3 hours 20 minutes
Hello, everyone. My name is Peter Simple. Um, and this is the network security course.
This is going to be module for lesson three. The prerequisites for this course are modules 12 and three and the 1st 2 lessons of module four. So if you haven't seen any of these yet if you skipped Reynold. But I encourage you to pause this video and go back and check out the ones. You didn't see it
in this video. We're going to take a look at some common attack vectors on the network and some Web filtering techniques for mitigation.
So let's talk about some common attack factors here. One of the most common and most popular and the most successful are phishing and spoofing efficient spoofing. They are extremely similar. So I'm putting them together. Even there are some small differences, but basically,
this is the process of pretending to be someone or something. You are not through false information.
What the whole job of phishing and spoofing is to trick you into think you are doing something for the good, or they think you're going to a Spencer a certain spot when in reality you are not. It's not really ah threat per se, but it's a tool used to make threats.
An example of this is a picture on the right.
So this website looks very similar
to the customer portal for Amazon. But as you can see from the u. R. L, there are two ends. This in fact, is a spoofing website. So
when people either click on a link to get redirected here, they think this is the Amazon website. So they enter in their credentials
and then it redirects them to the actual Amazon website with the message that says credentials and valid. Please try to walk and again.
So they log in again and then they're in Amazon and they think that nothing had ever happened when a reality, this is what happened.
Ah, subset of spoofing is DNs cache poisoning where you can
reroute people based on former DNs request that have been made. So they go to websites such as this
denial of service, also known as DOS. This is is an attack which seeks to make a machine or a network resource unavailable.
So basically, in a dos attack, it's when a machine like an evil machine makes a request to the server. Obviously the server can process it. But if there is enough requests that are made to server, the server can't always handle all of them. And so it basically just
shuts down because the server doesn't know what else to do.
Ah, form of this is known as Adidas Attack, which is a distributed denial of service. Same thing is a DOS attack, but the only difference being there are multiple machines being used against the server instead of one.
These multiple sheens are also known as a botnet because they're all under the control of one person
who is known as a bought master. On a subset of this is a D authentication attack.
This attack applies mainly to WiFi networks, but it's where this attack kicks everyone off the WiFi and makes the WiFi access point unavailable for them to get back on
man in the middle attack. This is an attack where a person gets in between a normal network conversation and intercepts the traffic
so we can see at the top. We could see the original connection between the user and the Web application, and they're going back and forth
Now the man in the middle has hijacked the conversation and now has rerouted all the traffic through him.
So the traffic from the user to the Web application still gets to the Web application on the information that the Web application sends still gets back to the user. The only difference being
that it goes through the man in the middle who can read all of the information.
Brute force. This a technique where every possible combination
is applied. So if you're trying to break into some type of number, lock
gets a pass code, you try every single possible combination. Doesn't this attack? Does not take any real intelligence, but it's still a very dangerous attack simply because computers were really powerful. They can try millions upon billions of attempts every second.
So that's why it's very important to have very strong passwords.
Delicious insiders. This is a form of physical threats, thes air current or former employees who gained unauthorized access to a network.
These are the old, proverbial wolves in sheep's clothing. These the people who are slightly disgruntled, who might have some sort of beef or anger towards the organization or at their job or something like that, and so they want to cause harm to the network from the inside out.
This is one of the most toughest network attacks to determine
simply because you normally know who the malicious insiders are without knowing that they are, in fact, malicious insiders.
So it's still got some Web filtering techniques for mitigating some of these attacks. Three main areas aren't firewalls, Diem's is, and access control was
firewalls, as you can see, filter Web traffic because everything goes through them from everything. All traffic information from the Internet coming in and information from the land going out
have to pass through the far wall. And they are then that Web traffic is then inspected to make sure it is secure and make sure it is safe. There's also the D M Z, which is a concept which filters information coming into the land.
So if you need to make a special request or get some, resource is,
you can get them from the D M Z and not necessarily actual land itself. If you only need access to some of the resource is
and then finally, there's access control. US. Access control lists will usually sit inside firewalls and determine what kind of traffic is through and what does not get through
on example of an access control list is the picture down below. And there are. This is really where the rules are applied so you can see
actions include, allow and deny. Depending on where the information is coming from, where is it going and what ports It's coming in and out off.
In this video, we discussed common attack vectors and Web filtering technologies.
This attack methods, swarms, network machines and resource is by sending so many requests that it becomes unavailable.
Is it a d das
Be brute force, See spoofing or d man in the middle?
If you said a Adidas than you are correct, remember, did a stands for distributed denial of service that means many computers or many machines all send requests to a server or network machine or resource at the same time. And there are so many requests that
the target machine does not know what to do, so it simply shuts down. It becomes unavailable.
Thanks for watching guys. I hope you learned a lot in this video, and I'll see you next time