Network Attack & Defense: Difference between revisions

network attack & defense

• introduction
• network attacks
  • overview
  • port-scans
  • nessus
• summary
• references

introduction

• IBM: increases of network attacks

number of the attacks on networks of state institutions between july and august last yearly around 55 % risen

• 80% of all network attacks are committed within the firewall

of protected range ComputerWorld, Januar 2002

historical outline

• 1971 John Draper find out that a toy whistle from a Muesli box

reproduces exactly the clay/tone that a free voice grade channel opens

• 1984 in the USA are discharged the Comprehensive Crime

control act, a law that more possibilities to the secret service gives to put to credit card cheats and hackers the handicraft

• 1986 in the USA two further laws, which concern themselves

with attacks on computer systems, are adopted: The computer Fraud and electronics Communications Privacy act

• 1988 Robert Morris bring 6.000 computers in the internet with

a virus to the crash and to a punishment of $10.000 are condemned

• 1994, summer Vladimir Levin, graduate of the pc. Petersburg

Universit, steal with a Russian group of hackers 10 millions $ of the Citibank. He is arrested 1995 in London.

• 1998, 19 May members of the group of hackers of L0pht warn

of serious safety gaps. They maintain the internet in a half hour to paralyze to be able.

network attacks

overview

• term clarifying
  • the term network attack is legally problematic
  • The legal definition of an attack assumes this took place only if someone arrived into the network!

• possible aggressors - Hackers (private or professional)
  • classically
    • overcoming of entrance barriers
    • no destruction of data
    • no change of data
  • criminal (Cracker)
    • spying data
    • manipulation of data
    • destruction of data and systems

• possible attack targets
  • everyone is endangers
  • everyone is a goal
  • nearly everyone was already a goal

• goals of the aggressor
  • feigning a wrong identity
  • seeing confidential enterprise data
  • changing and falsifying data/messages
  • transfer of dangerous programs into the system
  • enterprises in discredit bring

• motivation
  • tests of the own abilities and borders
  • monetary goals
  • revenge of quit coworkers

• points of attack and weak points
  • a main cause for the multiplicity at safety problems in the InterNet represents the architecture in principle of the communication protocols TCP/IP and UDP
  • to using the ignorance of users
  • using safety gaps in programs, those on the attacked computer runs (e.g. Web Browser)
  • weak passwords

• what can we do?
  • own systems and of them (normal) behavior (very much) good know!
  • on remarkablenesses concentrate, e.g.:
    • computer is unexpectedly slow
    • non removable disk is the being obvious for unexplainable reasons fully
    • first examines
  • calm remains; Panic causes errors
  • be prepared!
  • do allways
  • Deinstallieren
    • switching off
    • configuring
    • patching
    • virus protection
    • user behaviors:
      • optimal: Users do not install software
      • for minimum requirement: Training of the users: Software from the InterNet saves risks

with attention of these measures is avoidable over 99% all "Hacks"!

• network analysis

port-scans

nessus

summary

• there is no chance to be save

• but you can be close to

references

• http://www.computec.ch/dokumente/allgemein/angriffsmoeglichkeiten_auf_netzwerke/angriffsmoeglichkeiten_auf_netzwerke.pdf
• http://www.telematik-institut.de/publikationen/online-vorlesungen/weitere_vorlesungen_und_skripte/SION-kap-3.4.pdf
• http://www1.logistik.fh-dortmund.de/IT-Sicherheit/50_AdministratorenTools.pdf