Security Threats Best CCIE Training Institute in Gurgaon

Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192

It is important to be aware of the different types of attacks that can impact system security. Security threats can be classified into three broad categories:

• Reconnaissance— The goal of reconnaissance is to gather as much information as possible about the target host and/or network. Generally this type of information-gathering is done before an attack is carried out.
• Gaining unauthorized access— This is the act of attacking or exploiting the target system or host. Operating systems, services, and physical access to the target host have known system vulnerabilities that the attacker can take advantage of and use to increase his or her privileges. Social engineering is another technique for obtaining confidential information from employees by manipulation. As a result of the attacker exploiting the host, confidential information can be read, changed, or deleted from the system.
• Denial of service (DoS)— DoS attacks aim to overwhelm resources such as memory, CPU, and bandwidth, thus impacting the target system and denying legitimate users access. Distributed DoS attacks involve multiple sources working together to deliver the attack.

Reconnaissance and Port Scanning

Reconnaissance network tools are used to gather information from the hosts attached to the network. They have many capabilities, including identifying the active hosts and what services the hosts are running. In addition, these tools can find trust relationships, determine OS platforms, and identify user and file permissions.

Some of the techniques that these scanning tools use are TCP connects, TCP SYNs, ACK sweeps, ICMP sweeps, SYN sweeps, and null scans. Here are some of the popular port-scanning tools and their uses:

• NMAP (Network Mapper) is designed to scan large networks or even a single host. It is an open-source utility used for network exploration and/or security audits.
• Superscan provides high-speed scanning, host detection, Windows host enumeration, and banner grabbing. Superscan is made for Windows clients.
• NetStumbler identifies wireless networks using 802.11a/b/g WLAN standards with or without SSID being broadcast. It runs on Windows platforms, including Windows Mobile.
• Kismet is an 802.11 wireless sniffer and IDS application that can collect traffic from 802.11a/b/g networks. It collects packets and detects wireless networks—even some that are hidden.

Vulnerability Scanners

Vulnerability scanners determine what potential exposures are present in the network. Passive scanning tools are used to analyze the traffic flowing on the network. Active testing injects sample traffic onto the network. General vulnerability information is published at the following links:

• CERT CC— http://www.cert.org
• MITRE— http://www.cve.mitre.org
• Microsoft— http://www.microsoft.com/technet/security/bulletin/summary.mspx
• Cisco Security Notices— http://www.cisco.com/en/US/products/products_security_advisories_listing.html

Here are some tools used for vulnerability scanning:

• Nessus is designed to automate the testing and discovery of known vulnerabilities. Nessus is an open-source tool that requires Linux/UNIX or Windows to run.
• SAINT (Security Administrator's Integrated Network Tool) is a vulnerability assessment application that runs on UNIX hosts.
• MBSA (Microsoft Baseline Security Analyzer) is used to scan systems and identify if patches are missing for Windows products such as operating systems, IIS, SQL, Exchange Server, Internet Explorer, Media Player, and Microsoft Office applications. MBSA also alerts you if it finds any known security vulnerabilities such as weak or missing passwords and other common security issues.

Unauthorized Access

Another threat that you need to be concerned with is attackers gaining access. Hackers use several techniques to gain system access. One approach is when unauthorized people use usernames and passwords to escalate the account's privilege levels. Furthermore, some system user accounts have default administrative username and password pairings that are common knowledge, which makes them very insecure. Trust relationships between systems and applications are another way unauthorized access takes place.

Unauthorized access is also obtained through the use of social engineering—the practice of acquiring confidential information by manipulating legitimate users. Actually, most confidential information such as badges, usernames, and passwords can be uncovered just by walking around an organization. The psychology method is another way of getting confidential information. For example, someone pretending to be from the IT department calls a user and asks for her account information to maintain or correct an account discrepancy.

In addition to these approaches, hackers can obtain account information by using password-cracking utilities or by capturing network traffic.