11. Network Hacking

1. Network Hacking Introduction

Figure 11-1 Network Hacking Concept Diagram

Any network protocol can be defined in terms of the OSI 7 Layer Model. The OSI 7 Layer Model has well-defined roles for each of the 7 layers, from the application layer to the physical layer, and each layer’s role is well defined allowing for actual network devices to also be fabricated based on the OSI 7 Layer. Although network protocols are logically designed to safely send and receive various forms of data, a hacker can exploit an apparatus that supports communication functions.

Hacking techniques that exploit the characteristics of the network protocols can be classified into five categories as follows

1) Foot Printing is the first. The type of service supported by the operating system or server can be determined by finding the open port information through DNS queries, pinging, port scanning, and so on.

2) Sniffing is a technology that can be used to steal packet information from third party distributors in the network. Usually, technology that is widely used in an intranet will have the vulnerability inherent in the Ethernet protocol.

3) Spoofing is a technique that intercepts packets during communication by disguising the attach using the address of the server. A common disguise involves changing the MAC address or IP address.

4) Session Hijacking involves intercepeting and forging information during an authentication session between a client and a server, and this technique is used to send and receive communication with the server without authentication.

5) Denial of Service (DoS) is one of the most widely used attack techniques. It paralyzes system functions. One way is to carry this out is to generate a normal packet in bulk, and another is to exploit the vulnerability of the ICMP and HTTP protocols.

A large amount of packets are transferred over the Internet, so network hacks are among the most difficult attacks to detect and block. When a security device detects an attack pattern and is set so as to be able to protect the network, new hacking techniques immediately appear. To learn the basic concepts of network hacking, let’s learn about port scanning, packet sniffing and a DoS attack.