networking 关于网络安全的presentation

The result of a scan on a port is usually generalized into one of three categories: 1. Open or Accepted: 2. Closed or Denied or Not Listening: 3. Filtered, Dropped or Blocked: Open ports present two vulnerabilities of which administrators must be wary: 1. Security and stability concerns associated with the program responsible for delivering the service - Open ports. 2. Security and stability concerns associated with the operating system that is running on the host - Open or Closed ports. Filtered ports do not tend to present vulnerabilities.
•
Types of Attacks
Networks are subject to attacks from malicious sources. "Passive" when a network intruder intercepts data traveling through the network "Active" in which an intruder initiates commands to disrupt the networks normal operation
One common method of attack involves saturating the target machine with external communications requests.
When the DoS Attacker sends many packets of information and requests to a single network adapter, each computer in the network would experience effects from the DoS attack.
A DoS attack may of malware intended to:
include
execution
1. Max out the processor's usage
2. Trigger eFra Baidu bibliotekrors in the microcode of the
machine.
3. Trigger errors in the sequencing of
ARP spoofing may allow an attacker to intercept data frames on a LAN, modify the traffic, or stop the traffic altogether.
The attack can only be used on networks that make use of the Address Resolution Protocol (ARP), and is limited to local network segments.
A DoS attack can be perpetrated in a number of ways. The five basic types of attack are : 1.Consumption of computational resources 2.Disruption of configuration information 3.Disruption of state information 4.Disruption of physical network components. 5.Obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.
ARP is a stateless protocol. The attacker could then choose to: 1. Inspect the packets, and forward the traffic to the actual default gateway (interception) 2. Modify the data before forwarding it (man-in-the-middle attack). 3. Launch a denial-of-service attack by causing some or all of the packets on the network to be dropped
•The Address Resolution Protocol (ARP) is a widely used protocol for resolving network layer addresses into link layer addresses.
When an Internet Protocol (IP) datagram is sent from one host to another on a local area network, the destination IP address must be converted into a MAC address for transmission via the data link layer.
Anatomy of an ARP spoofing attack
•The basic principle behind ARP spoofing is to exploit the above mentioned vulnerabilities in the ARP protocol by sending spoofed, ARP messages onto the LAN.
instructions
4. Exploit errors in the operating system
5. Crash the operating system itself.
ARP spoofing
ARP spoofing is a computer hacking technique whereby an attacker sends fake Address Resolution Protocol (ARP) messages onto a Local Area Network.
Network attacking
•Network security
•
consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. involves the authorization of access to data in a network, which is controlled by the network administrator.
When another host's IP address is known, and its MAC address is needed, a broadcast packet is sent out on the local network. This packet is known as an ARP request
port scanner
A port scanner is a software application designed to probe a server or host for open ports. A port scan or portscan is "An attack that sends client requests to a range of server port addresses on a host, with the goal of finding an active port and exploiting a known vulnerability of that service." To portsweep is to scan multiple hosts for a specific listening port. The design and operation of the Internet is based on the Internet Protocol Suite, commonly also called TCP/IP.
Thank you !
Denial-of-service attack
In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users.