7/29/2019 Internet Attacks
1/28
Internet AttacksBY:
Piyush Mittal
7/29/2019 Internet Attacks
2/28
What is internet?
The Internet is a worldwide IP
network, that links collection
of different networks from
various sources,governmental, educational
and commercial.
7/29/2019 Internet Attacks
3/28
Problem regarding internet----
Identification problem.
identify network (most complicated):
logical addressing
identify host within the network :physical addressing
identify the process within the host:
service point addressing
7/29/2019 Internet Attacks
4/28
Types of attacks
Social engineering
Impersonation Stealing access rights of authorized users
Transitive trust Exploiting host-host or network-network trust
Data driven
Trojans, viruses
Infrastructure Taking advantage of protocol or infrastructure features or bugs
Denial of service Preventing system from being used
Magic
New things nobody has seen yet bugs
7/29/2019 Internet Attacks
5/28
Social engineering
Fooling the victim for fun and profit
ExampleAttacker calls switchboard and impersonates employee this is Dr. XXX
trying to reach the data center.Calls data center this is Dr. XXX my modem is not working, has
the modem pool ## changed?
Gets modem pool phone ## and name of system manager from
data center operator
Calls computer room, this is - Ive accidentally
locked myself , can you do the following on the console for
me?...
Dials in and logs in
7/29/2019 Internet Attacks
6/28
Very hard to protect against itHow to protect against it:
Educate staff
Have well-known mechanisms for problem reporting and handling
Identify transactions that must be done in person.
7/29/2019 Internet Attacks
7/28
Impersonation
Stealing access rights of authorized users
Example :-College students place tap on serial lines between modem closet
and computer room-Late-night monitoring set up at cross-wired terminal
- System manager logs in and sets privilege
- Attacker later logs into system with stolen passwords
7/29/2019 Internet Attacks
8/28
Transitive trust
A trust that can extend beyond two domains to other
trusted domains in the forest.
Example : Network of workstations share files via NFSAttacker compromises a client workstations administrator account
Attacker can create privileged executables on file systems exported from
server
Attacker creates privileged executable on server then logs in as normal user
Attacker executes privileged program and gains privilege on file server
7/29/2019 Internet Attacks
9/28
Prevention
Current software suites do not have adequate mechanisms for trust
delegation and containment
System admins must carefully map out trust relationships between hosts
on networks
Consider internal firewalls
7/29/2019 Internet Attacks
10/28
Data driven attacks
Trojans, viruses.
Example : Attacker on IRC (Internet Relay Chat) tells users to obtain a utility program
that will help them use system better Users download program and run it
Program deletes all users files and emails a copy of password file to
attacker
7/29/2019 Internet Attacks
11/28
Prevention
-Firewall can help screen out.
-Restricting services can help reduce potential for attack.
-Educate users about not just executing anything they are given.
7/29/2019 Internet Attacks
12/28
Infrastructure attacks
Example : (Source Routing)
-IP protocol specifies that source-routed traffic should return on the reverse
route from which it came
-Attacker selects a trusted host within the target network and knocks it off
the air using ICMP bombing
-Attacker sets address of his system to that of the trusted host
-Attacker uses rlogin with source routed packets
-Target host sees packets coming from trusted machine and may permit
better access
7/29/2019 Internet Attacks
13/28
7/29/2019 Internet Attacks
14/28
Prevention
-Defeat source routing with firewalls that block and log source
routed packets
-Many routers can block source routed packets
7/29/2019 Internet Attacks
15/28
Example : (TCP sequence guessing)
- TCP connections rely on an increasing sequence number to
correctly order traffic over connection.
-If an attacker knows the sequence numbers of a connectionstream he can generate correct-looking packets even though
the response packets do not reach him.
In order for attack to work ,response packets must not reach
the correct destination.
7/29/2019 Internet Attacks
16/28
7/29/2019 Internet Attacks
17/28
7/29/2019 Internet Attacks
18/28
7/29/2019 Internet Attacks
19/28
Example : (TCP splicing)
Attacker between networks watches for a legitimateconnection
Waits until after user has logged in
Steals connection and becomes user
7/29/2019 Internet Attacks
20/28
7/29/2019 Internet Attacks
21/28
7/29/2019 Internet Attacks
22/28
7/29/2019 Internet Attacks
23/28
Denial of service attacks
Denial of service(DoS) is very common attack . it may slow
down or totally interrupt the service of a system . The attacker
can use several strategies to achieve this she might send so
many bogus request s to a server that the server crashes
because of the heavy load .
The attacker might intercept and delete a servers response
to a client making the client to believe that the server is not
responding.
The attacker may also intercept requests from the clients ,causing the clients to send request many times and overload
the system.
7/29/2019 Internet Attacks
24/28
Magic attacks
-We dont know what these will look like
-Theyre the attack that someone hasnt thought of yet
-Attack will be utterly mysterious in origin and will surprise
everyone
-Hopefully it will be easy to fix
7/29/2019 Internet Attacks
25/28
What does the future hold?
-Host-based software will continue to be buggy and unreliable
from a security standpoint
-Vendors will continue to add security as an afterthought rather
than designing it in from the beginning
-Encryption will be more widely deployed in spite of government
restrictions
7/29/2019 Internet Attacks
26/28
Summary
-Attackers are performing active R&D to figure out how to break
into networks
-Some attacks very technical
-Some attacks very low tech
7/29/2019 Internet Attacks
27/28
Refrences
www.wikkipedia.com
Cryptography and Network Security by
Behrouz A. Forouzan
www.Siemens.com/Answers
www.us-cert.gov
http://www.wikkipedia.com/http://www.siemens.com/Answershttp://www.us-cert.gov/http://www.us-cert.gov/http://www.us-cert.gov/http://www.us-cert.gov/http://www.siemens.com/Answershttp://www.wikkipedia.com/http://www.wikkipedia.com/7/29/2019 Internet Attacks
28/28
Thanks