Methods of Attack - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

Methods of Attack

Description:

Methods of Attack NJ-CISSP – PowerPoint PPT presentation

Number of Views:103
Avg rating:3.0/5.0
Slides: 19
Provided by: Bhan8
Category:

less

Transcript and Presenter's Notes

Title: Methods of Attack


1
Methods of Attack
  • NJ-CISSP

2
Attack
  • An assault on system security that derives from
    an intelligent threat, i.e., an intelligent act
    that is a deliberate attempt (especially in the
    sense of a method or technique) to evade security
    services and violate the security policy of a
    system. RFC 2828, May 2000

3
Attacks Target Secure Computing Properties
  • Confidentiality
  • The property that information is not made
    available or disclosed to unauthorized
    individuals, entities, or processes.
  • Integrity
  • The property that data has not been changed,
    destroyed, or lost in an unauthorized or
    accidental manner.
  • Availability
  • The property of a system or a system resource
    being accessible and usable upon demand by an
    authorized system entity, according to
    performance specifications for the system i.e.,
    a system is available if it provides services
    according to the system design whenever users
    request them.

4
Attack Phases
  • PHASE 1 - INFORMATION GATHERING
  • First phase tools (Ping sweeps, Port scans,
    Social Engineering)
  • PHASE 2 - GAINING ACCESS
  • Second phase techniques (exploit of software
    bugs, buffer overflow exploit, FTP bugs)
  • PHASE 3 - DENYING SERVICES
  • Third phase attacks (Syn Flood, Ping of
    death, Teardrop Attack)
  • PHASE 4 - EVADE DETECTION

5
Brute Force
  • A cryptanalysis technique or other kind of attack
    method involving an exhaustive procedure that
    tries all possibilities, one-by-one. For
    example, for ciphertext where the analyst already
    knows the decryption algorithm, a brute force
    technique to finding the original plaintext is to
    decrypt the message with every possible key.

6
Brute Force
  • Passwords
  • More successful against weak passwords
  • Encryption - DES
  • Obtain sample plaintext-ciphertext pair
  • Test each possible key in turn
  • Would take thousands of years,
  • unless done in parallel. (20 hours by 1990)
  • Pop service (110) success
  • Did not have their login failures logged

The key to a successful brute force attack is to
select a target that has a high degree of success
and a small chance of being logged.
7
Dictionary
  • An attack that uses a brute-force technique of
    successively trying all the words in some large,
    exhaustive list. For example, an attack on an
    authentication service by trying all possible
    passwords or an attack on encryption by
    encrypting some known plaintext phrase with all
    possible keys so that the key for any given
    encrypted message containing that phrase may be
    obtained by lookup. RFC 2828, May 2000

8
Denial of Service
  • Denial Of Service (DOS) attacks attempt to slow
    or shut down targeted network systems or
    services.
  • There are two main types of DOS attacks flaw
    exploitation and flooding.

9
Denial of Service
  • Flaw exploitation DOS Attacks
  • Flaw exploitation attacks exploit a flaw in the
    target systems software in order to cause a
    processing failure or to cause it to exhaust
    system resources.
  • Flooding DOS Attacks
  • Flooding attacks simply send a system or system
    component more information than it can handle. In
    cases where the attacker cannot send a system
    sufficient information to overwhelm its
    processing capacity, the attacker may nonetheless
    be able to monopolize the network connection to
    the target, thereby denying anyone else use of
    the resource.

10
Distributed Denial of Service
  • DDOS attacks are a subset of DOS
  • DDOS attacks are simply flooding DOS attacks
    where the hacker uses multiple computers to
    launch the attack. These attacking computers are
    centrally controlled by the hackers computer and
    thus act as a single immense attack system.

11
Spamming
  • Attacks are a subset of DOS
  • A spammer uses your email system as a spam relay.
    Your system becomes the host and then tries to
    deliver all messages.
  • While your email server is spending time
    processing the spam mail, it is prevented from
    handling legitimate mail for your domain.

12
Spoofing
  • In a spoofing attack, the intruder sends messages
    to a computer indicating that the message has
    come from a trusted system. To be successful, the
    intruder must first determine the IP address of a
    trusted system, and then modify the packet
    headers to that it appears that the packets are
    coming from the trusted system
  • http//www.sans.org/infosecFAQ/threats/intro_spoo
    fing.htm

13
Spoofing
  • IP spoofing - IP spoofing involves forging one's
    source IP address. It is the act of using one
    machine to impersonate another. Many applications
    and tools in UNIX systems rely on source IP
    address authentication.
  • ARP spoofing - ARP spoofing involves forging
    packet source hardware address (MAC address) to
    the address of the host you pretend to be.

14
Man-in-the-middle
  • The "Man In The Middle" or "TCP Hijacking" attack
    is a well known attack where an attacker sniffs
    packets from network, modifies them and inserts
    them back into the network. There are few
    programs/source codes available for doing a TCP
    hijack. Juggernaut, T-Sight and Hunt are some
    these programs.
  • http//www.sans.org/infosecFAQ/threats/middle.htm

15
Sniffers
  • Packet sniffers
  • A software application that uses a network
    adapter card in promiscuous mode to capture all
    network packets that are sent across a LAN.
  • Captures plain text user account names,
    passwords, etc.
  • Can also interject new information or change
    existing information.

16
Crackers
  • Someone who tries to break the security of, and
    gain access to, someone else's system without
    being invited to do so.

17
Countermeasures
  • Adequate Security Controls
  • Documentation
  • Policy, Standards, Processes
  • Equipment
  • IDS, Firewall, Network Map
  • Personnel
  • Auditing, Monitoring, Configuring, etc
  • Education
  • CISSP Certified Staff

18
Questions?
  • Ask Jeanette!
Write a Comment
User Comments (0)
About PowerShow.com