SlideShare uma empresa Scribd logo

Internet security

Transferir como PPTX, PDF
G
gOhElprashanT
EducaçãoTecnologia
1 de 32
Internet security By,Prashantgohel 09bce014
some basic threats Virus: virus attempts to install it self on victim’s computer. Its main aim that these infected files will be transmitted to another system. Worm: working of worm is similar to the virus. But key diffrence is worm propogate it self without user involvement.
Contiunue.. Rootkit: it is a piece off software ,after installing it self on computer it opens up a port to allow hacker to communicate with it & take full control of system. Scanner: it interrogate machineon the internet to get information about system.
Advanced threats Ipspoofing Session hijacking Network sniffer Back orifice Botnet-attacks Anti forensic techniques
Some basic fundamentals
Dns What is dns ? Short for Domain Name System (or Service or Server), an Internet service that translates domain names into IP addresses. Because domain names are alphabetic, they're easier to remember. The Internet however, is really based on IP addresses, Every time you use a domain name, therefore, a DNS service must translate the name into the corresponding IP address.
Application A lookup mechanism for translating objects into other objects A globally distributed, loosely coherent, scalable, reliable, dynamic database Comprised of three components ,[object Object]
Servers making that name space available
Resolvers (clients) which query the servers about the name space,[object Object]
Some basic fundamentals How TCP connects data flows across the Internet encapsulated within individual data packages ,to manage the uncertainity packet. Before packets of data can begin flowing from end-to-end over a TCP "connection" the endpoints must exchange their initial packet sequence numbers .
Continue..
Continue… To begin establishing a connection, the Client chooses an Initial Sequence Number (Client ISN = CISN) for the packets, & sends its CISN in a packet . When the Server receives the "SYN" packet it knows that a new TCP connection is being requested. So it sets aside some of its RAM memory to hold the details of this new connection. The Client ISN (CISN) contained in the SYN packet is saved in this memory block along with the Client's "Source IP" address and "Source Port" number.
Continue… For the next step in TCP connection handshaking, our Server chooses its own Initial Sequence Number for the packets it will be sending. It sends this Server ISN (SI The third and final step in our 3-Way TCP connection handshake requires our Client to acknowledge the receipt of the Server's ISN.SN) back to the Client machine .
Ipspoofing a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage. Many of the protocols in the TCP/IP suite do not provide mechanisms for authenticating the source or destination of a message. They are thus vulnerable to spoofing attacks when extra precautions are not taken by applications to verify the identity of the sending or receiving host. IP spoofing and ARP spoofing in particular may be used to leverage man-in-the-middle attacks against hosts on a computer network.
Ipspoofing
Ipspoofing.. small network of 3 peoples (Tony, Mark & Shane) sharing a single Internet Connection. All three computers are connected to a switch.
Continue.. Now, Shane wants to monitor the traffic of two of his other staff. to change his computer’s MAC address (11:22:3F:7E:F1:25) to the MAC Address of the Modem/Router (01:1B:22:FF:25:01).
Continue… Switch MAC Table is updated with Router’s MAC address for both Shane computer (10.1.1.3) and the Router (10.1.1.254). Now when Tony tries to connect to Internet, Switch receives the data packet and looks into its MAC Table. Then it forwards the data packet to both Router and Shane Computer.
Session hijacking What is session hijacking? Session Hijacking is the process of taking over a existing active session.reason for this is to bypass the authentication process and gain the access to the machine. Since the session is already active so there is no need of re-authenticating and the hacker can easily access the resources and sensitive information
Continue… Types of session hijacking (1)passive hacking (2)active hacking Active hijacking:n Active attack, hacker finds the active session and takes over it. This is done by forcing one of the parties offline which is usually achieved by DDOS attack (Distributed Denial of service attack). Now the hacker takes control over the active session and executes the commands on the system that either give him the seor allow him to login at later time.
Continue… Passive session hijacking:In Passive attack, the hacker Hijacks a session, but just sits back and watches and records all the traffic that is being sent from the computer or received by the computer. This is useful for finding the sensitive information like username passwords of websites,
Continue..
Botnet attack What is bot? Internet bots, also known as web robots, WWW robots or simply bots, are software applications that run automated tasks over the Internet. Typically, bots perform tasks that are both simple and structurally repetitive, at a much higher rate than would be possible for a human alone.
How Botnets Work Elements of a botnet Botmaster A collection of compromised computers Controlled remotely by crackers. Command and control infrastructure. IRC remains the most popular botnet control method.
How Botnets Work Botmaster exploits the vulnerability on the victim. The victim downloads the actual bot binary. Bot contact the IRC server address in the executable, including resolving the DNS name. The bot joins an IRC channel. The botmaster sends out commands via IRC channel.
Botnet Detection IRC botnet IRC port, may be on non-standard port Monitor IRC payload for known command Behavioral characteristics Response Constant response time, fast join Long standing connection Bots are not talkative Machine learning techniques Using labeled data to build classifier. Track the botnet by honeypot Use honeypot to get infected
Control and Command Infrastructure IRC-based P2P botnet Servent bots Client bots Communicate via peer list. Only servent bots are in peer list Avoid single point of failure.
Denial of Service Attacks Denial of Service Attack:an attack on a computer or network that prevents legitimate use of its resources.[1] DoS Attacks Affect: Software Systems Network Routers/Equipment/Servers Servers and End-User PCs
Classification of DoS Attacks
Distributed Denial of Service Attacks As Defined by the World Wide Web Security FAQ:A Distributed Denial of Service (DDoS) attack uses many computers to launch a coordinated DoS attack against one or more targets. Using client/server technology. Typically a DDoS master program is installed on one computer using a stolen account.
procedure The master program, at a designated time, then communicates to any number of "agent" programs, installed on computers anywhere on the internet. The agents, when they receive the command, initiate the attack. Using client/server technology, the master program can initiate hundreds or even thousands of agent programs within seconds
Ddosarchietecture

Recomendados

Aw36294299
Aw36294299Aw36294299
Aw36294299IJERA Editor
 
Attacks and their mitigations
Attacks and their mitigationsAttacks and their mitigations
Attacks and their mitigationsMukesh Chaudhari
 
Password sniffing
Password sniffingPassword sniffing
Password sniffingSRIMCA
 
Sniffing via dsniff
Sniffing via dsniffSniffing via dsniff
Sniffing via dsniffKshitij Tayal
 
Operating System Fingerprinting Prevention
Operating System Fingerprinting PreventionOperating System Fingerprinting Prevention
Operating System Fingerprinting Preventiondcalhoun1984
 
OS Fingerprinting
OS FingerprintingOS Fingerprinting
OS FingerprintingRashmika Nawaratne
 
Hacking In Detail
Hacking In DetailHacking In Detail
Hacking In DetailGreater Noida Institute Of Technology
 
CEHv7 Question Collection
CEHv7 Question CollectionCEHv7 Question Collection
CEHv7 Question CollectionManish Luintel
 

Recomendados

Aw36294299
Aw36294299Aw36294299
Aw36294299IJERA Editor
 
Attacks and their mitigations
Attacks and their mitigationsAttacks and their mitigations
Attacks and their mitigationsMukesh Chaudhari
 
Password sniffing
Password sniffingPassword sniffing
Password sniffingSRIMCA
 
Sniffing via dsniff
Sniffing via dsniffSniffing via dsniff
Sniffing via dsniffKshitij Tayal
 
Operating System Fingerprinting Prevention
Operating System Fingerprinting PreventionOperating System Fingerprinting Prevention
Operating System Fingerprinting Preventiondcalhoun1984
 
OS Fingerprinting
OS FingerprintingOS Fingerprinting
OS FingerprintingRashmika Nawaratne
 
Hacking In Detail
Hacking In DetailHacking In Detail
Hacking In DetailGreater Noida Institute Of Technology
 
CEHv7 Question Collection
CEHv7 Question CollectionCEHv7 Question Collection
CEHv7 Question CollectionManish Luintel
 
Session hijacking
Session hijackingSession hijacking
Session hijackingGayatri Kapse
 
COUNTERMEASURE TOOL - CARAPACE FOR NETWORK SECURITY
COUNTERMEASURE TOOL - CARAPACE FOR NETWORK SECURITYCOUNTERMEASURE TOOL - CARAPACE FOR NETWORK SECURITY
COUNTERMEASURE TOOL - CARAPACE FOR NETWORK SECURITYIJNSA Journal
 
Honeypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat CommunityHoneypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat Communityamiable_indian
 
Best!
Best!Best!
Best!gofortution
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffersleminhvuong
 
A Comparative Approach to Handle Ddos Attacks
A Comparative Approach to Handle Ddos AttacksA Comparative Approach to Handle Ddos Attacks
A Comparative Approach to Handle Ddos AttacksIOSR Journals
 
DDoS-bdNOG
DDoS-bdNOGDDoS-bdNOG
DDoS-bdNOGZobair Khan
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHackingAve Nawsh
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hackingleminhvuong
 
Hacking
HackingHacking
HackingRoshan Chaudhary
 
Hacking
HackingHacking
Hackingrameswara reddy venkat
 
DDoS Attack
DDoS AttackDDoS Attack
DDoS AttackGopi Krishnan S
 
Module 4 Enumeration
Module 4 EnumerationModule 4 Enumeration
Module 4 Enumerationleminhvuong
 
Hacking tutorial
Hacking tutorialHacking tutorial
Hacking tutorialMSA Technosoft
 
Entropy and denial of service attacks
Entropy and denial of service attacksEntropy and denial of service attacks
Entropy and denial of service attackschris zlatis
 
CMIT 321 QUIZ 1
CMIT 321 QUIZ 1CMIT 321 QUIZ 1
CMIT 321 QUIZ 1HamesKellor
 
ip spoofing
ip spoofingip spoofing
ip spoofingvipin soni
 
Monitoring of traffic over the victim under tcp syn flood in a lan
Monitoring of traffic over the victim under tcp syn flood in a lanMonitoring of traffic over the victim under tcp syn flood in a lan
Monitoring of traffic over the victim under tcp syn flood in a laneSAT Publishing House
 
Internet relay chat (irc)
Internet relay chat (irc)Internet relay chat (irc)
Internet relay chat (irc)Ryon Whyte
 
about botnets
about botnetsabout botnets
about botnetsAlain Bindele
 
Module 9 Dos
Module 9 DosModule 9 Dos
Module 9 Dosleminhvuong
 
what is transport layer what are the typical attacks in transport l.pdf
what is transport layer what are the typical attacks in transport l.pdfwhat is transport layer what are the typical attacks in transport l.pdf
what is transport layer what are the typical attacks in transport l.pdfbrijeshagarwa329898l
 

Mais conteúdo relacionado

Mais procurados

COUNTERMEASURE TOOL - CARAPACE FOR NETWORK SECURITY
COUNTERMEASURE TOOL - CARAPACE FOR NETWORK SECURITYCOUNTERMEASURE TOOL - CARAPACE FOR NETWORK SECURITY
COUNTERMEASURE TOOL - CARAPACE FOR NETWORK SECURITYIJNSA Journal
 
Honeypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat CommunityHoneypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat Communityamiable_indian
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffersleminhvuong
 
A Comparative Approach to Handle Ddos Attacks
A Comparative Approach to Handle Ddos AttacksA Comparative Approach to Handle Ddos Attacks
A Comparative Approach to Handle Ddos AttacksIOSR Journals
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHackingAve Nawsh
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hackingleminhvuong
 
Module 4 Enumeration
Module 4 EnumerationModule 4 Enumeration
Module 4 Enumerationleminhvuong
 
Entropy and denial of service attacks
Entropy and denial of service attacksEntropy and denial of service attacks
Entropy and denial of service attackschris zlatis
 
Monitoring of traffic over the victim under tcp syn flood in a lan
Monitoring of traffic over the victim under tcp syn flood in a lanMonitoring of traffic over the victim under tcp syn flood in a lan
Monitoring of traffic over the victim under tcp syn flood in a laneSAT Publishing House
 
Internet relay chat (irc)
Internet relay chat (irc)Internet relay chat (irc)
Internet relay chat (irc)Ryon Whyte
 

Mais procurados (19)

Session hijacking
Session hijackingSession hijacking
Session hijacking
 
COUNTERMEASURE TOOL - CARAPACE FOR NETWORK SECURITY
COUNTERMEASURE TOOL - CARAPACE FOR NETWORK SECURITYCOUNTERMEASURE TOOL - CARAPACE FOR NETWORK SECURITY
COUNTERMEASURE TOOL - CARAPACE FOR NETWORK SECURITY
 
Honeypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat CommunityHoneypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat Community
 
Best!
Best!Best!
Best!
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffers
 
A Comparative Approach to Handle Ddos Attacks
A Comparative Approach to Handle Ddos AttacksA Comparative Approach to Handle Ddos Attacks
A Comparative Approach to Handle Ddos Attacks
 
DDoS-bdNOG
DDoS-bdNOGDDoS-bdNOG
DDoS-bdNOG
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHacking
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hacking
 
Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 
DDoS Attack
DDoS AttackDDoS Attack
DDoS Attack
 
Module 4 Enumeration
Module 4 EnumerationModule 4 Enumeration
Module 4 Enumeration
 
Hacking tutorial
Hacking tutorialHacking tutorial
Hacking tutorial
 
Entropy and denial of service attacks
Entropy and denial of service attacksEntropy and denial of service attacks
Entropy and denial of service attacks
 
CMIT 321 QUIZ 1
CMIT 321 QUIZ 1CMIT 321 QUIZ 1
CMIT 321 QUIZ 1
 
ip spoofing
ip spoofingip spoofing
ip spoofing
 
Monitoring of traffic over the victim under tcp syn flood in a lan
Monitoring of traffic over the victim under tcp syn flood in a lanMonitoring of traffic over the victim under tcp syn flood in a lan
Monitoring of traffic over the victim under tcp syn flood in a lan
 
Internet relay chat (irc)
Internet relay chat (irc)Internet relay chat (irc)
Internet relay chat (irc)
 

Semelhante a Internet security

what is transport layer what are the typical attacks in transport l.pdf
what is transport layer what are the typical attacks in transport l.pdfwhat is transport layer what are the typical attacks in transport l.pdf
what is transport layer what are the typical attacks in transport l.pdfbrijeshagarwa329898l
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksInformation Technology
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 
Module 10 (session hijacking)
Module 10 (session hijacking)Module 10 (session hijacking)
Module 10 (session hijacking)Wail Hassan
 
RAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan BansalRAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan BansalOWASP Delhi
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
Fortinet_FortiDDoS_Introduction
Fortinet_FortiDDoS_IntroductionFortinet_FortiDDoS_Introduction
Fortinet_FortiDDoS_Introductionswang2010
 
Oss web application and network security
Oss web application and network securityOss web application and network security
Oss web application and network securityRishabh Mehan
 
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECTHACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECTDHRUV562167
 

Semelhante a Internet security (20)

about botnets
about botnetsabout botnets
about botnets
 
Module 9 Dos
Module 9 DosModule 9 Dos
Module 9 Dos
 
what is transport layer what are the typical attacks in transport l.pdf
what is transport layer what are the typical attacks in transport l.pdfwhat is transport layer what are the typical attacks in transport l.pdf
what is transport layer what are the typical attacks in transport l.pdf
 
DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS Attacks
 
DoS/DDoS
DoS/DDoSDoS/DDoS
DoS/DDoS
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and Attacks
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKS
 
Module 10 (session hijacking)
Module 10 (session hijacking)Module 10 (session hijacking)
Module 10 (session hijacking)
 
UNIT 5 (2).pptx
UNIT 5 (2).pptxUNIT 5 (2).pptx
UNIT 5 (2).pptx
 
RAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan BansalRAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan Bansal
 
Security threats
Security threatsSecurity threats
Security threats
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
 
Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3Cryptography and Network security # Lecture 3
Cryptography and Network security # Lecture 3
 
Fortinet_FortiDDoS_Introduction
Fortinet_FortiDDoS_IntroductionFortinet_FortiDDoS_Introduction
Fortinet_FortiDDoS_Introduction
 
Banner grabbing
Banner grabbingBanner grabbing
Banner grabbing
 
Oss web application and network security
Oss web application and network securityOss web application and network security
Oss web application and network security
 
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECTHACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
 
Botnets
BotnetsBotnets
Botnets
 

Último

ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)cama23
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptxmary850239
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYKayeClaireEstoconing
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Seán Kennedy
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxSherlyMaeNeri
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxiammrhaywood
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfJemuel Francisco
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 

Último (20)

ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptx
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 

Internet security

  • 2. some basic threats Virus: virus attempts to install it self on victim’s computer. Its main aim that these infected files will be transmitted to another system. Worm: working of worm is similar to the virus. But key diffrence is worm propogate it self without user involvement.
  • 3. Contiunue.. Rootkit: it is a piece off software ,after installing it self on computer it opens up a port to allow hacker to communicate with it & take full control of system. Scanner: it interrogate machineon the internet to get information about system.
  • 4. Advanced threats Ipspoofing Session hijacking Network sniffer Back orifice Botnet-attacks Anti forensic techniques
  • 6. Dns What is dns ? Short for Domain Name System (or Service or Server), an Internet service that translates domain names into IP addresses. Because domain names are alphabetic, they're easier to remember. The Internet however, is really based on IP addresses, Every time you use a domain name, therefore, a DNS service must translate the name into the corresponding IP address.
  • 7.
  • 8. Servers making that name space available
  • 9.
  • 10. Some basic fundamentals How TCP connects data flows across the Internet encapsulated within individual data packages ,to manage the uncertainity packet. Before packets of data can begin flowing from end-to-end over a TCP "connection" the endpoints must exchange their initial packet sequence numbers .
  • 12. Continue… To begin establishing a connection, the Client chooses an Initial Sequence Number (Client ISN = CISN) for the packets, & sends its CISN in a packet . When the Server receives the "SYN" packet it knows that a new TCP connection is being requested. So it sets aside some of its RAM memory to hold the details of this new connection. The Client ISN (CISN) contained in the SYN packet is saved in this memory block along with the Client's "Source IP" address and "Source Port" number.
  • 13. Continue… For the next step in TCP connection handshaking, our Server chooses its own Initial Sequence Number for the packets it will be sending. It sends this Server ISN (SI The third and final step in our 3-Way TCP connection handshake requires our Client to acknowledge the receipt of the Server's ISN.SN) back to the Client machine .
  • 14. Ipspoofing a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage. Many of the protocols in the TCP/IP suite do not provide mechanisms for authenticating the source or destination of a message. They are thus vulnerable to spoofing attacks when extra precautions are not taken by applications to verify the identity of the sending or receiving host. IP spoofing and ARP spoofing in particular may be used to leverage man-in-the-middle attacks against hosts on a computer network.
  • 16. Ipspoofing.. small network of 3 peoples (Tony, Mark & Shane) sharing a single Internet Connection. All three computers are connected to a switch.
  • 17. Continue.. Now, Shane wants to monitor the traffic of two of his other staff. to change his computer’s MAC address (11:22:3F:7E:F1:25) to the MAC Address of the Modem/Router (01:1B:22:FF:25:01).
  • 18. Continue… Switch MAC Table is updated with Router’s MAC address for both Shane computer (10.1.1.3) and the Router (10.1.1.254). Now when Tony tries to connect to Internet, Switch receives the data packet and looks into its MAC Table. Then it forwards the data packet to both Router and Shane Computer.
  • 19. Session hijacking What is session hijacking? Session Hijacking is the process of taking over a existing active session.reason for this is to bypass the authentication process and gain the access to the machine. Since the session is already active so there is no need of re-authenticating and the hacker can easily access the resources and sensitive information
  • 20. Continue… Types of session hijacking (1)passive hacking (2)active hacking Active hijacking:n Active attack, hacker finds the active session and takes over it. This is done by forcing one of the parties offline which is usually achieved by DDOS attack (Distributed Denial of service attack). Now the hacker takes control over the active session and executes the commands on the system that either give him the seor allow him to login at later time.
  • 21. Continue… Passive session hijacking:In Passive attack, the hacker Hijacks a session, but just sits back and watches and records all the traffic that is being sent from the computer or received by the computer. This is useful for finding the sensitive information like username passwords of websites,
  • 23. Botnet attack What is bot? Internet bots, also known as web robots, WWW robots or simply bots, are software applications that run automated tasks over the Internet. Typically, bots perform tasks that are both simple and structurally repetitive, at a much higher rate than would be possible for a human alone.
  • 24. How Botnets Work Elements of a botnet Botmaster A collection of compromised computers Controlled remotely by crackers. Command and control infrastructure. IRC remains the most popular botnet control method.
  • 25. How Botnets Work Botmaster exploits the vulnerability on the victim. The victim downloads the actual bot binary. Bot contact the IRC server address in the executable, including resolving the DNS name. The bot joins an IRC channel. The botmaster sends out commands via IRC channel.
  • 26. Botnet Detection IRC botnet IRC port, may be on non-standard port Monitor IRC payload for known command Behavioral characteristics Response Constant response time, fast join Long standing connection Bots are not talkative Machine learning techniques Using labeled data to build classifier. Track the botnet by honeypot Use honeypot to get infected
  • 27. Control and Command Infrastructure IRC-based P2P botnet Servent bots Client bots Communicate via peer list. Only servent bots are in peer list Avoid single point of failure.
  • 28. Denial of Service Attacks Denial of Service Attack:an attack on a computer or network that prevents legitimate use of its resources.[1] DoS Attacks Affect: Software Systems Network Routers/Equipment/Servers Servers and End-User PCs
  • 30. Distributed Denial of Service Attacks As Defined by the World Wide Web Security FAQ:A Distributed Denial of Service (DDoS) attack uses many computers to launch a coordinated DoS attack against one or more targets. Using client/server technology. Typically a DDoS master program is installed on one computer using a stolen account.
  • 31. procedure The master program, at a designated time, then communicates to any number of "agent" programs, installed on computers anywhere on the internet. The agents, when they receive the command, initiate the attack. Using client/server technology, the master program can initiate hundreds or even thousands of agent programs within seconds