O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Access control attacks by nor liyana binti azman

Access Control Attacks by Nor Liyana Binti Azman

  • Seja o primeiro a comentar

Access control attacks by nor liyana binti azman

  1. 1. Nor Liyana Binti Azman 14th Mac 2014
  2. 2. Access Control Attacks Example  Backdoor  method of bypassing normal authentication, securing illegal remote access to computer, while attempting to remain undetected. sometimes programmer install a back door so that the program can be accessed for troubleshooting or other purposes Backdoor is security risk, because there is another cracker try to find any vulnerability to exploit. Example: Nimda gains through backdoor left by Code Red. http://www.youtube.com/watch?v=7ZwGvFu9WhY
  3. 3.  Spoofing Attacks attacker pretends to be someone else in order gain access to restricted resources or steal information. type of attack can take a variety of different forms; for instance, an attacker can impersonate the Internet Protocol (IP) address of a legitimate user in order to get into their accounts. http://www.youtube.com/watch?v=z8ySsaRMcI8 Access Control Attacks Example
  4. 4. Spoofing Attacks
  5. 5.  Man-In-The-Middle the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection. It is an attack on mutual authentication http://www.youtube.com/watch?v=N86xJpna9Js Access Control Attacks Example
  6. 6. Man-In-The-Middle
  7. 7.  Replay A form of network attack which a valid data transmission is maliciously repeated or delayed Example: messages from an authorized user who is logging into a network may be captured by an attacker and resent (replayed) the next day  Video: http://www.youtube.com/watch?v=kBCr-vYdgNo Access Control Attacks Example
  8. 8.  TCP hijacking  a method of taking over a Web user session by surreptitiously obtaining the session ID and masquerading as the authorized user. Session hijacking takes advantage of that practice by intruding in real time, during a session. Video: http://www.youtube.com/watch?v=s_XD8heYNrc Access Control Attacks Example
  9. 9. THANKS A LOT