Transcript Chapter 14
Network Threats and Mitigation Networking Essentials Chapter 14 Spring, 2013 Recognizing Security Threats DoS Attacks ▫ ▫ ▫ ▫ ▫ Ping of Death Smurf Attack SYN Flood Tribe Flood Network (DDoS) Stacheldraht Recognizing Security Threats Viruses – can’t propagate unless… ▫ File Viruses ▫ Macro Viruses (VB scripts) ▫ Boot Sector Viruses You know you have one when… ▫ Multipartite Viruses Best way to get rid of is to… ▫ Worms Attackers and Their Tools • IP Spoofing ▫ You can stop them by using a… • Application Layer Attacks ▫ Added benefit is… • Active-X Attacks • Autorooters ▫ Use rootkits (what are these?) • Backdoors ▫ Good example is a… • Network Reconnaissance ▫ Good example is… Attackers and Their Tools • Packet Sniffers ▫ How do they work? • • • • • Password Attacks Brute Force Attacks Port-Redirection Attacks Trust-Exploitation Attacks Man-in-the-Middle Attacks Other Bad Stuff • Rogue Access Points • Social Engineering (Phishing) ▫ What’s the golden rule? Mitigation Techniques • Active Detection • Passive Detection • Proactive Defense ▫ What does SATAN have to do with this? ▫ Note on page 477 Policies and Procedures • • • • • • Security Audit – who should do it? Clean Desk Policy Recording Equipment Other Common Security Policies (read) Breaking Policy (consequences) Exit Interview (what else to do when people leave – page 482) • Security Procedures (flowcharts) Security Training • End User Training ▫ Manuals – what to do if… • Administrator Training ▫ Manuals – what to do if… Preventative Maintenance • Patches and Upgrades ▫ When do you get them? ▫ Automatically? ▫ How? • Patch, Hot Fix, Service Pack ▫ What’s the difference? Updating Antivirus Software • Definition files • Engine • Order listed on page 486 Virus Scanning • • • • Heuristic Scanning On-demand Scanning On-access Scanning Emergency Scan • Fixing an infected computer ▫ Steps on page 488