Sunday, April 25, 2010

CCNA Security 04

There are a lot of types of hackers. The commonly stereotyped hackers in the media are known as black hat hackers. Black hat hackers strive to benefit financially from compromising others.
Hackers who hack to test network security are white hat hackers. White hat hacking is typically done to your own network or a network of someone who hired you.

A white hat hacker who leaves backdoors for himself later on would be known as a grey hat hacker because he is a combination of the above two.

Hackers who hack to make free or cheap phonecalls are called phreakers. Phreakers are people who experiment with or hack telecommunication systems.

Finally, a person who hacks for a cause or belief is known as a hacktivist.

Data can be categorized into many different classifications. For example the United States use Top Secret, Secret and Confidential to define the actions required to carry out when a particular data is compromised.

Security is wrapped around an industry standard term known as the CIA. CIA stands for Confidentiality, Integrity and Availability. Confidentiality involves encryption to ensure that the data cannot be read by a third party. Integrity involves HMACs which makes sure that the data is not altered in transit. Availability involves redundancy and resistance to Denial of Service attacks.

A good network security administrator is one who keeps up with the latest security threats. You need to be dynamic, and so do the security policies.

Typically a network attacker performs a reconnaissance attack prior to the main attack. In reconnaissance, an attacker gains information about the network devices, topology, operating systems and vendors which would help them perform vendor-specific attacks.

When people want to prevent intruders from entering their homes, they typically install locks on their doors. However, there will always be some sort of windows or back doors which an intruder can climb in. A backdoor installed in a network would allow attacks to happen from the inside.

Social engineering attacks are those where the hacker gains information or access socially. An example is a receptionist resetting a password, or a network administrator giving out topology information.

Privilege escalation are attacks that allows software to be executed at a higher privilege than the logged in user is at. Privilege escalation can be horizontal or vertical. Horizontal attacks allow access to files of other users of the same privilege level, while vertical attacks allow a user to gain access to resources only available to someone of a higher privilege.

Network security requirements are always changing. We need to be proactive. A security analyst needs to find ways to hack their own networks before a real hacker does.

No comments :

Post a Comment