Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Friday October 04 2019, @04:50AM   Printer-friendly
from the the-counting-of-network-attack-types-shall-be-three dept.

Cybersecurity is becoming more of a common tongue term in today's industry. It is being passed around the executive meetings along with financial information and projected marketing strategies. Here are some common attack vectors plaguing the industry when it comes to network infrastructure. It does not really matter the infrastructure type you have. If there is value to the data you are transferring within, someone wants to get it.

  1. Reconnaissance Attacks
  2. Access Attacks
  3. Denial of Service Attacks

It is a pipe dream to believe a network infrastructure is invulnerable; however, the possibility of being protected is within grasp. Fundamentally, it comes down to knowledge of what can happen to your network, knowing your equipment and training up the staff.

Source: Tripwire.com


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 1, Insightful) by Anonymous Coward on Friday October 04 2019, @05:21AM

    by Anonymous Coward on Friday October 04 2019, @05:21AM (#902552)

    Who's getting paid, what, and how, to shill?

    I remember when Tripwire was just a fancy shell script. Point being, it's not rocket science to iterate through a tree, generate checksums, and write them to a WORM drive. The rest is frosting and decorations. Seriously.

    ~childo

  • (Score: 2, Funny) by Mojibake Tengu on Friday October 04 2019, @06:24AM (1 child)

    by Mojibake Tengu (8598) on Friday October 04 2019, @06:24AM (#902557) Journal

    4. Mocking Attacks

    --
    Rust programming language offends both my Intelligence and my Spirit.
  • (Score: 1) by hopdevil on Friday October 04 2019, @07:09AM (1 child)

    by hopdevil (3356) on Friday October 04 2019, @07:09AM (#902558) Journal

    This is spam... or serious?

    • (Score: 1) by Mojibake Tengu on Friday October 04 2019, @07:28AM

      by Mojibake Tengu (8598) on Friday October 04 2019, @07:28AM (#902560) Journal

      It is just a juicy probe how commoner soylenters are susceptible to web trackers, for the purpose of anonymous cowards identification. Nothing a Privacy Badger could not fix, though.

      --
      Rust programming language offends both my Intelligence and my Spirit.
  • (Score: 2) by Dr Spin on Friday October 04 2019, @08:05AM

    by Dr Spin (5239) on Friday October 04 2019, @08:05AM (#902563)

    Water is dangerous! Every home has buckets of the stuff! -
    Anyone could drown at any time.

    Get your life jacket here!

    Source: "Life jacket Salesman's Weekly".

    --
    Warning: Opening your mouth may invalidate your brain!
  • (Score: 0) by Anonymous Coward on Friday October 04 2019, @10:12AM

    by Anonymous Coward on Friday October 04 2019, @10:12AM (#902567)

    Yeah, they're pushing their paid stuff but they do have an OSS filesystem integrity scanner for those interested.

    https://en.wikipedia.org/wiki/Open_Source_Tripwire [wikipedia.org]

    The Wikipedia article is pretty light so here's a link with more details.

    https://opensource.com/article/18/1/securing-linux-filesystem-tripwire [opensource.com]

  • (Score: 2) by bzipitidoo on Friday October 04 2019, @12:44PM (8 children)

    by bzipitidoo (4388) on Friday October 04 2019, @12:44PM (#902582) Journal

    Since when is pinging and port scanning an attack? Especially if it's done only a few times, and is clearly not an attempt at DoS. Reminds me of the story of a teenager getting in trouble with his school for pressing F5 repeatedly while looking at the school website.

    It's not an attack to try a car door handle to see if it's locked, or a key to see if it unlocks the door. If it was, we'd be busting people all the time for mistaking another car as theirs. Nor is it an attack to just glance through the car window to see if the lock is engaged. Nor is photographing a car on the street an attack.

    I note that the author's credentials are suspect. Says he has been "expertly trained". Doesn't say he has a degree or a cert of any sort. Might even be an attack, trying to pass himself off as some sort of security expert.

    • (Score: 0) by Anonymous Coward on Friday October 04 2019, @02:32PM (4 children)

      by Anonymous Coward on Friday October 04 2019, @02:32PM (#902612)

      I note that the author's credentials are suspect. Says he has been "expertly trained". Doesn't say he has a degree or a cert of any sort. Might even be an attack, trying to pass himself off as some sort of security expert.

      I hate to break it to you, but degrees and certs are no guarantee of expertise. Mostly they just exist to impress HR types and consultants' customers. There are many folks with one or both who couldn't find their ass with both hands and a mirror. The same can be said of many without them, too.

      There are some with such credentials who are very good and some without those who are just as good or better. Performance is the correct metric, not going to class(es) and/or taking a test. Well, except for the CCIE and CISSP certifications, but you can't get those without actual, demonstrated experience.

      • (Score: 2) by bzipitidoo on Friday October 04 2019, @06:48PM (3 children)

        by bzipitidoo (4388) on Friday October 04 2019, @06:48PM (#902736) Journal

        You sound like the typical sour grapes college dropout, pooh poohing degrees as being of no value in assessing a job candidate, only serving to impress credulous HR types, as you put it. I'm surprised you didn't mention a particularly famous and rich college dropout, Bill Gates. Does our university education system work, or not? Do university graduates come out of there with superior understanding of their field, or not?

        Now, I do think that universities have gotten a little too narrow, hammer a little too much on the technical details, and as a result, students can miss the forest for the trees. Nevertheless, the education that universities strive to provide is intended to convey the skills and knowledge to do that much talked about thing known as "critical thinking". For example, a degree in Computer Science does not mean the graduate knows most of the arcane and esoteric details of any particular programming language or library, it means they can (or should be able to) define the problems at hand, find and choose appropriate algorithms, and encode them in the programming language of choice. If management does not understand that they are asking the impossible or asking for nonsense, the university graduate should be able to figure that out.

        • (Score: 0) by Anonymous Coward on Friday October 04 2019, @08:15PM (2 children)

          by Anonymous Coward on Friday October 04 2019, @08:15PM (#902777)

          You sound like the typical sour grapes college dropout, pooh poohing degrees as being of no value in assessing a job candidate,

          I'm not pooh-poohing degrees at all. They give a graduate at least a basic understanding of certain knowledge areas. They also show that the graduate has the ability to set goals (pass classes, get a degree) and work to achieve them.

          Did you just ignore what I wrote, or do you just want to stir things up:

          There are many folks with one or both who couldn't find their ass with both hands and a mirror. The same can be said of many without them, too.

          There are some with such credentials who are very good and some without those who are just as good or better. Performance is the correct metric, not going to class(es) and/or taking a test.

          Is that a rejection of degrees or a matter-of-fact assessment of people? I meant it as the latter, as that's been my experience over the past 30 years.

          Does our university education system work, or not? Do university graduates come out of there with superior understanding of their field, or not?

          Superior to what? To some random person off the street who never studied the subject matter? One would certainly hope so.

          Superior to someone (whether an auto-didact or not) with the motivation and drive to learn and experiment? That depends. Especially since most degree programs are relatively broad. Does an EE or CompE graduate (with no other experience) have superior knowledge about practical networking or InfoSec than someone who has built and secured networks? Probably not.

          One would hope that their studies have given them a background which will make learning the stuff they need to know easier, but that's not necessarily the case.

          And not having a degree doesn't imply a lack of such a background. I've met many folks with university degrees who couldn't reason their way out of a paper bag. I've met many folks *without* a university degree who are quite similar.

          I've also met many folks (with or without degrees) who are bright, inquisitive and have strong reasoning skills.

          While a university degree does signal a number of positive things, it is absolutely not a guarantee that the recipient of same is qualified to scrub my toilet, let alone design a network, an application or implement secure computing environments.

          That said, not having a university degree isn't *better*. But it's also *not* a clear signal that someone is incapable of constructive/critical thinking and valuable contributions of an intellectual nature.

          Nevertheless, the education that universities strive to provide is intended to convey the skills and knowledge to do that much talked about thing known as "critical thinking". For example, a degree in Computer Science does not mean the graduate knows most of the arcane and esoteric details of any particular programming language or library, it means they can (or should be able to) define the problems at hand, find and choose appropriate algorithms, and encode them in the programming language of choice. If management does not understand that they are asking the impossible or asking for nonsense, the university graduate should be able to figure that out.

          Absolutely. That's the intent. YMMV.

          Are you claiming that only someone with a university degree is able to think critically? Does that comport with either logic or your own life experience?

          But we've departed from your initial attempt at "classifying" me. Let's discuss, You *appear* to be making assumptions about my statements that are outside the boundaries of the information and opinions I conveyed.

          In fact, you've ignored relevant portions to support the assumptions you appear to have made about me. This *seems* to have caused you to draw unfounded conclusions concerning my person, meaning and intent.

          Critical thinking requires that one take the evidence *available*, then drawing on logic, specific knowledge and an understanding of the parameters impacting the particular situation, and arrive at a conclusion(s). Additional, where appropriate to create a plan of action.

          You have not displayed those qualities in this conversation. Rather, you assumed bias on my part based on your own views and biases. That's not critical thinking, it's wishful thinking. I presume you can tell the difference.

          Should I also make assumptions about you, your life experience and educational attainment based on the few sentences in your reply? I won't, because there isn't enough information to draw an informed conclusion.

          You might try it sometime.

          • (Score: 2) by bzipitidoo on Friday October 04 2019, @09:18PM (1 child)

            by bzipitidoo (4388) on Friday October 04 2019, @09:18PM (#902798) Journal

            What I'm asking is whether you think university degrees have much value. It "signals a number of positive things", eh? Like what?

            You're engaging in what sure looks like a fake "fair and balanced", let's "have it both ways" argument. Of course there are people who figured it out on their own, and can think critically, without the benefit of a university education. Likewise, there are university graduates who are idiots. The question is, do the degrees help sort the idiots from the smarter folks? Does the fact that someone earned a degree at least increase the odds that they are not an idiot?

            • (Score: 0) by Anonymous Coward on Friday October 04 2019, @10:43PM

              by Anonymous Coward on Friday October 04 2019, @10:43PM (#902841)

              What I'm asking is whether you think university degrees have much value. It "signals a number of positive things", eh? Like what?

              Did you not read the *first sentence* of the post you just replied to? I said:

              I'm not pooh-poohing degrees at all. They give a graduate at least a basic understanding of certain knowledge areas. They also show that the graduate has the ability to set goals (pass classes, get a degree) and work to achieve them.

              That is, at a *minimum*, the value of a university degree.

              Out of curiosity, why have you (twice now) asked me questions that required me to repeat what I've already said? That *appears* to be rather dismissive of you, as if what I write isn't worth reading. If that's the case, why respond at all?

              You're engaging in what sure looks like a fake "fair and balanced", let's "have it both ways" argument. Of course there are people who figured it out on their own, and can think critically, without the benefit of a university education. Likewise, there are university graduates who are idiots. The question is, do the degrees help sort the idiots from the smarter folks? Does the fact that someone earned a degree at least increase the odds that they are not an idiot?

              Your interpretation is not backed up by my statements. I suggest you reconsider what I've said.

              For your convenience, let's back up a second. My initial comment was that degrees and certifications (and especially certifications, although I didn't stress that) are no *guarantee* of expertise.

              I also said that the marketable value of such things is usually shown in preference during job searches and to burnish the bios of consultants.

              Further, I stated that there are those with degrees and/or certifications that are, if not incompetent, then not very competent. And that some without such things can be quite competent.

              The important part was that *results* are what make the difference.

              in the section of your comment that I quoted immediately above, you pretty much agreed with all of that, except the bit about results.

              Given all that, you've attempted to belittle me as "sour grapes," implied that I was somehow poorly educated and/or lacking critical thinking skills and given the strong impression (through lack of a thorough reading or by design) that you dismiss my statements out of hand.

              Despite that, I will answer your question even though it's way outside anything I've said. And you're not going to like it either, as it will explode the completely inaccurate image of me that you've created for yourself.

              On the whole, a university education is a positive experience that is a boon to many. The opportunities, not just for learning things associated with an expected career, are varied. With the right attitude, it can broaden your horizons and allow you to indulge your intellectual curiosity and hone your critical thinking skills. But, like everything else, you get out of it what you put into it.

              I'd also point out that, with the proper motivation, a person can do those things *without* a university education too. The tools and resources to do so just aren't as concentrated as they are at a university. However, the knowledge obtained isn't always as broad, nor is a self-designed curriculum necessarily as structured or comprehensive. In fact, it takes the rare person who is disciplined, motivated and willing to work *extra* hard to do so well.

              As an aside almost all of my family have *at least* bachelor's degrees and many have advanced degrees as well. In fact, if I could go back and do it all over again, I'd likely choose to be an academic rather than a technologist.

              That said, my life experience has taught me a couple of things (I've said them already but you seem to have an issue picking up on things the first time, so here it is -- again):
              1. Academic credentials are no *guarantee* of competence or expertise;
              2. Auto-didacts *can* be at least as or more competent than those with certifications or degrees;
              4. (1) and (2) above aren't blanket statements. Knowledge and competence vary widely, regardless of degree status;
              3. (1) and (2) above are observations based on nearly 30 years of work experience and more than 50 years of life experience;
              4. Was *anything* I said an indictment of a university education? No.

              I'd be happy to discuss this with you further.

              That said, I'd prefer that, in future, you actually read and understand what I write, rather than jumping to unfounded conclusions about me and making insulting and dismissive comments.

              Hmm, have a reasoned and thoughtful dialogue without jumping down the other guy's throat? There's an (apparently) novel idea.

    • (Score: 2) by EvilSS on Friday October 04 2019, @02:36PM

      by EvilSS (1456) Subscriber Badge on Friday October 04 2019, @02:36PM (#902614)

      It's not an attack to try a car door handle to see if it's locked, or a key to see if it unlocks the door. If it was, we'd be busting people all the time for mistaking another car as theirs.

      Actually it can be, if it can be shown the intent of doing so was to further commit a crime. Accidentally opening the wrong car door because you own the same model and you're parked in the lot isn't itself a crime (although you may, depending on circumstances and the cops involved need to fight it in court). But if you are going around trying car doors at random then the police could argue you were attempting burglary. It's like the "burglary tools" laws. It's not illegal to carry a pry-bar. It is illegal to carry one for the purposes of breaking in.

    • (Score: 3, Interesting) by NotSanguine on Friday October 04 2019, @03:14PM

      Since when is pinging and port scanning an attack? Especially if it's done only a few times, and is clearly not an attempt at DoS. Reminds me of the story of a teenager getting in trouble with his school for pressing F5 repeatedly while looking at the school website.

      It's not an attack to try a car door handle to see if it's locked, or a key to see if it unlocks the door. If it was, we'd be busting people all the time for mistaking another car as theirs. Nor is it an attack to just glance through the car window to see if the lock is engaged. Nor is photographing a car on the street an attack.

      Context is important. Trying a door handle isn't an "attack" per se, but if the individual is trying *all* the door handles in a parking lot, is that potentially suspicious/malicious? If not, why not?

      What is reconnaisance [thefreedictionary.com]?

      An inspection or exploration of an area, especially one made to gather military information.

      Often, reconnaisance is covert, or attempts to be. In this context, that would be low-volume port/ping scans. Are those types of activities generally disruptive? No. However, they can, and do, provide information concerning the breadth and depth of attack surfaces, which can be quite useful when planning (or identifying targets for) an access or DDOS attack.

      Besides, this isn't about (not for me, at least, I didn't read TFA) calling various types of connection attempts "bad" or "crimes". It's about being aware of the activity at the perimeter and within your network.

      Which is why any network that has significant assets should be monitoring for such caresses (is that a better term than attack?), both internally and at perimeters.

      On small/home networks, reviewing firewall logs (if your firewall even provides them -- if not, get a real firewall) and web/file sharing logs on systems with shared resources is often sufficient.

      In larger environments an SIEM* [wikipedia.org] implementation (note, I don't say system, as there are multiple discrete components to a functional SIEM implementation) can allow you to identify potential incursions in near real-time, by aggregating and correlating (in a variety of ways) log data from firewalls, routers, switches and servers.

      tl;dr: Port/ping scans aren't necessarily malicious, nor are they, generally, disruptive. However, if there are vulnerable points in your network perimeter, such activity can give an attacker the information needed to exploit such vulnerabilities.

      *SIEM related links:
      https://www.sans.org/reading-room/whitepapers/incident/paper/33689 [sans.org]
      https://kalilinuxtutorials.com/a-beginners-guide-to-siem/ [kalilinuxtutorials.com]
      https://learn.techbeacon.com/topics/introduction-siem [techbeacon.com]
      https://logz.io/blog/what-is-siem/ [logz.io]
      https://logz.io/blog/open-source-siem-tools/ [logz.io]

      --
      No, no, you're not thinking; you're just being logical. --Niels Bohr
    • (Score: 2) by jmichaelhudsondotnet on Friday October 04 2019, @05:16PM

      by jmichaelhudsondotnet (8122) on Friday October 04 2019, @05:16PM (#902697) Journal

      From experience, once you are intelligent enough to know what 'port scan' means, the government, and every government, wants to know everything you do, all of the time, anyway, and they are just biding their time waiting for you to cross the line, which they are moving in your direction as fast as they can.

      I strongly suspect everyone else who cannot demonstrate similar or analagous value and/or capacity(e.g. hot babes, born rich folk) has their data expunged after a few centuries.

      Letting bitcoin get out was either an enigma level government secret or the biggest 'intelligence' fuckup in history as someone superintelligent was able to work this all up outside of their view.

      It's tragedy of the commons isn't it? What if everybody was portscanning everyone all of the time, whole internet would break. Same thing goes for everyone watching an episode of the stupidest tv show ever made. I find the latter more offensive personally, at least with the former we are all expressing an interest in each other. Fact is though most traffic directed at a website is not there with good intentions, they are taking the energy used to load and serve the site and move those electrons as a favor you are handing out, a cost of doing business, and for them a roll of the dice that you are a rube who might hand them a million bucks from your sheer incompetence.

      Yet another slimy lateral power grab, trying to set you up for others. Some people say this version of the net is just broken, hard to argue against that, not sure I would try.

      Mystery, oh mystery, a cowboy's life is strange. - Johnny Dowd

      thesesystemsarefailing.net

  • (Score: 2) by jmichaelhudsondotnet on Friday October 04 2019, @05:04PM

    by jmichaelhudsondotnet (8122) on Friday October 04 2019, @05:04PM (#902691) Journal

    These things happen in real life too, I have seen all and both with my own eyes.

    At alchemy I was noc admin on duty for bill orreilly's homepage, believe me there was ddos and it was great. I still did my job but it was neat to watch the graphs and see his name on the alarm. 'The internet is attacking the worst person in the world, in what way is this broken exactly?' But yeah that goes two ways, I picked up the phone and got v&^%e on the line.

    Also, don't leave centos 5 boxes exposed to the web.

    And for the love of pete sampras make sure the ACL on your edge router limits standard network services to something sane so all of the clocks don't start asking each other what time it is several times a second in your city. Thanks whoever did that, it's a neat story to tell. Who doesn't like going out in the rain to a shack with an autist and saving the city's internet from poor configuration, set in stone years before.

    I am pretty sure ransomware is just that windows is inherently comprimised. You can't send that much phone home traffic and leave the phone off the hook hoping no one sniffing the wire will reverse engineer your clever update/malfunction-pushing scheme. But I have always hated microsoft, or since millenium edition, which is about the same thing at this point.

    (btw can you BELIEVE this is the new millenium still????)

    Question though: if someone steals my mail or remotely destroys my car's computer, is that still a network attack? And if someone uses a transmitting cell phone in your vicinity to record you, is that one too?

    And after how many 'network' attacks should one expect to get punched in the face, or worse?

(1)