Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Niken D Cahyani
Gandeva Bayu Satrya
Learning Objectives
1. Network Vulnerabilities
a. Weak Passwords
b. Default Accounts
c. Back Doors
d. Privilege Escalation
Objectives
2. Categories of Attacks
DoS Attack
2.2. Spoofing
2.3. Man-in-the-Middle
2.4. Replay
Antiquated protocols
Because of the security vulnerabilities of SNMPv1 and SNMPv2, SNMPv3 was introduced in
1998. SNMPv3 uses usernames and passwords along with encryption to foil an attackers attempt
to view the contents.
DNS attacks
One type of DNS attack is to substitute a fraudulent IP address so that when a user enters a
symbolic name, she is directed to the fraudulent computer site.
ARP poisoning
If the IP address for a device is known but the MAC address is not, the sending computer sends
out an ARP packet to all computers on the network that says, If this is your IP address, send back
to me your MAC address.
TCP/IP hijacking.
In a TCP/IP hijacking attack, the attacker creates fictitious (spoofed) TCP packets to take
advantage of the weaknesses
TCP/IP Hijacking