The Attacker’s Arsenal

Posted on August 9, 2009. Filed under: CCNA, ICND1 break down | Tags: , , , |


Instead of writing a whole book for this topic, I’m gonna to place two videos here.

Video one, “Hacking Methodologies”

This video is a thorough explanation of hacking methods that required for increasingly popular Certified Ethical Hacker (CEH) exam.

Video two, “Viruses, trojans, worms, phishing, spyware, spam”
This video contains a fairly complete list of computer malware.

There are many factors which can pose threats to the network security.

  • Hardware threats invove threats of physical damage to the router or switch hardware. For example, an unauthorized personnel entered the room where the network equipments locate then set a fire. Mission-critical Cisco network equipment should be locked in wiring closets or computer rooms with secured access point which only allow authorized personnel to access. It is recommanded to log all entry attempts via electronic access control system and monitor the activity via security cameras with automatic recording.
  • Enviromental threats involve threats caused by physical enviroment, such as temperature extremes or homidity extremes. For example, the room gets too hot or too wet. To prevent eviromental threats, the room should be monitored via dependable temperature and humidity control systems. The electrostatic and magnetic interference sources should be removed in the room. It is recommanded to monitor and alarm the enviromental parameters of the room remotely.
  • Electrical threats include voltage spikes, insufficient supply voltage, noise in the power supply and total power loss. Electrical threats can be avoid by installing uninterruptible power supply (UPS) systems, backup generator systems, redundant power supplies and regularly testing the power systems.
  • Maintenance threats include poor handling of key electronic components, electrostatic discharge (ESD), lack of critical spares, poor cabling, poor labeling, and so on. To prevent maintenance threats, you should clearly label all equipment cabling and secure the cabling to equipment racks. Use cable runs, raceways, or both to traverse rack-to-ceiling or rack-to-rack connections. Always follow ESD procedures when replacing or working with internal router and switch device components. Maintain a stock of critical spares for emergency use. Do not leave a console connected to and logged into any console port. Always log off administrative interfaces when leaving a station.
  • In a man-in-the-middle attack, an intruder intercepts the traffic being transmitted and then rewrites the information in the packets and re-transmits modified packets to the sender. Man-in-the-middle attacks are often implemented using tools like packet sniffers, and routing and transport protocols. This attack is commonly used for the following:
    * Information theft
    * Session hijacking to gain access to the internal network
    * Information about the network and users
    * Corruption of transmitted data
    * Introduction of new network session information
  • In an access attack, an intruder tries to gain access to a network device or an application.
  • In a reconnaissance attack, the intruder tries to gather information about the network to determine how the targeted system or the network is organized. The intruder also tries to search and map the vulnerabilities on the network. This type of attack is normally followed by an attack on the open vulnerability found by the intruder.
  • In a DoS attack, an intruder attacks the computer system in such a way that legitimate users are denied access to the network, system, or services.
  • In a password attack, the intruder attempts to identify a user account, password, or both. They get the purpose with brute-force, Trojan horse programs, IP spoofing, or packet sniffers. To prevent password attack, you should not use the same password on multiple system; your passwords should be strong, that is, at least eight characters long with uppercase letters, lowercase letters, numbers and special characters; the system should disable accounts after many unsuccessful logins; the system should not store passwords as plaintext, it should encrypt passwords.

CCENT will ask you to Explain general methods to mitigate common security threats to network devices, hosts, and applications.

CCENT will ask you to Describe security recommended practices including initial steps to secure network devices.

Good luck for your CCENT and CCNA exam.

ICND1 and ICND2 break down

Advertisements

Make a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

3 Responses to “The Attacker’s Arsenal”

RSS Feed for IT Certifications Comments RSS Feed

[…] The need for network security * Classes of Hacker Attacks * Firewalls and Proxy Servers * The Attacker’s Arsenal * Intro to PIX, ASA, IDS, and IPS * Viruses, Worms, and Trojan Horses * Preventing Virus […]


Where's The Comment Form?

Liked it here?
Why not try sites on the blogroll...

%d bloggers like this: