lecture-lab2 - waits for response Since the request has not...

Info iconThis preview shows pages 1–13. Sign up to view the full content.

View Full Document Right Arrow Icon
Network Attacks Mark Shtern
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Types Of Network Attack Passive attack Active attack
Background image of page 2
Passive network attack Sniffing network traffic Wireshark Tcpdump Dsniff Reverse Engineer Protocol OS finger-printing p0f
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Active network attack Masquerade (spoofing) Denial of Service (DoS) Replay Attack, Reordering Message tampering (session hijacking)
Background image of page 4
Spoofing (ARP Poisoning) ARP = Address Resolution Protocol ARP is used to find the destination node. In order to deliver the packet to the destination node, the sender broadcasts the IP address of the destination and obtains the MAC address (48-bits).
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Spoofing (ARP Poisoning) Copied from http://securitylabs.websense.com/content/Blogs/2885.aspx
Background image of page 6
ARP Poisoning Tools ARPoison Ettercap
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
TCP Handshake
Background image of page 8
DoS SYN flooding attack SYN packets are sent to the target node with fake source IP addresses The node under attack sends an ACK packet and
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 10
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 12
Background image of page 13
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: waits for response Since the request has not been processed, it takes up memory Eventually the attacked node is unable to process any requests as it runs out of memory storage space Replay Replay involves capturing traffic while in transit and use that to gain access to systems. Example: Hacker sniffs login information of a valid user Even if the information is encrypted, the hacker replays the login information to fool the system and gains access Replay Attack Session hijack This means that the hacker has directed traffic to his server instead of a trusted server that the victim is assuming Example: A hacker ARP poisons the router to route all traffic to his computer The hacker modifies data packages QUESTIONS ???...
View Full Document

Page1 / 13

lecture-lab2 - waits for response Since the request has not...

This preview shows document pages 1 - 13. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online