Top Banner
Mazhar Hussain E-mail: mazhar.hussain@isp.edu.pk Network Security Lecture#2 Institute of Southern Punjab, Multan Security Architecture
34

Institute of Southern Punjab, Multan - WordPress.com · 2016-04-11 · Dumpster Diving Google, Newsgroups, Web sites Social Engineering Phishing: fake email Pharming: fake web pages

May 29, 2020

Download

Documents

dariahiddleston
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
  • Mazhar Hussain

    E-mail: mazhar.hussain@isp.edu.pk

    Network Security

    Lecture#2

    Institute of Southern Punjab, Multan

    Security Architecture

  • Lecture 2: Security Architecture

    Security Attacks

    A Model for Network Security

    Phases of Hacking

    Hacktivism

    2

  • Security Attacks

    3

  • Security Attacks

    Any action that compromises the security of information ofan organization

    4

  • A passive attack attempts to learn or make use of information from the system but does not affect system resources.

    An active attack attempts to alter system resources or affect their operation.

    5

    Continued…

  • Passive attacks are in the nature of spying on, or monitoring of transmissions.

    The goal of the opponent is to obtain information that is being transmitted.

    Two types of passive attacks are:

    1. The release of message contents

    2. Traffic Analysis6

    Passive Attack

  • The release of message contents is easilyunderstood by the Figure in next page.

    A telephone conversation, an electronic mailmessage, and a transferred file may containsensitive or confidential information.

    We would like to prevent an opponent from learningthe contents of these transmissions.

    7

    The Release of Message Contents

  • 8

    Continued…

  • A second type of passive attack is traffic analysis.

    Suppose that we had a way of masking the contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message.

    The common technique for masking contents is ???

    9

    Traffic Analysis

  • 10

    Continued…

  • Passive attacks are very difficult to detect????

    11

    Continued…

  • Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories:

    1. Masquerade

    2. Replay

    3. Modification of Messages

    4. Denial of Service

    12

    Active Attack

  • A masquerade takes place when one entity pretends to be a different entity.

    13

    Masquerade

  • Replay involves the passive capture of a data unit and later retransmission to produce an unauthorized effect.

    14

    Replay

  • Modification of messages simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect.

    15

    Modification of Messages

  • The denial of service prevents the normal use or management of communications facilities.

    16

    Denial Of Services

  • A Model for Network Security

    17

  • 18

    A Model for Network Security

  • Phases of Hacking

    19

  • 20

    Continued…

  • Hacking NetworksPhase 1: Reconnaissance

    Physical Break-In Dumpster Diving Google, Newsgroups,

    Web sites Social Engineering

    Phishing: fake email Pharming: fake web

    pages

    WhoIs Database & arin.net

    Domain Name Server Interrogations

    Registrant:Microsoft CorporationOne Microsoft WayRedmond, WA 98052US

    Domain name: MICROSOFT.COM

    Administrative Contact:Administrator, Domain domains@microsoft.comOne Microsoft WayRedmond, WA 98052US+1.4258828080

    Technical Contact:Hostmaster, MSN msnhst@microsoft.comOne Microsoft WayRedmond, WA 98052 US+1.4258828080

    Registration Service Provider:DBMS VeriSign, dbms-support@verisign.com800-579-2848 x4Please contact DBMS VeriSign for domain updates,

    DNS/Nameserverchanges, and general domain support questions.

    Registrar of Record: TUCOWS, INC.Record last updated on 27-Aug-2006.Record expires on 03-May-2014.Record created on 02-May-1991.

    Domain servers in listed order:NS3.MSFT.NET 213.199.144.151NS1.MSFT.NET 207.68.160.190NS4.MSFT.NET 207.46.66.126NS2.MSFT.NET 65.54.240.126NS5.MSFT.NET 65.55.238.126

    21

  • Hacking NetworksPhase 2: Scanning

    War Driving: Can I find a wireless network?

    War Dialing: Can I find a modem to connect to?

    Network Mapping: What IP addresses exist, and what ports are open on them?

    Vulnerability-Scanning Tools: What versions of software are implemented on devices?

    22

  • Passive Attacks

    Eavesdropping: Listen to packets from other parties = Sniffing

    Traffic Analysis: Learn about network from observing traffic patterns

    Footprinting: Test to determine software installed on system = Network Mapping

    Bob

    JennieCarl

    23

  • Hacking Networks:Phase 3: Gaining Access

    Network Attacks:

    Sniffing (Eavesdropping)

    IP Address Spoofing

    Session Hijacking

    System Attacks:

    Buffer Overflow

    Password Cracking

    SQL Injection

    Web Protocol Abuse

    Denial of Service

    Trap Door

    Virus, Worm, Trojan horse, Login: Ginger Password: Snap

    24

  • Some Active Attacks

    Denial of Service: Message did not make it; or service could not run

    Masquerading or Spoofing: The actual sender is not the claimed sender

    Message Modification: The message was modified in transmission

    Packet Replay: A past packet is transmitted again in order to gain access or otherwise cause damage

    Denial of ServiceJoe

    Ann

    Bill Spoofing

    Joe (Actually Bill)

    Ann

    Bill

    MessageModificationJoe

    Ann

    Packet ReplayJoe

    Ann

    Bill

    Bill

    25

  • Man-in-the-Middle Attack

    10.1.1.1

    10.1.1.2

    10.1.1.3

    (1) Login

    (3) Password

    (2) Login

    (4) Password

    26

  • SQL Injection Java Original: “SELECT * FROM

    users_table WHERE username=” + “‟” + username + “‟” + “ AND password = “ + “‟” + password + “‟”;

    Inserted Password: Aa‟ OR „‟=‟ Java Result: “SELECT * FROM users_table

    WHERE username=‟anyname‟ AND password = „Aa‟ OR „ „ = „ „;

    Inserted Password: foo‟;DELETE FROM users_table WHERE username LIKE „%

    Java Result: “SELECT * FROM users_table WHERE username=‟anyname‟ AND password = „foo‟; DELETE FROM users_table WHERE username LIKE „%‟

    Inserted entry: „|shell(“cmd /c echo “ & char(124) & “format c:”)|‟

    Login:

    Password:

    Welcome to My System

    27

  • Password Cracking:Dictionary Attack & Brute Force

    Pattern Calculation Result Time to Guess

    (2.6x1018/month)

    Personal Info: interests, relatives 20 Manual 5 minutes

    Social Engineering 1 Manual 2 minutes

    American Dictionary 80,000 < 1 second

    4 chars: lower case alpha 264 5x105

    8 chars: lower case alpha 268 2x1011

    8 chars: alpha 528 5x1013

    8 chars: alphanumeric 628 2x1014 3.4 min.

    8 chars alphanumeric +10 728 7x1014 12 min.

    8 chars: all keyboard 958 7x1015 2 hours

    12 chars: alphanumeric 6212 3x1021 96 years

    12 chars: alphanumeric + 10 7212 2x1022 500 years

    12 chars: all keyboard 9512 5x1023

    16 chars: alphanumeric 6216 5x1028 28

  • Hacking Networks:Phase 4: Exploit/Maintain Access

    Backdoor

    Trojan Horse

    Spyware/AdwareBots

    User-Level Rootkit

    Kernel-Level Rootkit

    Replaces systemexecutables: e.g. Login, ls, du

    Replaces OS kernel:e.g. process or filecontrol to hide

    Control system:system commands,log keystrokes, pswd

    Useful utility actuallycreates a backdoor.

    Slave forwards/performscommands; spreads,list email addrs, DOSattacks

    Spyware: Collect info:keystroke logger,collect credit card #s,AdWare: insert ads,filter search results

    29

  • Botnets

    Attacker

    Handler

    Bots: Host illegal movies,music, pornography, criminal web sites, …Forward Spam for financial gain

    ChinaHungary

    Botnets: Bots

    Zombies

    30

  • Distributed Denial of ServiceZombies

    VictimAttacker

    Handler

    Can barrage a victimserver with requests,causing the networkto fail to respond to anyone

    RussiaBulgaria United

    States

    Zombies

    31

  • Hacktivism

    32

  • Hacktivism refers to hacking for a cause!

    – Political Agenda

    33

    Hacktivism

  • END OF LECTURE 2

    34