Seven Deadliest Network Attacks

By

  • Stacy Prowell, Senior Member of the CERT technical staff and Chief Scientist at STAR* Lab
  • Rob Kraus, CISSP, C|EH, MCSE; Senior Security Consultant for Solutionary, Inc.
  • Mike Borkin, MCSE, GSEC Gold

Seven Deadliest Network Attacks identifies seven classes of network attacks and discusses how the attack works, including tools to accomplish the attack, the risks of the attack, and how to defend against the attack. The book consists of seven chapters that deal with the following attacks: (i) denial of service; (ii) war dialing; (iii) penetration testing; (iv) protocol tunneling; (v) spanning tree attacks; (vi) man-in-the-middle; and (vii) password replay. These attacks are not mutually exclusive and were chosen because they help illustrate different aspects of network security. The principles on which they rely are unlikely to vanish any time soon, and they allow for the possibility of gaining something of interest to the attacker, from money to high-value data. This book is intended to provide practical, usable information. However, the world of network security is evolving very rapidly, and the attack that works today may (hopefully) not work tomorrow. It is more important, then, to understand the principles on which the attacks and exploits are based in order to properly plan either a network attack or a network defense.
View full description

Audience

Information security professionals of all levels; network admins; recreational hackers

 

Book information

  • Published: April 2010
  • Imprint: SYNGRESS
  • ISBN: 978-1-59749-549-3

Reviews

Attacks may and will change, but the principles, assumptions and practices being used will likely remain the same for quite some time, and the authors did a good job explaining them. And that is the real value of this book--Zeljka Zorz, Help Net Security

"[Knapp] provides a quite readable introduction to industrial networks and how familiar security principles can be translated to apply in this complex area…. Whether you are charged with defending an industrial network or curious about all the "buzz" over SCADA security, Knapp's book will provide a solid introduction to this fascinating area. Definitely a recommended read."--IEEE Security.org




Table of Contents


About the Authors

Introduction

Chapter 1 Denial of Service

    How Denial of Service Works

         Distributed Denial of Service

         Overview of a Denial of Service Attack

         Launching the Attack

    Dangers of Denial of Service

    Defense against Denial of Service

         General Advice

         Strategy

         Network Configuration

         DDoS Appliances

         IDS/IPS Systems

         Reacting to DDoS Attacks

         Over-Provisioning and Adaptive Provisioning

    The Future of Denial of Service

         Attack

         Defense

    Summary

    Endnotes

Chapter 2 War Dialing

    How War Dialing Attacks Work

         Gathering Numbers for War Dialing

         Sweeping for Live Modems

         Modem Reply Types

         War Dialing Tools

    The Danger of War Dialing

         Out-of-Band Support Channels

         Unauthorized Employee Access

         Vendor Support Modems

    The Future of War Dialing

    Defenses against War Dialing

         Attack Surface Reduction

         Modem Hardening

         System Hardening

         Discovery

    Summary

    Endnotes

Chapter 3 Penetration “Testing”

    How Penetration Testing Software Works

    Dangers with Penetration Testing Tools

         Nessus Vulnerability Scanning

         Metasploit Framework

         Hydra Password Attacks

    Future of Penetration Testing Tools

    Defenses against Penetration Testing Software

         Password Complexity, Lockouts, and Logging

         Endpoint Protection

         Egress Filtering and Proxies

         Intrusion Detection and Prevention

         Logical Access Controls

    Summary

Chapter 4 Protocol Tunneling

    How Protocol Tunneling Works

         The Great Firewall

         Setting Up a Channel with SSH

         Corkscrew and SSH over HTTPS

         SSH over HTTP

         Automation

    Dangers of Protocol Tunneling

    Defending against Protocol Tunneling

         Preventing Protocol Tunneling

         Detecting Protocol Tunneling

    The Future of Protocol Tunneling

    Summary

Chapter 5 Spanning Tree Attacks

    Layers of the Internet

    Understanding the Spanning Tree Protocol

         The Problem of Loops

         Solving the Loop Problem with the Spanning Tree Protocol

    How Spanning Tree Attacks Work

         Capturing BPDU Traffic

         Taking over the Root Bridge

         Denial of Service

         Man in the Middle

         Forging BPDU Frames

         Discovering the Network

    Dangers of Spanning Tree Attacks

    Defending against Spanning Tree Attacks

         Disable STP

         Root Guard and BPDU Guard

    The Future of Spanning Tree Attacks

    Summary

    Endnote

Chapter 6 Man-in-the-Middle

    How Man-in-the-Middle Attacks Work

         Sniffing Network Traffic

         Replay Attacks

         Command Injection

         Internet Control Message Protocol Redirect

         Denial of Service

    Dangers with Man-in-the-Middle Attacks

         Address Resolution Protocol Cache Poisoning

         Secure Sockets Layer Man-in-the-Middle

         Domain Name System Spoofing

    Future of Man-in-the-Middle Attacks

    Defenses against Man-in-the-Middle Attacks

         Knowing the Threats

         Defense-in-Depth Approach

         Public Key Infrastructure

         Port Security

         Use Encrypted Protocols

         Low-Level Detection

    Summary

Chapter 7 Password Replay

    How Password Replay Works

         Simple Password Sniffing

         Password Replay

         Address Resolution Protocol Poison Routing

    Dangers of Password Replay

    Defending against Password Replay

    The Future of Password Replay

    Summary

    Endnote

Index