Like a telephone wiretap allows the fbi to listen in

Info icon This preview shows pages 5–7. Sign up to view the full content.

View Full Document Right Arrow Icon
Like a telephone wiretap allows the FBI to listen in on other people's conversations, a "sniffing" program lets someone listen in on computer conversations. n Tools: Telnet (manual), vulnerability scanners (automatic). Common DoS Attacks n Filling hard drive space with email attachments n Sending a message that resets a targets host subnet mask causing routing disruption n Using up all of the target’s resources to accept network connections Additional DoS Attacks: Buffer Overflow Attack n When a process receives much more data than expected. n Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. n PING – Packet Internet Groper – uses ICMP – Internet Control Message Protocol n PING of Death- Intruder sends a PING that consists of an illegally modified and very large IP datagram, thus overfilling the system buffers and causing the system to reboot or hang.
Image of page 5

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
SYN Attack n Attacks the buffer space during a Transmission Control Protocol (TCP) n Attacker floods the target system’s ‘in-process’ queue with connection requests causing the system to time-out. Teardrop Attack n Modifying the length of the fragmentation fields in the IP Packet n When a machine receives this attack, it is unable to handle the data and can exhibit behavior ranging from a lost Internet connection to the infamous blue screen of death. Becomes confuse and crashes. Smurf Attack n (Source Site) Sends spoofed network request to large network (bounce site) all machines respond to the (target site). IP broadcast addressing. Fraggle Attack n The "smurf" attack's cousin is called "fraggle", which uses UDP echo packets in the same fashion as the ICMP echo packet. Common Session Hijacking Attacks n IP Spoofing – IP spoofing is used to convince a system that it is communicating with a known entity that gives an intruder access. IP spoofing involves altering the packet at the TCP level. The attacker sends a packet with an IP source address of a known, trusted source. E-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source. n TCP Sequence number – tricks the target in believing that it’s connected to a trusted host and then hijacks the session by predicting the target’s choice of an initial TCP Sequence number. Then it’s used to launch various other attacks on other hosts. Salami Attack: A series of minor computer crimes that are part of a larger crime. Rainbow Series n Redbook – TNI - Trusted Network Interpretation n Time and technological changes lessen the relevancy of the TNI to contemporary networking.
Image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern