31 Days Before Your CCNA Exam

268 31 Days Before Your CCNA ExamFigure 8-1Security Is Important at All Entry Points into the NetworkHacker Working at the Service ProviderFrame RelayBroadbandInternet AccessUnauthorized Wireless AccessToday’s networks must balance accessibility to network resources with the protection of sensitive data from theft.■■■■■Black hat: Another term for individuals who use their knowledge of computer systems tobreak into systems or networks that they are not authorized to use.Cracker: Someone with malicious intent who tries to gain unauthorized access to networkresources.Phreaker: An individual who manipulates the phone network to cause it to perform a functionthat is not allowed, such as to make free long-distance calls.Spammer: An individual who sends large quantities of unsolicited email messages.Phisher: Uses email or other means to masquerade as a trusted party so that victims areenticed into providing sensitive information, such as credit card numbers or passwords.Thinking Like an AttackerMany attackers use this seven-step process to gain information and start an attack:Step 1Perform footprint analysis (reconnaissance).A company web page can lead to information, such as the IP addresses of servers. Fromthere, an attacker can create a picture of the company’s security profile or “footprint.”Step 2Enumerate information.An attacker can expand on the footprint by monitoring network traffic with a packetsniffer such as Wireshark, finding useful information such as version numbers of FTPservers and mail servers.Step 3Manipulate users to gain access.