Chapter 9. Mitigating Sophisticated Network Attacks
This chapter covers the following topics:
- Mitigating IP Spoofing Attacks
- Guarding Against Packet Sniffers
- Mitigating Password Attacks
- Mitigating Man-In-The-Middle Attacks
- Mitigating Port Redirection Attacks
- Guarding Against Virus and Trojan-Horse Applications
This chapter covers mitigation techniques to counter the attacks described in Chapter 7, "Classifying Sophisticated Network Attacks." These techniques are based on the principles described in the SAFE blueprint and build on the techniques discussed in Chapter 8, "Mitigating Rudimentary Network Attacks." The attacks covered in this chapter include IP spoofing, packet sniffers, password attacks, man-in-the-middle attacks, port redirection, and virus and Trojan-horse applications.Although this chapter, combined with Chapter 8, covers a fair amount of detail on mitigating attacks, the discussion is by no means exhaustive. Each attack is unique and has its own set of requirements for an effective defense. Nevertheless, this chapter provides a basis for network administrators to understand how to implement the principles in SAFE to better protect their networks against sophisticated network attacks.
