SlideShare a Scribd company logo

System Administration as a Career Guide to Security Threats & Protections

Download as PPT, PDF
J
JobUrban.com

Network Administration as a Career

EducationTechnology
1 of 36
System Administration as a career
SYSTEM PROTECTION & SECURITY System and Network Threats
Threats
System and Network Threats  Virus  Laptop & mobile theft  Ddos attack  Unauthorized access of information  Abuse of wireless network  System protection  Telecom fraud  Misuse of web application  Website defacement  Worms  Port scanning
Worms
Talk Outline • Introduction of worms. • The life cycle of a simple worm:  scanning for a victim  exploiting the victim  cloning itself onto the victim  Administration the clone to further spread infection  Stealth techniques used to hide itself
What are worms? • A worm is a self replicating program • Self-replicating => it makes copies of itself and sends them over to hosts across a network • All copies have the same functionality and generally lack any sort of synchronization among themselves
Types of worms • Network worms • Email worms • IRC worms • IM worms • File sharing worms • XSS worms
The life cycle of a simple worm • Scanning for a victim • Exploiting the victim • Cloning itself onto the victim • Running the clone to further spread infection • Stealth methods used to hide itself
The life of a worm … Victim (2) Victim (1) (2) Victim (2) Victim
The life of a worm Scans for Victim Rooted !! Scan Send Exploit Get a copy Worm created Victim found
Scanning for a victim • Random scan – • hose random scan – IP from global and local routing addresses • Overall scan –Divide and conquer scan – divide IP addresses among child worms • Subnet scan – detect and scan local subnet
Exploiting the victim • Exploit – simply put: a piece of code which provides “access” to a victim computer by utilizing some flaw in the logic of a program running on the victim computer • Network worms use what is called a “remote exploit” – an exploit which can be launched remotely and which gives some code running privileges on the victim • Find a suitable exploit to use in the worm
Cloning itself onto the victim • Once the victim has been oppressed the worm needs to get a copy of itself on the victim • Blaster worm • Http server • Ftp server • Compile source
The clone to further spread infection • Once the clone has been downloaded run it • Make it a service. • Add a registry entry for startup • Clone starts scanning again • Clone finds a victim • Cycle continues …
Stealth techniques used to hide itself • Hide procedure • Hide files • Hide movement • Delete logs
The life of a worm Scans for Victim Rooted !! Scan Send Exploit Get a copy Worm created Victim found
Worms example • Slammer Worm • Code Red worm • MyDoom.B
Port Scanning • Three way handshaking • Stealth Scan • Xmas Scan • FIN Scan • NULL Scan • Ideal Scan
Tools • Nmap • Soft perfect network scanner • Port scanner ActiveX control • Acunetix • Nessus
DOS (distributed denial of service)
What is Ddos attack?? • The flood of arriving messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users.
Why DoS attack?? • Attempt to flood a network, to enhance network traffic. • Attempt to disrupt connections between two machines. • Attempt to prevent a particular individual from accessing a service.
Ddos attack types. • Smurf • Buffer overflow attack • Ping of death • Teardrop • SYN • Tribal flood Attack
Tools for DoS Attack • Jolt2 • Bubonic.c • Land and LaTierra • Targa
Authentication
What is Authentication? • Authentication is any method by which a system verifies the identity of a user who wishes to access it. • Authentication exist to establish trust between two parties, or authentication entities. These entities consist of an identity and a key.
Authentication Types. • User AuthenticationUser Authentication is the process of determining that a user is who he/she claims to be HTTP Basic, SSL & TLC • Entity AuthenticationEntity authentication is the procedure of determining if an entity is who it claims to be. Cookies etc
Password Based Authentication System • • • • • • • • Usernames Storing Usernames and Passwords Ensuring Password Quality Password Lockout Password Aging and Password History Automated Password Reset Systems Sending Out Passwords Single Sign-On Across Multiple DNS Domains
Password maintenance. • • • • • • • • System Access Password Creation Best Practices Virus Protection Malicious Code Best Practices Software Installation Encryption Web Browsing E-mail Use
Cracking password • • • • • • Social engineering Shoulder surfing Inference Weak authentication Bypassing authentication Password cracking software (Brutus, John the ripper) • Dictionary attacks • Brute-force attacks
Other ways to crack passwords • Keystroke logging • Weak password storage • Network analyzer
Encrypted passwords • • • • SSL HTTPS SSH/TLS Stelnet
SECURITY POLICY • • • • • • • • Virus protection Physical security of computer equipment Access control Lan security Server Specific Security Wide Area Network Security TCP/IP & Internet Security Voice System Security
Firewall • A firewall is simply a program or hardware device that protects the resources of a private network from user of other network.
For more details visit: Joburban.com www.joburban.com Cell-8860604040

Recommended

Why are you still getting CryptoLocker?
Why are you still getting CryptoLocker?Why are you still getting CryptoLocker?
Why are you still getting CryptoLocker?Aaron Lancaster
 
DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS AttacksJignesh Patel
 
Analysing Ransomware
Analysing RansomwareAnalysing Ransomware
Analysing RansomwareNapier University
 
AtlSecCon 2016
AtlSecCon 2016AtlSecCon 2016
AtlSecCon 2016Earl Carter
 
5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS AttackRedZone Technologies
 
DDos
DDosDDos
DDosrohit verma
 
Ddos
DdosDdos
Ddosuniversity of Gujrat, pakistan
 
Dos n d dos
Dos n d dosDos n d dos
Dos n d dossadhana21297
 

Recommended

Why are you still getting CryptoLocker?
Why are you still getting CryptoLocker?Why are you still getting CryptoLocker?
Why are you still getting CryptoLocker?Aaron Lancaster
 
DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS AttacksJignesh Patel
 
Analysing Ransomware
Analysing RansomwareAnalysing Ransomware
Analysing RansomwareNapier University
 
AtlSecCon 2016
AtlSecCon 2016AtlSecCon 2016
AtlSecCon 2016Earl Carter
 
5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS AttackRedZone Technologies
 
DDos
DDosDDos
DDosrohit verma
 
Ddos
DdosDdos
Ddosuniversity of Gujrat, pakistan
 
Dos n d dos
Dos n d dosDos n d dos
Dos n d dossadhana21297
 
DDoS attacks
DDoS attacksDDoS attacks
DDoS attacksCh Anas Irshad
 
Get Smart about Ransomware: Protect Yourself and Organization
Get Smart about Ransomware: Protect Yourself and OrganizationGet Smart about Ransomware: Protect Yourself and Organization
Get Smart about Ransomware: Protect Yourself and OrganizationSecurity Innovation
 
Denail of Service
Denail of ServiceDenail of Service
Denail of ServiceRamasubbu .P
 
Ddos attack definitivo
Ddos attack definitivoDdos attack definitivo
Ddos attack definitivolilith333
 
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/... Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...Suhail Khan
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFAndy Thompson
 
Destributed denial of service attack ppt
Destributed denial of service attack pptDestributed denial of service attack ppt
Destributed denial of service attack pptOECLIB Odisha Electronics Control Library
 
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili SaghafiComputer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili SaghafiProfessor Lili Saghafi
 
DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS AttacksVitor Jesus
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Gaurav Sharma
 
Entropy and denial of service attacks
Entropy and denial of service attacksEntropy and denial of service attacks
Entropy and denial of service attackschris zlatis
 
An introduction to denial of service attacks
An introduction to denial of service attacksAn introduction to denial of service attacks
An introduction to denial of service attacksRollingsherman
 
Ransomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your DataRansomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your DataInderjeet Singh
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testingAbdul Rahman
 
Module 9 Dos
Module 9 DosModule 9 Dos
Module 9 Dosleminhvuong
 
What is DDoS ?
What is DDoS ?What is DDoS ?
What is DDoS ?Vikas Phonsa
 
Assingement on dos ddos
Assingement on dos ddosAssingement on dos ddos
Assingement on dos ddoskalyan kumar
 
Ransomware attacks 2017
Ransomware attacks 2017Ransomware attacks 2017
Ransomware attacks 2017Thesis Scientist Private Limited
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKSShaurya Gogia
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningeSAT Publishing House
 
Information tech
Information techInformation tech
Information techJobUrban.com
 
Riley slides (2)
Riley slides (2)Riley slides (2)
Riley slides (2)Carisma Dunbar
 

More Related Content

What's hot

Get Smart about Ransomware: Protect Yourself and Organization
Get Smart about Ransomware: Protect Yourself and OrganizationGet Smart about Ransomware: Protect Yourself and Organization
Get Smart about Ransomware: Protect Yourself and OrganizationSecurity Innovation
 
Ddos attack definitivo
Ddos attack definitivoDdos attack definitivo
Ddos attack definitivolilith333
 
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/... Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...Suhail Khan
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFAndy Thompson
 
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili SaghafiComputer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili SaghafiProfessor Lili Saghafi
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Gaurav Sharma
 
Entropy and denial of service attacks
Entropy and denial of service attacksEntropy and denial of service attacks
Entropy and denial of service attackschris zlatis
 
An introduction to denial of service attacks
An introduction to denial of service attacksAn introduction to denial of service attacks
An introduction to denial of service attacksRollingsherman
 
Ransomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your DataRansomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your DataInderjeet Singh
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testingAbdul Rahman
 
Assingement on dos ddos
Assingement on dos ddosAssingement on dos ddos
Assingement on dos ddoskalyan kumar
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningeSAT Publishing House
 

What's hot (20)

DDoS attacks
DDoS attacksDDoS attacks
DDoS attacks
 
Get Smart about Ransomware: Protect Yourself and Organization
Get Smart about Ransomware: Protect Yourself and OrganizationGet Smart about Ransomware: Protect Yourself and Organization
Get Smart about Ransomware: Protect Yourself and Organization
 
Denail of Service
Denail of ServiceDenail of Service
Denail of Service
 
Ddos attack definitivo
Ddos attack definitivoDdos attack definitivo
Ddos attack definitivo
 
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/... Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDF
 
Destributed denial of service attack ppt
Destributed denial of service attack pptDestributed denial of service attack ppt
Destributed denial of service attack ppt
 
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili SaghafiComputer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
 
DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS Attacks
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)
 
Entropy and denial of service attacks
Entropy and denial of service attacksEntropy and denial of service attacks
Entropy and denial of service attacks
 
An introduction to denial of service attacks
An introduction to denial of service attacksAn introduction to denial of service attacks
An introduction to denial of service attacks
 
Ransomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your DataRansomware- What you need to know to Safeguard your Data
Ransomware- What you need to know to Safeguard your Data
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testing
 
Module 9 Dos
Module 9 DosModule 9 Dos
Module 9 Dos
 
What is DDoS ?
What is DDoS ?What is DDoS ?
What is DDoS ?
 
Assingement on dos ddos
Assingement on dos ddosAssingement on dos ddos
Assingement on dos ddos
 
Ransomware attacks 2017
Ransomware attacks 2017Ransomware attacks 2017
Ransomware attacks 2017
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKS
 
Defense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learningDefense mechanism for d do s attack through machine learning
Defense mechanism for d do s attack through machine learning
 

Viewers also liked

Leadership: The wisdom of a father to his son.
Leadership: The wisdom of a father to his son.Leadership: The wisdom of a father to his son.
Leadership: The wisdom of a father to his son.Eliud Koome
 
OpenVR at Arduino Day Malmö
OpenVR at Arduino Day MalmöOpenVR at Arduino Day Malmö
OpenVR at Arduino Day MalmöAhmet YILDIRIM
 
3D Production and Imagination
3D Production and Imagination3D Production and Imagination
3D Production and ImaginationAhmet YILDIRIM
 
Job interview tips
Job interview tipsJob interview tips
Job interview tipsJobUrban.com
 
Powerpoint anatomi sistem pencernaan
Powerpoint anatomi sistem pencernaanPowerpoint anatomi sistem pencernaan
Powerpoint anatomi sistem pencernaanAndiMardiyani
 
Demam Typhoid, disentri, difteri
Demam Typhoid, disentri, difteriDemam Typhoid, disentri, difteri
Demam Typhoid, disentri, difteriAndiMardiyani
 

Viewers also liked (12)

Information tech
Information techInformation tech
Information tech
 
Riley slides (2)
Riley slides (2)Riley slides (2)
Riley slides (2)
 
JOB SEARCH STEPS
JOB SEARCH STEPSJOB SEARCH STEPS
JOB SEARCH STEPS
 
Modular remote
Modular remoteModular remote
Modular remote
 
Leadership: The wisdom of a father to his son.
Leadership: The wisdom of a father to his son.Leadership: The wisdom of a father to his son.
Leadership: The wisdom of a father to his son.
 
Riley Slideshow
Riley SlideshowRiley Slideshow
Riley Slideshow
 
Art
ArtArt
Art
 
OpenVR at Arduino Day Malmö
OpenVR at Arduino Day MalmöOpenVR at Arduino Day Malmö
OpenVR at Arduino Day Malmö
 
3D Production and Imagination
3D Production and Imagination3D Production and Imagination
3D Production and Imagination
 
Job interview tips
Job interview tipsJob interview tips
Job interview tips
 
Powerpoint anatomi sistem pencernaan
Powerpoint anatomi sistem pencernaanPowerpoint anatomi sistem pencernaan
Powerpoint anatomi sistem pencernaan
 
Demam Typhoid, disentri, difteri
Demam Typhoid, disentri, difteriDemam Typhoid, disentri, difteri
Demam Typhoid, disentri, difteri
 

Similar to System Administration as a Career Guide to Security Threats & Protections

Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacksSugirtha Jasmine M
 
Tools and methods used in cybercrime
Tools and methods used in cybercrimeTools and methods used in cybercrime
Tools and methods used in cybercrimepatelripal99
 
Computer Security and Ethics
Computer Security and EthicsComputer Security and Ethics
Computer Security and EthicsMohsin Riaz
 
11 Computer Privacy
11 Computer Privacy11 Computer Privacy
11 Computer PrivacySaqib Raza
 
Security issues in e business
Security issues in e businessSecurity issues in e business
Security issues in e businessRahul Kumar
 
Information about malwares and Attacks.pptx
Information about malwares and Attacks.pptxInformation about malwares and Attacks.pptx
Information about malwares and Attacks.pptxmalikmuzammil2326
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
Information & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. onlineInformation & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. onlineSumanPramanik7
 
cybersecurity.pptx
cybersecurity.pptxcybersecurity.pptx
cybersecurity.pptxAreeb60
 

Similar to System Administration as a Career Guide to Security Threats & Protections (20)

Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacks
 
10 malware
10 malware10 malware
10 malware
 
Botnets Attacks.pptx
Botnets Attacks.pptxBotnets Attacks.pptx
Botnets Attacks.pptx
 
Session Slide
Session SlideSession Slide
Session Slide
 
Tools and methods used in cybercrime
Tools and methods used in cybercrimeTools and methods used in cybercrime
Tools and methods used in cybercrime
 
Computer Security and Ethics
Computer Security and EthicsComputer Security and Ethics
Computer Security and Ethics
 
11 Computer Privacy
11 Computer Privacy11 Computer Privacy
11 Computer Privacy
 
Security issues in e business
Security issues in e businessSecurity issues in e business
Security issues in e business
 
Malware analysis
Malware analysisMalware analysis
Malware analysis
 
ETHICAL HACKING
ETHICAL HACKINGETHICAL HACKING
ETHICAL HACKING
 
Information about malwares and Attacks.pptx
Information about malwares and Attacks.pptxInformation about malwares and Attacks.pptx
Information about malwares and Attacks.pptx
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
 
Information & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. onlineInformation & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. online
 
cybersecurity.pptx
cybersecurity.pptxcybersecurity.pptx
cybersecurity.pptx
 
Computer security
Computer securityComputer security
Computer security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 

Recently uploaded

Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 

Recently uploaded (20)

Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 

System Administration as a Career Guide to Security Threats & Protections

  • 4. System and Network Threats  Virus  Laptop & mobile theft  Ddos attack  Unauthorized access of information  Abuse of wireless network  System protection  Telecom fraud  Misuse of web application  Website defacement  Worms  Port scanning
  • 6. Talk Outline • Introduction of worms. • The life cycle of a simple worm:  scanning for a victim  exploiting the victim  cloning itself onto the victim  Administration the clone to further spread infection  Stealth techniques used to hide itself
  • 7. What are worms? • A worm is a self replicating program • Self-replicating => it makes copies of itself and sends them over to hosts across a network • All copies have the same functionality and generally lack any sort of synchronization among themselves
  • 8. Types of worms • Network worms • Email worms • IRC worms • IM worms • File sharing worms • XSS worms
  • 9. The life cycle of a simple worm • Scanning for a victim • Exploiting the victim • Cloning itself onto the victim • Running the clone to further spread infection • Stealth methods used to hide itself
  • 10. The life of a worm … Victim (2) Victim (1) (2) Victim (2) Victim
  • 11. The life of a worm Scans for Victim Rooted !! Scan Send Exploit Get a copy Worm created Victim found
  • 12. Scanning for a victim • Random scan – • hose random scan – IP from global and local routing addresses • Overall scan –Divide and conquer scan – divide IP addresses among child worms • Subnet scan – detect and scan local subnet
  • 13. Exploiting the victim • Exploit – simply put: a piece of code which provides “access” to a victim computer by utilizing some flaw in the logic of a program running on the victim computer • Network worms use what is called a “remote exploit” – an exploit which can be launched remotely and which gives some code running privileges on the victim • Find a suitable exploit to use in the worm
  • 14. Cloning itself onto the victim • Once the victim has been oppressed the worm needs to get a copy of itself on the victim • Blaster worm • Http server • Ftp server • Compile source
  • 15. The clone to further spread infection • Once the clone has been downloaded run it • Make it a service. • Add a registry entry for startup • Clone starts scanning again • Clone finds a victim • Cycle continues …
  • 16. Stealth techniques used to hide itself • Hide procedure • Hide files • Hide movement • Delete logs
  • 17. The life of a worm Scans for Victim Rooted !! Scan Send Exploit Get a copy Worm created Victim found
  • 18. Worms example • Slammer Worm • Code Red worm • MyDoom.B
  • 19. Port Scanning • Three way handshaking • Stealth Scan • Xmas Scan • FIN Scan • NULL Scan • Ideal Scan
  • 20. Tools • Nmap • Soft perfect network scanner • Port scanner ActiveX control • Acunetix • Nessus
  • 21. DOS (distributed denial of service)
  • 22. What is Ddos attack?? • The flood of arriving messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users.
  • 23. Why DoS attack?? • Attempt to flood a network, to enhance network traffic. • Attempt to disrupt connections between two machines. • Attempt to prevent a particular individual from accessing a service.
  • 24. Ddos attack types. • Smurf • Buffer overflow attack • Ping of death • Teardrop • SYN • Tribal flood Attack
  • 25. Tools for DoS Attack • Jolt2 • Bubonic.c • Land and LaTierra • Targa
  • 27. What is Authentication? • Authentication is any method by which a system verifies the identity of a user who wishes to access it. • Authentication exist to establish trust between two parties, or authentication entities. These entities consist of an identity and a key.
  • 28. Authentication Types. • User AuthenticationUser Authentication is the process of determining that a user is who he/she claims to be HTTP Basic, SSL & TLC • Entity AuthenticationEntity authentication is the procedure of determining if an entity is who it claims to be. Cookies etc
  • 29. Password Based Authentication System • • • • • • • • Usernames Storing Usernames and Passwords Ensuring Password Quality Password Lockout Password Aging and Password History Automated Password Reset Systems Sending Out Passwords Single Sign-On Across Multiple DNS Domains
  • 30. Password maintenance. • • • • • • • • System Access Password Creation Best Practices Virus Protection Malicious Code Best Practices Software Installation Encryption Web Browsing E-mail Use
  • 31. Cracking password • • • • • • Social engineering Shoulder surfing Inference Weak authentication Bypassing authentication Password cracking software (Brutus, John the ripper) • Dictionary attacks • Brute-force attacks
  • 32. Other ways to crack passwords • Keystroke logging • Weak password storage • Network analyzer
  • 34. SECURITY POLICY • • • • • • • • Virus protection Physical security of computer equipment Access control Lan security Server Specific Security Wide Area Network Security TCP/IP & Internet Security Voice System Security
  • 35. Firewall • A firewall is simply a program or hardware device that protects the resources of a private network from user of other network.
  • 36. For more details visit: Joburban.com www.joburban.com Cell-8860604040