Network Attack & Defense: Difference between revisions

From
Jump to navigation Jump to search
Line 47: Line 47:
** The legal definition of an attack assumes this took place only if someone arrived into the network!
** The legal definition of an attack assumes this took place only if someone arrived into the network!


* possible aggressors
* possible aggressors - Hackers (private or professional)

* Hackers (private or professional)
** classically
** classically
*** overcoming of entrance barriers
*** overcoming of entrance barriers

Revision as of 16:33, 28 January 2005

network attack & defense

  • introduction
  • network attacks
    • overview
    • port-scans
    • nessus
  • summary
  • references


introduction

  • IBM: increases of network attacks

number of the attacks on networks of state institutions between july and august last yearly around 55 % risen

  • 80% of all network attacks are committed within the firewall

of protected range ComputerWorld, Januar 2002

historical outline

  • 1971 John Draper find out that a toy whistle from a Muesli box

reproduces exactly the clay/tone that a free voice grade channel opens

  • 1984 in the USA are discharged the Comprehensive Crime

control act, a law that more possibilities to the secret service gives to put to credit card cheats and hackers the handicraft

  • 1986 in the USA two further laws, which concern themselves

with attacks on computer systems, are adopted: The computer Fraud and electronics Communications Privacy act

  • 1988 Robert Morris bring 6.000 computers in the internet with

a virus to the crash and to a punishment of $10.000 are condemned

  • 1994, summer Vladimir Levin, graduate of the pc. Petersburg

Universit, steal with a Russian group of hackers 10 millions $ of the Citibank. He is arrested 1995 in London.

  • 1998, 19 May members of the group of hackers of L0pht warn

of serious safety gaps. They maintain the internet in a half hour to paralyze to be able.


network attacks

overview

  • term clarifying
    • the term network attack is legally problematic
    • The legal definition of an attack assumes this took place only if someone arrived into the network!
  • possible aggressors - Hackers (private or professional)
    • classically
      • overcoming of entrance barriers
      • no destruction of data
      • no change of data
    • criminal (Cracker)
      • spying data
      • manipulation of data
      • destruction of data and systems
  • possible attack targets
    • everyone is endangers
    • everyone is a goal
    • nearly everyone was already a goal
  • goals of the aggressor
  • points of attack and weak points
  • what can we do?
  • network analysis


port-scans

nessus

summary

  • there is no chance to be save
  • but you can be close to

references