Seven Deadliest Network Attacks
- 1st Edition - April 15, 2010
- Imprint: Syngress
- Authors: Stacy Prowell, Rob Kraus, Mike Borkin
- Language: English
- Paperback ISBN:9 7 8 - 1 - 5 9 7 4 9 - 5 4 9 - 3
- eBook ISBN:9 7 8 - 1 - 5 9 7 4 9 - 5 5 0 - 9
Seven Deadliest Network Attacks identifies seven classes of network attacks and discusses how the attack works, including tools to accomplish the attack, the risks of the attack, a… Read more
Purchase options
Institutional subscription on ScienceDirect
Request a sales quoteSeven Deadliest Network Attacks identifies seven classes of network attacks and discusses how the attack works, including tools to accomplish the attack, the risks of the attack, and how to defend against the attack. This book pinpoints the most dangerous hacks and exploits specific to networks, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable.
The book consists of seven chapters that deal with the following attacks: denial of service; war dialing; penetration testing; protocol tunneling; spanning tree attacks; man-in-the-middle; and password replay. These attacks are not mutually exclusive and were chosen because they help illustrate different aspects of network security. The principles on which they rely are unlikely to vanish any time soon, and they allow for the possibility of gaining something of interest to the attacker, from money to high-value data. This book is intended to provide practical, usable information. However, the world of network security is evolving very rapidly, and the attack that works today may (hopefully) not work tomorrow. It is more important, then, to understand the principles on which the attacks and exploits are based in order to properly plan either a network attack or a network defense.
Seven Deadliest Network Attacks will appeal to information security professionals of all levels, network admins, and recreational hackers.
- Knowledge is power, find out about the most dominant attacks currently waging war on computers and networks globally
- Discover the best ways to defend against these vicious attacks; step-by-step instruction shows you how
- Institute countermeasures, don’t be caught defenseless again, and learn techniques to make your computer and network impenetrable
Information security professionals of all levels; network admins; recreational hackers
About the Authors
Introduction
Chapter 1 Denial of Service
How Denial of Service Works
Distributed Denial of Service
Overview of a Denial of Service Attack
Launching the Attack
Dangers of Denial of Service
Defense against Denial of Service
General Advice
Strategy
Network Configuration
DDoS Appliances
IDS/IPS Systems
Reacting to DDoS Attacks
Over-Provisioning and Adaptive Provisioning
The Future of Denial of Service
Attack
Defense
Summary
Endnotes
Chapter 2 War Dialing
How War Dialing Attacks Work
Gathering Numbers for War Dialing
Sweeping for Live Modems
Modem Reply Types
War Dialing Tools
The Danger of War Dialing
Out-of-Band Support Channels
Unauthorized Employee Access
Vendor Support Modems
The Future of War Dialing
Defenses against War Dialing
Attack Surface Reduction
Modem Hardening
System Hardening
Discovery
Summary
Endnotes
Chapter 3 Penetration “Testing”
How Penetration Testing Software Works
Dangers with Penetration Testing Tools
Nessus Vulnerability Scanning
Metasploit Framework
Hydra Password Attacks
Future of Penetration Testing Tools
Defenses against Penetration Testing Software
Password Complexity, Lockouts, and Logging
Endpoint Protection
Egress Filtering and Proxies
Intrusion Detection and Prevention
Logical Access Controls
Summary
Chapter 4 Protocol Tunneling
How Protocol Tunneling Works
The Great Firewall
Setting Up a Channel with SSH
Corkscrew and SSH over HTTPS
SSH over HTTP
Automation
Dangers of Protocol Tunneling
Defending against Protocol Tunneling
Preventing Protocol Tunneling
Detecting Protocol Tunneling
The Future of Protocol Tunneling
Summary
Chapter 5 Spanning Tree Attacks
Layers of the Internet
Understanding the Spanning Tree Protocol
The Problem of Loops
Solving the Loop Problem with the Spanning Tree Protocol
How Spanning Tree Attacks Work
Capturing BPDU Traffic
Taking over the Root Bridge
Denial of Service
Man in the Middle
Forging BPDU Frames
Discovering the Network
Dangers of Spanning Tree Attacks
Defending against Spanning Tree Attacks
Disable STP
Root Guard and BPDU Guard
The Future of Spanning Tree Attacks
Summary
Endnote
Chapter 6 Man-in-the-Middle
How Man-in-the-Middle Attacks Work
Sniffing Network Traffic
Replay Attacks
Command Injection
Internet Control Message Protocol Redirect
Denial of Service
Dangers with Man-in-the-Middle Attacks
Address Resolution Protocol Cache Poisoning
Secure Sockets Layer Man-in-the-Middle
Domain Name System Spoofing
Future of Man-in-the-Middle Attacks
Defenses against Man-in-the-Middle Attacks
Knowing the Threats
Defense-in-Depth Approach
Public Key Infrastructure
Port Security
Use Encrypted Protocols
Low-Level Detection
Summary
Chapter 7 Password Replay
How Password Replay Works
Simple Password Sniffing
Password Replay
Address Resolution Protocol Poison Routing
Dangers of Password Replay
Defending against Password Replay
The Future of Password Replay
Summary
Endnote
Index
- Edition: 1
- Published: April 15, 2010
- No. of pages (Paperback): 176
- No. of pages (eBook): 176
- Imprint: Syngress
- Language: English
- Paperback ISBN: 9781597495493
- eBook ISBN: 9781597495509
SP
Stacy Prowell
Stacy Prowell is a senior member of the CERT technical staff, and chief scientist of STAR*Lab. He is an expert in the function-theoretic foundations of software, and is currently conducting research and development for function extraction technology. Prowell has managed both commercial and academic software development projects and consulted on design, development, and testing of applications ranging from consumer electronics to medical scanners, from small embedded real-time systems to very large distributed applications.
Prior to joining the SEI in 2005, Prowell was a research professor at the University of Tennessee. To support wider adoption of rigorous methods in industry, he started the Experimentation, Simulation, and Prototyping (ESP) project at the University of Tennessee, which develops software libraries and tools to support application of model-based testing and sequence-based specification. Software developed by this program is in use by over 30 organizations. Prior to working at the university, he served as a consultant in the software industry. His research interests include rigorous software specification methods, automated statistical testing, and function-theoretic analysis of program behavior. Prowell holds a PhD in Computer Science from the University of Tennessee and is a member of the ACM, IEEE, and Sigma Xi.
Affiliations and expertise
Senior Member of the CERT technical staff and Chief Scientist at STAR* LabRK
Rob Kraus
Rob Kraus (CISSP, C|EH, MCSE) is a Senior Security Consultant for Solutionary, Inc. Rob is responsible for organizing customer requirements, on-site project management and client support while ensuring quality and timeliness of Solutionary's products and services.
Rob was previously a Remote Security Services Supervisor with Digital Defense, Inc. He performed offensive-based security assessments consisting of penetration testing, vulnerability assessment, social engineering, wireless and VoIP penetration testing, web application penetration tests and vulnerability research. As a supervisor, Rob was also responsible for leading and managing a team of penetration testers who performed assessment services for Digital Defense's customers.
Rob's background also includes contracting as a security analyst for AT&T during the early stages of the AT&T U-verse service as well as provisioning, optimizing, and testing OC-192 fiber-optic networks while employed with Nortel Networks.
Rob also speaks at information security conferences and universities in an effort to keep the information security community informed of current security trends and attack methodologies.
Affiliations and expertise
CISSP, C|EH, MCSE; Senior Security Consultant for Solutionary, Inc.MB
Mike Borkin
Mike Borkin (MCSE, GSEC Gold) is an internationally recognized author and speaker in the area of IT security where he focuses mostly on data protection strategies, Microsoft security, and security architecture/engineering best practices. In addition to contributing articles related to security to magazines and speaking engagements for groups such as SANS and The Open Group in both the US and Europe, Mike is also the Co-Author of Vista Security for Dummies.
Affiliations and expertise
MCSE, GSEC GoldRead Seven Deadliest Network Attacks on ScienceDirect