Network administration

393 views

Published on

Network Administration as a Career

Published in: Education, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
393
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
26
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Network administration

  1. 1. System Administration as a career
  2. 2. SYSTEM PROTECTION & SECURITY System and Network Threats
  3. 3. Threats
  4. 4. System and Network Threats  Virus  Laptop & mobile theft  Ddos attack  Unauthorized access of information  Abuse of wireless network  System protection  Telecom fraud  Misuse of web application  Website defacement  Worms  Port scanning
  5. 5. Worms
  6. 6. Talk Outline • Introduction of worms. • The life cycle of a simple worm:  scanning for a victim  exploiting the victim  cloning itself onto the victim  Administration the clone to further spread infection  Stealth techniques used to hide itself
  7. 7. What are worms? • A worm is a self replicating program • Self-replicating => it makes copies of itself and sends them over to hosts across a network • All copies have the same functionality and generally lack any sort of synchronization among themselves
  8. 8. Types of worms • Network worms • Email worms • IRC worms • IM worms • File sharing worms • XSS worms
  9. 9. The life cycle of a simple worm • Scanning for a victim • Exploiting the victim • Cloning itself onto the victim • Running the clone to further spread infection • Stealth methods used to hide itself
  10. 10. The life of a worm … Victim (2) Victim (1) (2) Victim (2) Victim
  11. 11. The life of a worm Scans for Victim Rooted !! Scan Send Exploit Get a copy Worm created Victim found
  12. 12. Scanning for a victim • Random scan – • hose random scan – IP from global and local routing addresses • Overall scan –Divide and conquer scan – divide IP addresses among child worms • Subnet scan – detect and scan local subnet
  13. 13. Exploiting the victim • Exploit – simply put: a piece of code which provides “access” to a victim computer by utilizing some flaw in the logic of a program running on the victim computer • Network worms use what is called a “remote exploit” – an exploit which can be launched remotely and which gives some code running privileges on the victim • Find a suitable exploit to use in the worm
  14. 14. Cloning itself onto the victim • Once the victim has been oppressed the worm needs to get a copy of itself on the victim • Blaster worm • Http server • Ftp server • Compile source
  15. 15. The clone to further spread infection • Once the clone has been downloaded run it • Make it a service. • Add a registry entry for startup • Clone starts scanning again • Clone finds a victim • Cycle continues …
  16. 16. Stealth techniques used to hide itself • Hide procedure • Hide files • Hide movement • Delete logs
  17. 17. The life of a worm Scans for Victim Rooted !! Scan Send Exploit Get a copy Worm created Victim found
  18. 18. Worms example • Slammer Worm • Code Red worm • MyDoom.B
  19. 19. Port Scanning • Three way handshaking • Stealth Scan • Xmas Scan • FIN Scan • NULL Scan • Ideal Scan
  20. 20. Tools • Nmap • Soft perfect network scanner • Port scanner ActiveX control • Acunetix • Nessus
  21. 21. DOS (distributed denial of service)
  22. 22. What is Ddos attack?? • The flood of arriving messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users.
  23. 23. Why DoS attack?? • Attempt to flood a network, to enhance network traffic. • Attempt to disrupt connections between two machines. • Attempt to prevent a particular individual from accessing a service.
  24. 24. Ddos attack types. • Smurf • Buffer overflow attack • Ping of death • Teardrop • SYN • Tribal flood Attack
  25. 25. Tools for DoS Attack • Jolt2 • Bubonic.c • Land and LaTierra • Targa
  26. 26. Authentication
  27. 27. What is Authentication? • Authentication is any method by which a system verifies the identity of a user who wishes to access it. • Authentication exist to establish trust between two parties, or authentication entities. These entities consist of an identity and a key.
  28. 28. Authentication Types. • User AuthenticationUser Authentication is the process of determining that a user is who he/she claims to be HTTP Basic, SSL & TLC • Entity AuthenticationEntity authentication is the procedure of determining if an entity is who it claims to be. Cookies etc
  29. 29. Password Based Authentication System • • • • • • • • Usernames Storing Usernames and Passwords Ensuring Password Quality Password Lockout Password Aging and Password History Automated Password Reset Systems Sending Out Passwords Single Sign-On Across Multiple DNS Domains
  30. 30. Password maintenance. • • • • • • • • System Access Password Creation Best Practices Virus Protection Malicious Code Best Practices Software Installation Encryption Web Browsing E-mail Use
  31. 31. Cracking password • • • • • • Social engineering Shoulder surfing Inference Weak authentication Bypassing authentication Password cracking software (Brutus, John the ripper) • Dictionary attacks • Brute-force attacks
  32. 32. Other ways to crack passwords • Keystroke logging • Weak password storage • Network analyzer
  33. 33. Encrypted passwords • • • • SSL HTTPS SSH/TLS Stelnet
  34. 34. SECURITY POLICY • • • • • • • • Virus protection Physical security of computer equipment Access control Lan security Server Specific Security Wide Area Network Security TCP/IP & Internet Security Voice System Security
  35. 35. Firewall • A firewall is simply a program or hardware device that protects the resources of a private network from user of other network.
  36. 36. For more details visit: Joburban.com www.joburban.com Cell-8860604040

×