Transcript E-Mail Attachments

Network Security



Network security comprises authentication and
encryption
Authentication is typically accomplished through a
user name and password
Other forms of authentication are digital
certificates, smart cards, and biometrics
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Hackers, Crackers, and Intruders



Exact meaning of hacker depends on the context
in which it is used and by whom
Cracker typically means anyone who gains
access to a computer system with intent to do
harm or play pranks
For sake of clarity, the textbook uses term
intruder
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Unprotected Network Shares


Network shares with minimal or no security plus
remote access enabled on a computer are a
security breach waiting to happen
Hacker tools can probe and access available
network shares
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Social Engineering

Relies on the gullibility of a network user and his or her
respect for authority

Caller: Hello. This is Bob down at IMS operations
conducting as security check. We believe we may
have an intruder in our system.
Joe Gullible: Yes. What Can I do To help ?
Caller: Well Joe, I need to look at your PC files to
see if there have been any possible intrusions. I
need your username and password.
Joe Gullible : Sure. My username is Jgullible and
my Password is toocool



© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Open Ports



Common way for intruders to gain access to a
system
Administrators should close all unused ports
Third-party utility or the netstat utility can be used
to check for open ports
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Zero Configuration (Zeroconf)


Standard Developed by the IEEE
Advantage


Enables a network device to automatically configure
itself for a network
Disadvantage

Makes a network less secure
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Denial of Service (DoS)


One of the most common attacks on a server
Can overload a server to the point that it crashes
or is not able to complete a legitimate user
request
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Man in the Middle (MITM)




Intruder intercepts network transmission, reads it,
then places it back on route to its destination
Contents may or may not be modified
MITM can also be used for a replay attack
Using an IP or MAC address from a previous
network transmission to make an unauthorized
connection.
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Spoofing


Example: Using a valid IP address to fool a server
Example: Using a bogus IP address and ID when
sending unsolicited e-mail
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Smurf Attack
A type of DoS
 To deal with a DoS attack
 Configure the computer firewall not to
respond to ICMP (Internet Control
Message Protocol) echo requests
 Configure routers not to forward ICMP
echo requests to broadcast addresses in
the network

© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Trojan Horse




Example: Free download that
contains malicious code
That code could contain virus,
worm, or backdoor
Example: Can imitate
legitimate logon screen
When user logs on, name and
password are sent to
unauthorized user
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
E-Mail Attachments
 Source
of most commonly
encountered viruses
 Malicious code can be programmed
into attachment
 When recipient opens attachment,
malicious program is activated
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Applied Networking
As a network administrator, you are in charge of
educating company employees on the dangers of
e-mail attachments. What might you tell the
employees concerning e-mail attachments and the
prevention of infecting their computers and the
network with malware?
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Macro Virus



Series of common keystrokes can be linked to a
virus
Can be sent as e-mail attachment and is launched
when recipient opens attachment
May infect a template file like normal.dot and then
execute when user presses a certain combination
of keys
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Worm

Most common worm programs use e-mail to
replicate and spread to other computers

Common safeguard against worms is setting up a
dedicated mail server
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Phishing



E-mail can appear as if it’s from a legitimate
company, such as a credit card company
E-mail requests user’s personal information, such
as social security number or bank account PIN
Phony web sites that look authentic, but have
slightly different domain names
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
Applied Networking
As a network administrator, you are in charge of
educating company employees on the dangers of
phishing. What might you tell the employees
concerning detecting and handling a phishing
attack?
© Goodheart-Willcox Co., Inc.
Permission granted to reproduce for educational use only.
IN CLASS LAB
Roberts 72 & 73
NEXT CLASS
Labsim Homework 8.2.2-8.2.4