Transcript Chapter 14

Network Threats
and Mitigation
Networking Essentials
Chapter 14
Spring, 2013
Recognizing Security Threats
DoS Attacks
▫
▫
▫
▫
▫
Ping of Death
Smurf Attack
SYN Flood
Tribe Flood Network (DDoS)
Stacheldraht
Recognizing Security Threats
Viruses – can’t propagate unless…
▫ File Viruses
▫ Macro Viruses (VB scripts)
▫ Boot Sector Viruses
 You know you have one when…
▫ Multipartite Viruses
 Best way to get rid of is to…
▫ Worms
Attackers and Their Tools
• IP Spoofing
▫ You can stop them by using a…
• Application Layer Attacks
▫ Added benefit is…
• Active-X Attacks
• Autorooters
▫ Use rootkits (what are these?)
• Backdoors
▫ Good example is a…
• Network Reconnaissance
▫ Good example is…
Attackers and Their Tools
• Packet Sniffers
▫ How do they work?
•
•
•
•
•
Password Attacks
Brute Force Attacks
Port-Redirection Attacks
Trust-Exploitation Attacks
Man-in-the-Middle Attacks
Other Bad Stuff
• Rogue Access Points
• Social Engineering (Phishing)
▫ What’s the golden rule?
Mitigation Techniques
• Active Detection
• Passive Detection
• Proactive Defense
▫ What does SATAN have to do with this?
▫ Note on page 477
Policies and Procedures
•
•
•
•
•
•
Security Audit – who should do it?
Clean Desk Policy
Recording Equipment
Other Common Security Policies (read)
Breaking Policy (consequences)
Exit Interview (what else to do when people
leave – page 482)
• Security Procedures (flowcharts)
Security Training
• End User Training
▫ Manuals – what to do if…
• Administrator Training
▫ Manuals – what to do if…
Preventative Maintenance
• Patches and Upgrades
▫ When do you get them?
▫ Automatically?
▫ How?
• Patch, Hot Fix, Service Pack
▫ What’s the difference?
Updating Antivirus Software
• Definition files
• Engine
• Order listed on page 486
Virus Scanning
•
•
•
•
Heuristic Scanning
On-demand Scanning
On-access Scanning
Emergency Scan
• Fixing an infected computer
▫ Steps on page 488