{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Using the failure to violate the site security

Info iconThis preview shows pages 23–27. Sign up to view the full content.

View Full Document Right Arrow Icon
Using the failure to violate the site security: exploiting the vulnerability; the person who does this: an attacker. It can be due to: Lapses in design, implementation, and operation procedures. Even security algorithms/systems are not immune! We will go over some examples in this course.
Background image of page 23

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
NS-H0503-02/1104 24 IP Protocol-related Vulnerabilities Authentication based on IP source address But no effective mechanisms against IP spoofing Consequences (possible exploits) Denial of Service attacks on infrastructures, e.g. IP Spoofing and SYN Flood Smurf and Fraggle attacks OSPF Max Sequence
Background image of page 24
NS-H0503-02/1104 25 Methods of Defence Encryption Software Controls (access limitations in a data base, in operating system protect each user from other users) Hardware Controls (smartcard) Policies (frequent changes of passwords) Physical Controls
Background image of page 25

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
NS-H0503-02/1104 26 Impact of Attacks Theft of confidential information Unauthorized use of Network bandwidth Computing resource Spread of false information Disruption of legitimate services All attacks can be related and are dangerous!
Background image of page 26
NS-H0503-02/1104 27 The Security Life Cycle The iterations of Threats Policy Specification Design Implementation Operation and maintenance
Background image of page 27
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}