Slide an toàn và hệ thống bảo mật thông tin chapter 2 malicious attacks, threats
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (1.24 MB, 39 trang )
.c
om
cu
u
du
o
ng
th
an
co
ng
Malicious Attacks
CuuDuongThanCong.com
/>
.c
om
Contents
Malicious Attack
2)
Attack Tools
3)
The common types of malicious attacks
4)
Malicious Software
cu
u
du
o
ng
th
an
co
ng
1)
CuuDuongThanCong.com
/>
.c
om
cu
u
du
o
ng
th
an
co
ng
1.Malicious Attack
CuuDuongThanCong.com
/>
.c
om
What Is a Malicious Attack?
An attack on a computer system or network asset succeeds by exploiting a
cu
u
du
o
ng
th
an
co
ng
vulnerability in the system.
CuuDuongThanCong.com
/>
.c
om
What Is a Malicious Attack?
ng
An attack can consist of all or a combination of these four categories:
co
a) Fabrications: involve the creation of some deception in order to trick
cu
u
du
o
ng
th
an
unsuspecting users.
CuuDuongThanCong.com
/>
.c
om
What Is a Malicious Attack?
b) Interceptions: involve eavesdropping on transmissions and redirecting
cu
u
du
o
ng
th
an
co
ng
them for unauthorized use.
CuuDuongThanCong.com
/>
.c
om
What Is a Malicious Attack?
c) Interruptions: An interruption causes a break in a communication
cu
u
du
o
ng
th
an
co
ng
channel, which blocks the transmission of data.
CuuDuongThanCong.com
/>
.c
om
What Is a Malicious Attack?
d) Modifications: A modification is the alteration of data contained in
cu
u
du
o
ng
th
an
co
ng
transmissions or files
CuuDuongThanCong.com
/>
.c
om
cu
u
du
o
ng
th
an
co
ng
2. Attack Tools
CuuDuongThanCong.com
/>
.c
om
Attack Tools
Protocol analyzers
co
ng
Port scanners
an
OS fingerprint scanners
th
Vulnerability scanners
Wardialers
cu
Password crackers
u
du
o
ng
Exploit software
Keystroke loggers
CuuDuongThanCong.com
/>
.c
om
Protocol Analyzers
A protocol analyzer or packet sniffer is a software program that enables
co
ng
a computer to monitor and capture network traffic.
cu
u
du
o
ng
th
an
Every data packet can be seen and captured by the sniffer.
CuuDuongThanCong.com
/>
cu
u
du
o
ng
th
an
co
ng
.c
om
Port Scanners
CuuDuongThanCong.com
/>
.c
om
OS Fingerprint Scanners
An operating system (OS) fingerprint scanner is a software program that
co
ng
allows an attacker to send a variety of packets to an IP host device, hoping
th
an
to determine the target device’s operating system (OS) from the responses
cu
u
du
o
ng
#nmap –O ip_address
CuuDuongThanCong.com
/>
.c
om
Exploit Software
cu
u
du
o
ng
th
an
co
ng
It is a program that can be used to exploit a weakness on the system
CuuDuongThanCong.com
/>
.c
om
Vulnerability Scanners
A vulnerability scanner is a software program that is used to identify and,
co
ng
when possible, verify vulnerabilities on an IP host device
th
an
Nexpose
du
o
u
cu
Kali Linux
ng
Nessus
CuuDuongThanCong.com
/>
.c
om
Password Crackers
It is a software program that performs one of two functions: a brute-force
co
ng
password attack to gain unauthorized access to a system or recovery of
th
an
passwords stored as a cryptographic hash on a computer system.
cu
u
du
o
ng
Kali Linux
CuuDuongThanCong.com
/>
.c
om
Keystroke Loggers
It is a type of surveillance software or hardware that can record to a log
cu
u
du
o
ng
th
an
co
ng
file every keystroke a user makes with a keyboard.
CuuDuongThanCong.com
/>
.c
om
cu
u
du
o
ng
th
an
co
ng
3. The common types of malicious attacks
CuuDuongThanCong.com
/>
.c
om
Password attacks
Brute-Force Password Attack: the attacker tries different passwords on a
co
ng
system until one of them is successful.
th
an
Dictionary Password Attack: a simple password-cracker program takes
ng
all the words from a dictionary file and attempts to log on by entering each
cu
u
du
o
dictionary entry as a password.
CuuDuongThanCong.com
/>
.c
om
IP Address Spoofing
Spoofing is a type of attack in which one person, program, or computer
co
ng
disguises itself as another person, program, or computer to gain access to
th
an
some resource.
ng
IP spoofing
cu
u
du
o
Address resolution protocol (ARP) poisoning
CuuDuongThanCong.com
/>
.c
om
IP Address Spoofing
IP spoofing is the creation of Internet Protocol (IP) packets with a false
co
ng
source IP address, for the purpose of hiding the identity of the sender or
cu
u
du
o
ng
th
an
impersonating another computing system
CuuDuongThanCong.com
/>
cu
u
du
o
ng
th
an
co
ng
.c
om
Address resolution protocol (ARP) poisoning
CuuDuongThanCong.com
/>
.c
om
Hijacking
Hijacking is a type of attack in which the attacker takes control of a
co
ng
session between two machines and masquerades as one of them.
ng
Man-in-the-middle hijacking
th
an
Types of hijacking:
cu
Session hijacking
u
du
o
Browser or URL hijacking
CuuDuongThanCong.com
/>
.c
om
Replay Attacks
Replay attacks involve capturing data packets from a network and
cu
u
du
o
ng
th
an
co
ng
retransmitting them to produce an unauthorized effect.
CuuDuongThanCong.com
/>
.c
om
Man-in-the-Middle Attacks
cu
u
du
o
ng
th
an
co
them on to their intended destination
ng
An attacker intercepts messages between two parties before transferring
CuuDuongThanCong.com
/>
