Cyber security & network attack6


Published on

any problem contact

Published in: Education
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cyber security & network attack6

  1. 1. Cyber Security & Network Attack<br />ANALOG GROUP<br />
  2. 2. Cyber Security<br />The electronic medium in which online communication takes place. <br />Cyber space is virtual space in computer media.<br />Security is the degree of protection against danger, damage, loss, and criminal activity.<br />ANALOG GROUP<br />
  3. 3. Element Of Security<br />Confidentiality: Disclosure of information only to authorized entities <br />Integrity: Prevention of unauthorized changes to data <br />Authenticity: Confidence that a message was sent by a certain party and not an imposter <br />Availability: Guarantee of access to resources<br />ANALOG GROUP<br />
  4. 4. The Security , Functionality & Ease of Use Triangle<br />Functionality<br />Moving Ball<br />Security<br />Ease of Use<br />ANALOG GROUP<br />
  5. 5. What Does A malicious Hacker Do?<br />1<br />Foot printing <br />Scanning<br />2<br />5<br />Clearing Track<br />gaining access<br />3<br />maintaining access<br />4<br />ANALOG GROUP<br />
  6. 6. Network<br />ANALOG GROUP<br />
  7. 7. Network Attack<br />Eavesdropping<br />Snooping<br />Interception<br />Modification Attacks<br />Repudiation Attacks Sniffing<br />Port Scanning<br />TCP Syn. or TCP ACK Attack<br />TCP Sequence number attack<br />TCP Hijacking<br />ICMP Attacks<br />Smurf Attacks<br />ICMP Tunelling<br /> Denial-of-service (DoS) Attacks<br />Distributed denial-of-service (DDoS) Attacks<br />Back door Attacks<br />Spoofing Attacks<br />Man-in-the-Middle Attacks<br />Replay Attacks<br />Password Guessing Attacks<br />ANALOG GROUP<br />
  8. 8. Eavesdropping<br />--get MAC Address<br />-- get IP Address<br />-- get Base Station Address<br />-- sniff clear text passwords and keys<br />-- crack wep keys-- crack password <br />-- get SSIDs<br />ANALOG GROUP<br />
  9. 9. Snooping<br />Same as Eavesdropping<br />But it will work all time not limited during transmission .<br />Ex. Keyloger<br />ANALOG GROUP<br />
  10. 10. Port Scanning<br />On computer and telecommunication devices, a port (noun) is generally a specific place for being physically connected to some other device, usually with a socket and plug of some kind.<br />In programming, a port (noun) is a "logical connection place" and specifically, using the Internet's protocol, TCP/IP, the way a client program specifies a particular server program on a computer in a network. <br />ANALOG GROUP<br />
  11. 11. Dos & Ddos Attack <br />Denial of Service is an attack through which a person can make a system unusable, or slow it down for legitimate users,by overloading its resources.<br />ANALOG GROUP<br />
  12. 12. MITM attack : man in the middle attack<br />As the name indicates, a man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently<br />ANALOG GROUP<br />
  13. 13. Back door Attacks <br />This can have two different meanings, the original term back door referred to troubleshooting and developer hooks into systems. During the development of a complicated operating system or application, programmers add back doors or maintenance hooks. These back doors allow them to examine operations inside the code while the program is running. The second type of back door refers to gaining access to a network and inserting a program or utility that creates an entrance for an attacker. The program may allow a certain user to log in without a password or gain administrative privileges. A number of tools exist to create a back door attack such as, Back Orifice (Which has been updated to work with windows server 2003 as well as erlier versions), Subseven,NetBus, and NetDevil. There are many more. Fortunately, most anti-virus software will recognize these attacks.<br />ANALOG GROUP<br />
  14. 14. SQL Injection <br />SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution<br />The vulnerability is present when user input is either incorrectly filtered for string literalescape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed<br />ANALOG GROUP<br />
  15. 15. How To Protect?<br />Install a Hardware Firewall/Router<br />Secure Your WiFi<br />Install a Web Filter/Proxy<br /> Install a Spam Filter<br /> Install and Maintain Antivirus Software<br />Install Desktop Firewall Software<br />Install Antispyware Software<br />Install Encryption/Secure Deletion Software<br />Install and Use a Backup System<br />ANALOG GROUP<br />
  16. 16. First protect your computer.<br />1: Protect computer by password.<br />2: use administrator & guest account to login.<br />3: Apply group policy.<br />4: Use a up to date antivirus <br />ANALOG GROUP<br />
  17. 17. Now Network Security. 1. Install a Hardware Firewall/Router<br />The hardware firewall/router is at the core of your system security. It is on the “front lines” when it comes to protecting your systems. It’s main security purpose is to let you get out to the Internet while keeping the Internet out of your computers.<br />A hardware firewall  uses packet filtering to examine the header of a packet to determine its source and destination. This information is compared to a set of predefined or user-created rules that determine whether the packet is to be forwarded or dropped. <br />ANALOG GROUP<br />
  18. 18. Secure Your WiFi<br />1: Use preferred encryption methods in this order: WPA2, WPA (been cracked), WEP (been cracked). Only use WPA and WEP if you have no other choice<br />2: Change your SSID to something obscure<br />3: Don’t broadcast your SSID<br />4: Use MAC address authentication<br />5: Turn off your WiFi when not in use<br />6: Disable DHCP on entire network<br />ANALOG GROUP<br />
  19. 19. Web Filter/Proxy <br />In computer networks, a proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to its filtering rules. For example, it may filter traffic by IP address or protocol. If the request is validated by the filter, the proxy provides the resource by connecting to the relevant server and requesting the service on behalf of the client. A proxy server may optionally alter the client's request or the server's response, and sometimes it may serve the request without contacting the specified server. In this case, it 'caches' responses from the remote server, and returns subsequent requests for the same content directly.<br />ANALOG GROUP<br />
  20. 20. Antivirus<br />Bit Defender Antivirus 2011<br />Norton Antivirus 2011<br />F-Secure Antivirus 2011<br />ESET NOD32 Antivirus 4<br />Kasper sky Antivirus 2011<br />Trend Micro Titanium Security<br />Panda Antivirus 2011<br />AVG Antivirus 2011<br />G Data Antivirus 2011<br />Zone Alarm Antivirus 2011<br />Vipre Antivirus 2011<br />McAfee Antivirus Plus 2011<br />CA Antivirus 2011<br />AvanquestSystemSuite 11 Professional<br />AviraAntivir Premium 2011<br />Sophos Endpoint Security 2011<br />Comodo Antivirus 2011<br />PC Tools Spyware Doctor with Antivirus 2011<br />Quick Heal Antivirus 2011<br />Microsoft Security Essentials 2011<br />ANALOG GROUP<br />
  21. 21. INDIA in cyber security<br />Cyber law of India is weak and so is cyber security of India. In fact, cyber security of India is in poor state. We have no cyber security strategy of India and this is resulting in a weak and vulnerable cyber security of India. India is facing serious cyber threats and its cyberspace is not at all secure. Cyber terrorism against India is now a well known fact and cyber espionage against India is even admitted by Indian government. Even defence forces of India need to upgrade their cyber security capabilities. We also have negligible cyber forensics capabilities in India and cyber skills development in India is the need of the hour. <br />ANALOG GROUP<br />
  22. 22. Cyber terrorism in India, cyber crimes and cyber attacks against India are increasing because we have no national security policy of India. Further, we also have no national security an ICT policy of India. Obviously national cyber security in India is not upto the mark in the absence of networks security in India. National Security Policy of India is urgently required and Cyber Security Policy of India must be an essential part of the same, says Praveen Dalal, managing partner of New Delhi based Law Firm Perry4Law and leading techno legal expert of India. Increasing Cyber Security Readiness with Adaptive Threat Management is need of the hour, suggests Dalal. Further, Measurement of ICT Resilience and Robustness on regular basis is also required, suggests Dalal. <br />ANALOG GROUP<br />
  23. 23. Where are you?<br />ANALOG GROUP<br />
  24. 24. Any Problem?<br />ANALOG GROUP<br />