Wireless traffic is considered to be those Internet protocol packets that are transmitted through an 802.11a, b, g, n, or i wireless protocol. Monitoring Requirements There are a few things to consider when planning to setup wireless traffic monitoring. First, the user must determine what kind of traffic will be monitored. Is the traffic to …
Port forwarding, also known as tunneling, is basically forwarding a network port from one node to the other. This forwarding technique allows an outside user to access a certain port (in a LAN) through a NAT (network address translation) enabled router. Advantages of Port Forwarding Port forwarding basically allows an outside computer to connect to …
A TCP sequence prediction attack is an attempt to hijack an existing TCP session by injecting packets which pretend to come from one computer involved in the TCP session. The TCP Sequence Prediction Attack TCP is a reliable connection-oriented layer 4 (Transport Layer) protocol. Packet transfer between hosts is accomplished by the layers below layer …
Network Attacks Review A network attack occurs when an attacker or hacker uses certain methods or technologies to maliciously attempt to compromise the security of a network. Hackers attack corporate networks to use data for financial gain or for industrial espionage, to illegally use user accounts and privileges, to run code to damage and corrupt …
Free firewalls have become very common and represent an excellent alternative to commercial firewall packages. Most of these firewalls run under some form of Linux, FreeBSD, or OpenBSD. Many of these free firewalls are front-ends for the lower-level firewall packages which ship with these operating systems, such as pf (Packet Filter), ipf (IPFilter), ipfw (IPFirewall), …
Every packet based network has an MTU (Maximum Transmission Unit) size. The MTU is the size of the largest packet that that network can transmit. Packets larger than the allowable MTU must be divided into smaller packets or fragments to enable them to traverse the network. Network Standard MTU Ethernet 1500 Token Ring 4096 Packet …
ISAKMP (Internet Security Association and Key Management Protocol) is a protocol for establishing Security Associations (SA) and cryptographic keys in a internet environment. ISAKMP defines the procedures for authenticating a communicating peer, creation and management of Security Associations, key generation techniques, and threat mitigation (e.g. denial of service and replay attacks). ISAKMP typically utilizes IKE …
Honey monkeys are a new way of detecting malicious codes from websites that try to exploit certain vulnerabilities of Internet browsers. The honey monkey system works as an automated web/internet patrol system that is designed to detect harmful materials in the Internet, to be able to come up with solutions, and to catch the people …
Packet sniffing is listening (with software) to the raw network device for interesting packets. When the software sees a packet that fits certain criteria, it logs it to a file. The most common criterion for an interesting packet is one that contains words like “login” or “password.” To packet sniff, obtain or code a packet …
The majority of non-computer professionals think of a DMZ as the strip of land that serves as the buffer between North and South Korea along the 39th parallel north created as part of the Korean Armistice Agreement in 1953. In the computer security field; however, the DMZ (Demilitarized Zone) is either a logical or physical …