CIS 450 Network Security - PowerPoint PPT Presentation

About This Presentation
Title:

CIS 450 Network Security

Description:

Nmap - http://www.insecure.org/nmap/ War Dialers programs for finding modems on a network ... Nmap. Figure Out Which Services Are Running on Each Port ... – PowerPoint PPT presentation

Number of Views:59
Avg rating:3.0/5.0
Slides: 13
Provided by: jbpackma
Category:
Tags: cis | network | nmap | security

less

Transcript and Presenter's Notes

Title: CIS 450 Network Security


1
CIS 450 Network Security
  • Chapter 3 Information Gathering

2
  • Attacker has to understand the environment he is
    going after

3
Steps for Gathering Information
  • Find Out Initial Information
  • Attacker has to have some initial information
    such as an IP address or domain name
  • Open Source Information company web
    site/related web sites
  • Whois - http//www.networksolutions.com/en_US/whoi
    s/index.jhtml
  • Nslookup - http//www.kloth.net/services/nslookup.
    php

4
Find Out Address Range (or Subnet Mask) of Network
  • Attacker wants to know is to make sure attack is
    concentrated on one, not several networks
  • A larger address space might mean a larger
    company with better security
  • ARIN (American Registry for Internet Numbers) -
    http//www.arin.net/
  • Traceroute modifies the Time to Live (TTL)
    field to determine the path a packet takes
    through the network - http//www.opus1.com/www/tr
    aceroute.html

5
Find Active Machines
  • Ping finds active machines on a network -
    http//www.fifi.org/services/ping
  • Ping War scan more than one machine at a time -
    http//www.digilextechnologies.com/index.html

6
Find Open Ports or Access Points
  • Port Scanners runs through a series of ports to
    see which ones are open.
  • TCP Connect Scan tries to connect to each port
    on machine
  • TCP SYN scan stealthier than a connect scan
  • FIN scan Most systems do not log these packets
  • ACK scan gets around the firewall to scan an
    internal host
  • Nmap - http//www.insecure.org/nmap/
  • War Dialers programs for finding modems on a
    network
  • THC-Scan - http//www.securityfocus.com/tools/47

7
Figure Out the Operating System
  • Done by sending remote host unusual packets or
    packets that do not make sense
  • Each OS handles these packets differently
  • Queso
  • Nmap

8
Figure Out Which Services Are Running on Each Port
  • Knowing what specific service is running enables
    the attacker to look up exploits and launch known
    vulnerabilities against the service
  • Default Port and OS Based on common
    configuration and software attacker can make a
    best guess of what services are running on each
    port
  • Telnet
  • Vulnerability scanners programs that can be run
    against a site that give a hacker a list of
    vulnerabilities on the target host

9
Map Out the Network
  • Attacker maps out the network to figure out the
    best way to break in
  • Traceroute determines the path from source to
    destination
  • Visual Ping
  • Cheops - http//www.marko.net/cheops/

10
Protection
  • Whois
  • Use a position title with a general number rather
    than a specific person
  • List your phone number but make up a fictitious
    name and email
  • Run your own DNS server with split DNS
  • Nslookup
  • Minimize the records that appear in your DNS
    records
  • Any IP address listed should be statically mapped
    through a firewall with only a specific port
    allowed through (e.g. mail server should be
    behind firewall with a non-routable address)

11
Protection
  • ARIN Web Search
  • Only use addresses that ARIN can trace for
    external devices such as routers and firewalls.
    All other devices should use a private address
    and should be behind a firewall
  • Traceroute
  • Use private addresses inside your firewall
  • Ping
  • Use private addresses inside your firewall

12
Protection
  • Map the Network
  • PortScan and Fingerprinting
  • Have a firewall that properly blocks traffic and
    only allows traffic on specific ports to specific
    machines
Write a Comment
User Comments (0)
About PowerShow.com