Lesson 11 - Network Security Flashcards
What are 2 types of attacks common in Network security?
- Routing Attacks
- Naming Attacks
Reflection & Phishing
“Reflection”
generating large amounts of traffic at a victim causing a DDOS attack. Extremely common type of attack.
“Phishing”
attempt to trick user into revealing sensitive info
What is wrong with the Internet’s design and why?
- It is fundamentally insecure
- It was designed for simplicity
- “On by default” - reachable by any other host by default
- Hosts are insecure
- Attacks can look like normal traffic - especially in DDOS attacks were no one request is the problem, but rather a large volume can cause potential problems
- Federated design - the internet is not run by one person so it is difficult to coordinate security
What is the problem with packet switch networks?
- They are inherently vulnerable to resource exhaustion attacks
- Particularly prone to DDOS attacks
What are the 4 Components to Security?
- Availability
- Confidentiality
- Authenticity
- Integrity
What is Availability in Internet Security?
Ability to use a resource
What is Confidentiality in Internet Security?
Concealing information from prying eyes successfully
What is Authenticity in Internet Security?
It assures the correct origin of the information
What is Integrity in Internet Security?
Prevents unauthorized changes to packets/etc
In Security, what is considered a Threat?
Any potential violation of Availability, Confidentiality, Authenticity or Integrity
In Security, what is considered an Attack?
Any action that violates either Availability, Confidentiality, Authenticity or Integrity
What is an example of a threat to Confidentiality?
Eavesdropping with Wireshark and TCPdump in promiscuous mode
What is an example of a threat to Authenticity?
- Man-In-The-Middle - If the person can suppress the original packet, modify it and send it out again, essentially impersonating Alice
- ALSO an attack on Integrity
What is an example of a threat to Availability?
DDOS attack
What is DOS attack vs a DDOS attack?
A regular DOS attack comes from just one origin or host. A DISTRIBUTED DOS attack comes from multiple hosts.