SlideShare uma empresa Scribd logo

Fundamentals of Network security

Transferir como PPTX, PDF
APNIC
APNIC

Presented by Paul Wilson, Director General of APNIC and Chair of APrIGF Multistakeholder Steering Group at the Asia Pacific Internet Leadership Program as part of 2016 APrIGF Taipei

Internet
1 de 38
Fundamentals of Network Security Asia Pacific Internet Leadership Program Taipei, TW 26 July 2016
What’s coming up • Is the Internet secure? • Myths and Mysteries • Evolution of security • Security concepts and management • Examples • Developments: IPv6 and IoT • The Internet security ecosystem
Is the Internet secure? • The Internet was designed for open connectivity • For low barriers to entry in a trusting environment • A deliberately “dumb” network • “Security” was always optional (and normally a low priority)
The real questions • If you ask… – “Is the Internet secure?” – “Can the Internet be secured?” – “Can society ever be safe?” – The truthful answer is “No” • But if you ask… – “Can my services/networks/transactions be secured?” – “Can the Internet be used securely?” – “Can I stay safe?” – The answer is probably “Yes” (but with care!)
Myths and Mysteries • Fiction: The Internet can be secured • Fiction: Hackers are magicians • Fiction: Security experts are the magicians • Fiction: Computer viruses are like actual viruses • Fact: The Internet can be used securely • Fact: EVERY breach can be explained, and avoided • Fact: The first bug was an actual moth
Some history… • 1946: Grace Hopper, a US Naval Officer, tracks down a moth causing problems in an electromechanical computer; hence “bug”. • 1960s: MIT model train group "hacks" their trains to make them perform better • 1971: Joe Draper aka "Captain Crunch", uses cereal toy to generate 2600 Hz tone, “phreaking” the AT&T long distance system • 1983: "War Games" film introduces public to the concept of hacking, and “wardialing” • 1988: Cornell student Robert Morris Jr. releases self-replicating “worm” on ARPAnet, the first Internet-borne viral programme • Late 1990s: Online sharing of automated tools. The first “botnets” – armies of virus-infected machines.
Terms: Breaking it down • Threat – Any circumstance or factor with the potential to cause harm – a motivated, capable adversary • Vulnerability – A weakness in a system; in procedures, design, or implementation that can be exploited • Software bugs, design flaws, operational mistakes • The human factor – “Social engineering” • Risk = likelihood x consequence – The liklihood (probablility) that a particular vulnerability will occur – The severity (impact) of that occurrence
Authentication and Authorisation • Access control – The ability to permit or deny the use of a resource by a user, through three essential services… • Authentication – To reliably identify individual users – Users = people, processes, devices • Authorisation – To control which users are allowed to do what with a resource – Representing trust, assuming reliable authentication
Security tradeoffs • Services offered vs. security provided – Each service offers its own security risk – The more services, the less security • Ease of use vs. security – Every security mechanism causes inconvenience – The more “plug n play”, the less security • Risk of loss vs. Cost of security – Assets carry value and risk of loss – The higher the value, the higher the security cost • These factors can be balanced in a comprehensive organisational security policy
An unexpected success… • Evolution of technology, usage and value • Evolution of security problems and solutions • Evolution never stops… 1990s: Basic connectivity 2000s: Application-specific online content 2010s: Applications/data in the “cloud” 2020s: “IoT”
What is going on?
What can the attackers do? • Eavesdropping – Listen in on communications • Masquerading – Impersonating someone else • Forgery – Invent or duplicate/replay information • Trespass – Obtain unauthorised access • Subversion – Modify data and messages in transit • Destruction – Vandalise or delete important data • Disruption – Disable or prevent access to services • Infiltration – Hide out inside our machines • Hijacking – “Own” and use machines for nefarious purposes
And why do they do it? Motivation Examples Knowledge driven • Recreational • Research Issue-based • Hacktivism • Patriotism Antisocial • Revenge • Vandalism Competitive • Theft of IP • Damage to competitors Criminal • Theft of assets • Extortion Strategic • Espionage • State-driven or sponsored
And, how to they do it? • Social engineering attacks – Human beings – the weakest links – “Phishing” – Password attacks etc etc • DNS attacks – Corruption and cache poisoning • Masquerading – Address “spoofing” • Denial of Service – DoS attacks – DDoS attacks
“Phishing” • “Fishing” for information such as usernames, passwords, credit card details, other personal information • Forged emails apparently from legitimate enterprises, direct users to forged websites.
Other social engineering • Password guessing or cracking – Hence need for “non-guessable” passwords – Use of different passwords for different services • Email harvesting and “proof of life” – Misuse of collected personal information – Spam as a validation tool • embedded images – Turn them off! • unique URLs – Don’t click on anything! • Short URLs – E.g. http://bit.ly/SGWjdif – We’re accustomed to clicking without checking where we go next
Masquerading example: ARP • Address Resolution Protocol (RFC 826, 1982) – Used by any TCP/IP device to discover the Layer 2 address of an IPv4 address that it wants to reach IPv4: 10.1.1.10 MAC: EtherA IPv4: 10.1.1.20 MAC: EtherB IPv4: 10.1.1.30 MAC: EtherC Here I am! IPv4: 10.1.1.30 MAC: EtherC ☺︎ IPv4 MAC 10.1.1.30 EtherCEthernet, who’s at IPv4: 10.1.1.30 ? *AKA “ARP spoofing”
Masquerading example: ARP • Address Resolution Protocol (RFC 826, 1982) – SEND: IPv6 SEcure Neighbour Discovery (RFC 3971, 2005) IPv4: 10.1.1.10 MAC: EtherA IPv4: 10.1.1.20 MAC: EtherB IPv4: 10.1.1.30 MAC: EtherC ☹︎ IPv4 MAC 10.1.1.30 EtherC 10.1.1.20 EtherA Ethernet, who’s at IPv4 10.1.1.20 ? *AKA “ARP spoofing” Here I am! IPv4: 10.1.1.20 MAC: EtherA IPv4 MAC 10.1.1.30 EtherC
Attacking the DNS The Internet www.apnic.netwww.apnic.net? www.apnic.net 199.43.0.44 DNS 175.98.98.133 203.119.102.244 199.43.0.44 ☹︎
Securing websites – SSL certificates The Internet www.apnic.net www.apnic.net? 203.119.102.244 DNS 175.98.98.133 203.119.102.244 ☺︎ SSL
Securing DNS – DNSSEC The Internet www.apnic.net www.apnic.net? DNS 175.98.98.133 203.119.102.244 ☺︎ 203.119.102.244 SEC
Misusing IP Addresses… The Internet Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 … Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 199.43.0.0/24 … Announce 199.43.0.0/24 R 202.12.29.0/24 Traffic 199.43.0.0/24 ☹︎
Misusing IP Addresses… The Internet Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 … Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 202.12.29.0/24 … Announce 202.12.29.0/24 R 202.12.29.0/24 RPKI ☺︎
Masquerading again: IP spoofing InternetISP 203.119.102.244 175.98.98.133 Request Src: 175.98.98.133 Dst: 203.119.102.244 Response Src: 203.119.102.244 Dst: 175.98.98.133 ☺︎
Masquerading again: IP spoofing InternetISP 203.119.102.244 175.98.98.133 Response Src: 203.119.102.244 Dst: 199.43.0.44 199.43.0.44 Request Src: 199.43.0.44 Dst: 203.119.102.244 ☹︎
DoS attack: Amplification InternetISP 203.119.102.244 175.98.98.133 199.43.0.44 Request Src: 199.43.0.44 Dst: 203.119.102.244 ☹︎ Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Request Src: 199.43.0.44 Dst: 203.119.102.244 Request Src: 199.43.0.44 Dst: 203.119.102.244 Request Src: 199.43.0.44 Dst: 203.119.102.244 Request Src: 199.43.0.44 Dst: 203.119.102.244 Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD
Defeating IP spoofing – BCP38 InternetISP 203.119.102.244 175.98.98.133 ☺︎ BCP38 (2000) Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing ISP Request Src: 199.43.0.44 Dst: 203.119.102.244
DDoS attack: Distributed DoS InternetISP ☹︎ “Botnet”
DDoS attack: Distributed DoS • Botnets for hire – Millions of virus-infected computers – Ready to be deployed by remote control • Huge amplification – Target traffic volumes in 100s of Gbps • Motivation – Various, but often extortion (requiring payment in BTC) • Mitigation – Various approaches and services available – Often bandwidth is the best solution (using cloud-based services)
Source: Arbor Networks’ WISR 2016 Survey
Security and IPv6 • “IPsec” is mandatory in IPv6 implementation – but this does not mean it must be used. • No difference… – Traffic monitoring (Sniffing) – no change without IPsec – Application vulnerabilities – no change – Rogue devices, viruses etc • Improvements… – IPsec available when needed (eg routing protocols) – Scanning address space for devices is much harder • Threats – New expertise required, new implementations, less mature – Mistakes will be made
Security and IoT • We have a long history of “things” on the Internet – In that sense, there is nothing fundamentally new with “IoT” • However… – There will be huge increase in the variety of devices – Many new vendors will enter the market – Many vendors are not “Internet companies” • Challenges – Implementation, Testing, Software upgrades, “EoL” management • Reference: “Internet of stupid things” – Geoff Huston, APNIC
Internet Security Ecosystem
The Bigger Picture Cybersecurity Network & Information Security
Users Public Safety Regulators Operators Vendors Software CERTs Internet Security Ecosystem
Asia-Pacific CERTs
Recap… • Is the Internet secure? • Myths and Mysteries • Evolution of security • Security concepts and management • Examples • Developments: IPv6 and IoT • The Internet security ecosystem
Questions? Thank you dg@apnic.net

Recomendados

Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)Papun Papun
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and AttacksSachin Darekar
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system gaurav koriya
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 

Recomendados

Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)Papun Papun
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and AttacksSachin Darekar
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system gaurav koriya
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Information Security Policies and Standards
Information Security Policies and StandardsInformation Security Policies and Standards
Information Security Policies and StandardsDirectorate of Information Security | Ditjen Aptika
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention systemNikhil Raj
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays worldSibghatullah Khattak
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
Wireless security
Wireless securityWireless security
Wireless securityAurobindo Nayak
 
Dmz
Dmz Dmz
Dmz أحلام انصارى
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2Mukesh Chinta
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentationMahmoud Ibra
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIADheeraj Kataria
 
Network security
Network securityNetwork security
Network securityquest university nawabshah
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture NotesFellowBuddy.com
 
Software security
Software securitySoftware security
Software securityRoman Oliynykov
 
Ch08 Authentication
Ch08 AuthenticationCh08 Authentication
Ch08 AuthenticationInformation Technology
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in DepthDilum Bandara
 
What is zero trust model (ztm)
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)Ahmed Banafa
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionUmesh Dhital
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemMohit Belwal
 
Types of attacks
Types of attacksTypes of attacks
Types of attacksVivek Gandhi
 
Cyber crime &_info_security
Cyber crime &_info_securityCyber crime &_info_security
Cyber crime &_info_securityEr Mahendra Yadav
 
Bar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBarcamp Kerala
 

Mais conteúdo relacionado

Mais procurados

Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention systemNikhil Raj
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays worldSibghatullah Khattak
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2Mukesh Chinta
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentationMahmoud Ibra
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIADheeraj Kataria
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture NotesFellowBuddy.com
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in DepthDilum Bandara
 
What is zero trust model (ztm)
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)Ahmed Banafa
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionUmesh Dhital
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemMohit Belwal
 

Mais procurados (20)

Information Security Policies and Standards
Information Security Policies and StandardsInformation Security Policies and Standards
Information Security Policies and Standards
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays world
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
Wireless security
Wireless securityWireless security
Wireless security
 
Dmz
Dmz Dmz
Dmz
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
 
Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentation
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
 
Network security
Network securityNetwork security
Network security
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture Notes
 
Software security
Software securitySoftware security
Software security
 
Ch08 Authentication
Ch08 AuthenticationCh08 Authentication
Ch08 Authentication
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
 
What is zero trust model (ztm)
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
 

Semelhante a Fundamentals of Network security

Bar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBarcamp Kerala
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingSamip Shah
 
Risk Factory: Let's Get Physical
Risk Factory: Let's Get PhysicalRisk Factory: Let's Get Physical
Risk Factory: Let's Get PhysicalRisk Crew
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityGianluca Varisco
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer SecurityVibrant Event
 
Ethical Hacking - Introduction to Computer Security
Ethical Hacking - Introduction to Computer Security Ethical Hacking - Introduction to Computer Security
Ethical Hacking - Introduction to Computer Security Vibrant Event
 
Wikileaks: secure dropbox or leaking dropbox?
Wikileaks: secure dropbox or leaking dropbox?Wikileaks: secure dropbox or leaking dropbox?
Wikileaks: secure dropbox or leaking dropbox?hackdemocracy
 
IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015Daniel Miessler
 
Hack one iot device, break them all!
Hack one iot device, break them all!Hack one iot device, break them all!
Hack one iot device, break them all!Justin Black
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
 
Workshop on Cyber security and investigation
Workshop on Cyber security and investigationWorkshop on Cyber security and investigation
Workshop on Cyber security and investigationMehedi Hasan
 
Track 5 session 1 - st dev con 2016 - need for security for iot
Track 5 session 1 - st dev con 2016 - need for security for iotTrack 5 session 1 - st dev con 2016 - need for security for iot
Track 5 session 1 - st dev con 2016 - need for security for iotST_World
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITYafaque jaya
 
Cyber Crime - How New Age Criminals Function
Cyber Crime - How New Age Criminals Function Cyber Crime - How New Age Criminals Function
Cyber Crime - How New Age Criminals Function Parag Deodhar
 

Semelhante a Fundamentals of Network security (20)

Cyber crime &_info_security
Cyber crime &_info_securityCyber crime &_info_security
Cyber crime &_info_security
 
Bar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Risk Factory: Let's Get Physical
Risk Factory: Let's Get PhysicalRisk Factory: Let's Get Physical
Risk Factory: Let's Get Physical
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on Security
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer Security
 
Ethical Hacking - Introduction to Computer Security
Ethical Hacking - Introduction to Computer Security Ethical Hacking - Introduction to Computer Security
Ethical Hacking - Introduction to Computer Security
 
Ethical Hacking - Introduction to Computer Security
Ethical Hacking - Introduction to Computer SecurityEthical Hacking - Introduction to Computer Security
Ethical Hacking - Introduction to Computer Security
 
Wikileaks: secure dropbox or leaking dropbox?
Wikileaks: secure dropbox or leaking dropbox?Wikileaks: secure dropbox or leaking dropbox?
Wikileaks: secure dropbox or leaking dropbox?
 
IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015
 
Hack one iot device, break them all!
Hack one iot device, break them all!Hack one iot device, break them all!
Hack one iot device, break them all!
 
Web security
Web securityWeb security
Web security
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
 
Workshop on Cyber security and investigation
Workshop on Cyber security and investigationWorkshop on Cyber security and investigation
Workshop on Cyber security and investigation
 
Track 5 session 1 - st dev con 2016 - need for security for iot
Track 5 session 1 - st dev con 2016 - need for security for iotTrack 5 session 1 - st dev con 2016 - need for security for iot
Track 5 session 1 - st dev con 2016 - need for security for iot
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
 
Hacking
HackingHacking
Hacking
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
 
Cyber Crime - How New Age Criminals Function
Cyber Crime - How New Age Criminals Function Cyber Crime - How New Age Criminals Function
Cyber Crime - How New Age Criminals Function
 

Mais de APNIC

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPNIC
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6APNIC
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!APNIC
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023APNIC
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAPNIC
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAPNIC
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAPNIC
 

Mais de APNIC (20)

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet development
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment Status
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressing
 

Último

Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Delhi Call girls
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLimonikaupta
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 
Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...
Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...
Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...sonatiwari757
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts servicesonalikaur4
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.soniya singh
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Standkumarajju5765
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...Neha Pandey
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$kojalkojal131
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...tanu pandey
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
SEO Growth Program-Digital optimization Specialist
SEO Growth Program-Digital optimization SpecialistSEO Growth Program-Digital optimization Specialist
SEO Growth Program-Digital optimization SpecialistKHM Anwar
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 

Último (20)

Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...
Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...
Call Girls in Mayur Vihar ✔️ 9711199171 ✔️ Delhi ✔️ Enjoy Call Girls With Our...
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
 
Call Girls In Noida 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In Noida 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In Noida 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In Noida 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
SEO Growth Program-Digital optimization Specialist
SEO Growth Program-Digital optimization SpecialistSEO Growth Program-Digital optimization Specialist
SEO Growth Program-Digital optimization Specialist
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 

Fundamentals of Network security

  • 1. Fundamentals of Network Security Asia Pacific Internet Leadership Program Taipei, TW 26 July 2016
  • 2. What’s coming up • Is the Internet secure? • Myths and Mysteries • Evolution of security • Security concepts and management • Examples • Developments: IPv6 and IoT • The Internet security ecosystem
  • 3. Is the Internet secure? • The Internet was designed for open connectivity • For low barriers to entry in a trusting environment • A deliberately “dumb” network • “Security” was always optional (and normally a low priority)
  • 4. The real questions • If you ask… – “Is the Internet secure?” – “Can the Internet be secured?” – “Can society ever be safe?” – The truthful answer is “No” • But if you ask… – “Can my services/networks/transactions be secured?” – “Can the Internet be used securely?” – “Can I stay safe?” – The answer is probably “Yes” (but with care!)
  • 5. Myths and Mysteries • Fiction: The Internet can be secured • Fiction: Hackers are magicians • Fiction: Security experts are the magicians • Fiction: Computer viruses are like actual viruses • Fact: The Internet can be used securely • Fact: EVERY breach can be explained, and avoided • Fact: The first bug was an actual moth
  • 6. Some history… • 1946: Grace Hopper, a US Naval Officer, tracks down a moth causing problems in an electromechanical computer; hence “bug”. • 1960s: MIT model train group "hacks" their trains to make them perform better • 1971: Joe Draper aka "Captain Crunch", uses cereal toy to generate 2600 Hz tone, “phreaking” the AT&T long distance system • 1983: "War Games" film introduces public to the concept of hacking, and “wardialing” • 1988: Cornell student Robert Morris Jr. releases self-replicating “worm” on ARPAnet, the first Internet-borne viral programme • Late 1990s: Online sharing of automated tools. The first “botnets” – armies of virus-infected machines.
  • 7. Terms: Breaking it down • Threat – Any circumstance or factor with the potential to cause harm – a motivated, capable adversary • Vulnerability – A weakness in a system; in procedures, design, or implementation that can be exploited • Software bugs, design flaws, operational mistakes • The human factor – “Social engineering” • Risk = likelihood x consequence – The liklihood (probablility) that a particular vulnerability will occur – The severity (impact) of that occurrence
  • 8. Authentication and Authorisation • Access control – The ability to permit or deny the use of a resource by a user, through three essential services… • Authentication – To reliably identify individual users – Users = people, processes, devices • Authorisation – To control which users are allowed to do what with a resource – Representing trust, assuming reliable authentication
  • 9. Security tradeoffs • Services offered vs. security provided – Each service offers its own security risk – The more services, the less security • Ease of use vs. security – Every security mechanism causes inconvenience – The more “plug n play”, the less security • Risk of loss vs. Cost of security – Assets carry value and risk of loss – The higher the value, the higher the security cost • These factors can be balanced in a comprehensive organisational security policy
  • 10. An unexpected success… • Evolution of technology, usage and value • Evolution of security problems and solutions • Evolution never stops… 1990s: Basic connectivity 2000s: Application-specific online content 2010s: Applications/data in the “cloud” 2020s: “IoT”
  • 12. What can the attackers do? • Eavesdropping – Listen in on communications • Masquerading – Impersonating someone else • Forgery – Invent or duplicate/replay information • Trespass – Obtain unauthorised access • Subversion – Modify data and messages in transit • Destruction – Vandalise or delete important data • Disruption – Disable or prevent access to services • Infiltration – Hide out inside our machines • Hijacking – “Own” and use machines for nefarious purposes
  • 13. And why do they do it? Motivation Examples Knowledge driven • Recreational • Research Issue-based • Hacktivism • Patriotism Antisocial • Revenge • Vandalism Competitive • Theft of IP • Damage to competitors Criminal • Theft of assets • Extortion Strategic • Espionage • State-driven or sponsored
  • 14. And, how to they do it? • Social engineering attacks – Human beings – the weakest links – “Phishing” – Password attacks etc etc • DNS attacks – Corruption and cache poisoning • Masquerading – Address “spoofing” • Denial of Service – DoS attacks – DDoS attacks
  • 15. “Phishing” • “Fishing” for information such as usernames, passwords, credit card details, other personal information • Forged emails apparently from legitimate enterprises, direct users to forged websites.
  • 16. Other social engineering • Password guessing or cracking – Hence need for “non-guessable” passwords – Use of different passwords for different services • Email harvesting and “proof of life” – Misuse of collected personal information – Spam as a validation tool • embedded images – Turn them off! • unique URLs – Don’t click on anything! • Short URLs – E.g. http://bit.ly/SGWjdif – We’re accustomed to clicking without checking where we go next
  • 17. Masquerading example: ARP • Address Resolution Protocol (RFC 826, 1982) – Used by any TCP/IP device to discover the Layer 2 address of an IPv4 address that it wants to reach IPv4: 10.1.1.10 MAC: EtherA IPv4: 10.1.1.20 MAC: EtherB IPv4: 10.1.1.30 MAC: EtherC Here I am! IPv4: 10.1.1.30 MAC: EtherC ☺︎ IPv4 MAC 10.1.1.30 EtherCEthernet, who’s at IPv4: 10.1.1.30 ? *AKA “ARP spoofing”
  • 18. Masquerading example: ARP • Address Resolution Protocol (RFC 826, 1982) – SEND: IPv6 SEcure Neighbour Discovery (RFC 3971, 2005) IPv4: 10.1.1.10 MAC: EtherA IPv4: 10.1.1.20 MAC: EtherB IPv4: 10.1.1.30 MAC: EtherC ☹︎ IPv4 MAC 10.1.1.30 EtherC 10.1.1.20 EtherA Ethernet, who’s at IPv4 10.1.1.20 ? *AKA “ARP spoofing” Here I am! IPv4: 10.1.1.20 MAC: EtherA IPv4 MAC 10.1.1.30 EtherC
  • 19. Attacking the DNS The Internet www.apnic.netwww.apnic.net? www.apnic.net 199.43.0.44 DNS 175.98.98.133 203.119.102.244 199.43.0.44 ☹︎
  • 20. Securing websites – SSL certificates The Internet www.apnic.net www.apnic.net? 203.119.102.244 DNS 175.98.98.133 203.119.102.244 ☺︎ SSL
  • 21. Securing DNS – DNSSEC The Internet www.apnic.net www.apnic.net? DNS 175.98.98.133 203.119.102.244 ☺︎ 203.119.102.244 SEC
  • 22. Misusing IP Addresses… The Internet Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 … Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 199.43.0.0/24 … Announce 199.43.0.0/24 R 202.12.29.0/24 Traffic 199.43.0.0/24 ☹︎
  • 23. Misusing IP Addresses… The Internet Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 … Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 202.12.29.0/24 … Announce 202.12.29.0/24 R 202.12.29.0/24 RPKI ☺︎
  • 24. Masquerading again: IP spoofing InternetISP 203.119.102.244 175.98.98.133 Request Src: 175.98.98.133 Dst: 203.119.102.244 Response Src: 203.119.102.244 Dst: 175.98.98.133 ☺︎
  • 25. Masquerading again: IP spoofing InternetISP 203.119.102.244 175.98.98.133 Response Src: 203.119.102.244 Dst: 199.43.0.44 199.43.0.44 Request Src: 199.43.0.44 Dst: 203.119.102.244 ☹︎
  • 26. DoS attack: Amplification InternetISP 203.119.102.244 175.98.98.133 199.43.0.44 Request Src: 199.43.0.44 Dst: 203.119.102.244 ☹︎ Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Request Src: 199.43.0.44 Dst: 203.119.102.244 Request Src: 199.43.0.44 Dst: 203.119.102.244 Request Src: 199.43.0.44 Dst: 203.119.102.244 Request Src: 199.43.0.44 Dst: 203.119.102.244 Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD
  • 27. Defeating IP spoofing – BCP38 InternetISP 203.119.102.244 175.98.98.133 ☺︎ BCP38 (2000) Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing ISP Request Src: 199.43.0.44 Dst: 203.119.102.244
  • 28. DDoS attack: Distributed DoS InternetISP ☹︎ “Botnet”
  • 29. DDoS attack: Distributed DoS • Botnets for hire – Millions of virus-infected computers – Ready to be deployed by remote control • Huge amplification – Target traffic volumes in 100s of Gbps • Motivation – Various, but often extortion (requiring payment in BTC) • Mitigation – Various approaches and services available – Often bandwidth is the best solution (using cloud-based services)
  • 30. Source: Arbor Networks’ WISR 2016 Survey
  • 31. Security and IPv6 • “IPsec” is mandatory in IPv6 implementation – but this does not mean it must be used. • No difference… – Traffic monitoring (Sniffing) – no change without IPsec – Application vulnerabilities – no change – Rogue devices, viruses etc • Improvements… – IPsec available when needed (eg routing protocols) – Scanning address space for devices is much harder • Threats – New expertise required, new implementations, less mature – Mistakes will be made
  • 32. Security and IoT • We have a long history of “things” on the Internet – In that sense, there is nothing fundamentally new with “IoT” • However… – There will be huge increase in the variety of devices – Many new vendors will enter the market – Many vendors are not “Internet companies” • Challenges – Implementation, Testing, Software upgrades, “EoL” management • Reference: “Internet of stupid things” – Geoff Huston, APNIC
  • 37. Recap… • Is the Internet secure? • Myths and Mysteries • Evolution of security • Security concepts and management • Examples • Developments: IPv6 and IoT • The Internet security ecosystem