1st Edition

Network Attacks and Defenses A Hands-on Approach

    475 Pages 527 B/W Illustrations
    by Auerbach Publications

    475 Pages 527 B/W Illustrations
    by Auerbach Publications

    The attacks on computers and business networks are growing daily, and the need for security professionals who understand how malfeasants perform attacks and compromise networks is a growing requirement to counter the threat. Network security education generally lacks appropriate textbooks with detailed, hands-on exercises that include both offensive and defensive techniques. Using step-by-step processes to build and generate attacks using offensive techniques, Network Attacks and Defenses: A Hands-on Approach enables students to implement appropriate network security solutions within a laboratory environment.

    Topics covered in the labs include:

    • Content Addressable Memory (CAM) table poisoning attacks on network switches
    • Address Resolution Protocol (ARP) cache poisoning attacks
    • The detection and prevention of abnormal ARP traffic
    • Network traffic sniffing and the detection of Network Interface Cards (NICs) running in promiscuous mode
    • Internet Protocol-Based Denial-of-Service (IP-based DoS) attacks
    • Reconnaissance traffic
    • Network traffic filtering and inspection
    • Common mechanisms used for router security and device hardening
    • Internet Protocol Security Virtual Private Network (IPsec VPN) security solution protocols, standards, types, and deployments
    • Remote Access IPsec VPN security solution architecture and its design, components, architecture, and implementations

    These practical exercises go beyond theory to allow students to better anatomize and elaborate offensive and defensive techniques. Educators can use the model scenarios described in this book to design and implement innovative hands-on security exercises. Students who master the techniques in this book will be well armed to counter a broad range of network security threats.

    Switch’s CAM Table Poisoning Attack
    Lab 1.1: Switch’s CAM Table Poisoning
    Lab 1.2: Prevention of CAM Table Poisoning Attack

    ARP Cache Poisoning-Based MiM and DoS Attacks
    Lab 2.1: ARP Cache Poisoning Attack
    Lab 2.2: DoS Attack Based on ARP Cache Poisoning
    Lab 2.3: MiM Attack Based on ARP Cache Poisoning

    Abnormal ARP Traffic Detection and Prevention
    Lab 3.1: Abnormal ARP Traffic Detection
    Lab 3.2: Abnormal ARP Traffic Prevention Using Dynamic ARP Inspection for a Non-DHCP Network Environment
    Lab 3.3: Abnormal ARP Traffic Prevention Using Dynamic ARP Inspection and DHCP
    Snooping for a DHCP Environment

    Network Traffic Sniffing and Promiscuous Mode Detection
    Lab 4.1: Promiscuous Mode Detection

    IP-Based Denial-of-Service Attacks
    Lab 5.1: Land Attack
    Lab 5.2: SYN Flood Attack
    Lab 5.3: Teardrop Attack
    Lab 5.4: UDP Flood Attack
    Lab 5.5: Abnormal IP Packets

    Reconnaissance Traffic
    Lab 6.1: IP Address Sweeping
    Lab 6.2: TCP Port Scanning
    Lab 6.3: Remote Operating System Identification
    Lab 6.4: Traceroute

    Packet Filtering and Inspection
    Lab 7.1: Basic Packet Filtering
    Lab 7.2: Nonstandard Services Filtering
    Lab 7.3: Consistency and Efficiency Verification of Firewall Filtering Rules
    Lab 7.4: Packet Content Filtering
    Lab 7.5: Stateless versus Stateful Packet Filtering
    Lab 7.6: Active and Passive FTP Modes

    Router Security
    Lab 8.1: AAA Model Basics
    Lab 8.2: Secure Network Services
    Lab 8.3: Packet Filtering on a Border Router

    Site-to-Site VPN Tunnel Implementation against Eavesdropping Attacks
    Lab 9.1: Site-to-Site VPN — First Implementation
    Lab 9.2: Site-to-Site VPN — Second
    Implementation

    Remote Access VPN Tunnel Implementation against Eavesdropping Attacks
    Lab 10.1: Remote Access VPN — First Implementation
    Lab 10.2: Remote Access VPN — Second Implementation

    Index

    Biography

    Zouheir Trabelsi and Kadhim Hayawi are with United Arab Emirates University.