Upload
arif-cupu
View
223
Download
0
Embed Size (px)
Citation preview
7/25/2019 Chapter 4 - Network Vulnerabilities
1/24
Network Vulnerabilities
Niken D CahyaniGandeva Bayu Satrya
Telkom Institute of Technology
7/25/2019 Chapter 4 - Network Vulnerabilities
2/24
Learning Objectives
Explain the types of network vulnerabilities
List categories of network attacks Define different methods of network attacks
7/25/2019 Chapter 4 - Network Vulnerabilities
3/24
1. Network Vulnerabilities
What are the weaknesses that can be found in networks
that make them targets for attacks?
There are two broad categories of network
vulnerabilities: those based on the network transportmedia and those found in the network devices
themselves
7/25/2019 Chapter 4 - Network Vulnerabilities
4/24
1.1. Media-Based Vulnerabilities
!onitoring network traffic is an important task for a networkadministrator" #t helps to identify and troubleshoot network
problems such as a network interface card $%#&' adapter thatis defective and is sending out malformed packets" !onitoring
traffic can be done in two ways" (irst a managed switch on an Ethernet network that supports port
mirroring allows the administrator to configure the switch to redirecttraffic that occurs on some or all ports to a designated monitoring
port on the switch"
) second method for monitoring traffic is to install a network tap" )network tap $test access point' is a separate device that can beinstalled between two network devices such as a switch router orfirewall to monitor traffic"
7/25/2019 Chapter 4 - Network Vulnerabilities
5/24
Methods to view switch traffic
7/25/2019 Chapter 4 - Network Vulnerabilities
6/24
1.2. Network evice Vulnerabilities
Weaknesses in network devices themselves can also be
targets for attackers"
&ommon network device vulnerabilities include weak
passwords default accounts back doors and privilegeescalation"
7/25/2019 Chapter 4 - Network Vulnerabilities
7/24
a. !eak "asswords
) password is a secret combination of letters and numbers that serves
to authenticate $validate' a user by what he knows" %etwork devices
are commonly protected by passwords to prevent unauthori*ed users
from accessing the device and changing configuration settings"
)lthough passwords are often the only line of defense for a network
device passwords actually provide weak security" This is because of
what is known as the +password paradox",
(or a password to remain secure and prevent an attacker from
discovering it it should never be written downbut instead must be
committed to memory"
7/25/2019 Chapter 4 - Network Vulnerabilities
8/24
a. !eak "asswords #con$t%
&haracteristics of weak passwords include:
) common word used as a password $such as )pril'
%ot changing passwords unless forced to do so
-asswords that are short $such as ).&D'
-ersonal information in a password $such as the name of
a child or pet'
/sing the same password for all accounts Writing the password down
7/25/2019 Chapter 4 - Network Vulnerabilities
9/24
b. efault &ccounts
) default account is a user account on a device that is
created automatically by the device instead of by an
administrator"
Default accounts are used to make the initial setup andinstallation of the device $often by outside personnel'
easier without the need to create temporary individual
accounts"
Default accounts usually have full administrator privilegesin order to not inhibit the installation process" )lthough
default accounts are intended to be deleted after the
installation is completed often they are not"
7/25/2019 Chapter 4 - Network Vulnerabilities
10/24
c. Back oors
%ormally a network administrator would set up an
account for a user on a network device and assign
specific privileges to that account"
) back door is a method to circumvent the protectionintended by this process"
) back door is an account that is secretly set up without
the administrator0s knowledge or permission that cannot
be easily detected and that allows for remote access tothe device"
7/25/2019 Chapter 4 - Network Vulnerabilities
11/24
d. "rivilege 'scalation
1ust as operating systems and many applications can be
the victims of privilege escalation network devices are
also at risk" #t is possible to exploit a vulnerability in the
network device0s software to gain access to resources thatthe user would normally be restricted from obtaining"
(or example in one network device an administrative
user with read2only permission could create a specific
Web address or uniform resource locator $/3L' and enterit on an )dministration Web page to escalate privileges to
a full administrative level"
7/25/2019 Chapter 4 - Network Vulnerabilities
12/24
Objectives
Explain the types of network
vulnerabilities
List categories of network attacks Define different methods of network
attacks
7/25/2019 Chapter 4 - Network Vulnerabilities
13/24
2. (ategories of &ttacks
.ased on the previously mentioned vulnerabilities there
are a number of different categories of attacks that are
conducted against networks"
These categories include denial of service spoofing man2in2the2middle and replay attacks"
%. : These categories represent what the endresult of
the attack is intended to accomplish.
7/25/2019 Chapter 4 - Network Vulnerabilities
14/24
2.1. enial of )ervice *o)+
) denial of service $Do4' attack attempts to consume network
resources so that the network or its devices cannot respond to
legitimate re5uests"
#n one type of Do4 attack a device or computer submits numerous
initial re5uests to a server for a service but does not respond when
the server re5uests information thus making the server wait"
) variant of the Do4 is the distributed denial of service $DDo4'
attack" #nstead of using one computer a DDo4 may use hundreds or
thousands of *ombie computers in a botnet to flood a device with
re5uests"
7/25/2019 Chapter 4 - Network Vulnerabilities
15/24
o) &ttack
7/25/2019 Chapter 4 - Network Vulnerabilities
16/24
2.2. ),oofing
4poofing is impersonation6 that is it is pretending to be
someone or something else by presenting false
information" There are a variety of different attacks that
use spoofing" (or example: .ecause most network systems keep logs of user activity an
attacker may spoof her address so that her malicious actions
would be attributed to a valid user"
)n attacker may spoof his network address with an address of a
known and trusted host in order that the target computer wouldaccept the packet and act upon it"
7/25/2019 Chapter 4 - Network Vulnerabilities
17/24
2.. Man-in-the-Middle
!an2in2the2middle attacks are common on networks" This
type of attack makes it seem that two computers are
communicating with each other when actually they are
sending and receiving data with a computer betweenthem or the +man2in2the2middle",
!an2in2the2middle attacks can be active or passive"
7/25/2019 Chapter 4 - Network Vulnerabilities
18/24
2.. /e,la0
7nce that session has ended the man2in2the2middle
would attempt to login and replay the captured
credentials" ) more sophisticated attack takes advantage
of the communications between a network device and aserver"
)dministrative messages that contain specific network
re5uests are fre5uently sent between a network device
and a server" When the server receives the message itresponds with another administrative message back to the
sender
7/25/2019 Chapter 4 - Network Vulnerabilities
19/24
. Methods of Network &ttacks
1ust as there are different categories of attacks on
networks there are several different ways to perform
these attacks"
%etwork attack methods can be protocol2based orwireless as well as other methods"
7/25/2019 Chapter 4 - Network Vulnerabilities
20/24
.1. "rotocol-Based &ttacks
Targeting vulnerabilities in network protocols is one of the most
common methods of attack" This is because the weakness is inherent
within the protocol itself and can be harder to defend against since it
is built into the communication"
)ny network or system that uses this protocol is vulnerable to these
attacks significantly increasing the number of possible victims"
4ome of the most common protocol2based attacks are attacks on
anti5uated protocols D%4 attacks )3- poisoning and T&-8#-
hi9acking"
7/25/2019 Chapter 4 - Network Vulnerabilities
21/24
.1. "rotocol-Based &ttacks
)nti5uated protocols
.ecause of the security vulnerabilities of 4%!-v and 4%!-v; 4%!-v< was introduced in
==>" 4%!-v< uses usernames and passwords along with encryption to foil an attacker0s attempt
to view the contents"
D%4 attacks7ne type of D%4 attack is to substitute a fraudulent #- address so that when a user enters a
symbolic name she is directed to the fraudulent computer site"
)3- poisoning
#f the #- address for a device is known but the !)& address is not the sending computer sends
out an )3- packet to all computers on the network that says +If this is your IP address, send back
to me your MAC address",
T&-8#- hi9acking" #n a T&-8#- hi9acking attack the attacker creates fictitious $+spoofed,' T&- packets to take
advantage of the weaknesses
7/25/2019 Chapter 4 - Network Vulnerabilities
22/24
("3" 4ijacking
7/25/2019 Chapter 4 - Network Vulnerabilities
23/24
.2. !ireless &ttacks
)s wireless networks have become commonplace new
attacks have been created to target these networks"
These attacks include rogue access points war driving
bluesnarfing and blue 9acking"
7/25/2019 Chapter 4 - Network Vulnerabilities
24/24
.. Other &ttacks and 5rauds
7ther types of attacks and frauds that are sometimes
found today are null sessions and Domain %ame iting"
%ull sessions are unauthenticated connections to a !icrosoft Windows ;@@@ or
Windows %T computer that do not re5uire a username or a password" /sing acommand as simple as &:ABnet use AA=;"C>""A#-& FF 8u: could allow an
attacker to connect to open a channel over which he could gather information about the
device such as network information users and groups"
Domain %ame iting is a variation on the kiting concept of taking advantage of
additional time" 3egistrars are organi*ations that are approved by #&)%% $#nternet
&orporation for )ssigned %ames and %umbers' to sell and register #nternet domainnames $such as www"course"com'" #n order to provide a means for registrars to correct
mistakes a five2day )dd Grade -eriod $)G-' permits registrars to delete any newly
registered #nternet domain names and receive a full refund of the registration fee"