Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on...
-
Upload
christy-trust -
Category
Documents
-
view
221 -
download
0
Transcript of Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on...
![Page 1: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/1.jpg)
Chapter 4Network Vulnerabilities and Attacks
![Page 2: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/2.jpg)
Cyberwar and Cyberterrorism"Titan Rain" - Attacks on US gov't and military
computers from China breached hundreds of systems in 2005
In 2007, Estonia was attacked by Russian computers as a political statementUsing DDoS (Distributed Denial of Service) with
botnets
![Page 3: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/3.jpg)
Objectives
Explain the types of network vulnerabilitiesList categories of network attacksDefine different methods of network attacks
![Page 4: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/4.jpg)
![Page 5: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/5.jpg)
Media-Based VulnerabilitiesMonitoring network traffic
Helps to identify and troubleshoot network problems
Monitoring traffic can be done in two waysUse a switch with port mirroring
Copies all traffic to a designated monitoring port on the switch
Install a network tap (test access point) A device that installed between two network devices,
such as a switch, router, or firewall, to monitor traffic
![Page 6: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/6.jpg)
Port Mirroring
![Page 7: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/7.jpg)
Sniffer
![Page 8: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/8.jpg)
Network Tap
![Page 9: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/9.jpg)
Sniffing AttacksJust as network taps and protocol analyzers can
be used for legitimate purposesThey also can be used by attackers to intercept and
view network trafficAttackers can access the wired network in the
following ways:False ceilingsExposed wiringUnprotected RJ-45 jacks
![Page 10: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/10.jpg)
Just a clarificationFalse ceilings —Most buildings use removable
tiles instead of solid ceilings in order to route cable. An attacker could access the network cable and splice in an RJ-45 connection.
• Exposed wiring —Sometimes wiring can be accessed as it enters or exits a building.
• Unprotected RJ-45 jacks —A vacant office may often have a network jack that is still active.
![Page 11: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/11.jpg)
Ways to Redirect Switched Traffic
![Page 12: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/12.jpg)
Network Device VulnerabilitiesPasswords
Passwords should be long and complexShould be changed frequentlyShould not be written down
But that is a difficult task Solution: Password Manager Software
![Page 13: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/13.jpg)
Characteristics of Weak PasswordsA common word used as a passwordNot changing passwords unless forced to do soPasswords that are shortPersonal information in a passwordUsing the same password for all accountsWriting the password down
![Page 14: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/14.jpg)
Network Device VulnerabilitiesDefault account
A user account on a device that is created automatically by the device instead of by an administrator
Used to make the initial setup and installation of the device (often by outside personnel) easier
Although default accounts are intended to be deleted after the installation is completed, often they are not
Default accounts are often the first targets that attackers seek
![Page 15: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/15.jpg)
ATM Passwords
In 2008, these men used default passwords to reprogram ATM machines to hand out $20 bills like they were $1 bills
![Page 16: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/16.jpg)
Network Device VulnerabilitiesBack door
An account that is secretly set up without the administrator’s knowledge or permission, that cannot be easily detected, and that allows for remote access to the device
Back doors can be created:By a virus, worm, or Trojan horseBy a programmer of the software on the deviceBuilt into the hardware chips
![Page 17: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/17.jpg)
Hardware TrojansMilitary equipment
contains chips from foreign countries
Those chips can contain backdoors or kill switches
![Page 18: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/18.jpg)
Network Device VulnerabilitiesPrivilege escalation
Changing a limited user to an Administrator
![Page 19: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/19.jpg)
![Page 20: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/20.jpg)
Denial of Service (DoS)Attempts to consume network resources so that
the network or its devices cannot respond to legitimate requests
Example: SYN flood attackSee Figure 4-4
Distributed denial of service (DDoS) attackA variant of the DoSMay use hundreds or thousands of zombie
computers in a botnet to flood a device with requests
![Page 21: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/21.jpg)
![Page 22: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/22.jpg)
Real DDoS Attack
![Page 23: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/23.jpg)
Wireless DoS
Requires a powerful transmitter
![Page 24: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/24.jpg)
An Easier Wireless DoS
![Page 25: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/25.jpg)
Videos: Please see them
https://www.youtube.com/watch?v=suRHkaBDj-M
https://www.youtube.com/watch?v=7dEBvn4eNoA
https://www.youtube.com/watch?v=h76TAOllTK4
https://www.youtube.com/watch?v=aS3KCLinVXc
![Page 26: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/26.jpg)
SpoofingSpoofing is impersonation ( التمثيل)
Attacker pretends to be someone elseMalicious actions would be attributed to
another userSpoof the network address of a known and
trusted hostSpoof a wireless router to intercept (اعتراض)
traffic
![Page 27: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/27.jpg)
Man-in-the-Middle AttackPassive--attacker reads trafficActive--attacker changes trafficCommon on networks
![Page 28: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/28.jpg)
Replay AttackAttacker captures dataResends the same data later
A simple attack: capture passwords and save them
![Page 29: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/29.jpg)
Wall of SheepCaptured
passwords projected on the wall at DEFCON
![Page 30: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/30.jpg)
SidejackingRecords cookies and replays them This technique breaks into Gmail accountsTechnical name: Cross Site Request Forgery
(طلب تزوير )Almost all social networking sites are vulnerable
to this attackFacebook, MySpace, Yahoo, etc.
![Page 31: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/31.jpg)
![Page 32: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/32.jpg)
SNMP (Simple Network Management Protocol)
Used to manage switches, routers, and other network devices
Early versions did not encrypt passwords, and had other security flaws
But the old versions are still commonly used
![Page 33: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/33.jpg)
DNS (Domain Name System)DNS is used to resolve domain names like
www.ccsf.edu to IP addresses like 147.144.1.254
DNS has many vulnerabilitiesIt was never designed to be secure
Where is www.ccsf.edu?
www.ccsf.edu is at 147.144.1.254
![Page 34: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/34.jpg)
DNS (Domain Name System)Please see the followinghttps://www.youtube.com/watch?v=2ZUxoi7Y
Ngs&feature=relatedhttps://www.youtube.com/watch?
v=7_LPdttKXPc&feature=relatedhttps://www.youtube.com/watch?v=WCxvKYC
54xk&feature=relatedhttps://www.youtube.com/watch?v=srBQSzR
RNF4&feature=related
![Page 35: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/35.jpg)
DNS Poisoning
![Page 36: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/36.jpg)
Local DNS PoisoningPut false entries into the Hosts fileC:\Windows\System32\Drivers\etc\hosts
![Page 37: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/37.jpg)
DNS Cache PoisoningAttacker sends many spoofed DNS responsesTarget just accepts the first one it gets
Where is www.ccsf.edu?
www.ccsf.edu is at 147.144.1.254
www.ccsf.e
du is at 63.145.23
.12
![Page 38: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/38.jpg)
Sending Extra DNS Records
![Page 39: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/39.jpg)
DNS Transfers
Intended to let a new DNS server copy the records from an existing one
Can be used by attackers to get a list of all the machines in a company, like a network diagramUsually blocked by modern DNS servers
![Page 40: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/40.jpg)
Protection from DNS AttacksAntispyware software will warn you when the
hosts file is modifiedUsing updated versions of DNS server software
prevents older DNS attacks against the serverBut many DNS flaws cannot be patchedEventually: Switch to DNSSEC (Domain Name
System Security Extensions)But DNSSEC is not widely deployed yet, and it has
its own problems
![Page 41: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/41.jpg)
ARP (Address Resolution Protocol)
ARP is used to convert IP addresses like 147.144.1.254 into MAC addresses like 00-30-48-82-11-34
Where is 147.144.1.254?
147.144.1.254 is at 00-30-48-82-11-34
![Page 42: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/42.jpg)
Quiz What is MAC address ?
A Media Access Control address (MAC address) isa unique identifier assigned to network interfaces for communications on the physical network segment
![Page 43: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/43.jpg)
ARP Cache PoisoningAttacker sends many spoofed ARP responsesTarget just accepts the first one it gets
Where is 147.144.1.254?
147.144.1.254 is at 00-30-48-82-11-34
147.144.1.2
54 is at 00-00-00-4
A-AB-07
![Page 44: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/44.jpg)
Results of ARP Poisoning Attacks
![Page 45: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/45.jpg)
TCP/IP HijackingTakes advantage of a weakness in the TCP/IP
protocolThe TCP header contains of two 32-bit fields that
are used as packet counters Sequence and Acknowledgement numbers
Packets may arrive out of order Receiver uses the Sequence numbers to put the packets
back in order
![Page 46: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/46.jpg)
![Page 47: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/47.jpg)
Wireless AttacksRogue access points (نقاط الوصول الدخيلة)
Employees often set up home wireless routers for convenience at work
This allows attackers to bypass all of the network security and opens the entire network and all users to direct attacks
An attacker who can access the network through a rogue (المارقة)access point is behind the company's firewall Can directly attack all devices on the network
![Page 48: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/48.jpg)
![Page 49: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/49.jpg)
Wireless Attacks (continued)War driving
Beaconing (المنارة الراديوية) At regular intervals, a wireless AP sends a beacon frame
to announce its presence and to provide the necessary information for devices that want to join the network
Scanning Each wireless device looks for those beacon frames
Unapproved wireless devices can likewise pick up the beaconing RF transmission
Formally known as wireless location mapping
![Page 50: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/50.jpg)
Wireless Attacks (continued)War driving (continued)
War driving technically involves using an automobile to search for wireless signals over a large area
Tools for conducting war driving: Mobile computing device Wireless NIC adapters Antennas Global positioning system receiver Software
![Page 51: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/51.jpg)
Wireless Attacks (continued)Bluetooth
A wireless technology that uses short-range RF transmissions
Provides for rapid “on the fly” and ad hoc connections between devices
BluesnarfingStealing data through a Bluetooth connectionE-mails, calendars, contact lists, and cell phone
pictures and videos, …
![Page 52: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/52.jpg)
![Page 53: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/53.jpg)
Null SessionsNull sessions are unauthenticated connections to a Microsoft2000 or Windows NT computer that do not require a username or a password (blank). Using a command such as:
C:\>net use \\192.168.###.###\IPC$ ** /u:
could allow an attacker to connect to open a channel over which he could gather information about the device, such as a network information, users, or groups.
![Page 54: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/54.jpg)
Null SessionsCannot be fixed by patches to the operating
systems
Much less of a problem with modern Windows versions, Win XP SP2, Vista, or Windows 7
![Page 55: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/55.jpg)
Domain Name KitingCheck kiting
A type of fraud that involves the unlawful use of checking accounts to gain additional time before the fraud is detected
Domain Name KitingRegistrars are organizations that are approved by ICANN
to sell and register Internet domain namesA five-day Add Grade Period (AGP) permits registrars to
delete any newly registered Internet domain names and receive a full refund of the registration fee
Kiting : طيران ورقيChecking account: ( الشيكات) حساب البنكي
![Page 56: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/56.jpg)
Domain Name KitingUnscrupulous registrars register thousands of
Internet domain names and then delete them Recently expired domain names are indexed by
search enginesVisitors are directed to a re-registered site
Which is usually a single page Web with paid advertisement links
Visitors who click on these links generate money for the registrar
![Page 57: Chapter 4 Network Vulnerabilities and Attacks. Cyberwar and Cyberterrorism "Titan Rain" - Attacks on US gov't and military computers from China breached.](https://reader036.fdocuments.in/reader036/viewer/2022062511/5518ac28550346881f8b4d04/html5/thumbnails/57.jpg)
?Questions