Networking Fundamentals, 3rd Edition page 449

Copyright Goodheart-Willcox Co., Inc. 449 Chapter 15 Network Security DHCP Starvation DHCP starvation is a DoS attack that seeks to exhaust the pool of available IP ad- dresses, thus preventing users from connecting to the network. If enough requests fl ood onto a network, the attacker can completely exhaust the address space allocated by the DHCP servers for an indefi nite period of time. Th ere are tools such as gobbler that will do this automatically. Man in the Middle (MITM) Man in the middle (MITM) is a method of intercepting a network transmission, reading it, and then placing it back on route to its intended destination, as illustrated in Figure 15-2. It is a serious security breach. Th e contents may or may not be modi- fi ed. Th is method can also be used for a replay attack. A replay attack occurs when the data in a network transmission is copied and stored. Later, information such as an IP or MAC address can be used to establish an unauthorized connection to the destination by impersonating the original source. Replay attacks are generally avoid- ed by using a time stamp as part of the communication structure. Th e time stamp is used to verify the time of each transmission. If the time that is recorded in the time stamp exceeds a specifi c value, the entire packet is dropped because it is assumed to be bogus. Spoofi ng Spoofi ng is fooling a destination by using an IP address other than the true IP ad- dress of a source to create a fake identity, as demonstrated in Figure 15-3. For example, 4.4 NET 4.4 NET Figure 15-2 A man in the middle attack occurs when a third party intercepts a data transmission with the intent to use vital information it contains for a later attack. Once the third party reads and stores the data transmission, it is placed back on route to its destination. Data Man in the middle attack Internet Man in the Middle Attack (workstation icons) RedlineVector/Shutterstock.com (server icon) fullvector/Shutterstock.com Goodheart-Willcox Publisher 126.50.6.12 Data sent with fake source IP address True source IP address 201.100.100.12 Spoofing Internet Figure 15-3 Spoofing is the act of using a fake IP address to gain access to a network. (workstation icons) RedlineVector/Shutterstock.com (server icon) fullvector/Shutterstock.com Goodheart-Willcox Publisher

Previous Page Next Page

Networking Fundamentals, 3rd Edition Page 449 (471 of 720)

Resources and Downloads

Help