Loading…

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

Like this presentation? Why not share!

wanna be h4ck3r !

on

  • 552 views

 

Statistics

Views

Total Views
552
Views on SlideShare
531
Embed Views
21

Actions

Likes
0
Downloads
2
Comments
0

2 Embeds 21

http://www.linkedin.com 20
https://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as OpenOffice

Usage Rights

CC Attribution License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

wanna be h4ck3r ! wanna be h4ck3r ! Presentation Transcript

  • Wanna be h4ck3r snapshot of security concept By Eslam Mamdouh El Husseiny
  • من أكون ؟ @EslamElHusseiny www.eslamizmy.org
  • Wanna be h4ck3r
    • Agenda
      • Security policy
      • Attackers
      • Type of attacks
      • So am I a looser ?
      • Live demo
      • طب و بعدين ؟
      • خلاص كفاية كده
  • Security policy
    • Document describing the way computer equipment may/may not be used
    • Security policy aspects:
      • Physical security
      • Network security
      • Authentication
      • Authorization
  • Physical Security
    • Ensure that nobody can access computer hardware
      • Locks on doors
      • Access codes
      • Signing-in of staff
      • Physical protection of cabling
  • Physical Security
    • Physical environment
      • Uninterruptible Power Supply (UPS)
      • Fire suppression system
      • Air Conditioning (heat, moisture)
    • Physical breakdown of computer hardware
      • Spare components
      • Backups (consider off-site storage)
  • Network Security
    • Ensure that no unauthorized user can access the system
      • over the network
      • Internet
      • other WAN
      • LAN
    • Needs to be done for every networked system
  • Authentication
    • User name/Password
    • Public key cryptography
    • Smart cards
    • Biometrics
  • Authorization
    • Determining what you may do
    • Usually dependent on group membership
  • Attackers
    • Hackers
      • A hacker is someone who wants to satisfy his curiosity
        • Means no harm
        • May cause harm accidentally
  • Attackers
    • Crackers
      • A cracker is someone who wants to gain something
        • Access to your system to use resources
        • Access to data (e.g. credit card numbers)
        • Publicity
        • Revenge
  • Attackers
    • Script Kiddies
      • A Script Kiddie is someone who uses hackers tools without understanding what they do
  • Types of Attack (1)
    • Scanning
      • Which services are enabled
      • Which software and version is used
    • Sniffing
      • Monitoring data (e.g. passwords) in transit
    • Break-in
      • Gain access to a computer, preferably as superuser
  • Types of Attack (1)
    • Brute Force
      • Try every possible combination until one works
    • Man-in-the-Middle
      • Act as the server to a client
      • Act as a client to the server
  • Types of Attack (1)
    • Denial of Service (DoS)
      • Prevent legitimate users from working
      • Usually done by crashing or overloading the system or network
    • Distributed Denial of Service (DDoS)
      • DoS attack from many different sources simultaneously
  • Types of Attack (2) MW ViSTA
  • Types of Attack (2)
    • M aleware
    • W orm
    • Vi rus
    • S pyware
    • T rojan
    • A dware
  • Types of Attack (2)
    • Virus
      • Malicious program that attaches itself to other programs
    • Worm
      • Self-replicating malicious program
    • Trojan Horse
      • Apparently useful program with a malicious component
  • What You Have to Lose
    • Loss of resources
      • Disk space
      • Bandwidth
      • CPU time
    • Loss or alteration of data
    • Loss or impairment of service
    • Loss of reputation, goodwill, trust
  • What You Have to Lose
    • Disclosure of personal, proprietary or confidential
    • information
    • Financial loss
    • Stolen credit card numbers
    • Legal, criminal action against you
  • Live Demo
  • And so !
  • إعرف نظامك
  • Quiz !
  • Questions ?
  • References
    • Mainly IBM Slides
  • thanks Eslam Mamdouh Future Owner Of Red Hat [email_address]