Date post: | 30-Dec-2015 |
Category: |
Documents |
Upload: | hugo-gallagher |
View: | 214 times |
Download: | 0 times |
ITIS 1210ITIS 1210Introduction to Web-Based Introduction to Web-Based
Information SystemsInformation Systems
Chapter 45Chapter 45 How Hackers can Cripple the Internet and Attack How Hackers can Cripple the Internet and Attack
Your PCYour PC
IntroductionIntroduction
Hackers attack targets of opportunityHackers attack targets of opportunity IndividualsIndividuals Corporate Web sitesCorporate Web sites ISPsISPs
Why?Why? Might want to shut down a siteMight want to shut down a site RevengeRevenge Prove they canProve they can
Denial of ServiceDenial of Service
DOS attacks attempt to shut down a siteDOS attacks attempt to shut down a site DDOS – Distributed Denial of ServiceDDOS – Distributed Denial of Service
Incapacitates a network by flooding it with Incapacitates a network by flooding it with extraneous trafficextraneous traffic Might be requests for serviceMight be requests for service
Denial of ServiceDenial of Service
Smurf attackSmurf attack Uses ICMP – Internet Control Message Uses ICMP – Internet Control Message
ProtocolProtocol
Fraggle attackFraggle attack Re-write of a Smurf attack using UDP – User Re-write of a Smurf attack using UDP – User
Datagram ProtocolDatagram Protocol
Example uses SubSevenExample uses SubSeven Installed via a virus onto your computerInstalled via a virus onto your computer Opens port 7374Opens port 7374 Hacker can query your computer to see if port Hacker can query your computer to see if port
27374 is open27374 is open If so, they have access as if they were sitting If so, they have access as if they were sitting
at your keyboardat your keyboard
How Hackers Can Attack Your How Hackers Can Attack Your ComputerComputer
Hacker canHacker can Copy or delete files or programsCopy or delete files or programs Examine and use personal data, credit card Examine and use personal data, credit card
information, for exampleinformation, for example Access your passwordsAccess your passwords Upload files to your computerUpload files to your computer
Store illegal files on your computer and direct Store illegal files on your computer and direct others to access them from youothers to access them from you
Use your computer to launch attacksUse your computer to launch attacks
How Hackers Can Attack Your How Hackers Can Attack Your ComputerComputer
How Email Viruses Travel in Your EmailHow Email Viruses Travel in Your Email
Malware authors are often good social Malware authors are often good social engineersengineers They know what kinds of things we will They know what kinds of things we will
respond torespond to CuteCute GreedGreed ““Personal”Personal”
Hidden with the email could be any of a Hidden with the email could be any of a number of types of virusesnumber of types of viruses
How Email Viruses Travel in Your EmailHow Email Viruses Travel in Your Email
Attachment virusAttachment virus Pretends to be something like a photo, sound, Pretends to be something like a photo, sound,
or movie fileor movie file May be able to determine based on file name May be able to determine based on file name
of attachmentof attachment Example: Melissa virusExample: Melissa virus
HTML virus might be active contentHTML virus might be active content Used in processing forms, other interactivityUsed in processing forms, other interactivity
How Email Viruses Travel in Your EmailHow Email Viruses Travel in Your Email
MIME virus MIME virus Mul.ti-Purpose Internet Mail ExtensionMul.ti-Purpose Internet Mail Extension Takes advantage of security vulnerabilities in Takes advantage of security vulnerabilities in
Outlook Express and Internet ExplorerOutlook Express and Internet Explorer Forms in the email header contain more Forms in the email header contain more
content than will fit in buffercontent than will fit in buffer Overflow content spills into another holding Overflow content spills into another holding
area from which the processor talkes its area from which the processor talkes its instructionsinstructions
Virus is then executed as if it were legitimate Virus is then executed as if it were legitimate codecode
How Email Viruses Travel in Your EmailHow Email Viruses Travel in Your Email
Viruses attack in different waysViruses attack in different ways Attachment virus launches when attachment Attachment virus launches when attachment
is run, usually by double-clicking the is run, usually by double-clicking the attachmentattachment
HTML viruses run when the user opens the HTML viruses run when the user opens the message to read itmessage to read it Might run when viewed in the preview windowMight run when viewed in the preview window
MIME viruses can run without the user doing MIME viruses can run without the user doing anythinganything
How Email Viruses Travel in Your EmailHow Email Viruses Travel in Your Email
Typical virus first propagates itselfTypical virus first propagates itself Searches address book, old email, even Searches address book, old email, even
documentsdocuments Identifies names and addressesIdentifies names and addresses Sends duplicates of itself to those addressesSends duplicates of itself to those addresses
This process repeats itself on all those This process repeats itself on all those destination computersdestination computers
How Email Viruses Travel in Your EmailHow Email Viruses Travel in Your Email
Results might be just an irritating message Results might be just an irritating message or something much more seriousor something much more serious Deleted filesDeleted files Slow processingSlow processing
How Zombies and Bot Networks WorkHow Zombies and Bot Networks Work
A A zombiezombie or a or a botbot is a computer that can is a computer that can be controlled by someone remotelybe controlled by someone remotely
A single controller might have a network of A single controller might have a network of thousands of infected computersthousands of infected computers
A typical zombie connects to an IRC A typical zombie connects to an IRC (Internet Relay Chat) channel(Internet Relay Chat) channel Lets controller know it is availableLets controller know it is available
How Zombies and Bot Networks WorkHow Zombies and Bot Networks Work
Controller sends commands telling all Controller sends commands telling all his/her zombies to perform a certain his/her zombies to perform a certain commandcommand Send out a spam or phishing attackSend out a spam or phishing attack
Because attacks are carried out by the Because attacks are carried out by the zombies, the actual attacker is insulatedzombies, the actual attacker is insulated Attacks can’t be traced back to him/herAttacks can’t be traced back to him/her
How Zombies and Bot Networks WorkHow Zombies and Bot Networks Work
After the attacks, the zombies can be After the attacks, the zombies can be placed into hibernation until needed againplaced into hibernation until needed again
Attackers look for computers with constant Attackers look for computers with constant network cnnections (DSL or RoadRunner) network cnnections (DSL or RoadRunner) and fairly high-speed connectionsand fairly high-speed connections
How Hackers Exploit BrowsersHow Hackers Exploit Browsers
Browser attacks take advantage of Browser attacks take advantage of security vulnerabilities in certain security vulnerabilities in certain commonly-used browserscommonly-used browsers Internet ExplorerInternet Explorer FirefoxFirefox
Buffer overflow attackBuffer overflow attack Buffers are areas of memory used to hold Buffers are areas of memory used to hold
datadata
How Hackers Exploit BrowsersHow Hackers Exploit Browsers
Buffer overflow attack (cont.)Buffer overflow attack (cont.) If too much data is placed into the buffer it If too much data is placed into the buffer it
overflows into adjacent areas of memoryoverflows into adjacent areas of memory That data might be malicious code that can That data might be malicious code that can
executed as if it were a normal programexecuted as if it were a normal program
Malicious code can damage computers in Malicious code can damage computers in numerous waysnumerous ways Allows a hacker to gain controlAllows a hacker to gain control
How Hackers Exploit BrowsersHow Hackers Exploit Browsers
Drive-by downloads often occur without Drive-by downloads often occur without the user’s knowledgethe user’s knowledge Might be spyware or a Trojan Might be spyware or a Trojan
Often infects a computer as a result of Often infects a computer as a result of clicking a pop-up generated by a Web site clicking a pop-up generated by a Web site you’re visiting.you’re visiting.
How Hackers Exploit BrowsersHow Hackers Exploit Browsers
ActiveX is often usedActiveX is often used A way to allow software to be downloaded A way to allow software to be downloaded
and run inside the browserand run inside the browser
Can be used to steal information, install Can be used to steal information, install spyware, run Trojans, etc.spyware, run Trojans, etc.