Hands-On Ethical Hacking and Network Defense Second Edition - Chapter - - PDF document

hands on ethical hacking and network defense second
SMART_READER_LITE
LIVE PREVIEW

Hands-On Ethical Hacking and Network Defense Second Edition - Chapter - - PDF document

Feb 16, 2024 14 likes •84 views

Hands-On Ethical Hacking and Network Defense Second Edition - Chapter 3 Network and Computer Attacks Objectives After reading this chapter and completing the exercises , you will be able to: Describe the different types of malicious

slide-1
SLIDE 1

Hands-On Ethical Hacking and Network Defense Second Edition - Chapter 3 Network and Computer Attacks Objectives

  • After reading this chapter and completing the exercises, you will be able to:

– Describe the different types of malicious software and what damage they can do – Describe methods of protecting against malware attacks – Describe the types of network attacks – Identify physical security attacks and vulnerabilities Malicious Software (Malware)

  • Network attacks prevent a business from operating

– Malicious software (malware)

  • Virus
  • Worm
  • Trojan program

– Goals

  • Destroy data
  • Corrupt data
  • Shutdown a network or system
  • Make money

Viruses

  • Virus attaches itself to a file or program

– Needs host to replicate – Does not stand on its own – No foolproof prevention method

  • Antivirus programs

– Detection based on virus signatures

  • Signatures are kept in virus signature file
  • Must update periodically
  • Some offer automatic update feature

Intelligent Scareware

  • Encoding base 64

– Used to reduce size of e-mail attachments – Represents zero to 63 using six bits – A is 000000… Z is 011001

  • Converting base-64 strings to decimal equivalent

– Create groups of four characters – Convert decimal value of each letter to binary – Rewrite as three groups of eight bits – Convert binary into decimal – Can also be used to hide information

  • Base-64 decoders
slide-2
SLIDE 2

Hands-On Ethical Hacking and Network Defense Second Edition - Chapter 3 Network and Computer Attacks – Available for purchase

  • Shell

– Executable piece of programming code – Creates interface to OS for issuing commands – Should not appear in an e-mail attachment Macro Viruses

  • Virus encoded as a macro

– Programs that support a macro programming language (e.g., Visual Basic for Applications)

  • Lists of commands
  • Can be used in destructive ways

– Example: Melissa

  • Appeared in 1999
  • Even nonprogrammers can create macro viruses

– Instructions posted on Web sites

  • Security professionals learn from thinking like attackers

Worms

  • Replicates and propagates without a host

– Infamous examples:

  • Code Red
  • Nimda
  • Theoretically can infect every computer in

the world over a short period – Examples:

  • Slammer and Nachi ATM worm attacks

Trojan Programs

  • A destructive program that masquerades as an application.

– The software initially appears to perform a desirable function for the user prior to installation and/or execution, but (perhaps in addition to the expected function) steals information or harms the system. – Trojan horses do not replicate themselves – Typically install Rootkits, Backdoors, and provide Remote Access to systems for further exploitation

  • Defensive Measure:

– Good security software (e.g. AV, anti-malware) or hardware firewalls

slide-3
SLIDE 3

Hands-On Ethical Hacking and Network Defense Second Edition - Chapter 3 Network and Computer Attacks – Question prompts from security software to allow traffic

  • n unfamiliar ports

– Trojan programs can use well-known ports to mask their activity

  • Well-known Trojan Programs & Ports

Spyware

  • Sends information from infected computer to attacker

– Confidential financial data – Passwords – PINs – Any other stored data

  • Can register each keystroke entered

– Prevalent technology

  • Educate users about spyware

Adware

  • Definition: Any software package which automatically plays, displays, or downloads

advertisements to a computer. These advertisements can be in the form of a pop-up or banners.

  • Similar to spyware

– Installed without users being aware

  • Main purposes:

– Determine user’s purchasing habits

  • Tailors advertisement

– Generate revenue for the author through display of 3rd party ad impressions to significant numbers of systems

  • Main problem

– Slows down computers Protecting Against Malware Attacks

  • Difficult task

– New viruses, worms, and Trojan programs appear daily

  • Antivirus programs

– Detected many malware programs

  • Boundary Initiatives:

– Install proxies with anti-malware detection

  • Prevents malicious code from arriving at client system

– Prevent unusual in/outbound port access through firewalls

  • Layer 8 Defenses:

– Educate users no less than annually – Eliminate users ability to install software where possible

slide-4
SLIDE 4

Hands-On Ethical Hacking and Network Defense Second Edition - Chapter 3 Network and Computer Attacks – Eliminate users ability to modify software firewall rules where possible

  • Avoiding Fear Tactics
  • Avoid scaring users into complying with security measures

– Sometimes used by unethical security testers

  • Against the OSSTMM’s Rules of Engagement
  • Promote awareness rather than instilling fear

– Users should be aware of potential threats – Build on users’ knowledge

  • Makes training easier
  • Role play and examples help make strong points users can embrace

Educating Your Users

  • Structural training

– Includes all employees and management

  • Should be mandated no less than annually
  • Document to require people sign-in to ensure complete attendance
  • Consider social engineering staff randomly to gage awareness / response

– Whenever possible use managed vs. unmanaged compliance solutions:

  • Anti-virus
  • Patch management
  • Firewall rule and HIPS signatures
  • As a last resort enforce the use of unmanaged anti-malware and anti-virus solutions. Perform

random checks for compliance. Intruder Attacks on Networks and Computers

  • Attack: Any attempt by an unauthorized person to access, damage, or use network resources
  • Network security: Concern with security of network infrastructure
  • Computer security

– Concerned with security of a stand alone computers or systems

  • Not part of a network infrastructure
  • Computer crime: Fastest growing type of crime worldwide

Denial-of-Service Attacks

  • Denial-of-service (DoS) attack

– Prevents legitimate users from accessing network resources – Some forms do not involve computers

  • Do not attempt to access information

– Cripples the network – Makes it vulnerable to other attacks

  • Installing an attack yourself is not wise
slide-5
SLIDE 5

Hands-On Ethical Hacking and Network Defense Second Edition - Chapter 3 Network and Computer Attacks – Only explain how the attack could happen – Could render systems and networks unusable

  • Distributed Denial-of-Service Attacks
  • Distributed denial-of-service (DDoS) attack

– Attack on host from multiple servers or workstations – Network could be flooded with billions of packets

  • Loss of bandwidth
  • Degradation or loss of speed
  • Difficult to defend against (sourced from many networks)

– Often participants are not aware they are part of the attack

  • They, too, have been attacked
  • Botnets and Zombies used by bot-herder

Buffer Overflow Attacks

  • Vulnerability in poorly written code

– Doesn’t check for amount of memory space use

  • Attacker writes code that overflows buffer

– OS runs this code – Code elevates attacker’s permission

  • Administrator, owner, or creator
  • Train programmers in developing applications with security in mind

Ping of Death Attacks

  • Type of DoS attack

– Not as common as during the late 1990s

  • How it works

– Attacker creates a large ICMP packet

  • More than allowed 65,535 bytes

– Large packet is fragmented into small packets

  • Reassembled at destination

– Destination point cannot handle reassembled oversize packet

  • Causes it to crash or freeze

Session Hijacking

  • Enables attacker to join a TCP session

– Attacker makes both parties think he or she is the other party

  • Complex attack

– Beyond the scope of this book

slide-6
SLIDE 6

Hands-On Ethical Hacking and Network Defense Second Edition - Chapter 3 Network and Computer Attacks Vulnerability Scanning

  • Determines current attack surface

– All devices have potential vulnerabilities

  • Workstations
  • Servers
  • Printers
  • Routers
  • Switches
  • Vender supplied patches resolve most issues
  • Security professionals must determine and manage the current patch state of their networks to

be able to determine the current risks Addressing Physical Security

  • Protecting a network

– As important as logical security measures – Layered approach using different tactics at each layer

  • Inside attacks

– More likely than outside attacks – May have insider knowledge

  • f protective measures

– Requires layered monitoring and logging to identify anomalies Keyloggers

  • Used to capture keystrokes on a computer

– Software

  • Loaded on to computer
  • Behaves like Trojan programs

– Hardware

  • Small and easy to install device
  • Goes between keyboard and computer
  • Examples: KeyKatcher and KeyGhost
  • Available as software (spyware)

– Transfers information\

  • Used by Cyberthieves, Law Enforcement, and Corporate investigators.

– Maybe illegal is some states Behind Locked Doors

  • Lock up servers
slide-7
SLIDE 7

Hands-On Ethical Hacking and Network Defense Second Edition - Chapter 3 Network and Computer Attacks – Average person

  • Can pick deadbolt lock in less than five minutes
  • After only a week or two of practice

– Experienced hackers

  • Can pick deadbolt lock in under 30 seconds
  • Rotary locks are harder to pick

– Require pushing in a sequence of numbered bars

  • Keep a record of who enters and leaves the room

– Security cards can be used for better security