Professional Documents
Culture Documents
05 - Network Threats - 1
05 - Network Threats - 1
Bilal Ahmed
1
Opportunity
Motive Means
2
Network Threats
• Social Engineering
• Password Guessing
• Malware threats
• Network Sniffing
• ARP Poisoning
to login or sign-up
of persons
Computer-based Social Engineering
• Instant Chat Messenger: Gathering personal
information by chatting with a selected online
user to get personal information
• Example
Computer-based Social Engineering
• Phishing
• Whaling
• Sniffing
Guessing Passwords
• Attackers’ strategies
• Password format
• Then P ≥ TG/N
Example-1
• Choose a password which is 6 chars long and the
• Example
• Netbus
Example: NetBus
• Designed for Windows NT system
• Mode of operation
• Client – server
• Victim installs this
– Usually disguised as a game program
• Acts as a server, accepting and executing
commands for remote administrator (client)
– This includes intercepting keystrokes and mouse
motions and sending them to attacker
– Also allows attacker to upload, download files
Example: NetBus
Malware Threats
• Rootkit
– A set of programs or utilities that allows someone to
maintain root‐level access to the system
• Ransomware
• Problem - ?
Malware Threats
• Adware
– Short form of advertising-supported software
– Automatically delivers advertisements
– Majority aims at solely being the advertisers
– Some are capable of tracking user activity and stealing
information
• Spyware
– Functions by spying on user activity without their knowledge
– Can include activity monitoring, collecting keystrokes, data
harvesting (account information, logins, financial data)
Malware Threats
• Logic Bomb
• A program that performs an action that violates the security
policy when some external event occurs
updated
• Backup data
• Sandboxing
Sandboxing
• Security technique that isolates programs, preventing
malicious programs from damaging the rest of your
computer
• Isolates applications from critical system resources and
other programs
• Provides an extra layer of security that prevents malware
or harmful applications from negatively affecting your
system
• Without sandboxing, an application may have unrestricted
access to all system resources and user data on a
computer
• A sandboxed app on the other hand, can only access
resources in its own "sandbox
Sandboxing
Network Sniffing
Network Sniffing
• Sniffing is a process of monitoring and capturing all data packets
passing through a given network using sniffing tools
• Generally, sniffers do not intercept or alter captured data
• Easy in hub based network
How a Sniffer works
• Shared Ethernet
– An attacker gets connected to the target network in order to sniff
the packets