Network Attacks

Edward Amoroso, AT&T Laboratories

Introduction

Underlying Network Infrastructure Model

Network Infrastructure Attacks

Remote Access Through Social Engineering

Router Attacks

Network Protocol Attacks

Network Sniffers

Network Scanning

Address Spoofing

Network Floods

Crafted Packets

Application-Based Network Worms and Viruses

Simple Worm Schema

Denial of Service Worms

Misguided Ethical Worms

Conclusion and Further Reading

Ubiquitous Networked Devices

Lack of Diversity

Glossary

Cross References

References

INTRODUCTION

One of the earliest malicious attacks on a modern communications network was the infamous frequency spoof (at 2600 Hz) designed to trick Bell System circuit-switching equipment into providing a free phone call (“Toll Fraud Device,” 1993). The attack was astonishingly simple to accomplish; it provided a clear gain to the intruder (monetary, in this case), and it turned out to be incredibly difficult for phone companies to actually fix. These basic attributes are still considered—from the perspective of an intruder—to be desirable. In fact, many modern intruders still trace their first recognition of computer-based attacks to this simple phone spoof and its associated simplicity, gain, and difficulty in remediation.

Our familiar anecdote demonstrates a basic presumption in this chapter—namely that although network technology will certainly evolve, the underlying principles of attacking such technology will remain firm. Therefore, this chapter concentrates ...