• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Cyber Security By Preetish Panda
 

Cyber Security By Preetish Panda

on

  • 1,255 views

In this presentation I have tried to figure out common loop holes through which internet users may fall prey to the attackers, common tools used in the trade and some preventive security measures to ...

In this presentation I have tried to figure out common loop holes through which internet users may fall prey to the attackers, common tools used in the trade and some preventive security measures to put us on a safer side.

Statistics

Views

Total Views
1,255
Views on SlideShare
1,246
Embed Views
9

Actions

Likes
0
Downloads
0
Comments
0

2 Embeds 9

http://www.slideshare.net 6
http://www.linkedin.com 3

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Cyber Security By Preetish Panda Cyber Security By Preetish Panda Presentation Transcript

    • Common Internet User Security Objective Modus Operandi Countermeasures
    • Uses internet for his credit managing his day Blogsinternet banking for card transactions. Uses Uses social networking sites as well as on internet for professional like Usesex. Citibank, ICICI bank, HSBC etc For Emailpersonal purpose. well as orkut,myspace,facebook. to day professional as for finance activity personal communication. For ex. Gmail, Yahoo or Corporate webemail
    • How to secure the elements like username, password, credit card number ,etc for a particular web resource (Gmail /Yahoo/Banking website etc)
    • In this form of attack, an automated tool is used.All possible combinations of letters,numbers and symbols are tried out one by one for an username till the password is found out.
    • Phishing is the act of creating fake page of any legitimate web-service and hosting them on web server in order to fool the user to get the passwords, credit card no., social security no. etc
    •  TROJAN …The Name Tells It All !! A Trojan or Trojan Horse is a program which carries out an unauthorized function while hidden inside an authorized program. It is designed to do something other than what it claims to and frequently is destructive in its actions. These trojans give the attacker a total access to victim's machine. Looks for other passwords entered & then send them to a specific mail address. They only log the keystrokes of the victim & then let the attacker search for sensitive data.
    • • web cookies are parcels of text sent by a server to a web browser and then sent back unchanged by the browser each time it accesses that server. Used for login or registration information, online “shopping cart” information, user preferences, etc. Cookie stealing can be effectively done with knowledge of javascripts, ajax, xss ,html ,php etc.
    • Vulnerabilities are open security holes that can allow other applications to connect to the computer system without authorization.
    •  Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by web users into the web pages viewed by other users.  Examples of such code include JavaScript code. Stored Attack Reflected Attack
    • XSS www.mailprovider.com  Hacker finds out www. mailprovider.com suffers from XSS. Mail Users get mail asking to click a hyperlink for getting a free gift Click here For free gift When the user click malicious script gets executed. www.mailprovider.com/default.asp?name=<script>evilScript()</script> Your browser correctly interprets this as Vulnerable Web browser script and runs the script site If this script instructs the browser to send a cookie , to the hacker's computer, it quickly complies. May take the user to a fake web page of his online banking site.
    •  It is basically a security exploit in which attacker injects SQL code through a web form input box,to gain access to resources and make changes to data.  SQL Injection attacks can often be executed from address bar, from within application fields, and through queries and searches
    • var sql = quot;select * from users where username = ' username ' and password = ' password ' quot; ; Username: anything‘ or 1=1-- Password: quot; select * from users where username = 'anything' or 1=1--'and password ='' quot;;
    •  Try to use combination of alphabets both upper and lower case, numbers and special characters for assigning a password and change it at regular intervals.  While creating a email id it is a good practice to give fake information .  Use updated version of software.  Now a days some site advisor software are available .  Don’t accept any kind of files from anonymous users in chat rooms.  If required hide your IP address for anonymous browsing.  Don’t blindly believe emails as they can be sent without authentication.  Don’t reveal your password in any kind of email.  While logging in give a close look to the domain name.  Try to avoid running scripts in the address bar of your web browser .  Extra care has to be taken with files of .exe extension.  Always use your common sense.
    • Presented By Preetish Panda preetish88@gmail.com