Network Security: Reconnaissance and DoS Attacks

Reconnaissance Attacks

• Types of reconnaissance attacks include internet information queries, ping sweeps, port scans, and packet sniffers
• These attacks are used to gather information about a target system or network

DoS Attacks

• Types of DoS attacks include ping of death, smurf attack, TCP SYN flood attack, packet fragmentation and reassembly, email bombs, CPU hogging, malicious applets, misconfiguring routers, and out-of-band attacks
• Examples of out-of-band attacks include WinNuke, Land.c, Teardrop.c, and Targa.c

Securing Communications

• Three primary objectives of securing communications are authentication, integrity, and confidentiality
• Authentication guarantees that a message is not a forgery and comes from the claimed sender
• Integrity guarantees that a message has not been intercepted and altered
• Confidentiality guarantees that a captured message cannot be deciphered

Encryption

• There are two types of symmetric encryption techniques: block ciphers and stream ciphers

Data Encryption Standard (DES)

• DES operation encrypts each 64-bit plaintext block using a 56-bit key
• If two identical plaintext blocks are encrypted using the same key, their ciphertext blocks are the same
• This makes DES vulnerable to attacks

Triple Data Encryption Standard (3DES)

• 3DES encryption and decryption use three iterations of DES encryption and decryption

Diffie-Hellman Key Exchange

• Diffie-Hellman is commonly used to exchange data securely over the internet using IPsec VPN, SSL, TLS, or SSH
• It is not an encryption mechanism, but rather a key exchange algorithm
• It is used to create keys for symmetric encryption algorithms

Symmetric vs Asymmetric Key Algorithms

• Symmetric algorithms use the same key for encryption and decryption
• Asymmetric algorithms use a pair of keys: a public key for encryption and a private key for decryption
• Asymmetric algorithms are used for confidentiality and authentication

Firewalls

• Firewalls cannot protect against attacks that bypass the firewall
• Firewalls may not fully protect against internal threats
• Improperly secured wireless LANs can be accessed from outside the organization
• Infected laptops or devices can be used to launch internal attacks

Network Security

• Network security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure
• The goal of network security is to create a secure platform for computers, users, and programs to perform their permitted critical functions within a secure environment

Information Security

• Information security refers to the processes and methodologies designed and implemented to protect confidential, private, and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption

Evolution of Network Security

• Threats to networks include network attacks, internal threats, and external threats
• Attacks can be structured or unstructured

Hacker Types

• White hat hackers use their abilities to find vulnerabilities in systems or networks and report them to the owners for fixing
• Black hat hackers use their knowledge of computer systems to break into systems or networks with malicious intent
• Crackers attempt to gain unauthorized access to systems or networks with malicious intent
• Hackers are general terms that describe computer programming experts