Please enable JavaScript.
Coggle requires JavaScript to display documents.
INTRODUCTION VULNERABILITIES, THREAT AND ATTACK (THREATS (UNSTRUCTURED…
INTRODUCTION VULNERABILITIES, THREAT AND ATTACK
NETWORK SECURITY TERMS
Vulnerability
- A weakness that is inherent in every network and device. This includes routers, switches, desktops, servers, and even security devices themselves.
Threats
- The people eager, willing, and qualified to take advantage of each security weakness, and they continually search for new exploits and weaknesses.
Attacks
- The threats use a variety of tools, scripts, and programs to launch attacks against networks and network devices. Typically, the network devices under attack are the endpoints, such as servers and desktops.
-
TERMS
Attackers
- An assault on system security that derives from an intelligent threat
Hackers
- Generally used to imply someone who gains access to a system, software, or hardware without permission.
Black hat
- Negotiaties the security of the system without authorized access
White hat
- Focuses on securing IT systems by alerting against security flaws
Grey hat
- Combination of black hat and white hat hackers
Ethical hackers
- Holds extensive knowledge and skills concerning the web
THREATS
UNSTRUCTURED THREATS
- Unstructured threats consist of mostly inexperienced individuals using easily available hacking tools such as shell scripts and password crackers.
STRUCTURED THREATS
- Structured threats come from hackers who are more highly motivated and technically competent.
EXTERNAL THREATS
- can arise from individuals or organizations working outside of a company.
INTERNAL THREATS
- occur when someone has authorized access to the network with either an account on a server or physical access to the network.
ATTACKS
EAVESDROPPING
Information gathering
- Network intruders can identify usernames, passwords or information carried.
Information theft
- Network eavesdropping can lead to information theft. The theft can occur as data is transmitted over the internal or external network
RECONNAISSANCE
Reconnaissance is somewhat analogous to a thief casing a neighborhood for vulnerable homes to break into, such as an unoccupied residence, easy-to-open doors, or open windows.Attack consist
- Packet sniffers
- Port scans
- Ping sweeps
- Internet information queries
ACCESS
System access is the ability for an unauthorized intruder to gain access to a device.
Access attacks can consist of the following:
- Password attacks
- Trust exploitation
- Port redirection
- Man-in-the-middle attacks
- Social engineering
- Phishing
PASSWORD ATTACKSDICTIONARY ATTACK
- All of the words in a dictionary file are computed and compared against the possible users’ password.
- This method is extremely fast and finds simple passwords.
BRUTE-FORCE ATTACK
- This method uses a particular character set, such as A to Z, or A to Z plus 0 to 9.
- It always computes the password if that password is made up of the character.
- The downside is that time is required for completion of this type of attack.
POLICY IDENTIFICATION
Two basic area of policy:
- The policy should identify the assets that require protection. This helps the designer provide the correct level of protection for sensitive computing resources and to identify the flow of sensitive data in the network.
- The policy should identify possible attackers. This gives the designer insight into the level of trust assigned to internal and external users, ideally identified by more-specific categories such as business partners, customers of an organization, and outsourcing IT partners
The result of policy analysis will be as follows:
- The evaluation of policy correctness and completeness
- Identification of possible policy improvements, which need to be made before the security implementation stage
PASSWORD POLICY
WEAK PASSWORD
- Is no password at all
- Contains your user name, real name, or company name
- Contains a complete dictionary word. E.x : PASSWORD, passw0rd,pa$$word
STRONG PASSWORD
5 step to a GOOD password:
- Start with a base word phrase
- Lengthen the phrase
- Scramble the phrase
- Rotate/Change password regularly
- Advanced password
TRUST EXPLOITATION
- An attack in which an individual takes advantage of a trust relationship within a network.
MAN-IN-THE-MIDDLE
- Requires that the hacker have access to network packets that come across a network.
SOCIAL ENGINEERING
- The easiest hack involves no computer skill at all. If an intruder can trick a member of an organization into giving over valuable information
PHISHING
- Phishing is a type of social-engineering attack that involves using e-mail or other types of messages in an attempt to trick others into providing sensitive information
PHISHING SCAM
- Gmail users – beware of fake login pages
DENIAL-OF-SERVICE
- Denial of service implies that an attacker disables or corrupts networks, systems, or services with the intent to deny services to intended users
DoS ATTACK
- DoS attacks prevent authorized people from using a service by using up system resources.
DDoS ATTACK
-DDoS attacks are designed to saturate network links with spurious data. This data can overwhelm an Internet link, causing legitimate traffic to be dropped.
MALICIOUS CODEVIRUS
- Malicious software that is attached to another program to execute a particular unwanted function on the user workstation
WORM
- An application that executes arbitrary code and installs copies of itself in the memory of the infected computer, which then infects other hosts
TROJAN HORSE
- An application written to look like something else that in fact is an attack tool.