Time
1 hour 51 minutes
Difficulty
Beginner
CEU/CPE
3

Video Description

Various types of Attacks In this lesson we explore Various Types of Attacks. The first attack we examine in this this lesson is the Man and the Middle Attack and demonstrates how this attack work both client and how the website thinks the attack is really a valid user. We also discuss Denial & Distributed Denial of Service attacks, and how they differ, Spoofing, Spam and other types of malicious Attacks. [toggle_content title="Transcript"] Welcome again, I'm John Oyeleke, subject matter expert for the secured close Exam, Security plus as S-Y-0-4-0-1 today we will be talking about various types of attacks. The first attack we look at is the man in the middle attack. This is called a man in the middle attack, usually represented on the exam will be like that. In this type of malicious person seeks to place a suspicious server between you or the system between you and the server you intend to visit online. We have… if we have your P.C. over here and we have the Web site over here. This is your P.C. The malicious person seeks to place their server in between or the system in between. The idea behind this is that all communications between you and the Web site tend to go to the Man in the middle. So this person has the opportunity to eavesdrop on your communications. You send your credentials to look into get on the web site your credentials are copied; probably a session key is coming from the Web site to you. That could also be copied. The man in the middle could then replay your credentials to the Web site. This way they have access to the Web site and the Web site believes it's you effectively the man in the middle is impersonating you to gain access to the Web site. Next on our syllabus is what is called a denial of service attack. In a denial of service attack, malicious persons exhausted available resources. The idea is to exhaust available resources such that this resource is unavailable for legitimate users. This is an attack against availability as discussed in the CIA where "A" is the availability of resources. In a denial of service attack the resources available for users this could be broadband access to the Internet, This could be network access to a resource. Those resources are exhausted in such a way that when a legitimate user seeks to use these resources they either get an error message or the resource not available. Another formal denial of service is something called the Distributed Denial of Service. Distributed denial of service in this type of attack, the malicious person will distribute the attack over multiple computers hundreds or thousands of computers across the Internet. We will have the attacker's computer on the Internet. The attacker will seek out numerous computers, these computers are not secure, the attacker would plant some software in them which we call a boot and at specific intervals the attacker starts to send out a signal to these machines. At the end of all of this we have the victim. This computer will receive a signal they also know because of the boot within them, they also start to send messages. Everyone is sending. Overall the attack is distributed across these Computers to overwhelmed victim. The victim is too busy a process or attempting to process all these messages and becomes unavailable to legitimate uses. The magnitude of the attack is in the distribution over multiple computers. These Computers do not know they are taking part in an attack. So we refer to them as zombies. The robots in there as well, the boot software installed by the attacker simply continues to allow these machines to send and not receive. Send messages. We also call these botnet. Malicious persons seek to use this strategy; One, to have a very strong impact on the victim and also to hide their track because this computer could be in numerous places across the world, on the Internet makes it difficult to back track where the source of the attack is coming from. That is a distributed denial of service. We have another type of attack which we call spoofing. This is a form of electronic impersonation. A malicious person on a network could spoof an IP address or a MAC address. You could spoof the IP say your computer or computer A has IP Address 192.168.10.150 and computer B has 192.168.10.75 for example. Computer A has access to the Internet. Computer B has no access to the Internet. They user of computer B. could spoof the IP address of computer A such that their computer now has access to the Internet. Essentially spoofing is miscoding to be another person. So this computer B could miscode to be a computer A to gain access to a resource or send a message out pretending to be a computer A. This could be used in numerous types of attacks one of which is called a smart attack. In the small attack computer A will spoof the IP address of computer B and flawed in a broadcast network with a pin .So say we have a request going out of pin going out to the device here. Computer A will spoof the IP address of computer B so the message leaving would appear to come from 192.168.10.75. This pin is also sent out to all the machines on the broadcast network, think by the time they all reply all replies go to computer B. The overwhelming computer B possibly causing it to crash, freeze or become unavailable. Another type of attach is something we call spam. Spam is also resent emails. They push adverts, advertisements to you the Internet; this has some potential to overlook maybe your server space so your space is consumed. You run out of space. You also have to waste time looking through emails to see what emails are legitimate and what emails is waste of your time. Effectively you waste space to your servers, you waste time and time is money. This is also spam. Now sometimes some malicious persons will attempt to do spam over social network. And in this social network they will use Instant Messenger. On social networks they would use Instant Messenger. Which we say IM instant messenger. If you have a spam over social network or spam over instant messengers so that is spam plus instant messenger we have a spin. You are getting spam over social networks. That is what we call spin. [/toggle_content]

Video Transcription

00:04
Welcome again. I'm generally lake a subject matter expert for the security plus exam Come Thio Security Plus s Y +0401
00:13
Today we will be talking about various types of attacks. The first attack we look at is what is the man in the middle attack? This is called a man in the middle Attack usually represented on the exam will be like that In this type of attack Malicious person seeks to place
00:31
If you teach your server between you or a system between you
00:35
on the server You intend to visit online
00:38
So we have
00:41
If we have your PC over here on DDE
00:44
we have the website over here. This is your pc the militias person six to place their server in between or their system in between. The idea behind this is that all communications between you on DDE
00:58
the website tend to go true. The man in the middle So this person has the opportunity to
01:03
eavesdrop on your communications. You send your credentials to authenticate on the website.
01:11
Your credentials are copied
01:12
Probably a session key is coming from the web site to you that could also be copied. The money in the middle couldn't replay your credentials to the website
01:23
this way they have access to the Web site on the Web site. Believes it's you. Effectively the money in the middle is Impersonating you
01:32
to gain access to the Web site.
01:34
Next on our syllabus is what is called a denial of service attack in a denial of service attack. Malicious persons exhaust available resources. So the idea is to exhaust available Resource is such that this resources are unavailable for legitimate users.
01:53
This is an attack against availability, as discussed in the C I. A. Where is the availability of resources? So in a denial of service attack, the resources available for user's disc will be broadband access to the Internet. This could be network access to a resource.
02:13
Those resources are exhausted in such a way
02:15
that when legitimate users seek to use this resources, they get an error message or the resource not available. Another from oh, denial of service is something called the distributed denial of service distributed denial of service. In this type of attack,
02:32
the militias person will distribute the attack over multiple computers,
02:38
hundreds or thousands of computers across the Internet. We would have the Attackers computer on the Internet. The attacker will seek out numerous computers. These computers are not secure. The attacker would plant some software in them which we call a butt on. At
02:58
so specific interval,
03:00
the attacker starts to send out a signal. So these machines at the end of all of these, we have the victim. These computers will receive the signal. They also know because off the boat within them
03:14
they also start to send messages So everyone is sending So overall the attack is distributed across this mud computers toe overwhelm the victim.
03:23
The victim is too busy processing or attempting to process all these messages on
03:30
becomes unavailable to legitimate uses.
03:34
The magnitude off the attack is in the distribution off our multiple computers.
03:39
These computers do not know they're taking part in an attack. So we refer to them as zombies. The robots in there as well. The boats software installed by the attacker simply continues to allow these machines to send and receive send messages.
03:59
We also call these botnet malicious persons seek to use this strategy one
04:05
toe have a very strong impact on the victim. On also toe hide their track because these computers could be numerous places across the world
04:17
on the Internet
04:18
makes it difficult to backtrack where the source of the attack is coming from.
04:24
So that is a distributed denial of service. We have another type of attack which we call spoofing. This is a form of Elektronik impersonation,
04:34
so a malicious person on a network cool spoof
04:39
an I. P. Address. Oh Mark address. You can spoof the I P address. Say your computer computer A as I p address 1 90 to 1 68 No. 10 150 on computer be
04:57
as 1 92.168 10
05:00
No. 75 for example. Computer has access to the Internet.
05:05
Computer be has no access to the Internet. They use our own computer. Be
05:11
ghouls proof the i p. Address off computer A. Such that their computer now has access to the Internet. Essentially spoofing is masquerading Toby, another person.
05:24
So this computer being could masquerade to be computer a toe, gain access to a resource, or send a message out pretending to be computer, eh?
05:35
This will be used in numerous types of attacks, one of which is called a Smurf attack in a smart attack computer. A well spoof The I P address off computer be
05:47
on flawed a broadcast network with a pink. So say we have a request going out a pink going out.
05:57
So the device here computer a Will's prove the I p address off computer be so the message living will appear to come from 1 90 to 1 68 dot Tenn 68.0.75.
06:12
This being,
06:14
he's also
06:15
sent out to all the machines on the broadcast network
06:18
being being, being, being being thing
06:23
by time. They all reply or replies. Goto computer. Be overwhelming computer be possibly causing him to crash, freeze or become unavailable. Another type of attack is something we call spam. Spam is also elicited e mails.
06:41
They would push adverts advertisements
06:45
to you where the Internet thes has
06:49
some potential. Oh,
06:51
aim or
06:54
toe overload. Maybe your your service space. So your space is consumed,
07:00
you run out of space. You also have to waste time looking through e mails to see what emails are legitimate on what e mails are
07:12
waste of your time so effectively you wished spaced on your service. You waste time and time is money, So this is also spot. Now, sometimes some malicious persons will attempt to do spam over social networks on in the social network. They would use
07:30
instant messengers. So on social networks they would use
07:33
instant messengers,
07:35
which we say I am instant messengers. If you have sperm over social networks, horse pomp over instant messengers. So that is sperm plus instant messengers. We have spin. You're getting sperm over social networks. That is what we record as spin.

Up Next

Fundamental Vulnerability Management

Vulnerability Management is a continuous information security risk process that requires management oversight and includes a 4-tier approach of: discovery, reporting, prioritization, and response

Instructed By

Instructor Profile Image
John Oyeleke
Lead IT Security Instructor
Instructor