1 / 18

Thach Luong ECE 478 - Network Security March 7, 2005

Thach Luong ECE 478 - Network Security March 7, 2005. Definitions. Multiple definition (mostly negative) One who uses programming skills to gain illegal access to a computer network or file. One who is proficient at using or programming a computer; a computer buff. Good and Bad Hackers.

sakura
Download Presentation

Thach Luong ECE 478 - Network Security March 7, 2005

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Thach Luong ECE 478 - Network Security March 7, 2005

  2. Definitions • Multiple definition (mostly negative) • One who uses programming skills to gain illegal access to a computer network or file. • One who is proficient at using or programming a computer; a computer buff.

  3. Good and Bad Hackers • Media Misconceptions • Hacking involves illegal activities. • Good hackers defend companies. • Focus: Bad Hackers • Information thefts (personal, business, government, etc). • Destruction • Terrorism

  4. First Network Hack (Telephone) • John Draper (AKA Cap’n Crunch) • 1970’s: • Free long distance calls using a whistle found in a cereal box. • Whistle emits the same frequency as AT&T long lines to indicate a line was ready to route a new call (2600 Hz).

  5. First Network Hack (Telephone) • Flaw: • AT&T took cost cutting measures. • The signaling and voice used the same circuit. • This flaw made the system vulnerable to anybody that can generate 2600 Hz. • Solution: • Now signaling takes place on a separate path from the one you talk on.

  6. First Computer Hacks (worms) • 1986 • Federal Computer Fraud and Abuse Act. • 1988: Robert Morris (Graduate in CS at Cornell). • Wrote an experimental, self-replicating, self-propagating program (worm). • Crashed 6,000 net-linked computers. • Three years of probation, 400 hours of community service, a fine of $10,050, and the costs of his supervision.

  7. The Worm • Hole in the debug mode of Unix’s sendmail. • Hole in the finger daemon fingerd, which serves finger requests. • The worm kept replicating itself hundreds and hundreds of times. • The loop caused the computer’s memories, drives, and processors to get filled up and stop working.

  8. Sniffers • Grabs all of the traffic flowing into and out of a computer attached to a network. • Tells its Network Interface Card (NIC) to stop ignoring all the traffic headed to other computers. • promiscuous mode • A machine can see all the data transmitted on its segment.

  9. Sniffers • Timestamps • Source and destination MAC addresses • Source and destination IP addresses. • The numbered lines (0x00##). • Shows the data transmitted by each packet in hexadecimal format.

  10. Sniffers Solutions • Anti-Sniffing tools • Encryption • Switched networks. • Non-switched environment. • Packets are visible to every node on the network. • Switched environment • Packets are only delivered to the target address.

  11. Spoofing • Creation of TCP/IP packets using somebody else's IP address. • Routers use the "destination IP" address in order to forward packets through the Internet, but ignore the "source IP" address.

  12. Spoofing Solutions • Disable JavaScript in your browser. • The attacker will be unable to hide the evidence of the attack. • Make sure your browser’s location line is always visible. • They should always point to the server you think you’re connected to.

  13. Phishing • ‘Spoofed' e-mails and fraudulent websites designed to fool recipients into releasing personal data such as: • Credit card numbers • Account usernames and passwords • Social security numbers, etc.

  14. Phishing Solutions • Do not reply to email or pop-up that asks for personal or financial information. • Don’t email personal or financial information. • Be cautious about opening any attachment or downloading any files from emails. • Report suspicious activity to the FTC.

  15. Port-Scanning • The act of systematically scanning a computer's ports. • A port is a place where information goes into and out of a computer. • Port scanning identifies open doors to a computer.

  16. Types of Port-Scans • Vanilla • Attempts to connect to all 65,535 ports. • Strobe • A more focused scan looking only for known services to exploit. • Fragmented packets • The scanner sends packet fragments that get through simple packet filters in a firewall. • UDP • The scanner looks for open UDP ports. • Sweep • The scanner connects to the same port on more than one machine. • FTP bounce • The scanner goes through an FTP server in order to disguise the source of the scan. • Stealth scan • The scanner blocks the scanned computer from recording the port scan activities.

  17. Port-Scanning Solutions • Accessing the Internet server opens a port, which opens a door to your computer. • There are software products that can stop a port scanner from doing any damage to your system.

  18. Sources • [1] “A history of hacking.” http://www.sptimes.com/Hackers/history.hacking.html. 2000. • [2] “Good hackers, bad hackers, and hackers-for-hire .” http://techrepublic.com.com/5100-6228-1031352.html#. 2005. • [3] “Hackers.” http://tlc.discovery.com/convergence/hackers/hackers.html. 2005. • [4] “Web Crunchers.” http://www.webcrunchers.com/crunch/story.html. 2004. • [5] “Sniffers.” http://www.securityfocus.com/infocus/1549. February 2002. • [6] “Web Spoofing.” http://www.cs.princeton.edu/sip/pub/spoofing.pdf. 1997. • [7] “Anti-Phishing.” http://www.antiphishing.org. January 2005. • [8] “Port-Scanning.” http://www.cs.wright.edu/~pmateti/Courses/499/Probing. 2001. • [9] “Port-Scanning.” http://e-comm.webopedia.com/TERM/P/port_scanning.html. 2005.

More Related