Seven Deadliest Network Attacks - 1st Edition - ISBN: 9781597495493, 9781597495509

Seven Deadliest Network Attacks

1st Edition

Authors: Stacy Prowell Rob Kraus Mike Borkin
eBook ISBN: 9781597495509
Paperback ISBN: 9781597495493
Imprint: Syngress
Published Date: 15th April 2010
Page Count: 176
Tax/VAT will be calculated at check-out Price includes VAT (GST)
19.95
15.99
26.95
Unavailable
Price includes VAT (GST)
× DRM-Free

Easy - Download and start reading immediately. There’s no activation process to access eBooks; all eBooks are fully searchable, and enabled for copying, pasting, and printing.

Flexible - Read on multiple operating systems and devices. Easily read eBooks on smart phones, computers, or any eBook readers, including Kindle.

Open - Buy once, receive and download all available eBook formats, including PDF, EPUB, and Mobi (for Kindle).

Institutional Access

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.

Description

Seven Deadliest Network Attacks identifies seven classes of network attacks and discusses how the attack works, including tools to accomplish the attack, the risks of the attack, and how to defend against the attack. This book pinpoints the most dangerous hacks and exploits specific to networks, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable.

The book consists of seven chapters that deal with the following attacks: denial of service; war dialing; penetration testing; protocol tunneling; spanning tree attacks; man-in-the-middle; and password replay. These attacks are not mutually exclusive and were chosen because they help illustrate different aspects of network security. The principles on which they rely are unlikely to vanish any time soon, and they allow for the possibility of gaining something of interest to the attacker, from money to high-value data. This book is intended to provide practical, usable information. However, the world of network security is evolving very rapidly, and the attack that works today may (hopefully) not work tomorrow. It is more important, then, to understand the principles on which the attacks and exploits are based in order to properly plan either a network attack or a network defense.

Seven Deadliest Network Attacks will appeal to information security professionals of all levels, network admins, and recreational hackers.

Key Features

  • Knowledge is power, find out about the most dominant attacks currently waging war on computers and networks globally
  • Discover the best ways to defend against these vicious attacks; step-by-step instruction shows you how
  • Institute countermeasures, don’t be caught defenseless again, and learn techniques to make your computer and network impenetrable

Readership

Information security professionals of all levels; network admins; recreational hackers

Table of Contents


About the Authors

Introduction

Chapter 1 Denial of Service

How Denial of Service Works

Distributed Denial of Service

Overview of a Denial of Service Attack

Launching the Attack

Dangers of Denial of Service

Defense against Denial of Service

General Advice

Strategy

Network Configuration

DDoS Appliances

IDS/IPS Systems

Reacting to DDoS Attacks

Over-Provisioning and Adaptive Provisioning

The Future of Denial of Service

Attack

Defense

Summary

Endnotes

Chapter 2 War Dialing

How War Dialing Attacks Work

Gathering Numbers for War Dialing

Sweeping for Live Modems

Modem Reply Types

War Dialing Tools

The Danger of War Dialing

Out-of-Band Support Channels

Unauthorized Employee Access

Vendor Support Modems

The Future of War Dialing

Defenses against War Dialing

Attack Surface Reduction

Modem Hardening

System Hardening

Discovery

Summary

Endnotes

Chapter 3 Penetration “Testing”

How Penetration Testing Software Works

Dangers with Penetration Testing Tools

Nessus Vulnerability Scanning

Metasploit Framework

Hydra Password Attacks

Future of Penetration Testing Tools

Defenses against Penetration Testing Software

Password Complexity, Lockouts, and Logging

Endpoint Protection

Egress Filtering and Proxies

Intrusion Detection and Prevention

Logical Access Controls

Summary

Chapter 4 Protocol Tunneling

How Protocol Tunneling Works

The Great Firewall

Setting Up a Channel with SSH

Corkscrew and SSH over HTTPS

SSH over HTTP

Automation

Dangers of Protocol Tunneling

Defending against Protocol Tunneling

Preventing Protocol Tunneling

Detecting Protocol Tunneling

The Future of Protocol Tunneling

Summary

Chapter 5 Spanning Tree Attacks

Layers of the Internet

Understanding the Spanning Tree Protocol

The Problem of Loops

Solving the Loop Problem with the Spanning Tree Protocol

How Spanning Tree Attacks Work

Capturing BPDU Traffic

Taking over the Root Bridge

Denial of Service

Man in the Middle

Forging BPDU Frames

Discovering the Network

Dangers of Spanning Tree Attacks

Defending against Spanning Tree Attacks

Disable STP

Root Guard and BPDU Guard

The Future of Spanning Tree Attacks

Summary

Endnote

Chapter 6 Man-in-the-Middle

How Man-in-the-Middle Attacks Work

Sniffing Network Traffic

Replay Attacks

Command Injection

Internet Control Message Protocol Redirect

Denial of Service

Dangers with Man-in-the-Middle Attacks

Address Resolution Protocol Cache Poisoning

Secure Sockets Layer Man-in-the-Middle

Domain Name System Spoofing

Future of Man-in-the-Middle Attacks

Defenses against Man-in-the-Middle Attacks

Knowing the Threats

Defense-in-Depth Approach

Public Key Infrastructure

Port Security

Use Encrypted Protocols

Low-Level Detection

Summary

Chapter 7 Password Replay

How Password Replay Works

Simple Password Sniffing

Password Replay

Address Resolution Protocol Poison Routing

Dangers of Password Replay

Defending against Password Replay

The Future of Password Replay

Summary

Endnote

Index






Details

No. of pages:
176
Language:
English
Copyright:
© Syngress 2010
Published:
Imprint:
Syngress
eBook ISBN:
9781597495509
Paperback ISBN:
9781597495493

About the Author

Stacy Prowell

Stacy Prowell is a senior member of the CERT technical staff, and chief scientist of STAR*Lab. He is an expert in the function-theoretic foundations of software, and is currently conducting research and development for function extraction technology. Prowell has managed both commercial and academic software development projects and consulted on design, development, and testing of applications ranging from consumer electronics to medical scanners, from small embedded real-time systems to very large distributed applications.

Prior to joining the SEI in 2005, Prowell was a research professor at the University of Tennessee. To support wider adoption of rigorous methods in industry, he started the Experimentation, Simulation, and Prototyping (ESP) project at the University of Tennessee, which develops software libraries and tools to support application of model-based testing and sequence-based specification. Software developed by this program is in use by over 30 organizations. Prior to working at the university, he served as a consultant in the software industry. His research interests include rigorous software specification methods, automated statistical testing, and function-theoretic analysis of program behavior. Prowell holds a PhD in Computer Science from the University of Tennessee and is a member of the ACM, IEEE, and Sigma Xi.

Affiliations and Expertise

Senior Member of the CERT technical staff and Chief Scientist at STAR* Lab

Rob Kraus

Rob Kraus (CISSP, C|EH, MCSE) is a Senior Security Consultant for Solutionary, Inc. Rob is responsible for organizing customer requirements, on-site project management and client support while ensuring quality and timeliness of Solutionary's products and services.

Rob was previously a Remote Security Services Supervisor with Digital Defense, Inc. He performed offensive-based security assessments consisting of penetration testing, vulnerability assessment, social engineering, wireless and VoIP penetration testing, web application penetration tests and vulnerability research. As a supervisor, Rob was also responsible for leading and managing a team of penetration testers who performed assessment services for Digital Defense's customers.

Rob's background also includes contracting as a security analyst for AT&T during the early stages of the AT&T U-verse service as well as provisioning, optimizing, and testing OC-192 fiber-optic networks while employed with Nortel Networks.

Rob also speaks at information security conferences and universities in an effort to keep the information security community informed of current security trends and attack methodologies.

Affiliations and Expertise

CISSP, C|EH, MCSE; Senior Security Consultant for Solutionary, Inc.

Mike Borkin

Mike Borkin (MCSE, GSEC Gold) is an internationally recognized author and speaker in the area of IT security where he focuses mostly on data protection strategies, Microsoft security, and security architecture/engineering best practices. In addition to contributing articles related to security to magazines and speaking engagements for groups such as SANS and The Open Group in both the US and Europe, Mike is also the Co-Author of Vista Security for Dummies.

Affiliations and Expertise

MCSE, GSEC Gold

Reviews

Attacks may and will change, but the principles, assumptions and practices being used will likely remain the same for quite some time, and the authors did a good job explaining them. And that is the real value of this book--Zeljka Zorz, Help Net Security

"[Knapp] provides a quite readable introduction to industrial networks and how familiar security principles can be translated to apply in this complex area…. Whether you are charged with defending an industrial network or curious about all the "buzz" over SCADA security, Knapp's book will provide a solid introduction to this fascinating area. Definitely a recommended read."--IEEE Security.org