Академический Документы
Профессиональный Документы
Культура Документы
INTERNET SECURITY
TECHNOLOGIES
FORESEC Academy
Two Systems,
Trust Relationship
Reconnaissance is
often the first
phase of an attack
FORESEC Academy
Attacker is going to
Pretend he is B, so B
Must be silenced so it
Cannot signal an alarm SYN Flood Attack to
B renders B unable
To reply to A
FORESEC Academy
Each time A is
stimulated, the
SYN/ACK response
is predictable.
FORESEC Academy
Attacker Pretends to be B
The attacker,
pretending to be B,
uses the predictable
response to open a
connection.
FORESEC Academy
Make A Defenseless
Attacker sends
expected
ACK with fake SRC
IP ADDRESS to
establish a
connection.
FORESEC Academy
What Common
Techniques Could Have
Prevented The Attack?
FORESEC Academy
Patching Systems
Host-based Intrusion
Detection
FORESEC Academy
Network-based Intrusion
Detection
FORESEC Academy
Scanner Warning:
A trust B
A has potential rshell vulnerability
FORESEC Academy
Firewalls