Vulnerable Networks & Services – A Gateway for Intrusion
Table of Contents
Cyber-attacks are largely focused on communication and network protocols. Many threats are directed at networks and communication channels that are used by people, systems, or devices. Cyber criminals see networks and communication channels as a prime target for attacks, especially in a world where there are millions IoT devices, employees bringing personal devices to work due to BYOD, adoption of the cloud and many organizations relying on web-based systems. There are many tools and techniques that can be used to exploit common vulnerabilities in networks or communication channels.
Vulnerable network protocols, network intrusions
The internet and networks were created at a time when cybersecurity threats were rare. Performance and speed were therefore given a lot of attention. Due to the lack of security design at the time of establishment of early networks, many adoptions were required to accommodate changes such as increased cybersecurity threats. This is becoming a catch-up game, and hackers are unfortunately growing stronger. This has led to numerous vulnerabilities being discovered in network protocols. These are some of the internet protocols that are becoming increasingly insecure.
Simple Mail Transfer Protocol
Many organizations use Simple Mail Transfer Protocol (SMTP), for email purposes. This protocol was quickly added to the internet, and it quickly became the easiest way for people and organisations to send and receive email. Many organizations use SMTP, but there have been numerous threats to it. Network administrators have been charged with protecting SMTP because it was not designed with security in mind. Account enumeration is one of the most common attacks on SMTP. This is usually done by spammers or phishers who harvest emails. By running the SMTP command VRFY on port 25, account enumeration verifies that an email account has been registered on a particular server. The response shows whether the email is valid.
Secure Sockets Layer
Many people consider Secure Sockets Layer (SSL), the best security measure. Before submitting any personal data to a website, users are advised to verify that it has SSL. SSL encrypts data between a server and a host, making it impossible for hackers to intercept and read the traffic. This approach to cybersecurity is not perfect. SSL has been in use since 1996. Despite the advancements in hacking techniques, SSL has not received an update. Chrome and Firefox have decided to discontinue SSL security after a number of attacks on SSL security. Transport Layer Security (TLS), although it has its flaws, is the answer to SSL. TLS was developed in 1999 as an upgrade to SSL version 3.0. However, SSL is still the most popular method of internet security.
TLS is a crypto protocol used in internet communications. It provides end-to-end encryption of all data between clients and servers. Although it is more secure than SSL, it still faces cyber attacks. One of the attacks on TLS is known by the name BEAST. It is registered as CVE-11-3389 by CVE database. This attack involves injecting their own packets into SSL traffic. This allows the attacker to decrypt traffic traffic and determine how it is being decrypted. POODLE is another attack on SSL, which has been registered as CVE-14-3566 by CVE Database. POODLE is a clever way to attack SSL through man-in-the middle attacks. When a client initiates SSL han