Network Security
Lecture 3
Modern Network Security
Threats
!"#" $%&#'
‫ت‬#&)*%+‫ ا‬#-').)/01 $-*2
‫ت‬#-3&‫ا‬45.‫ ا‬678
‫س‬:/;+‫=)ر ا‬2:.‫ا‬
>‫ا‬:5? 6@40.‫ا‬:5? ‫رث‬#B.‫ا‬
Access Attacks
l
Access attacks exploit known vulnerabilities
in:
§
§
authentication services
FTP services
web services
l
Types of the access attacks are:
§
§
Password Attacks
Trust Exploitation
Port Redirection
§
Man-in-the-Middle Attacks
§
§
Password Attacks
What is a password?
A password is information associated with an
entity that confirms the entity’s identity.
l
l
l
Password are used for authentication.
Password integrity is necessary.
Password Attacks
l
Types of password attacks:
§
Dictionary Attack.
Brute force attack.
§
l
§
§
There are alternatives to passwords:
TACACS
RADIUS
Trust Exploitation
l
l
Trust exploitation refers to an individual
taking advantage of a trust relationship within
a network.
An example of when trust exploitation takes
place is when a perimeter network is
connected to a corporate network.
Trust Exploitation
Trust Exploitation
l
Another example of trust exploitation is a
demilitarized zone (DMZ).
Port Redirection
l
l
Port redirection is a form of trust exploitation
in which the attacker could install software to
redirect traffic from the outside host directly
to the inside host.
Through a port on the firewall or access
control list (ACL).
Port Redirection
Man-in-the-Middle Attacks
l
Is one in which the attackers secretly intercepts and relays
messages between two parties who believe they are
communicating directly with each other.
Denial of Service Attacks
l
l
§
§
§
An attack that prevents or impairs the
authorized use of networks, system or
applications by exhausting resources such as
CPU, memory, bandwidth and disk space.
Types of DoS Attacks:
Distributed DoS
TCP SYN
Smurf Attack
Distributed DoS Attacks
l
l
l
Multiple systems are compromised to send a
DoS attack to a specific target .
The compromised systems are commonly
called zombies or slaves.
The result of attack is the targeted system
denies service to valid users
Distributed DoS Attacks
TCP SYN Attack
l
l
Goal is to deny access to a TCP service
running on a host.
Creates a number of half-open TCP
connections which fill up a host’s listen
queue; host stops accepting connections.
TCP SYN Attack
Smurf Attack
l
A smurf attack is an exploitation of the
Internet Protocol (IP) broadcast addressing
to create a denial of service.
Mitigating Modern Network
Security Threats
l
The mitigation techniques are :
§
Authentication, Authorization, and Accounting (AAA)
Access control lists (ACLs)
Internetwork Operating System (IOS) secure
management features
§
§
1. Secure Shell (SSH)
2. Simple Network Management Protocol (SNMP)
3. Syslog
4. Network Time Protocol (NTP)
Mitigating Modern Network
Security Threats
§  Encryption protocols
1. SSH
2. Internet Protocol Security (IPsec)
3. Secure Socket Layer (SSL)
§  Security appliances and
1. Firewall
2. Intrusion Prevention System (IPS)
3. Intrusion Detection System (IDS)
applications
Mitigating Modern Network
Security Threats
Mitigating Modern Network
Security Threats