Seven Deadliest Network Attacks (Seven Deadliest Attacks)
Format: PDF / Kindle (mobi) / ePub
Seven Deadliest Network Attacks identifies seven classes of network attacks and discusses how the attack works, including tools to accomplish the attack, the risks of the attack, and how to defend against the attack.
The book consists of seven chapters that deal with the following attacks: (i) denial of service; (ii) war dialing; (iii) penetration testing; (iv) protocol tunneling; (v) spanning tree attacks; (vi) man-in-the-middle; and (vii) password replay. These attacks are not mutually exclusive and were chosen because they help illustrate different aspects of network security. The principles on which they rely are unlikely to vanish any time soon, and they allow for the possibility of gaining something of interest to the attacker, from money to high-value data.
This book is intended to provide practical, usable information. However, the world of network security is evolving very rapidly, and the attack that works today may (hopefully) not work tomorrow. It is more important, then, to understand the principles on which the attacks and exploits are based in order to properly plan either a network attack or a network defense.
- Knowledge is power, find out about the most dominant attacks currently waging war on computers and networks globally
- Discover the best ways to defend against these vicious attacks; step-by-step instruction shows you how
- Institute countermeasures, don’t be caught defenseless again, and learn techniques to make your computer and network impenetrable
individual) can conduct massive DoS attacks. The rest of this chapter will focus solely on DDoS attacks. Overview of a Denial of Service Attack Suppose you want to conduct a network DDoS attack against a particular victim. You are taking the role commonly called the intruder. To conduct a DDoS attack, you need to be able to “use up” some resource needed by the victim. You can target any resource likely to interrupt your target. For instance, if you are targeting an online retailer, you might do
personal information to an attacker. This type of constant adaptation of the thought process behind war dialing shows that some version of it will be with us for a long time. Defenses against War Dialing The best defense against any type of attack is to eliminate the attack surface itself. In the case of war dialing, you can accomplish this if you are able to eliminate modems from your network. An attacker who war dials your phone exchange when MWarDriving NKismet and Wireless Penetration
Frame Data FCS Physical Link Network Router Network Router Figure 5.3 Sending a Web Page across Ethernet Figure 5.4 Traceroute Output Understanding the Spanning Tree Protocol One reason why the Internet is so reliable is that it allows for redundancy. Eventually physical hardware wears out and fails. People trip over power and network cables and “accidentally” unplug things they should not. Earthquakes and other natural disasters can destroy infrastructure. Construction workers dig up
the traffic. The most straightforward is just to install the password sniffer (or a trafficcapture program like tcpdump) on a gateway or proxy server. You can then watch all the traffic passing through the machine on its way to and from the Internet. It may even be possible to modify a network’s topology (see Chapter 5, “Spanning Tree Attacks”) so that your machine receives all traffic. You can only sift through the traffic you actually see, after all. Of course, sometimes people decide to
Replay You’ve got the access to a switch that is carrying your “friend” Rob’s Internet traffic, and you are happily collecting packets. You see that he occasionally connects to a remote site and you are sure he is busy extolling the virtues of Kirk as captain of the Enterprise and running down your recent postings about Picard. You have to know for sure, but you can’t capture any clear-text passwords. The system he is using encrypts his credentials when he sends them, so you can’t just grab them