Module Three

N piggy backing attack using another users connection

Info iconThis preview shows pages 5–7. Sign up to view the full content.

View Full Document Right Arrow Icon
n Piggy Backing – attack using another users connection n Back Door – attack via dial up or external connection Class F Probing n Gives an intruder a road map of the network for DoS attack n Gives a list of available services n Traffic analysis via ‘sniffers’ which scans the host for available services n Like a telephone wiretap allows the FBI to listen in on other people's conversations, a "sniffing" program lets someone listen in on computer conversations. n Tools: Telnet (manual), vulnerability scanners (automatic). Common DoS Attacks n Filling hard drive space with email attachments n Sending a message that resets a targets host subnet mask causing routing disruption n Using up all of the target’s resources to accept network connections Additional DoS Attacks: Buffer Overflow Attack n When a process receives much more data than expected. n Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. n PING – Packet Internet Groper – uses ICMP – Internet Control Message Protocol n PING of Death- Intruder sends a PING that consists of an illegally modified and very large IP datagram, thus overfilling the system buffers and causing the system to reboot or hang.
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
SYN Attack n Attacks the buffer space during a Transmission Control Protocol (TCP) n Attacker floods the target system’s ‘in-process’ queue with connection requests causing the system to time-out. Teardrop Attack n Modifying the length of the fragmentation fields in the IP Packet n When a machine receives this attack, it is unable to handle the data and can exhibit behavior ranging from a lost Internet connection to the infamous blue screen of death. Becomes confuse and crashes. Smurf Attack n (Source Site) Sends spoofed network request to large network (bounce site) all machines respond to the (target site). IP broadcast addressing. Fraggle Attack n The "smurf" attack's cousin is called "fraggle", which uses UDP echo packets in the same fashion as the ICMP echo packet. Common Session Hijacking Attacks n IP Spoofing – IP spoofing is used to convince a system that it is communicating with a known entity that gives an intruder access. IP spoofing involves altering the packet at the TCP level. The attacker sends a packet with an IP source address of a known, trusted source. E-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source. n TCP Sequence number – tricks the target in believing that it’s connected to a trusted host and then hijacks the session by predicting the target’s choice of an initial TCP Sequence number. Then it’s used to launch various other attacks on other hosts. Salami Attack:
Background image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page5 / 22

n Piggy Backing attack using another users connection n...

This preview shows document pages 5 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online