attacks

Course Outline (version 2)

SANS SEC504. Hacker Tools, Techniques, Exploits and Incident Handling.

Home Computer and Internet User Security

Network Security. Chapter 0. Attacks and Attack Detection

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS

Introduction.

For the purposes of this discussion, the following two attacks are key:

SECURITY PRACTICES OVERVIEW

Chapter 6 Network and Internet Security and Privacy

Fundamentals of Information Systems Security Lesson 8 Mitigation of Risk and Threats to Networks from Attacks and Malicious Code

e-commerce Study Guide Test 2. Security Chapter 10

Cyber Criminal Methods & Prevention Techniques. By

MU2a Authentication, Authorization & Accounting Questions and Answers with Explainations

Chapter 10: Security and Ethical Challenges of E-Business

Training UNIFIED SECURITY. Signature based packet analysis

Configuring Firewall TCP SYN Cookie

Our Narrow Focus Computer Networking Security Vulnerabilities. Outline Part II

Securing Information Systems

APPLICATION TO OPEN PORTS THROUGH THE FIREWALL

Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright Chapter 12 1

Management Information Systems (MMBA 6110-SP) Research Paper: Internet Security. Michael S. Pallos April 3, 2002

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

Mitigating Outgoing Spam, DoS/DDoS Attacks and Other Security Threats

Introduction to Security. Computer Networks Term A15

A Measurement Companion to the CIS Critical Security Controls (Version 6) October

Transcription:

Data Communication Chapter # 5: By: Networking Threats William Stalling

Risk of Network Intrusion Whether wired or wireless, computer networks are quickly becoming essential to everyday activities. Individuals and organizations alike depend on their computers and networks for functions such as email, accounting, organization and file management. Intrusion by an unauthorized person can result in costly network outages and loss of work. Attacks to a network can be devastating and can result in a loss of time and money due to damage or theft of important information or assets.

Networking Threats Information Theft Obtain confidential information Gather valuable research data Data Loss/Manipulation Destroying or altering data records

Networking Threats Identity Theft Personal information stolen Disruption of Service prevents legitimate users from accessing services

Networking Threats External Threats done by individuals outside of the organization do no have authorized access External attackers work their way into a network mainly from the Internet, wireless links or dialup access servers.

Networking Threats Internal Threats hacker may have access to equipment knows what information is valuable or vulnerable 70% of security breaches are internal Internal threats occur when someone has authorized access to the network through a user account or have physical access to the network equipment

Social Engineering The ability of someone or something to influence behavior of a group of people Used to deceive internal users to get confidential information Hacker takes advantage of legitimate users Social engineering attacks exploit the fact that users are generally considered one of the weakest links in security. Social engineers can be internal or external to the organization, but most often do not come face-to-face with their victims.

Forms of Social Engineering Pretexting typically accomplished over the phone scenario used on the victim to get them to release confidential information gaining access to your social security number Phishing typically contacted via email attacker pretends to represent legitimate organization Vishing/Phone Phising user sends a voice mail instructing them to call a number which appears to be legitimate call intercepted by thief

Methods of Attack Virus runs or spreads by modifying other programs or files needs to be activated cannot start by itself A more serious virus may be programmed to delete or corrupt specific files before spreading. Viruses can be transmitted via email attachments, downloaded files, instant messages or via diskette, CD or USB devices.

Methods of Attack Worms similar to virus does not attach itself to an existing program no human activation needed A worm uses the network to send copies of itself to any connected hosts. Worms can run independently and spread quickly. Trojan Horse appears harmless deceives the victim into initiating the program A Trojan horse relies upon its legitimate appearance to deceive the victim into initiating the program. It may be relatively harmless or can contain code that can damage the contents of the computer's hard drive.

DoS (Denial of Service) Attacks DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended users. DoS attacks can target end user systems, servers, routers, and network links. Intended to deny services to users Flood a system or network with traffic to prevent legitimate network traffic from flowing Disrupt connections between a client and server to prevent access to a service

DoS (Denial of Service) Attacks Types of DoS Attacks SYN (synchronous) Flooding: a flood of packets are sent to a server requesting a client connection. The packets contain invalid source IP addresses. The server becomes occupied trying to respond to these fake requests and therefore cannot respond to legitimate ones. Ping of death: a packet that is greater in size than the maximum allowed by IP (65,535 bytes) is sent to a device. This can cause the receiving system to crash.

More Attacks DDoS (Distributed Denial of Service) Attack DDoS is a more sophisticated and potentially damaging form of the DoS attack. It is designed to saturate and overwhelm network links with useless data. DDoS operates on a much larger scale than DoS attacks. Typically hundreds or thousands of attack points attempt to overwhelm a target simultaneously Brute Force With brute force attacks, a fast computer is used to try to guess passwords or to decipher an encryption code. The attacker tries a large number of possibilities in rapid succession to gain access or crack the code.

Spyware Program that gathers personal information from your PC without permission Information sent to advertisers Usually installed unknowingly when downloading a file Can slow down performance of the PC

Cookies, Etc. Not always bad.. Used to record information about the user when visiting web sites. Adware collects information based on sites visited useful for target advertising Pop- Ups additional ads displayed when visiting a site pop-ups open in front of browser pop-under open behind browser

Spam Unwanted bulk e-mail Information sent to as many end users as possible Can overload servers, ISPs, etc. Estimated every Internet user receives over 3000 email per year

Security Policy Statement of rules users must follow when using technology Identification and Authentication Policies only authorized persons should have access to network and its resources (including access to physical devices) Password Policies must meet minimum requirements change passwords regularly Acceptable Use Policies determine which applications are acceptable

Security Policy Remote Access Policies explanation of how remote users can access the network Network Maintenance Procedures explanation of update procedures Incident Handling Procedures how incidents involving security will be handled

Updates & Patches Use of updates and patches makes it harder for the hacker to gain access. Updates includes additional functionality Patches small piece of code used to fix the problem

Anti-Virus Software Any device connected to a network is susceptible to viruses Warning signs of a virus: computer acts abnormal sends out large quantities of email high CPU usage Some Anti-virus programs Email checking Dynamic scanning checks files when accessed Scheduled scans Automatic updates

SPAM Prevention Spam is an annoying problem, can... overload servers carry potential viruses Anti-spam software identifies the spam and performs an action deletes the file places it into the junk mail folder Common spam occurrence warning of virus from another user not always true

Firewall Used to control traffic between networks Methods of a Firewall Packet filtering based on IP or MAC address Application/Web site filtering based on the application or website being used SPIC (Stateful Packet Inspection) incoming packets must be legitimate responses to requests from hosts

Firewall Types Appliance-based firewall built into the hardware no peripherals needed Server-based firewall firewall run on a NOS (Network Operating System) Integrated firewall adds firewall functionality to an existing device Personal firewall resides on a host PC

Firewall Features and How to Use them to Protect Against an Attack Use of a DMZ (Demilitarized Zone) Area of the network which is accessible to both internal and external users Web servers for public access typically located here

Single or Dual Firewalls?? Single Firewall appropriate for smaller networks all external traffic sent to firewall Dual Firewall appropriate for larger businesses internal and external firewall

Firewall Features and How to Use them to Protect Against an Attack Vulnerability Analysis determine what part(s) of your network may be vulnerable to attacks Security Scanners helps identify where attack can occur may help identify missing updates

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback