Network Attacks And Their Solutions

Agenda
1.Understanding Network Attacks. 2.Reasons why attackers attack networks. 3.Different types of malicious activities. 4.Types of Network Attacks.

Understanding Network Attacks

1) A network attack can be defined as any method, process or means used to maliciously attempt to compromise the security of the network. 2)There are a number of reasons why an individual(s) would want to attack corporate networks. The individuals performing network attacks are commonly referred to as network attackers or hackers or crackers.

Reasons Why Attackers Attack Network

A few reasons why network attackers attempt to attack corporate networks are as follows :1)Displeased employees might seek to damage the organization's data, reliability, or financial standing. 2)There are though some network attackers that simply enjoy the challenge of trying to compromise the security systems of highly secured networks. These types of attackers simply see their actions as a means by which existing security vulnerabilities can be exposed.

Possible motives for structured external threats include: Greed  Politics  Terrorism  Racism  Criminal payoffs

DIFFERENT TYPES OF MALLICIOUS ACTIVITIES

Different types of malicious activities performed by network attackers and hackers are summarized here:1) Illegally using user accounts and privileges. 2) Running code to damage systems. 3) Running code to damage and corrupt data.

4)Modifying stored data. 5) Stealing data. 6)Performing actions that prevent authorized user from accessing network services and resources.

TYPES OF NETWORK ATTACKS:There are eight primary types of attacks, they are:1. Reconnaissance 2. Network Access Attacks 3. Denial of Service 4. Worms, Viruses, and Trojan Horses.

5. Data Modification. 6. IP address spoofing or Identity spoofing. 7. Man-in-the-Middle Attack. 8. Application-Layer Attack.

1. Reconnaissance
1)Reconnaissance attack is a kind of information gathering on network system and services. 2)This enables the attacker to discover vulnerabilities or weaknesses on the network. 3)It could be likened to a thief surveying through a car parking lot for vulnerable unlocked cars to break into and steal.

Reconnaissance attacks can consist of:

1) Internet information lookup 2) Ping sweeps 3) Port scans 4) Packet sniffers

2. Network Access Attacks

1)Intruder gains unauthorized access to resources on a network and uses this access to carry out any number of unauthorized or even illegal activities. 2)Thing which is considered in network attacks is the weaknesses in the network authentication.

Types of access attacks:

Password attack

Trust Exploitation Port Redirection Man-in-the middle attack

 Intruder gains unauthorized access to resources on a network and uses this access to carry out any number of unauthorized or even illegal activities.

Thing which is considered in network attacks is the weaknesses in the network authentication

 Types of access attacks: Password attack Trust Exploitation Port Redirection Man-in-the middle attack

The image part with relationship ID rId2 was not found in the file.

Fig : Port re-direction mechanism

3. Denial Of Service Attack (DOS)

1)Prevents authorized users from using services by consuming system resources. 2)Aims at gathering or collecting data. 3) Preventing the normal use of computers or the network by authorized, legitimate users. 4)Easy to execute and most difficult to eliminate.

1)A DoS attack can be initiated by sending invalid data to applications or network services until the server hangs or simply crashes. 2)Most common form of a DoS attack is TCP attacks.

3)Types of DOS attacks :

 

E-mail bombs Malicious applets

4. Worms, Viruses And Trojan Horses

Worm, virus, and Trojan horse attacks constitute a potential threat to end-user workstations.

Worms A worm executes code and installs copies of itself in the memory of the infected computer, which can, in turn, infect other hosts on the network.

Viruses
A virus is malicious software that is attached to another program file so that they can spread from one machine to another. For your machine to be infected, you must have or had run an infected program or software.

Trojan Horses
A Trojan is a software or program that has a hidden agenda! It is a program written to look like something else. When a software or program that contains Trojan virus is run on your computer, it is doing something else different from what it is meant to do.

5. Data Modifications Attack

1)After an attacker has read your data, the next logical step is to alter it. 2)An attacker can modify the data in the packet without the knowledge of the sender or receiver. 3)Another form of network attack is where confidential company data is interpreted, deleted, or modified.

6. IP Address Spoofing Or Identity Spoofing

1)The intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host. 2)The majority of IP networks utilize the IP address of the user to verify identities, and routers also typically ignore source IP addresses when routing packets. 3)Routers use the destination IP addresses to forward packets to the intended destination network. 4)These factors could enable an attacker to bypass a router.

7. Man-in-the-middle attack
1)Attack occurs when a hacker eavesdrops on a secure communication session and monitors, captures and controls the data being sent between the two parties communicating. 2)The attacker attempts to obtain information so that he/she can impersonate the receiver and sender communicating. 3)The attacker can thus re-route the data exchange. 4)This attack is termed as an application layer attack.

 It targets application servers by deliberately causing a fault in a server's operating system or applications. This results in the attacker gaining the ability to bypass normal access controls. The attacker takes advantage of this situation, gaining control of your application, system, or network, and can do any of the following:  Read, add, delete, or modify your data or operating system.  Introduce a virus program that uses your computers and software applications to copy viruses throughout your network.