Seven Deadliest Network Attacks BY Stacy Prowell, Mike Borkin & Rob Kraus

Seven Deadliest Network Attacks BY Stacy Prowell, Mike Borkin & Rob Kraus

Book Title: Seven Deadliest Network Attacks
Author's: Stacy Prowell, Mike Borkin & Rob Kraus
Year: 2010
Page: 145
DOWNLOAD: (SERVER - 1) | (SERVER - 2) | (SERVER - 3) | (TORRENT)

This book identifies seven classes of network attacks and discusses how the attack works, including tools to accomplish the attack, what are the risks of the attack, and how to defend against the attack. Seven attacks were chosen: denial of service, war dialing, penetration testing, protocol tunneling, spanning tree attacks, man-in-themiddle, and password replay. These are not mutually exclusive; you can exploit the spanning tree protocol, for example, to launch a denial-of-service attack. These were chosen because they help illustrate different aspects of network security; the principles on which they rely are unlikely to vanish any time soon, and they allow for the possibility of gaining something of interest to the attacker, from money to high-value data.

Chapter 1: “Denial of Service,” illustrates how even sophisticated networks can be crippled by a determined hacker with relatively few resources.

Chapter 2: “War Dialing,” illustrates how a hacker can circumvent the hardened security perimeter of a network to access “softer” targets.

Chapter 3: “Penetration ‘Testing,’” discusses the various tools and techniques used for penetration testing that are readily available to both the defenders and the attackers.

Chapter 4: “Protocol Tunneling,” presents a method for deliberately subverting your network perimeter to “tunnel” prohibited traffic into and out of your network.

Chapter 5: “Spanning Tree Attacks,” discusses the “layer 2” network responsible for knitting together your switches, routers, and other devices into a reliable network, and illustrates one way in which to exploit the weak security of this layer.

Chapter 6: “Man-in-the-Middle,” discusses a very common attack pattern and just what an attacker can accomplish once he or she has inserted himself or herself into your data stream.

Chapter 7: “Password Replay,” focuses on the security of passwords and other static security measures and how an attacker can use various techniques to gain unauthorized access.

This book is intended to provide practical, usable information. However, the world of network security is evolving very rapidly, and the attack that works today may (hopefully) not work tomorrow. It is more important, then, to understand the principles on which the attacks and exploits are based in order to properly plan either a network attack or a network defense. The authors chose the contents of this book because we believe that, underlying the attacks presented here, there are important principles of network security. The attacks are deadly because they exploit principles, assumptions, and practices that are true today and that we believe are likely to remain true for the foreseeable future.

Increasingly sophisticated criminal organizations launch network attacks as a serious, for-profit enterprise. Similarly, well-funded governmental actors launch network attacks for political reasons or for intelligence gathering. Cyberspace is already a battlefield. Even if your network doesn’t have high-value intelligence and you don’t have deep pockets, you may be the target of a sophisticated attack because you have something else of value: machines and network access. An attacker may exploit your network to launch malware or to launch a network attack. Your Internet Protocol address may serve to give the attacker a level of plausible deniability. After all, would you want to launch the virus you just finished creating through your own Internet service provider connection? Attackers may use your machines for storage of information ranging from child pornography to stolen credit card numbers. Once these show up on your machines, it becomes your job to explain how they got there. Attackers can use compromised machines for command and control of deployed and distributed malware. This can result in your network being blacklisted or blocked as a distribution source for malware. Is this the company image you want your customers to see?

As networks grow and incorporate more sophisticated technologies, it can become difficult to maintain the necessary situational awareness. What were once “dumb” network nodes such as printers and network hardware may now have exploitable – and unexpected – vulnerabilities. These components are – in reality – just other computers on the network. Some of them have multiple interfaces that need to be considered, including Bluetooth, wireless, and wired connections. If one interface is well protected and another disabled, there may still be a third that is available. Network security requires considering the role and security concerns of each device, not just delivering the device and plugging it in.

There are many reasons why network security is hard, ranging from the fact that networks are increasingly sophisticated and complex to the fact that economic incentives can work against proper security. Network security is essentially asymmetric warfare; your adversaries can probe anywhere, but you have to defend everywhere. This creates a technological bias in favor of the attackers. Further, criminal organizations live in a target-rich environment. If they are unsuccessful with one attack, they can move on and attack a different organization.

The market for computer security products can – and does – fall prey to the asymmetric information problem. This is a case in which buyers of a product do not have as much information about the relative merits of the product as the sellers do. This creates a downward pressure on prices that, in turn, creates a downward pressure on quality.