ITIS 1210 Introduction to Web-Based Information Systems

1
ITIS 1210Introduction to Web-Based Information
Systems

• Chapter 45
• How Hackers can Cripple the Internet and Attack
  Your PC

2
Introduction

• Hackers attack targets of opportunity
• Individuals
• Corporate Web sites
• ISPs
• Why?
• Might want to shut down a site
• Revenge
• Prove they can

3
Denial of Service

• DOS attacks attempt to shut down a site
• DDOS Distributed Denial of Service
• Incapacitates a network by flooding it with
  extraneous traffic
• Might be requests for service

4
Denial of Service

• Smurf attack
• Uses ICMP Internet Control Message Protocol
• Fraggle attack
• Re-write of a Smurf attack using UDP User
  Datagram Protocol

5
How Hackers Can Attack Your Computer

• Example uses SubSeven
• Installed via a virus onto your computer
• Opens port 7374
• Hacker can query your computer to see if port
  27374 is open
• If so, they have access as if they were sitting
  at your keyboard

6
How Hackers Can Attack Your Computer

• Hacker can
• Copy or delete files or programs
• Examine and use personal data, credit card
  information, for example
• Access your passwords
• Upload files to your computer
• Store illegal files on your computer and direct
  others to access them from you
• Use your computer to launch attacks

7
How Email Viruses Travel in Your Email

• Malware authors are often good social engineers
• They know what kinds of things we will respond to
• Cute
• Greed
• Personal
• Hidden with the email could be any of a number of
  types of viruses

8
How Email Viruses Travel in Your Email

• Attachment virus
• Pretends to be something like a photo, sound, or
  movie file
• May be able to determine based on file name of
  attachment
• Example Melissa virus
• HTML virus might be active content
• Used in processing forms, other interactivity

9
How Email Viruses Travel in Your Email

• MIME virus
• Mul.ti-Purpose Internet Mail Extension
• Takes advantage of security vulnerabilities in
  Outlook Express and Internet Explorer
• Forms in the email header contain more content
  than will fit in buffer
• Overflow content spills into another holding area
  from which the processor talkes its instructions
• Virus is then executed as if it were legitimate
  code

10
How Email Viruses Travel in Your Email

• Viruses attack in different ways
• Attachment virus launches when attachment is run,
  usually by double-clicking the attachment
• HTML viruses run when the user opens the message
  to read it
• Might run when viewed in the preview window
• MIME viruses can run without the user doing
  anything

11
How Email Viruses Travel in Your Email

• Typical virus first propagates itself
• Searches address book, old email, even documents
• Identifies names and addresses
• Sends duplicates of itself to those addresses
• This process repeats itself on all those
  destination computers

12
How Email Viruses Travel in Your Email

• Results might be just an irritating message or
  something much more serious
• Deleted files
• Slow processing

13
How Zombies and Bot Networks Work

• A zombie or a bot is a computer that can be
  controlled by someone remotely
• A single controller might have a network of
  thousands of infected computers
• A typical zombie connects to an IRC (Internet
  Relay Chat) channel
• Lets controller know it is available

14
How Zombies and Bot Networks Work

• Controller sends commands telling all his/her
  zombies to perform a certain command
• Send out a spam or phishing attack
• Because attacks are carried out by the zombies,
  the actual attacker is insulated
• Attacks cant be traced back to him/her

15
How Zombies and Bot Networks Work

• After the attacks, the zombies can be placed into
  hibernation until needed again
• Attackers look for computers with constant
  network cnnections (DSL or RoadRunner) and fairly
  high-speed connections

16
How Hackers Exploit Browsers

• Browser attacks take advantage of security
  vulnerabilities in certain commonly-used browsers
• Internet Explorer
• Firefox
• Buffer overflow attack
• Buffers are areas of memory used to hold data

17
How Hackers Exploit Browsers

• Buffer overflow attack (cont.)
• If too much data is placed into the buffer it
  overflows into adjacent areas of memory
• That data might be malicious code that can
  executed as if it were a normal program
• Malicious code can damage computers in numerous
  ways
• Allows a hacker to gain control

18
How Hackers Exploit Browsers

• Drive-by downloads often occur without the users
  knowledge
• Might be spyware or a Trojan
• Often infects a computer as a result of clicking
  a pop-up generated by a Web site youre visiting.

19
How Hackers Exploit Browsers

• ActiveX is often used
• A way to allow software to be downloaded and run
  inside the browser
• Can be used to steal information, install
  spyware, run Trojans, etc.