Computer Network Case Study - bajju.pptx
- 1. Case Study on COMPUTER NETWORKS SHIVAM BAJAJ
- 2. When You have Network , You have given Access of your Social Life to that Network .
- 3. Top Network Attacks • Ransomware - Attackers manages to get a malicious file onto your servers with the use form of phishing . Using phishing keystroke logging files also managed . • IOT - It is a growing field . no. of devices are increasing and attack on that can cause chaos on enormous scale due to unsecured digital devices or old protocols used . • Social Engineering - It implies deceiving someone with purpose of acquire sensitive information , like passwords , credit cards . Clone Phishing is used in this • MIM Attacks - Session Hijacking . Spoofing .
- 4. • DOS - Denial of service attack , it is malicious attempt to make a server or network resource unavailable to users , usually by suspending the services of hosts . • DDOS - Distributed Denial of Service Attack • SQL Injection - It is an SQL code injection technique , used to attack data driven app , in which malicious queries are inserted into entry field for execution .
- 5. Typical Web Application Set Up
- 6. • SSL(Secure Sockets Layer ) is protocol for establishing encrypted links b/w server and browser . • It is the predecessor to TLS . • When server return pages with https links , attacker changes them to http and when browser uses links , MITM intercepts and creates its own https con with server • Result MITM sees all the packets in that network . • Using nectar and OpenSSL , 2 line proxy can be created . • listen on 80 port on host and redirect requests to port 443. SSL Stripping
- 7. • URL Misinterpretation - Web servers fails to parse the URL properly . eg - Unicode/ Superflous decode attack . • Directory Browsing - ability to retrieve complete directory listing within directories on web server . usually happens when default document is missing . • Reverse proxy server - proxy that typically sits behind the firewall in private network and direct client to backend server and provides an additional level of abstraction . eg Compaq Insight manager . • Java Decompilation - Java Byte code can be decompiled quite effectively and disclose sensitive info like password.
- 8. • Source Code Disclosure - Ability to retrieve app files in unparsed manner and can recover code . the code then can be used to find further loopholes/trophies. • Input Validation - Root cause of most web attacks . Tampering with hidden fields , Bypassing client side checking eg javascript . • Butter Overflows - flaw that occurs when more data is written to buffer , can cause DOS . Application Input Fields eg - ColdFusion Dos . • Fragrouter - network intrusion detection evasion toolkit . It implements Insertion , Evasion and DOS attack .
- 9. Vulnerabilities in Layers of OSI Model .
- 10. • Physical Layer - Physical destruction , obstruction , manipulation or malfunction of physical assets . • Data Link layer - Mac flooding attack inmates switch with data packets . • Network Layer - ICMP flooding , attacker uses ICMP messages to overload targeted network’s bandwidth . • Transport Layer - SYN Flood , Smurf attack . • Session Layer - attacker exploits a flaw in server software running on switch,rendering telnet services unavailable . • Presentation Layer - SSL stripping & Malformed SSL requests , to tunnel HTTP attacks to the target server . • Application Layer - DDos attack .Get requests , HTTP GET HTTP Post , = website forms .