attacks framework attacks physical access attacks -- wiretapping server hacking vandalism dialog...
TRANSCRIPT
Attacks Framework
Attacks
Physical AccessAttacks
--Wiretapping
Server HackingVandalism
Dialog Attacks--
EavesdroppingImpersonation
Message Alteration
PenetrationAttacks
Social Engineering--
Opening AttachmentsPassword Theft
Information Theft
Scanning(Probing) Break-in
Denial ofService
Malware--
VirusesWorms
Social Engineering Attacks and Defenses
Social Engineering
Tricking an employee into giving out information or taking an action that reduces security or harms a system
Opening an e-mail attachment that may contain a virus
Asking for a password claiming to be someone with rights to know it
Asking for a file to be sent to you
Social Engineering Attacks and Defenses
Social Engineering Defenses
Training
Enforcement through sanctions (punishment)
Eavesdropping on a Dialog
Client PCBob Server
Alice
Dialog
Attacker (Eve) interceptsand reads messages
Hello
Hello
Impersonation and Authentication
Client PCBob
ServerAlice
Attacker(Eve)
I’m Bob
Prove it!(Authenticate Yourself)
Message Alteration
Client PCBob
ServerAlice
Dialog
Attacker (Eve) interceptsand alters messages
Balance =$1
Balance =$1 Balance =
$1,000,000
Balance =$1,000,000
Scanning (Probing) Attacks
Probe Packets to172.16.99.1, 172.16.99.2, etc.
Internet
Attacker
Corporate Network
Host172.16.99.1
No Host172.16.99.2 No Reply
Reply from172.16.99.1
Results172.16.99.1 is reachable172.16.99.2 is not reachable…
Denial-of-Service (DoS) Flooding Attack
Message Flood
ServerOverloaded ByMessage Flood
Attacker
Network Penetration Attacks and Firewalls
AttackPacket
Internet
Attacker
HardenedClient PC
HardenedServer Internal
CorporateNetwork
Passed Packet
DroppedPacket
InternetFirewall
Log File