Dustin Riedemann
Kaplan University
IT286: Introduction to Network Security
Prof: Denver Lee Martin
August 12, 2013
Technology is an ever evolving industry and so is hacking, and people are always trying to find new ways to gain access to places that they are not suppose to be. There are different types of attacks that are categorized as access attacks, denial of service (DoS) attacks, and modification and repudiation attacks. There may be attacks that are also within these types of attacks. First, an access attack is someone who should not be able to wants to access your resources. There are also 4 different types of access attacks: 1. Password attack 2. Trust Exploitation 3. Port Redirection 4. Man-in-the middle attack
A person that has certain software installed so they can try to get company information that will allow them to access the network carries out these types of attacks. A network attacker will have software like a packet sniffer to try and find the passwords that they need to gain access to the account. This can be known as a brute force attack. (Cisco, 2013) Trust exploitation is where a hacker will take advantage of a trust relationship that they may have within the network. They will use this trusted relationship to be able to get access information to be able to log on to the network from an outside source. Port redirection is essentially the process of intercepting traffic bound for a certain IP/port combination and redirecting to a different IP and/or port. (WhatsMyIPAddress, 2013) This redirection may be accomplished by an application running on the destination host, or it may be performed by intermediate hardware, like a router, proxy server or firewall. Man-in-the-middle attack intercepts a communication between two systems. This is where the attacker will connect itself to both the victim and web server and then will be able to see everything that is being transferred between the two. (OWASP, 2009) The best ways to prevent or slow down these types of attacks is to have firewalls setup that will be able to block any outside workstations from being able to gain access to the network. You can also have IPS set up within the network to be on the lookout for any harmful activity. Next, a denial of service (DoS) attack is a malicious attempt to make a server or a network resource unavailable to users, usually by temporarily interrupting or suspending the services of a host connected to the Internet. To carry out this type of attack, the attacker simply needs a malware program that they can input the information and the program will then flood the organization so they are no longer able to carry out their desired operations. Rapid identification and response can prevent DoS attacks. (Incapsula, 2013) The first challenge for any DoS protection scheme is to quickly and effectively identify incoming traffic as malicious. Once the flood of traffic is identified as a DoS attack, rather than – for example – a spike in legitimate site traffic, an effective response will generally involve setting up a scalable infrastructure to absorb the attack, until the source is identified and blocked. Lastly, a modification and repudiation attack is when someone wants to modify information in your systems and/or your network. This type of attack usually starts out as an access attack and the attacker changes data within your network that can be potentially harmful to your organization. This is done by gaining access logging onto your network and changing certain data that they are looking for. A simple way to prevent this type of attack is by denying write access on the data files. This will disable the attacker from being able to change any data files once they are saved within the system. Security topologies cover four areas of concern design goals, security zones, technologies, and business requirements. The design goals of a security topology must deal with issues of