Download File

highpitchedteamSecurity

Nov 30, 2013 (4 years and 1 month ago)

71 views

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

Network Security


Network security comprises
authentication

and
encryption


Authentication is typically accomplished through a
user name and password


Other forms of authentication are digital
certificates, smart cards, and biometrics

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

Hackers, Crackers, and Intruders


Exact meaning of
hacker

depends on the context
in which it is used and by whom


Cracker

typically means anyone who gains
access to a computer system with intent to do
harm or play pranks


For sake of clarity, the textbook uses term
intruder

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

Unprotected Network Shares


Network shares with minimal or no security plus
remote access enabled on a computer are a
security breach waiting to happen


Hacker tools can probe and access available
network shares

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

Social Engineering


Relies on the gullibility of a network user and his or her
respect for authority


Caller:
Hello. This is Bob down at IMS operations
conducting as security check. We believe we may
have an intruder in our system.


Joe Gullible:
Yes. What Can I do To help ?


Caller:
Well Joe, I need to look at your PC files to
see if there have been any possible intrusions. I
need your username and password.


Joe Gullible :
Sure. My username is
Jgullible

and
my Password is
toocool




Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

Open Ports


Common way for intruders to gain access to a
system


Administrators should close all unused ports


Third
-
party utility or the
netstat

utility can be used
to check for open ports

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

Zero Configuration (Zeroconf)


Standard Developed by the IEEE


Advantage


Enables a network device to automatically configure
itself for a network


Disadvantage


Makes a network less secure

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

Denial of Service (DoS)


One of the most common attacks on a server


Can overload a server to the point that it crashes
or is not able to complete a legitimate user
request

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

Man in the Middle (MITM)


Intruder intercepts network transmission, reads it,
then places it back on route to its destination


Contents may or may not be modified


MITM can also be used for a
replay attack


Using an IP or MAC address from a previous
network transmission to make an unauthorized
connection.

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

Spoofing


Example: Using a valid IP address to fool a server


Example: Using a bogus IP address and ID when
sending unsolicited e
-
mail

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

Smurf Attack


A type of
DoS


To deal with a
DoS

attack


Configure the computer firewall not to
respond to ICMP (
Internet Control
Message
Protocol)

echo requests


Configure routers not to forward ICMP
echo requests to broadcast addresses in
the network


Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

Trojan Horse


Example: Free download that
contains malicious code


That code could contain virus,
worm, or
backdoor


Example: Can imitate
legitimate logon screen


When user logs on, name and
password are sent to
unauthorized user

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

E
-
Mail Attachments


Source of most commonly
encountered viruses


Malicious code can be programmed
into attachment


When recipient opens attachment,
malicious program is activated

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

As a network administrator, you are in charge of
educating company employees on the dangers of
e
-
mail attachments. What might you tell the
employees concerning e
-
mail attachments and the
prevention of infecting their computers and the
network with malware?

Applied Networking

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

Macro Virus


Series of common keystrokes can be linked to a
virus


Can be sent as e
-
mail attachment and is launched
when recipient opens attachment


May infect a template file like normal.dot and then
execute when user presses a certain combination
of keys

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

Worm


Most common worm programs use e
-
mail to
replicate
and

spread to other computers


Common safeguard against worms is setting up a
dedicated mail server

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

Phishing


E
-
mail can appear as if it’s from a legitimate
company, such as a credit card company


E
-
mail requests user’s personal information, such
as social security number or bank account PIN


Phony web sites that look authentic, but have
slightly different domain names

Permission granted to reproduce for educational use only.

© Goodheart
-
Willcox Co., Inc.

As a network administrator, you are in charge of
educating company employees on the dangers of
phishing. What might you tell the employees
concerning detecting and handling a phishing
attack?

Applied Networking

I
N

CLASS

LAB

Roberts
72 & 73



N
EXT

C
LASS

November 6
th
, 2013


Labsim Homework
8.2.2
-
8.2.4