Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Week12 final

270 views

Published on

Week 12

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Week12 final

  1. 1. Lecture 12 Information Security
  2. 2. Today’s lecture outline
  3. 3. Basic terminology1 Security jargon Vulnerability, threat, attack; Hacker, cracker; Black hats versus White hats
  4. 4. Information Security Basics
  5. 5. Malware2 The software that is written for malicious purposesViruses Trojan Horses Spyware Keyloggers
  6. 6. Reproduced with permission. Please visit www.SecurityCartoon.com for more material
  7. 7. Brain Virus (Pakistani Flu) 1986 Credit: http://en.wikipedia.org/wiki/Brain_(computer_virus) The first computer virus
  8. 8. Key-loggers and Spyware
  9. 9. Spoofing Attacks3 where the attacker impersonates some one elseEmail spoofing URL spoofing DNS spoofing IP spoofing MAC spoofing
  10. 10. Email Spoofing (phishing)3.a
  11. 11. URL Spoofing (phishing)3.b
  12. 12. Genuine URL; Site: niit.edu.pk; directory: src; file: login.php https://webmail.niit.edu.pk/src/login.php1
  13. 13. https://webmail.niit.org.pk/src/login.php Victim.ID ************** The second-level domain is .org and not .edu; faked website https://webmail.niit.org.pk/src/login.php 2
  14. 14. https://webmail.niit.edu.tk/src/login.php 3 The first-level domain is .tk and not .pk; faked website https://webmail.niit.edu.tk/src/login.php Victim.ID **************
  15. 15. https://202.125.111.57/src/login.php The IP address does not correspond to webmail.niit.edu.pk; faked website https://202.128.111.87/src/login.php 4 Victim.ID **************
  16. 16. DNS Spoofing3.c IP Spoofing3.d MAC Spoofing3.e
  17. 17. DNS spoofing W W W Tell me the IP address of www.niit.edu.pk? W W W DNS Request
  18. 18. W W W Reply The IP address of www.niit.edu.pk is 110.125.157.198 DNS spoofing W W W DNS The IP address of www.niit.edu.pk is 110.125.157.198 Fake NIIT site
  19. 19. Private network 192.168.1.0/24 MAC/ IP spoofing .254 00:aa:bb:cc:dd:ee:ff .1 .254 00:aa:bb:cc:dd:ee:ff Malicious node The malicious node can pretend to be another node
  20. 20. Network-based attacks4 where the attacker pretends to be something he/she/it is not Worms Denial of Service attacks
  21. 21. Denial of Service attacks
  22. 22. Social Engineering5 Targets the weakest component of a security system---the users
  23. 23. Non-technical hacking
  24. 24. Greeting card phishing
  25. 25. Lottery winning phishing
  26. 26. How to protect against security attacks? 6
  27. 27. Use an Internet Firewall
  28. 28. Apply the latest updates
  29. 29. Use up-to-date Anti-virus
  30. 30. Opening trusted files only
  31. 31. Protecting against spyware
  32. 32. Passwords and locking systems when unused
  33. 33. Backing up data
  34. 34. Security protection---Recall
  35. 35. Conclusions
  36. 36. http://tinyurl.com/5hb8pp

×