wanna be h4ck3r !

584 views
542 views

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
584
On SlideShare
0
From Embeds
0
Number of Embeds
27
Actions
Shares
0
Downloads
5
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

wanna be h4ck3r !

  1. 1. Wanna be h4ck3r snapshot of security concept By Eslam Mamdouh El Husseiny
  2. 2. ‫؟‬ ‫أكون‬ ‫من‬ @EslamElHusseiny www.eslamizmy.org
  3. 3. Wanna be h4ck3r ● Agenda – Security policy – Attackers – Type of attacks – So am I a looser ? – Live demo – ‫؟‬ ‫بعدين‬ ‫و‬ ‫طب‬ – ‫كده‬ ‫كفاية‬ ‫خلص‬
  4. 4. Security policy ● Document describing the way computer equipment may/may not be used ● Security policy aspects: – Physical security – Network security – Authentication – Authorization
  5. 5. Physical Security ● Ensure that nobody can access computer hardware – Locks on doors – Access codes – Signing-in of staff – Physical protection of cabling
  6. 6. Physical Security ● Physical environment – Uninterruptible Power Supply (UPS) – Fire suppression system – Air Conditioning (heat, moisture) ● Physical breakdown of computer hardware – Spare components – Backups (consider off-site storage)
  7. 7. Network Security ● Ensure that no unauthorized user can access the system – over the network – Internet – other WAN – LAN ● Needs to be done for every networked system
  8. 8. Authentication ● User name/Password ● Public key cryptography ● Smart cards ● Biometrics
  9. 9. Authorization ● Determining what you may do ● Usually dependent on group membership
  10. 10. Attackers ● Hackers – A hacker is someone who wants to satisfy his curiosity ● Means no harm ● May cause harm accidentally
  11. 11. Attackers ● Crackers – A cracker is someone who wants to gain something ● Access to your system to use resources ● Access to data (e.g. credit card numbers) ● Publicity ● Revenge
  12. 12. Attackers ● Script Kiddies – A Script Kiddie is someone who uses hackers tools without understanding what they do
  13. 13. Types of Attack (1) ● Scanning – Which services are enabled – Which software and version is used ● Sniffing – Monitoring data (e.g. passwords) in transit ● Break-in – Gain access to a computer, preferably as superuser
  14. 14. Types of Attack (1) ● Brute Force – Try every possible combination until one works ● Man-in-the-Middle – Act as the server to a client – Act as a client to the server
  15. 15. Types of Attack (1) ● Denial of Service (DoS) – Prevent legitimate users from working – Usually done by crashing or overloading the system or network ● Distributed Denial of Service (DDoS) – DoS attack from many different sources simultaneously
  16. 16. Types of Attack (2) MW ViSTA
  17. 17. Types of Attack (2) ● Maleware ● Worm ● Virus ● Spyware ● Trojan ● Adware
  18. 18. Types of Attack (2) ● Virus – Malicious program that attaches itself to other programs ● Worm – Self-replicating malicious program ● Trojan Horse – Apparently useful program with a malicious component
  19. 19. What You Have to Lose ● Loss of resources – Disk space – Bandwidth – CPU time ● Loss or alteration of data ● Loss or impairment of service ● Loss of reputation, goodwill, trust
  20. 20. What You Have to Lose ● Disclosure of personal, proprietary or confidential ● information ● Financial loss ● Stolen credit card numbers ● Legal, criminal action against you
  21. 21. Live Demo
  22. 22. And so !
  23. 23. ‫نظامك‬ ‫إعرف‬
  24. 24. Quiz !
  25. 25. Questions ?
  26. 26. References ➢ Mainly IBM Slides
  27. 27. thanks Eslam Mamdouh Future Owner Of RedHat eslam.husseiny@gmail.com

×