7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

1/20

FP611 INFORMATION SECURITY

SYSTEM

CHAPTER 2

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

2/20

When discussing netwo! secuit"# the thee co$$on te$sused %e %s &o''ows(

VulnerabilityA weakness that is inherent in every

network and device. This includes outes# switches#des!to)s# se*es# %nd e*en secuit" de*ices the$se'*es+

ThreatsThe people eaer! willin! and "uali#ed totake advantae o$ each security we%!ness# %nd the"continu%''" se%ch &o new e,)'oits %nd we%!nesses+

AttacksThe threats use a variety o$ tools! scripts!and prora%s to launch attacks aainst netwo!s %ndnetwo! de*ices+ T")ic%''"# the netwo! de*ices unde%tt%c! %e the end )oints#such %s se*es %nd des!to)s+

2.& '(TR)*+CT')( T) V+,(ERA-','T'E! THREAT! A(*ATTAC/

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

3/20

-u'ne%.i'ities in netwo! secuit" c%n .e su$$ed u) %sthe /so&t s)ots0 th%t %e )esent in e*e" netwo!+ The*u'ne%.i'ities %e )esent in the netwo! %nd indi*idu%'

de*ices th%t $%!e u) the netwo!+ Netwo!s %e t")ic%''")'%gued ." one o %'' o& thee )i$%" *u'ne%.i'ities owe%!nesses(

Techno'og" we%!nesses

Congu%tion we%!nesses

Secuit" )o'ic" we%!nesses

2.&.& V+,(ERA-','T'E

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

4/20

%+ Techno'og" 2 Co$)ute %nd netwo! techno'ogies h%*eintinsic secuit" we%!nesses+ These inc'ude TCP3IP)otoco' we%!nesses# o)e%ting s"ste$ we%!nesses# %ndnetwo! e4ui)$ent we%!nesses+

.+ Congu%tion 2 Netwo! %d$inist%tos o netwo!enginees need to 'e%n wh%t the congu%tionwe%!nesses %e %nd coect'" congue thei co$)uting%nd netwo! de*ices to co$)ens%te

c+ Secuit" )o'ic" 2 Secuit" )o'ic" we%!nesses c%n ce%teun&oeseen secuit" the%ts+ The netwo! c%n )osesecuit" is!s to the netwo! i& uses do not &o''ow thesecuit" )o'ic"+

2.&.2 0EA/(EE '( RE,AT')( T) EC+R'T1

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

5/20

A the%t is %n e*ent th%t c%n t%!e %d*%nt%ge o& *u'ne%.i'it"%nd c%use % neg%ti*e i$)%ct on the netwo!+ Potenti%'the%ts to the netwo! need to .e identied# %nd the e'%ted*u'ne%.i'ities need to .e %ddessed to $ini$i5e the is! o&the the%t+

2.&. *E3'(E THE EC+R'T1THREAT

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

6/20

HAC/ER ATTAC/ER

A .enign good7 h%c!e is %geneic te$ &o % )eson who'i!es getting into things+ Theh%c!e is the )eson who 'i!es toget into his3he own co$)ute%nd undest%nd how it wo!s+

The $%'icious h%c!e is the)eson who 'i!es getting intoothe )eo)'e8s s"ste$s+ In %n"e*ent# the wod used to denote%n".od" t"ing to get into "ous"ste$ in this )%)e is 8%tt%c!e8+/Sci)t 9iddie0 is % te$ used todesci.e % c'%ss o& %tt%c!e whodoes not h%*e so)histic%tedtechnic%' !now'edge#.ut %the si$)'" h%s % co''ectiono& too's ce%ted ." %d*%ncedh%c!es# %nd the .%sic!now'edge to use these too's to)e&o$ %n %tt%c!+

2.&.4 *'33ERE(T'ATE -ET0EE( HAC/ER A(*ATTAC/ER.

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

7/20

%+ Reconn%iss%nce %tt%c! 2 /The %tt%c!e wi'' nd out %s $uch %s)ossi.'e without %ctu%''" gi*ing hi$se'& %w%"+ :e wi'' do this ." nding)u.'ic in&o$%tion o %))e%ing %s % no$%' use+ In this st%ge# "oue%''" c%n8t detect %n %tt%c!e+ :e wi'' do % 8whois8 'oo!2u) on "ouegisteed do$%in n%$es to nd %s $uch in&o$%tion %s )ossi.'e %.out"ou netwo! %nd )eo)'e in*o'*ed+ The %tt%c!e $ight w%'! though

"ou ;NS t%.'es using 8ns'oo!u)8# 8dig8# o othe uti'ities to do do$%in5one t%ns&es7 to nd the n%$es o& "ou $%chines+ The %tt%c!e wi''.owse othe )u.'ic in&o$%tion# such %s "ou )u.'ic we. sites %nd%non"$ous FTP sites+ The %tt%c!e $ight se%ch news %tic'es %nd)ess e'e%ses %.out "ou co$)%n"+ c%n consist o& the &o''owing(

P%c!et sni

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

8/20

.+ Access %tt%c!s e,)'oit !nown *u'ne%.i'ities in%uthentic%tion se*ices# FTP se*ices# %nd we. se*ices to g%inent" to we. %ccounts# condenti%' d%t%.%ses# %nd othe

sensiti*e in&o$%tion+ Access %tt%c!s c%n consist o& the&o''owing(

=

P%sswod %tt%c!s

Tust e,)'oit%tion

Pot ediection M%n2in2the2$idd'e %tt%c!s

Soci%' engineeing

Phishing

C)(T6

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

9/20

c+ ;eni%' o& Se*ice %tt%c! 2 Cet%in'" the $ost )u.'ici5ed&o$ o& %tt%c!# ;oS %tt%c!s %e %'so %$ong the $ost di

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

10/20

d+ ;isti.uted ;eni%' o& Se*ice %tt%c!s 2 %tt%c!s %e designed tos%tu%te netwo! 'in!s with s)uious d%t%+ This d%t% c%n o*ewhe'$ %nIntenet 'in!# c%using 'egiti$%te t%

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

11/20

0)R7 V'R+E TR)8A( H)RE

An %))'ic%tion th%t

e,ecutes %.it%"code %nd inst%''sco)ies o& itse'& in the$e$o" o& thein&ected co$)ute#which then in&ects

othe hosts

M%'icious so&tw%e

th%t is %tt%ched to%nothe )og%$ toe,ecute % )%ticu'%unw%nted &unctionon the usewo!st%tion

An %))'ic%tion

witten to 'oo! 'i!eso$ething e'se th%tin &%ct is %n %tt%c!too'

2.&.9 *'33ERE(T'ATE -ET0EE(0)R7! V'R+E! A(* TR)8A(

H)RE

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

12/20

&. +nstructured threats 2 consist o& $ost'" ine,)eiencedindi*idu%'s using e%si'" %*%i'%.'e h%c!ing too's such %s she''sci)ts %nd )%sswod c%c!es+ E*en unstuctued the%ts

th%t %e on'" e,ecuted with the intent o& testing %ndch%''enging % h%c!e?s s!i''s c%n sti'' do seious d%$%ge to% co$)%n"+ Fo e,%$)'e# i& %n e,ten%' co$)%n" we.site ish%c!ed# the integit" o& the co$)%n" is d%$%ged+ E*en i&the e,ten%' we.site is se)%%te &o$ the inten%'in&o$%tion th%t sits .ehind % )otecti*e ew%''# the )u.'ic

does not !now th%t+ A'' the )u.'ic !nows is th%t the site isnot % s%&e en*ion$ent to conduct .usiness+

2.&.: *ECR'-E *'33ERE(T T1PE )3THREAT

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

13/20

@+ Stuctued the%ts 2 co$e &o$ h%c!es who %e $oehigh'" $oti*%ted

%nd technic%''" co$)etent+ These )eo)'e !now s"ste$

*u'ne%.i'ities %nd c%n undest%nd %nd de*e'o) e,)'oit code%nd sci)ts+ The" undest%nd# de*e'o)# %nd useso)histic%ted h%c!ing techni4ues to )enet%te unsus)ecting.usinesses+ These gou)s %e o&ten in*o'*ed with the $%>o&%ud %nd the&t c%ses e)oted to '%w en&oce$ent%gencies+

C)(T6

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

14/20

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

15/20

2.2.& The oals o$ security policy

Its secuit" )ec%utions+

Peo)'e %e &% $oe %cce)ting o&%ddition%' st%nd%ds %nd guide'ineswhen the" undest%nd the .enets

these c%n )o*ide+

2.2 +E VAR')+ T)), '((ET0)R/ EC+R'T1

http://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/presentation%20group%209%20&%2010.ppthttp://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/presentation%20group%209%20&%2010.ppt

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

16/20

;e*e'o)ing % Secuit" Po'ic"

The st 4uestion $ost %d$inist%tos %s! is# /Wh" do Ie*en need % &o$%' secuit" )o'ic"0 A secuit" )o'ic"

se*es $%n" &unctions+ It is % cent%' docu$ent th%tdesci.es in det%i' %cce)t%.'e netwo! %cti*it" %nd)en%'ties &o $isuse+ A secuit" )o'ic" %'so )o*ides % &ou$&o identi&"ing %nd c'%i&"ing secuit" go%'s %nd o.>ecti*esto the og%ni5%tion %s % who'e+ A good secuit" )o'ic"

shows e%ch e$)'o"ee how he o she is es)onsi.'e &ohe')ing to $%int%in % secue en*ion$ent+

2.2.2 *EVE,)P'(; AEC+R'T1 P),'C1

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

17/20

ecurity Policy -asics

Secuit" )o'icies tend to .e issue di*en+ A &ocus on indi*idu%'issues is the e%siest w%" to identi&"G%nd c'%i&"Ge%ch )oint "ouwish to co*e+ Whi'e it $%" .e %cce)t%.'e in so$e en*ion$ents tosi$)'" st%te# /Nonwo!2e'%ted use o& the Intenet is .%d#0 thosewho $ust %dhee to this )o'ic" need to !now wh%t /nonwo!2e'%ted use0 %nd /.%d0 %ctu%''" $e%n+

In ode &o % )o'ic" to .e en&oce%.'e# it needs to .e

H Consistent with othe co)o%te )o'icies

H Acce)ted ." the netwo! su))ot st%< %s we'' %s the %))o)i%te'e*e's o& $%n%ge$ent

H En&oce%.'e using e,isting netwo! e4ui)$ent %nd )ocedues

H Co$)'i%nt with 'oc%'# st%te# %nd &ede%' '%ws+

C)(T6

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

18/20

e e%di'" %ccessi.'e to %'' $e$.es o& the og%ni5%tion+

H ;ene % c'e% set o& secuit" go%'s+

H Accu%te'" dene e%ch issue discussed in the )o'ic"+

H C'e%'" show the og%ni5%tion?s )osition on e%ch issue+H ;esci.e the >ustic%tion o& the )o'ic" eg%ding e%ch issue+

H ;ene unde wh%t cicu$st%nces the issue is %))'ic%.'e+

H St%te the o'es %nd es)onsi.i'ities o& og%ni5%tion%' $e$.es witheg%d to the desci.ed issue+

H S)e'' out the conse4uences o& nonco$)'i%nce with the desci.ed)o'ic"+

H Po*ide cont%ct in&o$%tion &o &uthe det%i's o c'%ic%tioneg%ding the desci.ed issue+

H ;ene the use?s e,)ected 'e*e' o& )i*%c"+

H Inc'ude the og%ni5%tion?s st%nce on issues not s)ecic%''" dened+

2.2. EC+R'T1 P),'C'ECHARACTER'T'C

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

19/20

Using the Too's(

17 Netwo! Sc%nning Too's Netwo! $%)#

Netst%t# Su)esc%n too'# h)ing too'@7 Secuit" An%'"sis Too's !no))i,too's

%nd MSA Micoso&t %se'ine Secuit"An%'"5e7

2.2. H)0 T) EC+RE AET

http://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/NETWORK%20PRESENT%20(group%2012).pptxhttp://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/USED%20OF%20ANALYSIS%20TOOLS.pptxhttp://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/USED%20OF%20ANALYSIS%20TOOLS.pptxhttp://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/USED%20OF%20ANALYSIS%20TOOLS.pptxhttp://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/USED%20OF%20ANALYSIS%20TOOLS.pptxhttp://var/www/apps/conversion/tmp/fp611%20jun%2012/chapter%202%20presentation%20qip5/NETWORK%20PRESENT%20(group%2012).pptx

7/23/2019 Chapter 2 Vulnerabilities, Threats and Attacks

20/20

T" to design "ou own co$)%n" secuit" )o'ic"+

;R)+P ACT'V'T1