Embed Size (px)
Citation preview
Lab #2
CT1406
By Asma AlOsaimi
"Security has been a major concern in today’s computer networks. There has
been various exploits of attacks against companies, many of the
attacks cost companies their reputation and cost them millions of
pounds. Many attacks are implemented using inside knowledge
from previous and even current employees."
Part#1: Network Fundamentals
4
Outline
cs490ns - cotter
LANs LAN Routers / Gateways Wireless Connection Firewalls NAT Network Protocols Protocol Analysis
5
Single Machine
cs490ns - cotter
Security Risk: Physical Security Access to Machine (loss of equipment) Hack Machine (loss of information)
6
Local Area Networks
cs490ns - cotter
Security Risk: Physical Security Access to Machine (loss of equipment) Access to Hub / Switch (loss/ leak of information) Hack Machine (loss/ leak of information)
Hub / Switch
7
Local Area Networks(Routers / Gateways)
cs490ns - cotter
Internet
Router /Gateway
8
Local Area Networks(Access Technologies)
cs490ns - cotter
56 Kbps Modem Establish a point-to-point connection to ISP Use PPTP (etc.) to establish an internet connection Private link
DSL Full Time, Broadband connection Uses existing telecom facilities Private link
Cable Modem Full Time, Broadband connection Shares existing cable TV facility with others
9
Wireless Connection
cs490ns - cotter
InternetWAP +Router
10
Firewalls
cs490ns - cotter
Provides a mechanism to control / monitor access to the LAN
InternetFirewall
11
Network Address Translation
cs490ns - cotter
Many networks configured with private IP addresses (10.0.0.0, 172.16.0.0, 192.168.0.0) Addresses are not routed.
Must convert to public address for Internet access. To addresses that are routed.
May also have many hosts sharing limited network addresses. If only 1 network address, then service is called Port
Address Translation - PAT NAT provides the translation services
12
Network Address Translation
cs490ns - cotter
13
Network Protocols
cs490ns - cotter
14
LAN Physical Layer Protocols
cs490ns - cotter
Ethernet 10base5 10base2 10baseT, 100baseT, 1000baseT
Wireless Networks 802.11a 802.11b 802.11g
Token Ring etc.
15
WAN Physical Layer Protocols
cs490ns - cotter
Telecommunications DS0, DS1, DS3 SONET ISDN etc.
Metro Area Protocols Cellular Telephone FDDI WiMAX
16
Network Layer Protocols
cs490ns - cotter
Internet Protocol (IP) Routes packets across the network Manages packet fragmentation across network
Internet Control Message Protocol (ICMP) Provides support for IP and TCP
Address Resolution Protocol (ARP) Provides address resolution between network layer
and data link layer addresses.
17
Transport Layer Protocols
cs490ns - cotter
Transmission Control Protocol (TCP) Provides reliable end-to-end packet transport Provides packet flow control
User Datagram Protocol (UDP) Provides simplified end-to-end packet transport No control overhead No packet fragmentation
18
Application Layer Protocols
cs490ns - cotter
Support specific network applications FTP WWW (HTTP, etc.) E-MAIL
19
Protocol Analysis
cs490ns - cotter
Packet Sniffers WireShark (Ethereal) Etherpeek EtherDetect Zx Sniffer AnalogX PacketMon Colasoft Capsa AirMagnet Enterprise (Wireless monitoring) etc.
20
Summary
cs490ns - cotter
LANs LAN Routers / Gateways Wireless Connection Firewalls NAT Network Protocols Protocol Analysis
Part#2:Introduction to security
22
Who is vulnerable?
15-441 Networks Fall 2002
Financial institutions and banks Internet service providers Government and defense agencies Contractors to various government agencies Multinational corporations ANYONE ON THE NETWORK
23
Common security attacks and their countermeasures
15-441 Networks Fall 2002
Finding a way into the network Firewalls
Exploiting software bugs, buffer overflows Intrusion Detection Systems
Denial of Service IDS
TCP hijacking IPSec
Packet sniffing Encryption (SSH, SSL, HTTPS)
Social problems Education
Common security attacks
What is a vulnerable system? A vulnerability is a weakness in software,
hardware that enables the attacker to compromise the confidentiality, integrity or availability of that system.
An attacker can use a vulnerability to compromise a system. For example a weakness in a protocol allows the
attacker to run arbitrary code. If you understand the vulnerability, it will help
you to implement the appropriate security control
Part#3: CT1406 LAB
Back Track 510.170.25.202
Metasploitable(Ubuntu)10.170.25.100
Windows Server 200810.170.25.101
Windows PC10.170.25.201
CT1406 Lab Setup
BackTrack BackTrack is an operating system based on
the Ubuntu GNU/Linux distribution aimed at digital forensics and penetration testing use.
It is named after backtracking, a search algorithm.
The current version is BackTrack 5. Backtrack 5 contains all of the tools
necessary to perform a complete security assessment of systems, networks, and applications
Pentest ? A pentest is a method of evaluating and
testing the security of a system, network, or application by performing actions that are meant to simulate the actions of a malicious attacker.
Backtrack 5 security tools BackTrack includes many well known security
tools including: Metasploit integration RFMON Injection capable wireless drivers Aircrack-NG Kismet Nmap Ophcrack Ettercap Wireshark (formerly known as Ethereal) BeEF (Browser Exploitation Framework) Hydra
Metasploit Metasploit framework provides you with
information on security vulnerabilities which can be used to exploit a system.
Penetration testers can also use this tool to launch manual or automated scans.
Useful links Backtrack 5 instalttion steps :
http://www.sans.org/media/security-training/sec401-windows-linux-tutorial-v1.pdf
references The guide to backtrack ,
http://www.backtrack-linux.org/documents/Hakin9_On_Deman_03_2012_Teasers.pdf
"Network Security" slides by Justin Weisz
