This is another blog post in my series on Computer Forensics based on the course I am doing with Infinite Skills. In this post I am going to look at network security and hacking. There are many types of hacking and in the types of hacking like denial of service attacks there are many different types of those. There are a lot of websites devoted to downloaders of denial of service attack tools. Many of these are out of date and haven't been updated so won't work on a newish network. There is a type of denial of service attack called ARP poisoning which doesn't necessarily knock the computer out of action but adds data to the computers workload and is when you listen in via a program to the traffic going to and from that computer. Wireshark is probably the industry standard program for tracking traffic on a wireless network but there is a program called network miner which is a bit simpler to use. There is another type of attack called a brute force attack which is when a computer is bombarded with random passwords often done sequentially until it accepts the right one. There are programs where you just set the program up and it will do this automatically. There is a thing called white hat cracking and penetration testing which is when a computer hires someone to test the soundness of their network. No network will stand up forever to an attack but you have to give the hacker such a difficult time he will think it isn't worth the bother. If a network is under attack you shouldn't reboot it or interogate the server. Rebooting will make you lose any trace of the virus in a lot of cases. Running diagnostic software on the server is liable to tip off the hacker who can then take appropriate action. You should run the diagnostic software on one of the workstations and access the network from there. In a very serious attack sometimes the network administrator will literally pull out the broadband or network cable and it doesn't cause as much damage as you might think although they have probably as a result lost the ability to trace where the virus came from.
No comments:
Post a Comment