Scribd Logo
Upload

Welcome to Scribd!

  • Concepts in Network Security: LTC Ronald Dodge, Ph.D. United States Military Academy

    Uploaded by

    kaushal prajapati
    7 views28 pages

    Original Title

    sln070

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views28 pages

    Concepts in Network Security: LTC Ronald Dodge, Ph.D. United States Military Academy

    Uploaded by

    kaushal prajapati

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 28

    Concepts in Network Security

    Win 2K3
    Red Hat
    Win 2K

    SuSE
    Virtual Machine

    X86 hardware

    LTC Ronald Dodge, Ph.D.


    United States Military Academy
    Trends in Network Security
    ƒ Attackers ƒ Network systems
    ƒ Increasing sophistication ƒ Increasing connectivity
    ƒ Increasing ƒ Increasing complexity
    communication/ ƒ Increasing functionality
    collaboration ƒ Increasing “computrons”
    ƒ Defenders ƒ Increased application
    ƒ Increasing complexity security
    ƒ Increasing dependency ƒ Activity
    ƒ Increasing attrition ƒ Increased state and
    ƒ Decreasing budgets non-state sponsorship
    ƒ Persistent ignorance/ ƒ Increased patching
    increasing awareness/ ƒ Increasing probes and
    more knowledgeable “Recon by Fire”
    sysadmin
    Trends: Another Picture
    cross site scripting
    BOTnets
    Intruder denial of service
    High distributed attacks
    Knowledge packet spoofing
    www attacks
    sweepers
    GUI interfaces
    automated probes
    network diagnostics
    backdoors
    burglaries
    disabling audits
    Attack session high jacking
    Sophistication burglaries
    exploiting known vulnerabilities
    password cracking
    self-replicating code
    Low
    password guessing

    1980 1985 1990 1995 2000


    Security Trade-offs
    Assumes Fixed Cost

    Performance
    2

    1
    it y
    u r Functionality
    e c
    S

    Also Convenience Usability


    Overview

    ƒ Motivation
    ƒ Virtual Information Assurance Network
    (VIAN) introduction
    ƒ Viruses, Worms and Trojans – Oh My!
    ƒ (And don’t forget about SPAM)
    USMA VIAN
    ƒ Virtual network design
    presents students with two
    internal networks separated
    by a firewall
    ƒ Red – contains machines that
    are used to launch exploits
    ƒ Blue – contains target
    machines (running
    installations of Windows and
    Linux systems)
    ƒ A second firewall acts as a
    gateway to the host machine
    ƒ Virtual Machines can connect
    to “physical network” by
    bridging through the host
    interface
    How Does VMware Workstation Work?
    Intel Architecture with VMware

    The VMware virtualization layer sites between the hardware


    and software and allows users to create virtual machines
    that are the full equivalent of a standard x86 machine
    USMA VIAN Configuration
    ƒ VMware license: Academic $130 each
    ƒ OS licenses
    ƒ Solaris: $20
    ƒ MSDNAA: Deeply discounted
    ƒ Applications: Most all open source
    ƒ Hardware
    ƒ P4 1.8GhZ, 1 GB RAM (512), 60 GB HD
    USMA VIAN Operating Systems
    ƒ Windows 2003 (all versions) ƒ Debian 3
    ƒ Windows XP Pro ƒ Engarde
    ƒ Windows XP home ƒ Fedora
    ƒ Windows 2000 Server ƒ Gentoo
    ƒ IPcop
    ƒ Windows 2000 Pro
    ƒ Netwosix
    ƒ Windows NT
    ƒ Sentinix
    ƒ Windows 98 ƒ Slackware
    ƒ Smoothwall
    ƒ Trustix
    ƒ vexlinux
    ƒ Mandrake
    ƒ Red Hat Linux
    ƒ Free BSD
    ƒ OpenBSD
    ƒ Solaris 9
    USMA VIAN Modules
    ƒ Attacking the Connection with Man ƒ Introduction to the VIAN environment
    in the Middle and using virtual machines
    ƒ Defending with Firewalls: Basic ƒ Introduction to the VIAN environment
    ƒ Defending with Firewalls: In-depth and network fundamentals
    ƒ Defending: Network intrusion ƒ Reconnaissance: Spyware
    detection using SNORT ƒ Reconnaissance: SPAM/phishing
    ƒ Defending: Host based intrusion ƒ Reconnaissance: Social engineering
    detection with monitors ƒ Reconnaissance: Port scanning
    ƒ Forensics: Intro ƒ Reconnaissance: OS finger printing
    ƒ Forensics: Advanced 1 ƒ Reconnaissance: Network
    ƒ Forensics: Advanced 2 enumeration
    ƒ Cryptography: Intro ƒ Reconnaissance: Vulnerability
    ƒ Cryptography: Advanced 1 scanning
    ƒ Cryptography: Advanced 2 ƒ Attacking with Trojan horses using
    ƒ Sys Admin: Routing with Zebra e-mail
    ƒ Sys Admin: AD ƒ Attacking with buffer overflows
    ƒ Sys Admin: Exchange ƒ Attacking with Virii
    ƒ Attacking passwords
    Viruses, Worms and Trojans – Oh My!
    HACKER Pre-test
    ƒ Can you read this?
    ƒ T1hs iz da h0m3p4g3 0f d4
    m0St l33T w4r3z gR0uP th3r3
    iz, LWE! W3 f0cUs oN bRiNgIng
    j0 dA l4t3eSt 0-dAy 313373
    w4r3z év3rydAy. J0 c4n f1nd aLl
    0ur r3l3ases 0n ThIs l33t p4ge!!
    Ph34r 0ur sKiLlz!!
    H4x0r Language Homework

    www.google.com
    ->preferences
    Example Malicious Program Types
    ƒ Viruses
    ƒ Worms
    ƒ Trojan horses
    ƒ Backdoors
    ƒ Buffer overflows
    ƒ Application misuse
    Hacking, Step-by-Step
    ƒ Well, this ain't exactly for beginners, but it'll
    have to do. What all hackers have to know
    is that there are 4 steps in hacking...
    ƒ Step 1: Getting access to site
    ƒ Step 2: Hacking r00t
    ƒ Step 3: Covering your traces
    ƒ Step 4: Keeping that account

    http://forbidden.net-security.org/txt/beginner.txt
    Hacking, Step-by-Step

    ƒ More formally:
    ƒ Reconnaissance
    ƒ Exploitation
    ƒ Consolidate
    ƒ Reorganize
    Reconnaissance
    ƒ Passive recon
    ƒ Web-based recon
    ƒ DNS recon
    ƒ Active recon
    ƒ Social engineering
    ƒ Via e-mail
    ƒ Via telephone
    ƒ Via casual conversation
    ƒ Dumpster diving
    ƒ Scanning
    ƒ Finger printing operating systems
    Scanning
    ƒ Scanning
    ƒ A method for discovering exploitable communication
    channels. The idea is to probe as many listeners as
    possible, and keep track of the ones that are
    receptive or useful to your particular need

    ƒ SuperScan – NMAP – Nessus


    ƒ CORE Impact – Metasploit – WHAX 3.0
    (a.k.a. WHOPPIX)
    Sniffing
    ƒ Sniffing
    ƒ A packet sniffer is a wire-tap devices that plugs
    into computer networks and eavesdrops on the
    network traffic. A “sniffing” program lets
    someone listen in on computer conversations

    ƒ Ethereal FTP/SFTP Demo


    Exploitation
    ƒ Gain User Access to System
    ƒ Elevate Privileges
    ƒ Network Based
    ƒ Passive Sniffing
    ƒ Active Sniffing
    ƒ Worms
    ƒ Denial Of Service
    ƒ Operating System and Application Based
    ƒ Buffer overflows
    ƒ Passwords attacks
    ƒ Virus
    ƒ Denial of service
    Exploits

    ƒ IIS buffer overflow


    ƒ DCOM
    Consolidation
    ƒ Cover tracks
    ƒ Delete/modify log files
    ƒ Hide files
    ƒ Tunnel communications
    ƒ Use covert channels
    ƒ Demo:
    ƒ PWdump
    ƒ IISlogclean
    ƒ VNC
    Reorganization

    ƒ Maintain access
    ƒ Patch
    ƒ Install backdoor
    User Security
    ƒ E-mail security
    ƒ E-mail worm / Trojan horse / back door
    ƒ Flip screen
    ƒ Sub7
    ƒ Netbus
    ƒ Phishing
    ƒ Password security
    Links

    ƒ USMA IWAR and VIAN


    ƒ Web: http://www.itoc.usma.edu
    ƒ E-mail: itoc@usma.edu

    You might also like