Cs682 network management and security
This presentation is the property of its rightful owner.
Sponsored Links
1 / 18

CS682- Network Management and Security PowerPoint PPT Presentation


  • 43 Views
  • Uploaded on
  • Presentation posted in: General

CS682- Network Management and Security. Prof. Katz. The Hacker Mentality. The term was originally used to mean someone who made software do that which the programmer did not intend. Over time it was adapted to classify those who do the above for illegal purposes. Different types of hackers.

Download Presentation

CS682- Network Management and Security

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Cs682 network management and security

CS682- Network Management and Security

Prof. Katz


The hacker mentality

The Hacker Mentality

  • The term was originally used to mean someone who made software do that which the programmer did not intend.

  • Over time it was adapted to classify those who do the above for illegal purposes


Different types of hackers

Different types of hackers

  • Network Hackers – Continuously pound on networks looking for holes

  • Phreaks – Hardware hackers

  • Crackers – Code breakers

  • Most hackers believe they are “elite” and will not get caught. Some are right, most are wrong.


Evolution of a hacker

Evolution of a hacker

  • Hackers recently have been High School or undergraduate students.

  • After learning all they can about the target they begin trying to find a solution to let them in


After a hacker gets in

After a hacker gets in

  • The hacker will contact the system administrator

  • The hacker will retrieve the desired data

  • The hacker will deface the machine


Common forms of entry

Common forms of entry

  • Easy passwords

  • Unpatched servers (known attacks)

  • Security recommendations unfollowed

  • Buffer overflows


Progression of a hack

Progression of a hack

  • The hacker will initially determine all available information about the target network

  • The hacker will select a target which has the least amount of protection, which will allow him to get the data he wants.

  • The target will be compared against well known attacks

  • If source code is available for the target’s systems, the hacker will examine the code for new ways in.

  • The hacker may attempt to gain access to the password database.

  • The hacker will attempt brute force access to the system

  • The hacker may attempt to gain physical access to the system.


What tools are available

What tools are available?

  • If the hacker has programming experience, he can create his own tools

  • Commercially available tools are often free

    • nmap (www.insecure.org/nmap)

    • L0phtcrack

    • Tcpdump (network monitors)

    • Various assorted tools designed to scan for well known attacks.


Rfc 1918 nat

RFC-1918 / NAT


Rfc 1918

RFC-1918

  • Hosts not connected to the Internet do not need unique addresses

  • Hosts connected through a proxy server or Address Translation device do not need unique addresses

    • NB: The proxy server or NAT device will need at least 1 unique address!


Network address translation

Network Address Translation

  • IP Address theory provides 4,294,967,296 unique IP addresses. Because of Subnetting we’ve used almost the entire domain.

  • NAT allows us to use RFC1918 (fake, illegal) addresses for our LAN and have only a few addresses seen on the Internet


Types of nat

Types of NAT

  • One-to-One: Does not eliminate the number of used IP addresses, but provides for greater security

  • One-to-Many: Wastes IP addresses, only done when necessary for security

  • Many-to-One: One real address is used by many fake addresses


Concepts of nat

Concepts of NAT

  • Only important if

  • Every machine needs an IP address unique to its network

  • Networks need at least one unique address

  • When data traverses a NAT device the TCP and IP headers will be changed and in some cases the data will be changed too


How nat works

How NAT works


Why is nat secure

Why is NAT secure

  • In Many-to-One NAT, connections are never allowed from the outside to the LAN unless they are expected (ie FTP)

  • Generally in One-To-One NAT open ports must be indicated and connections specifically allowed

  • Outside individuals have no concept of the layout of the LAN


Problems with nat

Problems with NAT

  • Non-OSI compliant protocols will not work without special consideration

  • Protocols which make a connection back to the original host will not work

  • Sometimes difficult to install/maintain

  • Sometimes costly


Nat devices

NAT Devices

  • All Cable Modem/DSL Routers

  • Checkpoint Firewall-1

  • Linux

  • CISCO IOS

  • Windows 2000


Linux nat

Linux NAT


  • Login