SlideShare uma empresa Scribd logo

Information-Security-Lecture-7.pptx

Transferir como PPTX, PDF
A
anbersattar

IS

Software
1 de 26
Reference: Corporate & Network Security, Chapter 1 Raymond R. Panko :
Copyright Pearson Prentice-Hall 2010  The threat environment—attackers and their attacks  Basic security terminology  Employee and ex-employee threats  Traditional external attackers  The criminal era and competitor threats  Cyberwar and cyberterror 2
Copyright Pearson Prentice-Hall 2010  Traditional Hackers 3 In the 1970s, malware writers were joined by external hackers who began to break into corporate computers that were connected to modems. Today nearly every firm is connected to the Internet which harbors millions of external hackers
Copyright Pearson Prentice-Hall 2010  Traditional Hackers ◦ Motivated by thrill, validation of skills, sense of power ◦ Motivated to increase reputation among other hackers ◦ Often do damage as a byproduct ◦ Often engage in petty crime 4 ComputerWeekly.com 2008
Copyright Pearson Prentice-Hall 2010  Traditional Hackers 5 In 2009, vandals broke into a computerized road sign in Austin, Texas, and changed its message to read: “The end is near ! Caution ! Zombies Ahead !” Dallasnews.com, January 2009 Raymond Torricelli, broke into NASA computers and used up processor time, money, and disk resources to divert chat users to a website for which he admitted to being paid USD 400 per week. Cybercrime.gov, 2001
Copyright Pearson Prentice-Hall 2010 6 Just like a thief who wants to rob a home does reconnaissance of the neighborhood and gathers information to determine which house to break into, hackers also tend to do reconnaissance before breaking into a computer. As the figure shows, the attacker often sends probe packets into a network. These probe packets are designed to elicit replies from internal hosts and routers.
Copyright Pearson Prentice-Hall 2010  Anatomy of a Hack ◦ Reconnaissance probes (see figure)  IP address scans to identify possible victims  Identify active hosts  ICMP Echo and Echo reply messages  Port scans (connection requests) to learn which services are open on each potential victim host 7 Port 80 is the well known port for HTTP web servers. There are many well known port numbers between 0 and 1023. each indicates the presence of a particular type of application.
Copyright Pearson Prentice-Hall 2010 8 Corporate Site 128.171.17.13 128.171.17.47 Attacker 1. IP Address Scanning Packet Response Conf irms a Host at 128.171.17.13 3. Exploit Packet 128.171.17.22 2. Port Scanning Packet to Identif y Running Applications 1. ICMP Echo and Echo reply 2. Connection requests On a particular port number 3. Exploit or break-in
Copyright Pearson Prentice-Hall 2010  Anatomy of a Hack ◦ The exploit  The specific attack method that the attacker uses to break into the computer is called the attacker’s exploit  The act of implementing the exploit is called exploiting the host 9
Copyright Pearson Prentice-Hall 2010 10 128.171.17.13 128.171.17.47 Attacker 1. Spoof ed Packet to 128.171.17.13 Source IP address = 128.171.17.47 Instead of 10.6.4.3 10.6.4.3 2. Reply goes to Host 128.171.17.47 IP Address Spoof ing Hides the Attacker's Identity . But Replies do Not Go to the Attacker, So IP address Spoof ing Cannot be Used f or All Purposes Some exploit packets cannot be spoofed so the attacker uses chain of attack
Copyright Pearson Prentice-Hall 2010  Chain of attack computers (see figure) ◦ The attacker attacks through a chain of victim computers ◦ Probe and exploit packets contain the source IP address of the last computer in the chain ◦ The final attack computer receives replies and passes them back to the attacker ◦ Often, the victim can trace the attack back to the final attack computer ◦ But the attack usually can only be traced back a few computers more 11
Copyright Pearson Prentice-Hall 2010 12 Target Host 60.168.47.47 Attacker 1.34.150.37 Compromised Attack Host 3.35.126.7 Compromised Attack Host 123.125.33.101 Usually Can Only Trace Attack to Direct Attacker (123.125.33.101) or Second Direct Attacker (3.35.126.7) Log In Log In Attack Command For probes whose replies must be received, attacker sends probes through a chain of attack computers. Victim only knows the identity of the last compromised host (123.125.33.101) Not that of the attacker
Copyright Pearson Prentice-Hall 2010  Social Engineering ◦ Social engineering is often used in hacking ◦ Social engineering (as we saw earlier) is attempting to trick users into doing something that goes against the interests of security ◦ Often successful because it focuses on human weaknesses instead of technological weaknesses 13
Copyright Pearson Prentice-Hall 2010  Social Engineering  Call and ask for passwords and other confidential information 14 In one social engineering ploy, a hacker calls a secretary claiming to be working with the secretary’s boss. The hacker then asks for sensitive information such as a password or sensitive file.
Copyright Pearson Prentice-Hall 2010  Social Engineering 15 In one study, US Treasury Dept. inspectors posing as computer technicians called 100 Internal Revenue Service (IRS) employees and managers. The treasury agents asked each target for his or her username and asked the user to change the password to a specific password chosen by the “technician.” This was a clear violation of policy but 35% fell for the ploy in 2005. Washington Post, March 2005
Copyright Pearson Prentice-Hall 2010  Social Engineering  E-mail attack messages with attractive subjects  Piggybacking  Shoulder surfing  Pretexting 16 Piggybacking is following someone through a secure door, without entering a pass code. Looking over someone’s shoulder when he or she types a password is shoulder surfing. In pretexting the attacker calls claiming to be a certain customer in order to get private information about that customer.
Copyright Pearson Prentice-Hall 2010  Denial-of-Service (DoS) Attacks ◦ Make a server or entire network unavailable to legitimate users ◦ Typically send a flood of attack messages to the victim ◦ Distributed DoS (DDoS) Attacks ( see figure)  Bots flood the victim with attack packets  Attacker controls the bot 17
Copyright Pearson Prentice-Hall 2010 18 Victim Attacker Bot Bot Bot Attack Command Attack Packets Attack Packets Attack Packets Attack Command Attack Command
Copyright Pearson Prentice-Hall 2010 19 In 2001, the Code Red virus attacked the US Whitehouse website. Fortunately the attacks were made against the website’s IP address in stead of its host name. The White House merely changed the IP address of whitehouse.gov To attack a server, the bots might flood the server with TCP connection-opening requests (TCP SYN segments). A server reserves a certain amount of capacity each time it receives a SYN segment. By flooding a computer with SYN segments, the attacker can cause the server to run out of resources and therefore crash.
Copyright Pearson Prentice-Hall 2010  Bots ◦ Updatable attack programs ( see figure) ◦ Botmaster can update the software to change the type of attack the bot can do  May sell or lease the botnet to other criminals ◦ Botmaster can update the bot to fix bugs 20
Copyright Pearson Prentice-Hall 2010 21 DOS Victim Botmas ter Bot Bot Bot 1. DoSAttack Command 1. DoSAttack Packets 2. Spam E- Mail 2. Software update for Spam 3. Software update to f ix bug in the attack so ftware 2. Spam E- Mail SpamVictims
Copyright Pearson Prentice-Hall 2010 22  Bots Jeanson Ancheta was indicted for crimes involving a large botnet. Ancheta was charged with creating the botnet and installing adware programs, which constantly pop up advertisements, on these computers for a fee. He was also charged with renting parts of his botnet to other criminals for spam and denial of service attacks. http://www.cybercrime.gov (Nov 2005)
Copyright Pearson Prentice-Hall 2010  Skill Levels ◦ Expert attackers are characterized by strong technical skills and dogged persistence ◦ Expert attackers create hacker scripts to automate some of their work ◦ Scripts are also available for writing viruses and other malicious software 23 Todays hacker scripts often have easy to use graphical user interfaces and look like commercial products. Many scripts are available on the Internet…These easy to use scripts have created a new type of hacker “the script kiddie”
Copyright Pearson Prentice-Hall 2010  Skill Levels ◦ Script kiddies use these scripts to make attacks ◦ Script kiddies have low technical skills ◦ Script kiddies are dangerous because of their large numbers 24 In February 2000 a number of major firms were affected by devastatingly effective DDOS attacks that blocked each of their e-commerce systems for hours at a time. Victims included CNN, ebay, Yahoo, ZDNET, and others. At first the attacks were thought to be work of an elite hacker. However, the culprit was found to be a 15 year old script kiddie in Canada
Copyright Pearson Prentice-Hall 2010  Skill Levels 25 Virus and other Malware writers also have written long programs for creating new malware. Viruses have become so easy to create with these tools that Svan Jaschan, an 18 year old German student, who had never written a virus before, was responsible for 70% of the virus activity in the first half of 2004. (http://www.sophos.com)
Copyright Pearson Prentice-Hall 2010  Skill Levels 26 Today tools are available for creating all types of exploits. One of the most important is the MetaSploit Framework which makes it easy to take a new exploitation method and rapidly turn it into a full attack program. Metasploit is used both by attackers to launch attacks, and by security professionals to test the vulnerability of their systems to specific exploits. (http://www.metasploit.com)

Recomendados

Information-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptxInformation-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptxanbersattar
 
Information-Security-Lecture-4.pptx
Information-Security-Lecture-4.pptxInformation-Security-Lecture-4.pptx
Information-Security-Lecture-4.pptxanbersattar
 
Information-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxInformation-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxanbersattar
 
Information-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxInformation-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxanbersattar
 
Operating Systems: Computer Security
Operating Systems: Computer SecurityOperating Systems: Computer Security
Operating Systems: Computer SecurityDamian T. Gordon
 
Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its PreventionDinesh O Bareja
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeRanjana Adhikari
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.Coder Tech
 

Recomendados

Information-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptxInformation-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptxanbersattar
 
Information-Security-Lecture-4.pptx
Information-Security-Lecture-4.pptxInformation-Security-Lecture-4.pptx
Information-Security-Lecture-4.pptxanbersattar
 
Information-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxInformation-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxanbersattar
 
Information-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxInformation-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxanbersattar
 
Operating Systems: Computer Security
Operating Systems: Computer SecurityOperating Systems: Computer Security
Operating Systems: Computer SecurityDamian T. Gordon
 
Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its PreventionDinesh O Bareja
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeRanjana Adhikari
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.Coder Tech
 
File000145
File000145File000145
File000145Desmond Devendran
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeSalma Zafar
 
E crime thesis Cyber Crime and its several types
E crime thesis Cyber Crime and its several typesE crime thesis Cyber Crime and its several types
E crime thesis Cyber Crime and its several typesAssignment Studio
 
Computer crime (1)
Computer crime (1)Computer crime (1)
Computer crime (1)Shahd Elbadri
 
Cyber Crime and Security Presentation
Cyber Crime and Security PresentationCyber Crime and Security Presentation
Cyber Crime and Security PresentationPreethi Kumaresh
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeDebayon Saha
 
Cyber crime report
Cyber crime reportCyber crime report
Cyber crime reportRonson Calvin Fernandes
 
Ceh v5 module 09 social engineering
Ceh v5 module 09 social engineeringCeh v5 module 09 social engineering
Ceh v5 module 09 social engineeringVi Tính Hoàng Nam
 
Module 3 social engineering-b
Module 3 social engineering-bModule 3 social engineering-b
Module 3 social engineering-bBbAOC
 
Report of cyber crime
Report of cyber crimeReport of cyber crime
Report of cyber crimeAlisha Korpal
 
Hacking
Hacking Hacking
Hacking Farkhanda Kiran
 
Hackers and cyber crimes
Hackers and cyber crimesHackers and cyber crimes
Hackers and cyber crimesSweta Kumari Barnwal
 
Unit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimesUnit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimesSweta Kumari Barnwal
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeDivithC
 
Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Vicky Shah
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)Thangaraj Murugananthan
 
SECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURESSECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURESShyam Kumar Singh
 
Hacking Presentation v2 By Raffi
Hacking Presentation v2 By Raffi Hacking Presentation v2 By Raffi
Hacking Presentation v2 By Raffi Shawon Raffi
 
Cyber crime
Cyber crime Cyber crime
Cyber crime Soreingam Ragui
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docxalinainglis
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush GuptaTenet Systems Pvt Ltd
 

Mais conteúdo relacionado

Mais procurados

E crime thesis Cyber Crime and its several types
E crime thesis Cyber Crime and its several typesE crime thesis Cyber Crime and its several types
E crime thesis Cyber Crime and its several typesAssignment Studio
 
Cyber Crime and Security Presentation
Cyber Crime and Security PresentationCyber Crime and Security Presentation
Cyber Crime and Security PresentationPreethi Kumaresh
 
Ceh v5 module 09 social engineering
Ceh v5 module 09 social engineeringCeh v5 module 09 social engineering
Ceh v5 module 09 social engineeringVi Tính Hoàng Nam
 
Module 3 social engineering-b
Module 3 social engineering-bModule 3 social engineering-b
Module 3 social engineering-bBbAOC
 
Report of cyber crime
Report of cyber crimeReport of cyber crime
Report of cyber crimeAlisha Korpal
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeDivithC
 
Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Vicky Shah
 
SECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURESSECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURESShyam Kumar Singh
 
Hacking Presentation v2 By Raffi
Hacking Presentation v2 By Raffi Hacking Presentation v2 By Raffi
Hacking Presentation v2 By Raffi Shawon Raffi
 

Mais procurados (20)

File000145
File000145File000145
File000145
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
E crime thesis Cyber Crime and its several types
E crime thesis Cyber Crime and its several typesE crime thesis Cyber Crime and its several types
E crime thesis Cyber Crime and its several types
 
Computer crime (1)
Computer crime (1)Computer crime (1)
Computer crime (1)
 
Cyber Crime and Security Presentation
Cyber Crime and Security PresentationCyber Crime and Security Presentation
Cyber Crime and Security Presentation
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime report
Cyber crime reportCyber crime report
Cyber crime report
 
Ceh v5 module 09 social engineering
Ceh v5 module 09 social engineeringCeh v5 module 09 social engineering
Ceh v5 module 09 social engineering
 
Module 3 social engineering-b
Module 3 social engineering-bModule 3 social engineering-b
Module 3 social engineering-b
 
Report of cyber crime
Report of cyber crimeReport of cyber crime
Report of cyber crime
 
Hacking
Hacking Hacking
Hacking
 
Hackers and cyber crimes
Hackers and cyber crimesHackers and cyber crimes
Hackers and cyber crimes
 
Unit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimesUnit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimes
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)
 
SECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURESSECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURES
 
Hacking Presentation v2 By Raffi
Hacking Presentation v2 By Raffi Hacking Presentation v2 By Raffi
Hacking Presentation v2 By Raffi
 
Cyber crime
Cyber crime Cyber crime
Cyber crime
 

Semelhante a Information-Security-Lecture-7.pptx

54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docxalinainglis
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
HR's Critical Role in Protecting Company Data
HR's Critical Role in Protecting Company DataHR's Critical Role in Protecting Company Data
HR's Critical Role in Protecting Company DataParsons Behle & Latimer
 
Cybercrime presentation
Cybercrime presentationCybercrime presentation
Cybercrime presentationRajat Jain
 
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A PrimerThe Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primeramiable_indian
 
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECTHACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECTDHRUV562167
 
105 Common information security threats
105 Common information security threats105 Common information security threats
105 Common information security threatsSsendiSamuel
 
Security threats facing SA businessess
Security threats facing SA businessessSecurity threats facing SA businessess
Security threats facing SA businessessSensePost
 
presentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.pptpresentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.pptJatinRajput67
 
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili SaghafiComputer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili SaghafiProfessor Lili Saghafi
 

Semelhante a Information-Security-Lecture-7.pptx (20)

54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
 
HR's Critical Role in Protecting Company Data
HR's Critical Role in Protecting Company DataHR's Critical Role in Protecting Company Data
HR's Critical Role in Protecting Company Data
 
Cybercrime presentation
Cybercrime presentationCybercrime presentation
Cybercrime presentation
 
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A PrimerThe Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primer
 
hacking
hackinghacking
hacking
 
basic knowhow hacking
basic knowhow hackingbasic knowhow hacking
basic knowhow hacking
 
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECTHACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
 
31.ppt
31.ppt31.ppt
31.ppt
 
31.ppt
31.ppt31.ppt
31.ppt
 
105 Common information security threats
105 Common information security threats105 Common information security threats
105 Common information security threats
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Hack the hack
Hack the hackHack the hack
Hack the hack
 
Security threats facing SA businessess
Security threats facing SA businessessSecurity threats facing SA businessess
Security threats facing SA businessess
 
presentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.pptpresentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.ppt
 
Cybersecurity2021
Cybersecurity2021Cybersecurity2021
Cybersecurity2021
 
Hacking and its Defence
Hacking and its DefenceHacking and its Defence
Hacking and its Defence
 
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili SaghafiComputer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
 

Último

Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastPapp Krisztián
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisamasabamasaba
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...Shane Coughlan
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdfPearlKirahMaeRagusta1
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park masabamasaba
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...masabamasaba
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Bert Jan Schrijver
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentVictorSzoltysek
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionOnePlan Solutions
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrainmasabamasaba
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 

Último (20)

Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 

Information-Security-Lecture-7.pptx

  • 1. Reference: Corporate & Network Security, Chapter 1 Raymond R. Panko :
  • 2. Copyright Pearson Prentice-Hall 2010  The threat environment—attackers and their attacks  Basic security terminology  Employee and ex-employee threats  Traditional external attackers  The criminal era and competitor threats  Cyberwar and cyberterror 2
  • 3. Copyright Pearson Prentice-Hall 2010  Traditional Hackers 3 In the 1970s, malware writers were joined by external hackers who began to break into corporate computers that were connected to modems. Today nearly every firm is connected to the Internet which harbors millions of external hackers
  • 4. Copyright Pearson Prentice-Hall 2010  Traditional Hackers ◦ Motivated by thrill, validation of skills, sense of power ◦ Motivated to increase reputation among other hackers ◦ Often do damage as a byproduct ◦ Often engage in petty crime 4 ComputerWeekly.com 2008
  • 5. Copyright Pearson Prentice-Hall 2010  Traditional Hackers 5 In 2009, vandals broke into a computerized road sign in Austin, Texas, and changed its message to read: “The end is near ! Caution ! Zombies Ahead !” Dallasnews.com, January 2009 Raymond Torricelli, broke into NASA computers and used up processor time, money, and disk resources to divert chat users to a website for which he admitted to being paid USD 400 per week. Cybercrime.gov, 2001
  • 6. Copyright Pearson Prentice-Hall 2010 6 Just like a thief who wants to rob a home does reconnaissance of the neighborhood and gathers information to determine which house to break into, hackers also tend to do reconnaissance before breaking into a computer. As the figure shows, the attacker often sends probe packets into a network. These probe packets are designed to elicit replies from internal hosts and routers.
  • 7. Copyright Pearson Prentice-Hall 2010  Anatomy of a Hack ◦ Reconnaissance probes (see figure)  IP address scans to identify possible victims  Identify active hosts  ICMP Echo and Echo reply messages  Port scans (connection requests) to learn which services are open on each potential victim host 7 Port 80 is the well known port for HTTP web servers. There are many well known port numbers between 0 and 1023. each indicates the presence of a particular type of application.
  • 8. Copyright Pearson Prentice-Hall 2010 8 Corporate Site 128.171.17.13 128.171.17.47 Attacker 1. IP Address Scanning Packet Response Conf irms a Host at 128.171.17.13 3. Exploit Packet 128.171.17.22 2. Port Scanning Packet to Identif y Running Applications 1. ICMP Echo and Echo reply 2. Connection requests On a particular port number 3. Exploit or break-in
  • 9. Copyright Pearson Prentice-Hall 2010  Anatomy of a Hack ◦ The exploit  The specific attack method that the attacker uses to break into the computer is called the attacker’s exploit  The act of implementing the exploit is called exploiting the host 9
  • 10. Copyright Pearson Prentice-Hall 2010 10 128.171.17.13 128.171.17.47 Attacker 1. Spoof ed Packet to 128.171.17.13 Source IP address = 128.171.17.47 Instead of 10.6.4.3 10.6.4.3 2. Reply goes to Host 128.171.17.47 IP Address Spoof ing Hides the Attacker's Identity . But Replies do Not Go to the Attacker, So IP address Spoof ing Cannot be Used f or All Purposes Some exploit packets cannot be spoofed so the attacker uses chain of attack
  • 11. Copyright Pearson Prentice-Hall 2010  Chain of attack computers (see figure) ◦ The attacker attacks through a chain of victim computers ◦ Probe and exploit packets contain the source IP address of the last computer in the chain ◦ The final attack computer receives replies and passes them back to the attacker ◦ Often, the victim can trace the attack back to the final attack computer ◦ But the attack usually can only be traced back a few computers more 11
  • 12. Copyright Pearson Prentice-Hall 2010 12 Target Host 60.168.47.47 Attacker 1.34.150.37 Compromised Attack Host 3.35.126.7 Compromised Attack Host 123.125.33.101 Usually Can Only Trace Attack to Direct Attacker (123.125.33.101) or Second Direct Attacker (3.35.126.7) Log In Log In Attack Command For probes whose replies must be received, attacker sends probes through a chain of attack computers. Victim only knows the identity of the last compromised host (123.125.33.101) Not that of the attacker
  • 13. Copyright Pearson Prentice-Hall 2010  Social Engineering ◦ Social engineering is often used in hacking ◦ Social engineering (as we saw earlier) is attempting to trick users into doing something that goes against the interests of security ◦ Often successful because it focuses on human weaknesses instead of technological weaknesses 13
  • 14. Copyright Pearson Prentice-Hall 2010  Social Engineering  Call and ask for passwords and other confidential information 14 In one social engineering ploy, a hacker calls a secretary claiming to be working with the secretary’s boss. The hacker then asks for sensitive information such as a password or sensitive file.
  • 15. Copyright Pearson Prentice-Hall 2010  Social Engineering 15 In one study, US Treasury Dept. inspectors posing as computer technicians called 100 Internal Revenue Service (IRS) employees and managers. The treasury agents asked each target for his or her username and asked the user to change the password to a specific password chosen by the “technician.” This was a clear violation of policy but 35% fell for the ploy in 2005. Washington Post, March 2005
  • 16. Copyright Pearson Prentice-Hall 2010  Social Engineering  E-mail attack messages with attractive subjects  Piggybacking  Shoulder surfing  Pretexting 16 Piggybacking is following someone through a secure door, without entering a pass code. Looking over someone’s shoulder when he or she types a password is shoulder surfing. In pretexting the attacker calls claiming to be a certain customer in order to get private information about that customer.
  • 17. Copyright Pearson Prentice-Hall 2010  Denial-of-Service (DoS) Attacks ◦ Make a server or entire network unavailable to legitimate users ◦ Typically send a flood of attack messages to the victim ◦ Distributed DoS (DDoS) Attacks ( see figure)  Bots flood the victim with attack packets  Attacker controls the bot 17
  • 18. Copyright Pearson Prentice-Hall 2010 18 Victim Attacker Bot Bot Bot Attack Command Attack Packets Attack Packets Attack Packets Attack Command Attack Command
  • 19. Copyright Pearson Prentice-Hall 2010 19 In 2001, the Code Red virus attacked the US Whitehouse website. Fortunately the attacks were made against the website’s IP address in stead of its host name. The White House merely changed the IP address of whitehouse.gov To attack a server, the bots might flood the server with TCP connection-opening requests (TCP SYN segments). A server reserves a certain amount of capacity each time it receives a SYN segment. By flooding a computer with SYN segments, the attacker can cause the server to run out of resources and therefore crash.
  • 20. Copyright Pearson Prentice-Hall 2010  Bots ◦ Updatable attack programs ( see figure) ◦ Botmaster can update the software to change the type of attack the bot can do  May sell or lease the botnet to other criminals ◦ Botmaster can update the bot to fix bugs 20
  • 21. Copyright Pearson Prentice-Hall 2010 21 DOS Victim Botmas ter Bot Bot Bot 1. DoSAttack Command 1. DoSAttack Packets 2. Spam E- Mail 2. Software update for Spam 3. Software update to f ix bug in the attack so ftware 2. Spam E- Mail SpamVictims
  • 22. Copyright Pearson Prentice-Hall 2010 22  Bots Jeanson Ancheta was indicted for crimes involving a large botnet. Ancheta was charged with creating the botnet and installing adware programs, which constantly pop up advertisements, on these computers for a fee. He was also charged with renting parts of his botnet to other criminals for spam and denial of service attacks. http://www.cybercrime.gov (Nov 2005)
  • 23. Copyright Pearson Prentice-Hall 2010  Skill Levels ◦ Expert attackers are characterized by strong technical skills and dogged persistence ◦ Expert attackers create hacker scripts to automate some of their work ◦ Scripts are also available for writing viruses and other malicious software 23 Todays hacker scripts often have easy to use graphical user interfaces and look like commercial products. Many scripts are available on the Internet…These easy to use scripts have created a new type of hacker “the script kiddie”
  • 24. Copyright Pearson Prentice-Hall 2010  Skill Levels ◦ Script kiddies use these scripts to make attacks ◦ Script kiddies have low technical skills ◦ Script kiddies are dangerous because of their large numbers 24 In February 2000 a number of major firms were affected by devastatingly effective DDOS attacks that blocked each of their e-commerce systems for hours at a time. Victims included CNN, ebay, Yahoo, ZDNET, and others. At first the attacks were thought to be work of an elite hacker. However, the culprit was found to be a 15 year old script kiddie in Canada
  • 25. Copyright Pearson Prentice-Hall 2010  Skill Levels 25 Virus and other Malware writers also have written long programs for creating new malware. Viruses have become so easy to create with these tools that Svan Jaschan, an 18 year old German student, who had never written a virus before, was responsible for 70% of the virus activity in the first half of 2004. (http://www.sophos.com)
  • 26. Copyright Pearson Prentice-Hall 2010  Skill Levels 26 Today tools are available for creating all types of exploits. One of the most important is the MetaSploit Framework which makes it easy to take a new exploitation method and rapidly turn it into a full attack program. Metasploit is used both by attackers to launch attacks, and by security professionals to test the vulnerability of their systems to specific exploits. (http://www.metasploit.com)