1 / 10

Network Vulnerabilities and Attacks

Network Vulnerabilities and Attacks. Dr. John Abraham UTPA. Media Based Vulnerabilities. Port mirroring Protocol sniffers Network tap These can be used to monitor traffic at the same time can be used to steal information. False ceilings, easy access to add an RJ45 Exposed wiring

seth-hughes
Télécharger la présentation

Network Vulnerabilities and Attacks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Vulnerabilities and Attacks Dr. John Abraham UTPA

  2. Media Based Vulnerabilities • Port mirroring • Protocol sniffers • Network tap • These can be used to monitor traffic at the same time can be used to steal information. • False ceilings, easy access to add an RJ45 • Exposed wiring • Unused rj-45 jacks

  3. How attacker can see traffic • Switch flooding – then a switch acts like a hub • Mac address impersonation • Fake network redirect • Router advertisements • Fake device redirect (table 4-1 p.123)

  4. Network Device vulnerabilities Weak passwords Default accounts Back doors Privilege escalation

  5. Weak passwords Do not use names or single word –attackers can use dictionary. Change passwords as frequently as you can Keep passwords to include several words and numbers Do not use same password for all accounts Do not write down passwords

  6. Default accounts User accounts on devices you buy These passwords are available on the internet

  7. Back Doors Done by programmers or consultants Even backdoor passwords are installed in firmware.

  8. Categories of Attacks Denial of Service – consume network resources. Example, continuous SYN Distributed denial of service (DDoS) Use hundreds of zombie computers. See figure 4-4 p.127. Spoofing-impersonation. Attacker may use IP address of a trusted source. Man-in-the-middle. Middle computer replaces messages going back and forth. Replay. Middle computer makes a copy of the message before sending it.

  9. Methods of network attacks Protocol based Antiquated protocols-some equipment still support old protocols such as old SNMP DNS attacks-DNS poisoning. Altering IP addresses ARP poisoning – altering MAC address TCP/IP hijacking – Spoofed TCP packets.

  10. Wireless Attacks Rogue Access Points – access points installed without sufficient security by unauthorized person who has access to wired LAN. WAR driving. Searching for wireless beaconing. Bluesnarfing – unauthorized access of information through bluetooth.

More Related