cs682 network management and security
Skip this Video
Download Presentation
CS682- Network Management and Security

Loading in 2 Seconds...

play fullscreen
1 / 18

CS682- Network Management and Security - PowerPoint PPT Presentation

  • Uploaded on

CS682- Network Management and Security. Prof. Katz. The Hacker Mentality. The term was originally used to mean someone who made software do that which the programmer did not intend. Over time it was adapted to classify those who do the above for illegal purposes. Different types of hackers.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'CS682- Network Management and Security' - dai

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
the hacker mentality
The Hacker Mentality
  • The term was originally used to mean someone who made software do that which the programmer did not intend.
  • Over time it was adapted to classify those who do the above for illegal purposes
different types of hackers
Different types of hackers
  • Network Hackers – Continuously pound on networks looking for holes
  • Phreaks – Hardware hackers
  • Crackers – Code breakers
  • Most hackers believe they are “elite” and will not get caught. Some are right, most are wrong.
evolution of a hacker
Evolution of a hacker
  • Hackers recently have been High School or undergraduate students.
  • After learning all they can about the target they begin trying to find a solution to let them in
after a hacker gets in
After a hacker gets in
  • The hacker will contact the system administrator
  • The hacker will retrieve the desired data
  • The hacker will deface the machine
common forms of entry
Common forms of entry
  • Easy passwords
  • Unpatched servers (known attacks)
  • Security recommendations unfollowed
  • Buffer overflows
progression of a hack
Progression of a hack
  • The hacker will initially determine all available information about the target network
  • The hacker will select a target which has the least amount of protection, which will allow him to get the data he wants.
  • The target will be compared against well known attacks
  • If source code is available for the target’s systems, the hacker will examine the code for new ways in.
  • The hacker may attempt to gain access to the password database.
  • The hacker will attempt brute force access to the system
  • The hacker may attempt to gain physical access to the system.
what tools are available
What tools are available?
  • If the hacker has programming experience, he can create his own tools
  • Commercially available tools are often free
    • nmap (www.insecure.org/nmap)
    • L0phtcrack
    • Tcpdump (network monitors)
    • Various assorted tools designed to scan for well known attacks.
rfc 1918
  • Hosts not connected to the Internet do not need unique addresses
  • Hosts connected through a proxy server or Address Translation device do not need unique addresses
    • NB: The proxy server or NAT device will need at least 1 unique address!
network address translation
Network Address Translation
  • IP Address theory provides 4,294,967,296 unique IP addresses. Because of Subnetting we’ve used almost the entire domain.
  • NAT allows us to use RFC1918 (fake, illegal) addresses for our LAN and have only a few addresses seen on the Internet
types of nat
Types of NAT
  • One-to-One: Does not eliminate the number of used IP addresses, but provides for greater security
  • One-to-Many: Wastes IP addresses, only done when necessary for security
  • Many-to-One: One real address is used by many fake addresses
concepts of nat
Concepts of NAT
  • Only important if
  • Every machine needs an IP address unique to its network
  • Networks need at least one unique address
  • When data traverses a NAT device the TCP and IP headers will be changed and in some cases the data will be changed too
why is nat secure
Why is NAT secure
  • In Many-to-One NAT, connections are never allowed from the outside to the LAN unless they are expected (ie FTP)
  • Generally in One-To-One NAT open ports must be indicated and connections specifically allowed
  • Outside individuals have no concept of the layout of the LAN
problems with nat
Problems with NAT
  • Non-OSI compliant protocols will not work without special consideration
  • Protocols which make a connection back to the original host will not work
  • Sometimes difficult to install/maintain
  • Sometimes costly
nat devices
NAT Devices
  • All Cable Modem/DSL Routers
  • Checkpoint Firewall-1
  • Linux
  • Windows 2000