MIS 301 Chapter Notes - Chapter 13: Syn Flood, Dumpster Diving, Denial-Of-Service Attack
27 views2 pages
4 Jan 2017
School
Department
Course
Professor
Chapter 13: “Information Security: Barbarians at the Gateway (and just about everywhere else)
3 things companies need to do (PPT):
Determine potential threats, evaluate risks of potential threats, manage potential threats
Biometrics: technologies that measure and analyze human body characteristics for identification or
authentication
Example: fingerprint readers, retina scanners, voice and face recognition, etc
Goal is to be a better solution for good passwords
Brute-force attack: an attack that exhausts all possible password combinations in order to break into an
account; the larger and more complicated as password or key, the longer a brute-force attack will take
The largest attacks are still unable to compromise information in banks or on shopping sites
Compliance: some firms are bound by security compliance commitments and will face fines and retribution if
they fail to meet the commitments
HOWEVER, compliance does NOT equal security
Control: reduce likelihood/impact of security threats
Distributed Denial of Service (DDoS) attack: an attack where a firm’s computer systems are flooded with
thousands of seemingly legitimate requests
The volume of the attack itself can slow down or shut down the site’s use.
Usually performed using botnets or hordes of surreptitiously infiltrated computers, linked and
controlled remotely (zombie networks)
Syn-Ack attack/three way handshake:
Normally when a client attempts to start a TCP connection to a server, the client and server exchange a series
of messages which normally runs like this:
1. The client requests a connection by sending a SYN (synchronize) message to the server.
2. The server acknowledges this request by sending SYN-ACK back to the client.
3. The client responds with an ACK, and the connection is established.
4. This is called the TCP three-way handshake, and is the foundation for every connection established
using the TCP protocol.
A SYN flood attack works by not responding to the server with the expected ACK code. The malicious client
can either simply not send the expected ACK, or by spoofing the source IP address in the SYN, causing
the server to send the SYN-ACK to a falsified IP address - which will not send an ACK because it
"knows" that it never sent a SYN.
Dumpster diving: combing through trash to identify valuable assets
find more resources at oneclass.com
find more resources at oneclass.com