Seven Deadliest Network Attacks book cover

Seven Deadliest Network Attacks

Seven Deadliest Network Attacks identifies seven classes of network attacks and discusses how the attack works, including tools to accomplish the attack, the risks of the attack, and how to defend against the attack. The book consists of seven chapters that deal with the following attacks: (i) denial of service; (ii) war dialing; (iii) penetration testing; (iv) protocol tunneling; (v) spanning tree attacks; (vi) man-in-the-middle; and (vii) password replay. These attacks are not mutually exclusive and were chosen because they help illustrate different aspects of network security. The principles on which they rely are unlikely to vanish any time soon, and they allow for the possibility of gaining something of interest to the attacker, from money to high-value data. This book is intended to provide practical, usable information. However, the world of network security is evolving very rapidly, and the attack that works today may (hopefully) not work tomorrow. It is more important, then, to understand the principles on which the attacks and exploits are based in order to properly plan either a network attack or a network defense.


Information security professionals of all levels; network admins; recreational hackers

Paperback, 176 Pages

Published: April 2010

Imprint: Syngress

ISBN: 978-1-59749-549-3


  • Attacks may and will change, but the principles, assumptions and practices being used will likely remain the same for quite some time, and the authors did a good job explaining them. And that is the real value of this book--Zeljka Zorz, Help Net Security

    "[Knapp] provides a quite readable introduction to industrial networks and how familiar security principles can be translated to apply in this complex area…. Whether you are charged with defending an industrial network or curious about all the "buzz" over SCADA security, Knapp's book will provide a solid introduction to this fascinating area. Definitely a recommended read."--IEEE


  • About the Authors


    Chapter 1 Denial of Service

        How Denial of Service Works

             Distributed Denial of Service

             Overview of a Denial of Service Attack

             Launching the Attack

        Dangers of Denial of Service

        Defense against Denial of Service

             General Advice


             Network Configuration

             DDoS Appliances

             IDS/IPS Systems

             Reacting to DDoS Attacks

             Over-Provisioning and Adaptive Provisioning

        The Future of Denial of Service





    Chapter 2 War Dialing

        How War Dialing Attacks Work

             Gathering Numbers for War Dialing

             Sweeping for Live Modems

             Modem Reply Types

             War Dialing Tools

        The Danger of War Dialing

             Out-of-Band Support Channels

             Unauthorized Employee Access

             Vendor Support Modems

        The Future of War Dialing

        Defenses against War Dialing

             Attack Surface Reduction

             Modem Hardening

             System Hardening




    Chapter 3 Penetration “Testing”

        How Penetration Testing Software Works

        Dangers with Penetration Testing Tools

             Nessus Vulnerability Scanning

             Metasploit Framework

             Hydra Password Attacks

        Future of Penetration Testing Tools

        Defenses against Penetration Testing Software

             Password Complexity, Lockouts, and Logging

             Endpoint Protection

             Egress Filtering and Proxies

             Intrusion Detection and Prevention

             Logical Access Controls


    Chapter 4 Protocol Tunneling

        How Protocol Tunneling Works

             The Great Firewall

             Setting Up a Channel with SSH

             Corkscrew and SSH over HTTPS

             SSH over HTTP


        Dangers of Protocol Tunneling

        Defending against Protocol Tunneling

             Preventing Protocol Tunneling

             Detecting Protocol Tunneling

        The Future of Protocol Tunneling


    Chapter 5 Spanning Tree Attacks

        Layers of the Internet

        Understanding the Spanning Tree Protocol

             The Problem of Loops

             Solving the Loop Problem with the Spanning Tree Protocol

        How Spanning Tree Attacks Work

             Capturing BPDU Traffic

             Taking over the Root Bridge

             Denial of Service

             Man in the Middle

             Forging BPDU Frames

             Discovering the Network

        Dangers of Spanning Tree Attacks

        Defending against Spanning Tree Attacks

             Disable STP

             Root Guard and BPDU Guard

        The Future of Spanning Tree Attacks



    Chapter 6 Man-in-the-Middle

        How Man-in-the-Middle Attacks Work

             Sniffing Network Traffic

             Replay Attacks

             Command Injection

             Internet Control Message Protocol Redirect

             Denial of Service

        Dangers with Man-in-the-Middle Attacks

             Address Resolution Protocol Cache Poisoning

             Secure Sockets Layer Man-in-the-Middle

             Domain Name System Spoofing

        Future of Man-in-the-Middle Attacks

        Defenses against Man-in-the-Middle Attacks

             Knowing the Threats

             Defense-in-Depth Approach

             Public Key Infrastructure

             Port Security

             Use Encrypted Protocols

             Low-Level Detection


    Chapter 7 Password Replay

        How Password Replay Works

             Simple Password Sniffing

             Password Replay

             Address Resolution Protocol Poison Routing

        Dangers of Password Replay

        Defending against Password Replay

        The Future of Password Replay





advert image