Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Defense-in-Depth Approach > Defense-in-Depth Approach - Pg. 114

114 chapter 6 Man-in-the-Middle Tools used to conduct these attacks continue to mature and are widely available to those who wish to use them. Several open-source projects continue to enhance their capabilities of making these attacks easy to conduct and provide attackers with a significant advantage. Thankfully we can help reduce the exploitable footprint of these types of attacks by implementing mitigating controls. DEfEnSES AGAInST MAn-In-THE-MIDDLE ATTACKS The previous examples have provided us with a pretty good overview of some of the dangers associated with MITM attacks. In this part of the chapter, we explore some of the possible countermeasures that can be deployed to help thwart MITM attacks and the impact they can have on your network. A few of the defensive considerations may allow for a stronger security posture for multiple parts of the overall network infra- structure, while others will focus specifically on defenses against MITM attacks. Knowing the Threats You have already taken the first step in securing your network by reading this chapter! Knowing the threats against your organization and how the threats can be identified and mitigated will provide the information you need to implement defensive controls. Whether the controls implemented are active controls to stop attacks in their tracks, or passive controls used to monitor for attacks, knowing the types of attacks used by attackers is one of the greatest things you can do to prepare. Remember, the threat landscape is always changing, so a one-time investigation into the threats will only be a snapshot in time of what the threats are. Continued awareness of the threats and attack techniques will allow you to prepare defenses and stay vigilant in your defensive initiatives. Defense-in-Depth Approach The lack of defensive controls implemented on internal network segments is a pri- mary reason many organizations fall victim to successful attacks. A prime example of this is the ability for an attacker to capture credentials and steal the network by way of MITM attacks. Implementing defensive security controls at various layers within the network allows for more challenges an attacker will have to overcome to be successful at obtaining his or her objective. This is often referred to as "defense- in-depth" by many security practitioners, and the notion of deploying defenses in this manner has been urged for many years. Protecting your perimeter assets is only a small part of a solid security plan. Consider a real-world example of defense-in-depth: when planning military oper- ations, it is common for leaders to deploy defensive measures to deter successful attacks on military installations, equipment, and personnel. For instance, let's explore the defensive posture for an US Army Airborne Infantry unit protecting a command and control outpost. For a first line of defense, the infantry unit will most likely have