Professional Documents
Culture Documents
Threats
CCNA Security
Objectives
Fundamental Principles
of a Secure network
Security Technology
1984
Late 1988
1989
1991
1994
1995
NetRanger IDS
August, 1997
RealSecure IDS
1998
Snort IDS
Late 1999
First IPS
2006
Year
Security Technology
1993
1996
1999
SSH
2000
MPLS VPNs
2001
2002
2005
SSL VPN
This virus
resulted
in
memory
overflows
in
Internet
mail
servers.
Network security
professionals must
collaborate with
professional colleagues
more frequently than
most other professions.
education organization.
The focus of SANS is information security training and certification.
SANS develops security courses that can be taken to prepare for
Global Information Assurance Certification (GIAC) in auditing,
management, operations, legal issues, security administration, and
software security
Refer: 1.1.4.1
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Viruses
A virus is malicious software which attaches to another program to
Viruses
Viruses
Worms
Worms
Worms
Trojan Horses
A Trojan Horse in the world of computing is
Trojan Horses
Trojan Horses are usually classified according to the damage
that they cause or the manner in which they breach a system:
Remote-access Trojan Horse (enables unauthorized remote
access)
Data sending Trojan Horse (provides the attacker with sensitive
data such as passwords)
Destructive Trojan Horse (corrupts or deletes files)
Proxy Trojan Horse (user's computer functions as a proxy
server)
FTP Trojan Horse (opens port 21)
Security software disabler Trojan Horse (stops anti-virus
programs or firewalls from functioning)
Denial of Service Trojan Horse (slows or halts network activity)
to buffer overflows.
A buffer is an allocated area of memory used by processes to store
data temporarily.
Attach
Methodologies
Type of attacks
There are many different types of network attacks other than viruses,
worms, and Trojan Horses:
Refer: 1.3.1.1
Reconnaissance Attacks
Reconnaissance attacks involve the unauthorized discovery and
mapping of systems, services, or vulnerabilities.
Reconnaissance is analogous to a thief surveying a neighborhood for
vulnerable homes to break into, such as an unoccupied residence or a
house with an easy-to-open door or window.
Access Attacks
Access attacks exploit known vulnerabilities in authentication services,
FTP services, and web services to gain entry to web accounts,
confidential databases, and other sensitive information.
Denial of Service Attacks
Denial of service attacks send extremely large numbers of requests
over a network or the Internet
Reconnaissance Attacks
Reconnaissance Attacks
Reconnaissance Attacks
Refer: 1.3.1.4
Reconnaissance Attacks
Access Attacks
Access Attacks
Password attack
Access Attacks
Refer: 1.3.2.2
Trust exploitation
Access Attacks
Port redirection
Access Attacks
Man-in-the-middle attack
Access Attacks
Buffer overflow
Access Attacks
A DoS attack is a network attack that devices can not provide service for
user because of overflow buffer or CPU and so on.
There are two major reasons a DoS attack occurs:
A host or application fails to handle an unexpected condition, such as
maliciously formatted input data, an unexpected interaction of system
components, or simple resource exhaustion.
A network, host, or application is unable to handle an enormous
quantity of data, causing the system to crash or become extremely
slow.
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Refer: 1.3.3.2
DoS attack
Refer: 1.3.3.2
There are five basic ways that DoS attacks can do harm:
Consumption of resources, such as bandwidth, disk space, or processor
time
Disruption of configuration information, such as routing information
Disruption of state information, such as unsolicited resetting of TCP
sessions
Disruption of physical network components
Obstruction of communication between the victim and others.
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Summary