Introduction to Network Security Flashcards
Define vulnerability
weakness in the network or its protocol
Define threat
set of circumstances that has the potential to cause harm
define intrusion
an act or event that compromises the information on a network
define breach
a breakdown of the security of a network
What are the 5 intrusion types? Give an example of each
Interruption - DoS Interception - Eavesdropping Modification - Man in the Middle Fabrication - Malware Invasion - Session Hijacking
What are the levels or phases of intrusion?
Level 0 - no intrusion
Level 1 - Intrusion occurs, no trail
Level 2 - Intrusion occurs, no damage, trail is left
Level 3 - Files are damaged and data is altered
Level 4 - Services are disrupted
Level 5 - Valuable information is stolen espionage and felony
What is an example of an IP address finder
NSLOOKUP/DIG
sends queries to dns about networks and extracts the IP address blocks assigned to a particular network
What is an example web server information gatherer
Netcraft
Web based tool that lists information such as the type and version of web server, geo location, last update
What is an example of an IP address tracer?
traceroute, tracert, visualroute
Tools that use ICMP packets to trace the route to a destination host. The hostname, IP address, and the round trip time to each intermediate node are listed
What is an example of an IP location finder?
iplocation.net
Determines the geo location of an IP address
What is an example of a port scanner ++
nmap, zenmap
Determines what hosts are available on the network what services those hosts are offering, and what OD versions they are running, what type of packet filters/firewalls are in use, etc
What is an example of a port scanner?
Angry IP Scanner
Cross platform, lightweight, and very fast IP and port scanner; Can scan an IP address in any range or any of their ports
What is an example of traffic monitoring?
Wireshark
Captures every frame that passes on its network, allowing analysis of the captured fram
What is an example of traffic monitoring?
TCPDump
Unix based network sniffer/analyzer
What is an example of a wireless network information gatherer (Active sniffer)
Netstumbler
enables wireless network information gathering. displays MAC address of the access point, their names, channel numbers, vendors, whether security is enabled or not, and signal to noise ratio.
What is an example of a wireless network information gatherer (Passive sniffer)
Kismet
Wireless network detector, sniffer, and intrusion detection system. Can even decloak hidden networks that have turned off SSID beaconing KisMAC is the Mac version
What are some tools for vulnerability testing?
NESSUS Nexpose GFLIANguard Network Security Scanner NIKTO Nipper Studio
What are some tools for gaining access?
Brute force
Password crackers
Keyloggers
Address Spoofers
What are some tools and techniques used by hackers for launching attacks?
DoS Man in the Middle Attack Data Modification Replay Attack Injection of Malicious Code
What are some “other” attack tool categories?
Binders and cryters Bots FB hacking tools GMail hacking tools Mail bombers Mobile hacking tools Virus creator Website hacking tools
What is the crux of secure network design?
Protect your network and protect your transaction
List the 7 security goals and what they mean
Confidentiality - no eavesdropping
Integrity - message received = message sent
Authentication - sender validation
Non-repudiation - source must not be able to deny a transaction
Certification - third party certifies this source as good
_____the above can be achieved via cryptography
Access control - who can access what and when
Availability - system resources are always available for legitimate users
These can be achieved by Firewall
