network security kevin diep. outline the five phrases of network penetration how to prevent...
TRANSCRIPT
![Page 1: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/1.jpg)
Network SecurityKevin Diep
![Page 2: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/2.jpg)
Outline
•The five phrases of network penetration
•How to prevent exploitations and network vulnerability
•Ethical issues behind such attacks
![Page 3: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/3.jpg)
Phase 1: Reconnaissance
•To collect and gain information
•Low-Technology Reconnaissance:
Social Engineering
Physical Break-In
Dumpster Diving
![Page 4: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/4.jpg)
Social Engineering Social engineering involves an attacker
calling employees at the target organization on the phone and duping them into revealing sensitive information
• Finding pretext to obtain privileged information or services
• Social engineering is deception, pure and simple.
![Page 5: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/5.jpg)
Social Engineering
•Several of social engineering's "greatest hits" are
A new employee calls the help desk trying to figure out how to perform a particular task on the computer.
An angry manager calls a lower level employee because a password has suddenly stopped working.
![Page 6: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/6.jpg)
Social Engineering A system administrator calls an employee
to fix an account on the system, which requires using a password.
An employee in the field has lost some important information and calls another employee to get the remote access phone number
![Page 7: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/7.jpg)
Physical Break-In
•An external attacker might try to walk through a building entrance, sneaking in with a group of employees on their way into work
•An attacker might simply try grabbing a USB Thumb drive, CD, DVD, backup tape, hard drive, or even a whole computer containing sensitive data and walking out with it tucked under a coat.
![Page 8: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/8.jpg)
Dumpster Diving
•Retrieving sensitive information from trash such ask discarded paper, CDs, DVDs, floppy disks, tapes, and hard drives containing sensitive data.
•Dumpster diving is especially effective when used for corporate espionage
![Page 9: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/9.jpg)
Phase 1: Reconnaissance
•Higher-Technology Reconnaissance:
Searching the Web
Using the Whois Database
![Page 10: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/10.jpg)
Reconnaissance via Searching the Web•Searching an organization’s own web site
Employees’ contact information and phone numbers
Clues about the corporate culture and language
Business partners Recent mergers and acquisitions Server and application platforms in use
![Page 11: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/11.jpg)
Reconnaissance via Whois Database
•These databases contain a variety of data elements regarding the assignment of domain names, individual contacts, and even Internet Protocol (IP) addresses
![Page 12: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/12.jpg)
![Page 13: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/13.jpg)
Phase 2: Scanning
•After the reconnaissance phase, the attacker is armed with some vital information about the target infrastructure
a handful of telephone numbers, domain names, IP addresses, and technical contact information
• Most attackers then use this knowledge to scan target systems looking for openings
![Page 14: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/14.jpg)
Phase 2: Scanning
•War Dialing
•Network Mapping
•Port Scanning
![Page 15: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/15.jpg)
War-dialing attack
• Searching for a modem in a target's telephone exchange to get access to a computer on their network
• You can manually do it yourself or use tools that automates the task for you, dialing large pools of telephone numbers in an effort to find unprotected modems.
• These tools can scan in excess of 1,000 telephone numbers in a single night using a single computer with a single phone line
![Page 16: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/16.jpg)
![Page 17: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/17.jpg)
Phase 2: Network Mapping
•Finding live hosts ICMP pingsTraceroute
•We can use this feature to determine the paths that packets take across a network
![Page 18: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/18.jpg)
![Page 19: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/19.jpg)
Phase 2: Port Scanning
• Used software to find open ports
• Nmap, Strobe, Ultrascan
![Page 20: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/20.jpg)
![Page 21: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/21.jpg)
Phase 2: ScanningWhat the Attacker Knows Tools Used to Get the
Information
List of addresses for live hosts on the network
Ping and Cheops-ng
General network topology Traceroute and Cheops-ng
List of open ports on live hosts Nmap port scan
List of services and versions running on the target ports
Nmap version scan
Operating system types of live hosts
Nmap and Xprobe2 active operating system fingerprinting
List of ports open through packet filters on the target network
Firewalk
![Page 22: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/22.jpg)
Phase 3: Gaining Access•Gaining access to retrieve sensitive information from
the victim
•Use the victim as a launching platform to attack other victim
•Destroy the victim file
• Two methods of gaining access
Gaining Access using Application and OS attacks
Gaining Access using Network attacks
![Page 23: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/23.jpg)
Phase 3: Gaining Access Using Application and OS Attacks
•Password attacks
•Web application attacks
![Page 24: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/24.jpg)
Password Attacks
•Password Guessing Attacks Users often choose passwords that are easy
to remember, but are also easily guessed default passwords used by vendors left
unchanged
•Password Guessing Through Login Attacksrun a tool that repeatedly tries to log in to
the target system across the network, guessing password after password
![Page 25: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/25.jpg)
Phase 3: Password Cracking
•More sophisticated and faster than password guessing through login script
•Requires access to a file containing user names and encrypted passwords
![Page 26: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/26.jpg)
Phase 3: Password Cracking• A password-cracking tool can form its password
guesses in a variety of ways.
Words in the dictionary
• Many password-cracking tools also support brute-force cracking
guesses every possible combination of characters to determine the password (a–z and 0–9) and special characters (!@#$, and so on).
this brute-force guessing process can take an enormous amount of time, ranging from hours to centuries
![Page 27: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/27.jpg)
Phase 3: Gaining Access
•Web Application Attacks
Account Harvesting
SQL Piggy
![Page 28: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/28.jpg)
Account Harvesting
User ID is incorrect Password is incorrect
![Page 29: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/29.jpg)
Account Harvesting
•Attackers can write a script to brute-force guessing all possible user IDs using a false password.
• If an error message is returned indicating that the user ID is valid, they will store that to a file, and reverse the process and guessing the password for the successful ID they just obtained.
![Page 30: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/30.jpg)
SQL Piggybacking
• Attacker may can extend an application’s SQL statement to extract or update information that the attacker is not authorized to access
• Attacker will explore how the Web application interacts with the back-end database by finding a user-supplied input string that will be part of a database query
![Page 31: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/31.jpg)
![Page 32: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/32.jpg)
![Page 33: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/33.jpg)
![Page 34: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/34.jpg)
Phase 3: Gaining Access Using Network Attacks
•Sniffing
• IP Spoofing
![Page 35: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/35.jpg)
Phase 3: Sniffing
•SnifferAllows attacker to see everything sent across
the network, including userIDs and passwords
• Island Hopping AttackAttacker initially takes over a machine via
some exploit Attacker installs a sniffer to capture userIDs
and passwords to take over other machines
![Page 36: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/36.jpg)
![Page 37: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/37.jpg)
Phase 3: IP Spoofing
• Just change your IP address to the other system's address
• If the attacker just wants to send packets that look like they come from somewhere else
![Page 38: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/38.jpg)
Phase 4: Maintaining Access• Trojan Horses
Software program containing a concealed malicious capability but appears to be benign, useful, or attractive to users
•BackdoorSoftware that allows an attacker to access a
machine using an alternative entry methodInstalled by attackers after a machine has been
compromisedMay Permit attacker to access a computer without
needing to provide account names and passwords
![Page 39: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/39.jpg)
Phase 4: Maintaining Access
•Trojan Horse BackdoorsPrograms that combine features of
backdoors and Trojan horses Not all backdoors are Trojan horses Not all Trojan horses are backdoors
Programs that seem useful but allows an attacker to access a system and bypass security controls
![Page 40: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/40.jpg)
Phase 4: Maintaining Access•Categories of Trojan Horse Backdoors
Application-level Trojan Horse Backdoor A separate application runs on the system that
provides backdoor access to attackerTraditional RootKits
Critical operating system executables are replaced by attacker to create backdoors and facilitate hiding
Kernel-level RootKits Operating system kernel itself is modified to allow
backdoor access and to help attacker to hide
![Page 41: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/41.jpg)
Application-level Trojan Horse Backdoor
•User must be tricked into installing this application which gives attacker backdoor access and complete control over victim’s machineBack Orifice 2000
•Tricking Users to install Trojan Backdoorsembed backdoor application in another
innocent looking program via “wrappers”Wrapper creates one Trojan EXE application
from two separate EXE programs
![Page 42: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/42.jpg)
![Page 43: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/43.jpg)
Traditional RootKits• A suite of tools that allow an attacker to maintain
root-level access via a backdoor and hiding evidence of a system compromise
• More powerful than application-level Trojan horse backdoors(eg. BO2K, Netcat) since the latter run as separate programs which are easily detectable
• a more insidious form of Trojan horse backdoor than application-level counterparts since existing critical system components are replaced to let attacker have backdoor access and hide
![Page 44: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/44.jpg)
•A RootKit replaces /bin/login with a modified version that includes a backdoor password for root access
![Page 45: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/45.jpg)
Kernel-Level RootKits•More sinister, devious, and nasty than
traditional RootKits
•Operating system kernel replaced by a Trojan horse kernel that appears to be well-behaved but in actuality is rotten to the core
•Trojanized kernel can intercept system calls and run another application chosen by atttacker
![Page 46: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/46.jpg)
•File HidingAttacker can hide specific subdirectories
and files•Process Hiding
Attacker can be running Netcat listener but the kernel will not report its existence to ps
•Network HidingAttacker can tell kernel to lie to netstat
about network port being used by a backdoor program
![Page 47: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/47.jpg)
![Page 48: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/48.jpg)
Phase 5: Covering Tracks and Hiding
•Hiding Evidence by Altering Event LogsAttackers like to remove evidence from logs
associated with attacker’s gaining access, elevating privileges,and installing RootKits and backdoors
Create hidden file from the user
• Covert ChannelsCommunication channels that disguises data while
it moves across the network to avoid detectionCan be used to remotely control a machine and to
secretly transfer files or applications
![Page 49: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/49.jpg)
![Page 50: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/50.jpg)
Preventing Exploitations•Rule of thumb▫Don’t give out sensitive information to anyone▫Don’t let attacker get root or administrator
access on hosts▫Harden OS▫Install latest security patches▫Install network IDS▫Use antivirus tools▫Know your software▫Disable all unneeded services and ports
![Page 51: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/51.jpg)
Is hacking ethical?
• http://www.computerworld.com/s/article/91549/Is_hacking_ethical_
•Hacktivists: Those who hack as a form of political activism.
•Hobbyist hackers: Those who hack to learn, for fun or to share with other hobbyists.
•Research and security hackers: Those concerned with discovering security vulnerabilities and writing the code fixes.
![Page 52: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/52.jpg)
Conclusion
•“Yes, I do believe that hacking -- when properly defined -- is an ethical activity.”
- By Marcia J. Wilson
![Page 53: Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e255503460f94b144f2/html5/thumbnails/53.jpg)
•http://www.youtube.com/watch?v=dBSDfo5g2tw&feature=related