1
.
Common
security
attacks
and
their
countermeasures
:
Finding
a
way
into
the
network
Firewalls
Exploiting
software
bugs
,
buffer
overflows
Intrusion
Detection
Systems
Denial
of
Service
Ingress
filtering
,
IDS
____________________
hijacking
IPSec
Packet
____________________
Encryption
(
SSH
,
SSL
,
HTTPS
)
Social
problems
Education
2
.
A
____________________
is
like
a
castle
with
a
drawbridge
Only
one
point
of
access
into
the
network
This
can
be
good
or
bad
.
It
can
be
hardware
or
software
3
.
Intrusion
Detection
:
Used
to
monitor
for
?
____________________
activity
?
on
a
network
and
it
can
protect
against
known
software
exploits
,
like
buffer
overflows
.
4
.
Intrusion
detection
:
Uses
?
intrusion
____________________
?
Well
known
patterns
of
behavior
Ping
sweeps
,
port
scanning
,
web
server
indexing
,
OS
fingerprinting
,
DoS
attempts
,
etc
.
5
.
Denial
of
Service
Attack
:
Purpose
:
Make
a
network
service
unusable
,
usually
by
____________________
the
server
or
network
Many
different
kinds
of
DoS
attacks
SYN
flooding
SMURF
Distributed
attacks
Mini
Case
Study
:
Code
-
Red
6
.
TCP
attacks
:
Recall
how
IP
works
?
End
hosts
create
IP
packets
and
routers
process
them
purely
based
on
____________________
address
alone
Problem
:
End
hosts
may
lie
about
other
fields
which
do
not
affect
delivery
7
.
If
an
attacker
learns
the
associated
TCP
state
for
the
connection
,
then
the
connection
can
be
____________________
!