Upload
aron-whitehead
View
225
Download
1
Tags:
Embed Size (px)
Citation preview
Hands-On Ethical Hacking and Network Defense
Chapter 3Network and Computer Attacks
Hands-On Ethical Hacking and Network Defense 2
Objectives
• Describe the different types of malicious software
• Describe methods of protecting against malware attacks
• Describe the types of network attacks
• Identify physical security attacks and vulnerabilities
Hands-On Ethical Hacking and Network Defense 3
Malicious Software (Malware)
• Network attacks prevent a business from operating
• Malicious software (Malware) includes• Virus• Worms• Trojan horses
• Goals• Destroy data• Corrupt data• Shutdown a network or system
Hands-On Ethical Hacking and Network Defense 4
Viruses• Virus attaches itself to an executable file• Can replicate itself through an executable
program• Does not stand on its own• Needs a host program
• No foolproof method of preventing them• Use antivirus programs for detection• Detection based on virus signatures• Must update signature database periodically• Use automatic update feature if available
Hands-On Ethical Hacking and Network Defense 5
Hands-On Ethical Hacking and Network Defense 6
Hands-On Ethical Hacking and Network Defense 7
Viruses (continued)• Encoding base 64 used to reduce size of e-
mail attachments• Represents 0 to 63 using six bits• A is 000000 … Z is 011001
• Converting base 64 strings to decimal equivalent• Create groups of 4 characters, for each group• Convert decimal value of each letter to binary• Rewrite as three groups of eight bits• Convert the binary into decimal
Hands-On Ethical Hacking and Network Defense 8
Hands-On Ethical Hacking and Network Defense 9
Viruses (continued)
• Commercial base 64 decoders
• Shell• Executable piece of programming code• Should not appear in an e-mail attachment
Hands-On Ethical Hacking and Network Defense 10
Macro Viruses• Virus encoded as a macro• Macro• Lists of commands• Can be used in destructive ways
• Example: Melissa• Appeared in 1999
• Even nonprogrammers can create macro viruses• Instructions posted on Web sites
• Security professionals can learn from thinking like attackers
Hands-On Ethical Hacking and Network Defense 11
Worms• Worm• Replicates and propagates without a host
• Infamous examples• Code Red• Nimda
• Can infect every computer in the world in a short time• At least in theory
• Actual examples• Cyberattacks against ATM machines• Slammer and Nachi worms
Hands-On Ethical Hacking and Network Defense 12
Hands-On Ethical Hacking and Network Defense 13
Hands-On Ethical Hacking and Network Defense 14
Hands-On Ethical Hacking and Network Defense 15
Trojan Programs• Insidious attack against networks• Disguise themselves as useful programs• Hide malicious content in program• Backdoors• Rootkits
• Allow attackers remote access
• Firewalls• Identify traffic on uncommon ports• Can block this type of attack
• Trojan programs can use known ports• HTTP (TCP 80) or DNS (UDP 53)
Hands-On Ethical Hacking and Network Defense 16
Hands-On Ethical Hacking and Network Defense 17
Spyware• Sends information from the infected computer
to the attacker• Confidential financial data• Passwords• PINs• Any other stored data
• Can registered each keystroke entered• Prevalent technology• Educate users about spyware
Hands-On Ethical Hacking and Network Defense 18
Hands-On Ethical Hacking and Network Defense 19
Adware
• Similar to spyware• Can be installed without the user being aware
• Sometimes displays a banner
• Main goal• Determine user’s online purchasing habits• Tailored advertisement
• Main problem• Slows down computers
Hands-On Ethical Hacking and Network Defense 20
Protecting Against Malware Attacks• Difficult task
• New viruses, worms, Trojan programs appear daily
• Malware detected using antivirus solutions
• Educate your users about these types of attacks
Hands-On Ethical Hacking and Network Defense 21
Hands-On Ethical Hacking and Network Defense 22
Hands-On Ethical Hacking and Network Defense 23
Educating Your Users
• Structural training• Most effective measure• Includes all employees and management
• E-mail monthly security updates• Simple but effective training method
• Recommend that users update virus signature database• Activate automatic updates
Hands-On Ethical Hacking and Network Defense 24
Educating Your Users
• SpyBot and Ad-Aware• Help protect against spyware and adware
• Firewalls• Hardware (enterprise solution)• Software (personal solution)• Can be combined
• Intrusion Detection System (IDS)• Monitors your network 24/7
Hands-On Ethical Hacking and Network Defense 25
Avoiding Fearing Tactics• Avoid scaring users into complying with
security measures• Sometimes used by unethical security
testers• Against the OSSTMM’s Rules of Engagement
• Promote awareness rather than instilling fear• Users should be aware of potential threats
• During training• Build on users’ knowledge• Make training easier
Hands-On Ethical Hacking and Network Defense 26
Intruder Attacks on Networks and Computers
• Attack• Any attempt by an unauthorized person to access
or use network resources
• Network security• Concern with security of network resources
• Computer security• Concerned with the security of a computer not part
of a network infrastructure
• Computer crime• Fastest growing type of crime worldwide
Hands-On Ethical Hacking and Network Defense 27
Denial-of-Service Attacks• Denial-of-Service (DoS) attack• Prevents legitimate users from accessing network
resources
• Some forms do not involve computers
• Attacks do not attempt to access information• Cripple the network• Make it vulnerable to other type of attacks
• Performing an attack yourself is not wise• Only need to prove attack could be carried out
Hands-On Ethical Hacking and Network Defense 28
Distributed Denial-of-Service Attacks• Attack on a host from multiple servers or
workstations
• Network could be flooded with billions of requests• Loss of bandwidth• Degradation or loss of speed
• Often participants are not aware they are part of the attack• Attacking computers could be controlled using
Trojan programs
Hands-On Ethical Hacking and Network Defense 29
Buffer Overflow Attacks• Vulnerability in poorly written code• Code does not check predefined size of input field
• Goal• Fill overflow buffer with executable code• OS executes this code• Code elevates attacker’s permission• Administrator• Owner of running application
• Train your programmer in developing applications with security in mind
Hands-On Ethical Hacking and Network Defense 30
Hands-On Ethical Hacking and Network Defense 31
Hands-On Ethical Hacking and Network Defense 32
Ping of Death Attacks• Type of DoS attack
• Not as common as during the late 1990s
• How it works• Attacker creates a large ICMP packet• More than 65,535 bytes
• Large packet is fragmented at source network• Destination network reassembles large packet• Destination point cannot handle oversize packet
and crashes
Hands-On Ethical Hacking and Network Defense 33
Session Hijacking• Enables attacker to join a TCP session
• Attacker makes both parties think he or she is the other party
Hands-On Ethical Hacking and Network Defense 34
Addressing Physical Security• Protecting a network also requires physical
security
• Inside attacks are more likely than attacks from outside the company
Hands-On Ethical Hacking and Network Defense 35
Keyloggers• Used to capture keystrokes on a computer• Hardware• Software
• Software• Behaves like Trojan programs
• Hardware• Easy to install• Goes between the keyboard and the CPU• KeyKatcher and KeyGhost
Hands-On Ethical Hacking and Network Defense 36
Hands-On Ethical Hacking and Network Defense 37
Hands-On Ethical Hacking and Network Defense 38
Keyloggers (continued)• Protection• Software-based• Antivirus
• Hardware-based• Random visual tests
Hands-On Ethical Hacking and Network Defense 39
Behind Locked Doors• Lock up your servers
• Average person can pick deadbolt locks in less than five minutes• After only a week or two of practice
• Experienced hackers can pick deadbolt locks in under 30 seconds
• Rotary locks are harder to pick
• Keep a log of who enters and leaves the room
• Security cards can be used instead of keys for better security
Hands-On Ethical Hacking and Network Defense 40
Summary• Be aware of attacks on network
infrastructures and standalone computers
• Attacks can be perpetrated by insiders or remote attackers
• Malicious software• Virus• Worm• Trojan programs• Spyware• Adware
Hands-On Ethical Hacking and Network Defense 41
Summary (continued)
• Attacks• Denial-of-Service (DoS)• Distributed Denial-of-Service (DDoS)• Buffer overflow• Ping of Death• Session hijacking
Hands-On Ethical Hacking and Network Defense 42
Summary (continued)• Physical security• As important as network or computer security• Keyloggers• Software-based• Hardware-based
• Locks• Choose hard-to-pick locks• Security cards