Chapter 2 Vulnerabilities, Threats and Attacks
-
Upload
lynnlahloh -
Category
Documents
-
view
233 -
download
0
Transcript of Chapter 2 Vulnerabilities, Threats and Attacks
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
1/20
FP611 INFORMATION SECURITY
SYSTEM
CHAPTER 2
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
2/20
When discussing netwo! secuit"# the thee co$$on te$sused %e %s &o''ows(
VulnerabilityA weakness that is inherent in every
network and device. This includes outes# switches#des!to)s# se*es# %nd e*en secuit" de*ices the$se'*es+
ThreatsThe people eaer! willin! and "uali#ed totake advantae o$ each security we%!ness# %nd the"continu%''" se%ch &o new e,)'oits %nd we%!nesses+
AttacksThe threats use a variety o$ tools! scripts!and prora%s to launch attacks aainst netwo!s %ndnetwo! de*ices+ T")ic%''"# the netwo! de*ices unde%tt%c! %e the end )oints#such %s se*es %nd des!to)s+
2.& '(TR)*+CT')( T) V+,(ERA-','T'E! THREAT! A(*ATTAC/
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
3/20
-u'ne%.i'ities in netwo! secuit" c%n .e su$$ed u) %sthe /so&t s)ots0 th%t %e )esent in e*e" netwo!+ The*u'ne%.i'ities %e )esent in the netwo! %nd indi*idu%'
de*ices th%t $%!e u) the netwo!+ Netwo!s %e t")ic%''")'%gued ." one o %'' o& thee )i$%" *u'ne%.i'ities owe%!nesses(
Techno'og" we%!nesses
Congu%tion we%!nesses
Secuit" )o'ic" we%!nesses
2.&.& V+,(ERA-','T'E
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
4/20
%+ Techno'og" 2 Co$)ute %nd netwo! techno'ogies h%*eintinsic secuit" we%!nesses+ These inc'ude TCP3IP)otoco' we%!nesses# o)e%ting s"ste$ we%!nesses# %ndnetwo! e4ui)$ent we%!nesses+
.+ Congu%tion 2 Netwo! %d$inist%tos o netwo!enginees need to 'e%n wh%t the congu%tionwe%!nesses %e %nd coect'" congue thei co$)uting%nd netwo! de*ices to co$)ens%te
c+ Secuit" )o'ic" 2 Secuit" )o'ic" we%!nesses c%n ce%teun&oeseen secuit" the%ts+ The netwo! c%n )osesecuit" is!s to the netwo! i& uses do not &o''ow thesecuit" )o'ic"+
2.&.2 0EA/(EE '( RE,AT')( T) EC+R'T1
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
5/20
A the%t is %n e*ent th%t c%n t%!e %d*%nt%ge o& *u'ne%.i'it"%nd c%use % neg%ti*e i$)%ct on the netwo!+ Potenti%'the%ts to the netwo! need to .e identied# %nd the e'%ted*u'ne%.i'ities need to .e %ddessed to $ini$i5e the is! o&the the%t+
2.&. *E3'(E THE EC+R'T1THREAT
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
6/20
HAC/ER ATTAC/ER
A .enign good7 h%c!e is %geneic te$ &o % )eson who'i!es getting into things+ Theh%c!e is the )eson who 'i!es toget into his3he own co$)ute%nd undest%nd how it wo!s+
The $%'icious h%c!e is the)eson who 'i!es getting intoothe )eo)'e8s s"ste$s+ In %n"e*ent# the wod used to denote%n".od" t"ing to get into "ous"ste$ in this )%)e is 8%tt%c!e8+/Sci)t 9iddie0 is % te$ used todesci.e % c'%ss o& %tt%c!e whodoes not h%*e so)histic%tedtechnic%' !now'edge#.ut %the si$)'" h%s % co''ectiono& too's ce%ted ." %d*%ncedh%c!es# %nd the .%sic!now'edge to use these too's to)e&o$ %n %tt%c!+
2.&.4 *'33ERE(T'ATE -ET0EE( HAC/ER A(*ATTAC/ER.
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
7/20
%+ Reconn%iss%nce %tt%c! 2 /The %tt%c!e wi'' nd out %s $uch %s)ossi.'e without %ctu%''" gi*ing hi$se'& %w%"+ :e wi'' do this ." nding)u.'ic in&o$%tion o %))e%ing %s % no$%' use+ In this st%ge# "oue%''" c%n8t detect %n %tt%c!e+ :e wi'' do % 8whois8 'oo!2u) on "ouegisteed do$%in n%$es to nd %s $uch in&o$%tion %s )ossi.'e %.out"ou netwo! %nd )eo)'e in*o'*ed+ The %tt%c!e $ight w%'! though
"ou ;NS t%.'es using 8ns'oo!u)8# 8dig8# o othe uti'ities to do do$%in5one t%ns&es7 to nd the n%$es o& "ou $%chines+ The %tt%c!e wi''.owse othe )u.'ic in&o$%tion# such %s "ou )u.'ic we. sites %nd%non"$ous FTP sites+ The %tt%c!e $ight se%ch news %tic'es %nd)ess e'e%ses %.out "ou co$)%n"+ c%n consist o& the &o''owing(
P%c!et sni
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
8/20
.+ Access %tt%c!s e,)'oit !nown *u'ne%.i'ities in%uthentic%tion se*ices# FTP se*ices# %nd we. se*ices to g%inent" to we. %ccounts# condenti%' d%t%.%ses# %nd othe
sensiti*e in&o$%tion+ Access %tt%c!s c%n consist o& the&o''owing(
=
P%sswod %tt%c!s
Tust e,)'oit%tion
Pot ediection M%n2in2the2$idd'e %tt%c!s
Soci%' engineeing
Phishing
C)(T6
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
9/20
c+ ;eni%' o& Se*ice %tt%c! 2 Cet%in'" the $ost )u.'ici5ed&o$ o& %tt%c!# ;oS %tt%c!s %e %'so %$ong the $ost di
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
10/20
d+ ;isti.uted ;eni%' o& Se*ice %tt%c!s 2 %tt%c!s %e designed tos%tu%te netwo! 'in!s with s)uious d%t%+ This d%t% c%n o*ewhe'$ %nIntenet 'in!# c%using 'egiti$%te t%
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
11/20
0)R7 V'R+E TR)8A( H)RE
An %))'ic%tion th%t
e,ecutes %.it%"code %nd inst%''sco)ies o& itse'& in the$e$o" o& thein&ected co$)ute#which then in&ects
othe hosts
M%'icious so&tw%e
th%t is %tt%ched to%nothe )og%$ toe,ecute % )%ticu'%unw%nted &unctionon the usewo!st%tion
An %))'ic%tion
witten to 'oo! 'i!eso$ething e'se th%tin &%ct is %n %tt%c!too'
2.&.9 *'33ERE(T'ATE -ET0EE(0)R7! V'R+E! A(* TR)8A(
H)RE
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
12/20
&. +nstructured threats 2 consist o& $ost'" ine,)eiencedindi*idu%'s using e%si'" %*%i'%.'e h%c!ing too's such %s she''sci)ts %nd )%sswod c%c!es+ E*en unstuctued the%ts
th%t %e on'" e,ecuted with the intent o& testing %ndch%''enging % h%c!e?s s!i''s c%n sti'' do seious d%$%ge to% co$)%n"+ Fo e,%$)'e# i& %n e,ten%' co$)%n" we.site ish%c!ed# the integit" o& the co$)%n" is d%$%ged+ E*en i&the e,ten%' we.site is se)%%te &o$ the inten%'in&o$%tion th%t sits .ehind % )otecti*e ew%''# the )u.'ic
does not !now th%t+ A'' the )u.'ic !nows is th%t the site isnot % s%&e en*ion$ent to conduct .usiness+
2.&.: *ECR'-E *'33ERE(T T1PE )3THREAT
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
13/20
@+ Stuctued the%ts 2 co$e &o$ h%c!es who %e $oehigh'" $oti*%ted
%nd technic%''" co$)etent+ These )eo)'e !now s"ste$
*u'ne%.i'ities %nd c%n undest%nd %nd de*e'o) e,)'oit code%nd sci)ts+ The" undest%nd# de*e'o)# %nd useso)histic%ted h%c!ing techni4ues to )enet%te unsus)ecting.usinesses+ These gou)s %e o&ten in*o'*ed with the $%>o&%ud %nd the&t c%ses e)oted to '%w en&oce$ent%gencies+
C)(T6
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
14/20
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
15/20
2.2.& The oals o$ security policy
Its secuit" )ec%utions+
Peo)'e %e &% $oe %cce)ting o&%ddition%' st%nd%ds %nd guide'ineswhen the" undest%nd the .enets
these c%n )o*ide+
2.2 +E VAR')+ T)), '((ET0)R/ EC+R'T1
http://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/presentation%20group%209%20&%2010.ppthttp://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/presentation%20group%209%20&%2010.ppt -
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
16/20
;e*e'o)ing % Secuit" Po'ic"
The st 4uestion $ost %d$inist%tos %s! is# /Wh" do Ie*en need % &o$%' secuit" )o'ic"0 A secuit" )o'ic"
se*es $%n" &unctions+ It is % cent%' docu$ent th%tdesci.es in det%i' %cce)t%.'e netwo! %cti*it" %nd)en%'ties &o $isuse+ A secuit" )o'ic" %'so )o*ides % &ou$&o identi&"ing %nd c'%i&"ing secuit" go%'s %nd o.>ecti*esto the og%ni5%tion %s % who'e+ A good secuit" )o'ic"
shows e%ch e$)'o"ee how he o she is es)onsi.'e &ohe')ing to $%int%in % secue en*ion$ent+
2.2.2 *EVE,)P'(; AEC+R'T1 P),'C1
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
17/20
ecurity Policy -asics
Secuit" )o'icies tend to .e issue di*en+ A &ocus on indi*idu%'issues is the e%siest w%" to identi&"G%nd c'%i&"Ge%ch )oint "ouwish to co*e+ Whi'e it $%" .e %cce)t%.'e in so$e en*ion$ents tosi$)'" st%te# /Nonwo!2e'%ted use o& the Intenet is .%d#0 thosewho $ust %dhee to this )o'ic" need to !now wh%t /nonwo!2e'%ted use0 %nd /.%d0 %ctu%''" $e%n+
In ode &o % )o'ic" to .e en&oce%.'e# it needs to .e
H Consistent with othe co)o%te )o'icies
H Acce)ted ." the netwo! su))ot st%< %s we'' %s the %))o)i%te'e*e's o& $%n%ge$ent
H En&oce%.'e using e,isting netwo! e4ui)$ent %nd )ocedues
H Co$)'i%nt with 'oc%'# st%te# %nd &ede%' '%ws+
C)(T6
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
18/20
e e%di'" %ccessi.'e to %'' $e$.es o& the og%ni5%tion+
H ;ene % c'e% set o& secuit" go%'s+
H Accu%te'" dene e%ch issue discussed in the )o'ic"+
H C'e%'" show the og%ni5%tion?s )osition on e%ch issue+H ;esci.e the >ustic%tion o& the )o'ic" eg%ding e%ch issue+
H ;ene unde wh%t cicu$st%nces the issue is %))'ic%.'e+
H St%te the o'es %nd es)onsi.i'ities o& og%ni5%tion%' $e$.es witheg%d to the desci.ed issue+
H S)e'' out the conse4uences o& nonco$)'i%nce with the desci.ed)o'ic"+
H Po*ide cont%ct in&o$%tion &o &uthe det%i's o c'%ic%tioneg%ding the desci.ed issue+
H ;ene the use?s e,)ected 'e*e' o& )i*%c"+
H Inc'ude the og%ni5%tion?s st%nce on issues not s)ecic%''" dened+
2.2. EC+R'T1 P),'C'ECHARACTER'T'C
-
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
19/20
Using the Too's(
17 Netwo! Sc%nning Too's Netwo! $%)#
Netst%t# Su)esc%n too'# h)ing too'@7 Secuit" An%'"sis Too's !no))i,too's
%nd MSA Micoso&t %se'ine Secuit"An%'"5e7
2.2. H)0 T) EC+RE AET
http://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/NETWORK%20PRESENT%20(group%2012).pptxhttp://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/USED%20OF%20ANALYSIS%20TOOLS.pptxhttp://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/USED%20OF%20ANALYSIS%20TOOLS.pptxhttp://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/USED%20OF%20ANALYSIS%20TOOLS.pptxhttp://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/USED%20OF%20ANALYSIS%20TOOLS.pptxhttp://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/NETWORK%20PRESENT%20(group%2012).pptx -
7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks
20/20
T" to design "ou own co$)%n" secuit" )o'ic"+
;R)+P ACT'V'T1