Abstract:
Internet and network security is the most important and top priority issues for almost all types of organizations, for instance, military divisions, ministries, banks, other public and private sectors, and even to everyone who concerns it.
These organizations may use security mechanisms to protect their assets safe against evil and attackers, but most of the security countermeasures that they use are based on known attacks, threats and vulnerabilities. They hardly pay attention to protect their assets against unknown and new types of attacks, threats and vulnerabilities. Most of the organizations faced to challenges the new types of unknown attacks and threats.
This research paper's main aim is to focus and study approaches and solutions against the unknown attacks and threats, and therefore, titled Designing Countermeasures for Tomorrows Threats to make the organizations enable to detect new types attacks, threats or vulnerabilities before they damage their assets or systems.
In addition, the outcome of this research paper will give the chance to the organizations to learn who is attacking their systems, how they are being attacked, and what the attackers are trying to achieve. The concepts that this research paper (thesis) used for Designing Countermeasures for Tomorrows Threats are Honeypot and Honeynet systems.
Honeypot and Honeynet Systems are one of the most interesting and well-known concepts for all the security professionals to know their enemies and identify their weakness. Worth mentioning that most of the countries i.e. Iran, Pakistan, India, Saudi Arabia, Germany and Polish are using these concepts to protect their internal networks and assets against the attackers. Besides, there are a great number of security organizations and communities that use these concepts for research to learn and educate public about new types of attacks, threats and vulnerabilities naming Honeynet Project, Norse, FireEye, WorldMap and Global Botnet Threat Activity.
This thesis implemented most of the existed-based technologies on the concept of Honeypot and Honeynet systems both open source and close source. Finally suggest and recommend the best solution for Afghanistan to protect its internal networks especially important organizations like Ministry of Interior and other ministries and sectors.
This tutorial gives very good understanding on CCNA Dynamic Routing Protocols.After completing this tutorial,You will find yourself at a moderate level of expertise in knowing Advance Networking(CCNA)
This tutorial gives very good understanding on CCNA Dynamic Routing Protocols.After completing this tutorial,You will find yourself at a moderate level of expertise in knowing Advance Networking(CCNA)
This PPT focuses on the basic concepts of routing protocols including the executive summary of basic computer networks.
Regarding to the routing protocol concepts, it gives us a brief information of routing, protocol, routing protocol, types of routing protocol, metrics of a routing protocol algorithms...
Difference between Routing & Routed ProtocolNetwax Lab
A routing protocol is different and is only used
between routers. It makes possible for routers to
build and maintain routing tables.
A routed protocol is a protocol by which data can
be routed.
My Cisco Training Courses @ MFT.Info
in this chapter I focused on Routing protocols in CCNA Technologies , consider that this info has been presented @ Workshop Teaching , So if you wanna know more about this scenarios feedback me to give you LAB Scenarios,
good luck.
In this educational power point, networking standard organizations, a brief introduction to local area network technologies, summary of OSI layer modeling and Ethernet standards,... are provided.
This tutorial gives very good understanding on Computer Networks devices After completing this tutorial,You will find yourself at a moderate level of expertise in knowing Networking , from where you can take yourself to next levels.
Basic introduction and countermeasures to ransomware threats presentationDarwish Ahmad
Abstract-- Malware or malicious software are exist everywhere, internet or locally. This paper present a category of malware which cybercriminals (hackers, crackers, etc.) currently using for monetizing around the world via internet. Ransomware is the name of this category of malware and it has a variety of families inside it. There are two famous basic types crypto ransomware and locker ransomware. Crypto ransomware usually encrypt personal files of the victims with different cryptography algorithms according how crypto ransomware is designed. These cryptographic alogorithm might be symmetric (single key) or asymmetric (double key, public key). The second type of ransomware lock the victim device (personal computer, mobile device, etc) and prevent the user from accessing it. The countermeasures how to keep secure and safe our systems or network against this dangerous type of malware will be discuss also.
This PPT focuses on the basic concepts of routing protocols including the executive summary of basic computer networks.
Regarding to the routing protocol concepts, it gives us a brief information of routing, protocol, routing protocol, types of routing protocol, metrics of a routing protocol algorithms...
Difference between Routing & Routed ProtocolNetwax Lab
A routing protocol is different and is only used
between routers. It makes possible for routers to
build and maintain routing tables.
A routed protocol is a protocol by which data can
be routed.
My Cisco Training Courses @ MFT.Info
in this chapter I focused on Routing protocols in CCNA Technologies , consider that this info has been presented @ Workshop Teaching , So if you wanna know more about this scenarios feedback me to give you LAB Scenarios,
good luck.
In this educational power point, networking standard organizations, a brief introduction to local area network technologies, summary of OSI layer modeling and Ethernet standards,... are provided.
This tutorial gives very good understanding on Computer Networks devices After completing this tutorial,You will find yourself at a moderate level of expertise in knowing Networking , from where you can take yourself to next levels.
Basic introduction and countermeasures to ransomware threats presentationDarwish Ahmad
Abstract-- Malware or malicious software are exist everywhere, internet or locally. This paper present a category of malware which cybercriminals (hackers, crackers, etc.) currently using for monetizing around the world via internet. Ransomware is the name of this category of malware and it has a variety of families inside it. There are two famous basic types crypto ransomware and locker ransomware. Crypto ransomware usually encrypt personal files of the victims with different cryptography algorithms according how crypto ransomware is designed. These cryptographic alogorithm might be symmetric (single key) or asymmetric (double key, public key). The second type of ransomware lock the victim device (personal computer, mobile device, etc) and prevent the user from accessing it. The countermeasures how to keep secure and safe our systems or network against this dangerous type of malware will be discuss also.
Oracle UCM Security: Challenges and Best PracticesBrian Huff
Information on how to "harden" your content server to make it less susceptible to security attacks. Covers risks, vulnerabilities, and countermeasures.
Patent Risk and Countermeasures Related to Open Management in Interaction DesignYosuke Sakai
2012 10th International Conference of Asia Digital Art and Design Association & 6th International Conference of Taiwan Association of Digital Media Design
O termo Cyberpunk ou Ciberpunk foi cunhado por Bruce Bethke, amigo de Gibson cujo computador havia sido alvo de ataques de hackers a quem ele chamou de cyberpunks, numa analogia entre o ato cibernética e o ato punk de detonar com tudo. Não poderia ter sido melhor. A premissa geral do subgênero ganhou força em outras mídias como as Hqs e o cinema, nos quais houve muitos desdobramentos além da Literatura, bem como a criação de novos conceitos até o surgimento de pós-Cyberpunk nos últimos anos do século XX com obras como a trilogia Matrix que copia na cara dura o termo utilizado por Gibson para se referir ao Cyberespaço, o mundo Virtual de Neuromancer.
Skyjacking A Cisco Wlan Attack Analysis And CountermeasuresAirTight Networks
This presentation will deconstruct the skyjacking vulnerability - explaining why the vulnerability occurs in Cisco WLANs, which Cisco access points are affected, how skyjacking can be exploited to launch potent attacks, and what are the best practices to proactively protect your enterprise network against such zero-day vulnerabilities and attacks.
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...Jeremiah Grossman
Identifying Web Servers: A First-look Into the Future of Web Server Fingerprinting
Jeremiah Grossman, Founder & Chairman of WhiteHat Security, Inc.
Many diligent security professionals take active steps to limit the amount of system specific information a publicly available system may yield to a remote user. These preventative measures may take the form of modifying service banners, firewalls, web site information, etc.
Software utilities such as NMap have given the security community an excellent resource to discover what type of Operating System and version is listening on a particular IP. This process is achieved by mapping subtle, yet, distinguishable nuances unique to each OS. But, this is normally where the fun ends, as NMap does not enable we user's to determine what version of services are listening. This is up to us to guess or to find out through other various exploits.
This is where we start our talk, fingerprinting Web Servers. These incredibly diverse and useful widespread services notoriously found listening on port 80 and 443 just waiting to be explored. Many web servers by default will readily give up the type and version of the web server via the "Server" HTTP response header. However, many administrators aware of this fact have become increasingly clever in recent months by removing or altering any and all traces of this telltale information.
These countermeasures lead us to the obvious question; could it STILL possible to determine a web servers platform and version even after all known methods of information leakage prevention have been exhausted (either by hack or configuration)?
The simple answer is "yes"; it is VERY possible to still identify the web server. But, the even more interesting question is; just how much specific information can we obtain remotely?
Are we able to determine?
* Supported HTTP Request Methods.
* Current Service Pack.
* Patch Levels.
* Configuarations.
* If an Apache Server suffers from a "chunked" vulnerability.
Is really possible to determine this specific information using a few simple HTTP requests? Again, the simple answer is yes, the possibility exists.
Proof of concept tools and command line examples will be demonstrated throughout the talk to illustrate these new ideas and techniques. Various countermeasures will also be explored to protect your IIS or Apache web server from various fingerprinting techniques.
Prerequisites:
General understanding of Web Server technology and HTTP.
VoIP: Attacks & Countermeasures in the Corporate WorldJason Edelstein
Discusses VoIP security threats and countermeasures with a specific focus on the Cisco Call Manager implementations.
Additional information can be found at: http://www.senseofsecurity.com.au
This short seminar presentation discusses the basic idea of my dissertation. It uncovers the main ideas of a three players conflict in missile guidance with bounded controls.
Thomas Lang, University of California San Francisco: "Bone Loss in Long-Duration Spaceflight: Measurements and Countermeasures." Presented at the 2013 International Space Station Research and Development Conference, http://www.astronautical.org/issrdc/2013.
Penetration Test (Teste de invasão) – Saiba como ser um Hacker ético na praticaCampus Party Brasil
Com as exigências da regulamentação PCI, realizar PEN TEST torna-se obrigatório para empresas que fazem transações com cartão de credito, por isto Ethical Hacker tornou-se uma profissão. Saiba como tornar-se um profissional certificado com validade internacional e quais ferramentas pode-se usar. Faremos demonstração de como estas ferramentas funcionam.
Call for Papers- Special Session: Contemporary Innovations in Data Sciences, IoT and Computational Techniques
Dr. Shruti Aggarwal, Christo Ananth, Dr. Manik Rakhra
Thapar University, India
Professor, Samarkand State University, Uzbekistan
Lovely Professional University, India3
Dealing with the Internet of Insecure ThingsArosha Bandara
We are in an age of the ‘Internet of Everything’ where boundaries between citizens, governments, media, and societal organisations are becoming increasingly fuzzy as interconnected digital devices enable the collection and exchange of vast amounts of information across the globe. The availability of data gathered by these devices, coupled with advances in channels of digitally mediated communication, has created a host of new systems that are embedded into a range of human activities, including agriculture, energy, transportation, healthcare, policing, and education – creating the potential for a ‘smarter planet’. However, these cyber-physical, socio-technical systems also open the door to new threats from a range of sources, from attackers with malicious intent to opportunists exploiting vulnerabilities in systems to cause deliberate or accidental harm. This talk provides an overview of the challenges created by this ‘Internet of Insecure Things’ and argues for adopting human-centric engineering approaches for addressing these challenges.
Cyber Warfare is the current single greatest emerging threat to National Security. Network security has become an essential component of any computer network. As computer networks and systems become ever more fundamental to modern society, concerns about security has become increasingly important. There are a multitude of different applications open source and proprietary available for the protection +-system administrator, to decide on the most suitable format for their purpose requires knowledge of the available safety measures, their features and how they affect the quality of service, as well as the kind of data they will be allowing through un flagged. A majority of methods currently used to ensure the quality of a networks service are signature based. From this information, and details on the specifics of popular applications and their implementation methods, we have carried through the ideas, incorporating our own opinions, to formulate suggestions on how this could be done on a general level. The main objective was to design and develop an Intrusion Detection System. While the minor objectives were to; Design a port scanner to determine potential threats and mitigation techniques to withstand these attacks. Implement the system on a host and Run and test the designed IDS. In this project we set out to develop a Honey Pot IDS System. It would make it easy to listen on a range of ports and emulate a network protocol to track and identify any individuals trying to connect to your system. This IDS will use the following design approaches: Event correlation, Log analysis, Alerting, and policy enforcement. Intrusion Detection Systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, we have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which we have adapted for the specific purpose of testing IDSs. In this paper, we identify a set of general IDS performance objectives which is the basis for the methodology. We present the details of the methodology, including strategies for test-case selection and specific testing procedures. We include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. We present an overview of the software platform that we have used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that we have developed, including mechanisms for concurrent scripts and a record-and-replay feature. We also provide background information on intrusions and IDSs to motivate our work.
Similar to Designing Countermeasures For Tomorrows Threats (20)
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
When stars align: studies in data quality, knowledge graphs, and machine lear...
Designing Countermeasures For Tomorrows Threats
1. 1/22
Theoritical Section
Practical Section
Designing Countermeasures For Tomorrows
Threats
Darwish Ahmad Herati
Herat University
Computer Science Faculty
Communication & Operatin System Department
SUPERVISOR
M.C.S. M. Sawaby Nezhat
December 21, 2014
Darwish Ahmad Herati Designing Countermeasures
2. 2/22
Theoritical Section
Practical Section
Contents
1 Theoritical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
2 Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Darwish Ahmad Herati Designing Countermeasures
3. 3/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Problem Statement
1st: AFG Ministries
2nd: Organizations
3rd: Airports
4th: Universities
5th: Banks
Darwish Ahmad Herati Designing Countermeasures
4. 3/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Problem Statement
1st: AFG Ministries
2nd: Organizations
3rd: Airports
4th: Universities
5th: Banks
Darwish Ahmad Herati Designing Countermeasures
5. 3/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Problem Statement
1st: AFG Ministries
2nd: Organizations
3rd: Airports
4th: Universities
5th: Banks
Darwish Ahmad Herati Designing Countermeasures
6. 3/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Problem Statement
1st: AFG Ministries
2nd: Organizations
3rd: Airports
4th: Universities
5th: Banks
Darwish Ahmad Herati Designing Countermeasures
7. 3/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Problem Statement
1st: AFG Ministries
2nd: Organizations
3rd: Airports
4th: Universities
5th: Banks
Darwish Ahmad Herati Designing Countermeasures
8. 4/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Problem Statement
We Need To Learn :
Who is Attacking Us.
How We Are Being Attacked
What the Attackers Trying to Achieve.
Darwish Ahmad Herati Designing Countermeasures
9. 5/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Motivation
Secure Afghanistan Internal Networks
Recognize the Enemies of Afghanistan and Their Actions
Show Our Ability to The Others
How to Defend Against the Attackers.
Network Security Specialist
Learning New Types, Tactics of Attacks
Lough to the Attackers :-)
Darwish Ahmad Herati Designing Countermeasures
10. 5/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Motivation
Secure Afghanistan Internal Networks
Recognize the Enemies of Afghanistan and Their Actions
Show Our Ability to The Others
How to Defend Against the Attackers.
Network Security Specialist
Learning New Types, Tactics of Attacks
Lough to the Attackers :-)
Darwish Ahmad Herati Designing Countermeasures
11. 5/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Motivation
Secure Afghanistan Internal Networks
Recognize the Enemies of Afghanistan and Their Actions
Show Our Ability to The Others
How to Defend Against the Attackers.
Network Security Specialist
Learning New Types, Tactics of Attacks
Lough to the Attackers :-)
Darwish Ahmad Herati Designing Countermeasures
12. 5/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Motivation
Secure Afghanistan Internal Networks
Recognize the Enemies of Afghanistan and Their Actions
Show Our Ability to The Others
How to Defend Against the Attackers.
Network Security Specialist
Learning New Types, Tactics of Attacks
Lough to the Attackers :-)
Darwish Ahmad Herati Designing Countermeasures
13. 6/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Goal
1st: IDEA
2nd: Info Gathering
3rd: Todays Technos
4th: Implementation
5th: Best Solution
Darwish Ahmad Herati Designing Countermeasures
14. 6/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Goal
1st: IDEA
2nd: Info Gathering
3rd: Todays Technos
4th: Implementation
5th: Best Solution
Darwish Ahmad Herati Designing Countermeasures
15. 6/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Goal
1st: IDEA
2nd: Info Gathering
3rd: Todays Technos
4th: Implementation
5th: Best Solution
Darwish Ahmad Herati Designing Countermeasures
16. 6/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Goal
1st: IDEA
2nd: Info Gathering
3rd: Todays Technos
4th: Implementation
5th: Best Solution
Darwish Ahmad Herati Designing Countermeasures
17. 6/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Goal
1st: IDEA
2nd: Info Gathering
3rd: Todays Technos
4th: Implementation
5th: Best Solution
Darwish Ahmad Herati Designing Countermeasures
18. 7/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Thesis Structure
Chapter 1: Introduction
Chapter 2: Computer and Network Security
Chapter 3: Honeypot Systems
Chapter 4: Honeynet Systems
Chapter 5: Honeypot and Honeynet Technologies
Chapter 6: Implementation ( Designing Countermeasrues
For Tomorrows Threats )
Darwish Ahmad Herati Designing Countermeasures
19. 8/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Zero Concept
Zero Hour,Day: Attacks, Threats and Vulnerabilities
Security Hole Unknown to its Vendor
Exploit Unknown Vulnerability and the patch is no available
Darwish Ahmad Herati Designing Countermeasures
20. 9/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Honeypot Systems
Definition: A computer or network that is intentially left
with common vulnerabilities that a hacker would use to
hack the system, act as a TRAP!!!
History: Fred Cohen’s Deception ToolKit in 1998 And in
2004 Virtual Honeypot Introduced
Value: Data Collection=Little Data High Value
Darwish Ahmad Herati Designing Countermeasures
21. 9/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Honeypot Systems
Definition: A computer or network that is intentially left
with common vulnerabilities that a hacker would use to
hack the system, act as a TRAP!!!
History: Fred Cohen’s Deception ToolKit in 1998 And in
2004 Virtual Honeypot Introduced
Value: Data Collection=Little Data High Value
Darwish Ahmad Herati Designing Countermeasures
23. 11/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Honeynet Systems
Definition: Multiple honeypots can be set on a network to
form the Honeynet Systems
Darwish Ahmad Herati Designing Countermeasures
24. 11/22
Theoritical Section
Practical Section
Introduction
Computer And Network Security
Honeypot Systems
Honeynet Systems
Honeynet Systems
Definition: Multiple honeypots can be set on a network to
form the Honeynet Systems
Darwish Ahmad Herati Designing Countermeasures
25. 12/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Countries and Honeynet Systems
1st: IRAN
2nd: PAKISTAN
3rd: INDIA
4rd: SAUDI ARABIA
5rd: POLISH
6rd: GERMANY
Darwish Ahmad Herati Designing Countermeasures
26. 12/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Countries and Honeynet Systems
1st: IRAN
2nd: PAKISTAN
3rd: INDIA
4rd: SAUDI ARABIA
5rd: POLISH
6rd: GERMANY
Darwish Ahmad Herati Designing Countermeasures
27. 12/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Countries and Honeynet Systems
1st: IRAN
2nd: PAKISTAN
3rd: INDIA
4rd: SAUDI ARABIA
5rd: POLISH
6rd: GERMANY
Darwish Ahmad Herati Designing Countermeasures
28. 12/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Countries and Honeynet Systems
1st: IRAN
2nd: PAKISTAN
3rd: INDIA
4rd: SAUDI ARABIA
5rd: POLISH
6rd: GERMANY
Darwish Ahmad Herati Designing Countermeasures
29. 12/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Countries and Honeynet Systems
1st: IRAN
2nd: PAKISTAN
3rd: INDIA
4rd: SAUDI ARABIA
5rd: POLISH
6rd: GERMANY
Darwish Ahmad Herati Designing Countermeasures
30. 12/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Countries and Honeynet Systems
1st: IRAN
2nd: PAKISTAN
3rd: INDIA
4rd: SAUDI ARABIA
5rd: POLISH
6rd: GERMANY
Darwish Ahmad Herati Designing Countermeasures
31. 13/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Organizations and Honeynet Systems
1st: THE HONYNET
PROJECT
2nd: THE NORSE
3rd: THE FIREEYE
4th: THE GLOBAL
BOTNET
5th: THE WORLD MAP
6th: THE KASPRESKY
Darwish Ahmad Herati Designing Countermeasures
32. 13/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Organizations and Honeynet Systems
1st: THE HONYNET
PROJECT
2nd: THE NORSE
3rd: THE FIREEYE
4th: THE GLOBAL
BOTNET
5th: THE WORLD MAP
6th: THE KASPRESKY
Darwish Ahmad Herati Designing Countermeasures
33. 13/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Organizations and Honeynet Systems
1st: THE HONYNET
PROJECT
2nd: THE NORSE
3rd: THE FIREEYE
4th: THE GLOBAL
BOTNET
5th: THE WORLD MAP
6th: THE KASPRESKY
Darwish Ahmad Herati Designing Countermeasures
34. 13/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Organizations and Honeynet Systems
1st: THE HONYNET
PROJECT
2nd: THE NORSE
3rd: THE FIREEYE
4th: THE GLOBAL
BOTNET
5th: THE WORLD MAP
6th: THE KASPRESKY
Darwish Ahmad Herati Designing Countermeasures
35. 13/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Organizations and Honeynet Systems
1st: THE HONYNET
PROJECT
2nd: THE NORSE
3rd: THE FIREEYE
4th: THE GLOBAL
BOTNET
5th: THE WORLD MAP
6th: THE KASPRESKY
Darwish Ahmad Herati Designing Countermeasures
36. 13/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Organizations and Honeynet Systems
1st: THE HONYNET
PROJECT
2nd: THE NORSE
3rd: THE FIREEYE
4th: THE GLOBAL
BOTNET
5th: THE WORLD MAP
6th: THE KASPRESKY
Darwish Ahmad Herati Designing Countermeasures
37. 14/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Implement Different Technologies
Open Source: Honeyd, KippoSSH, Dionaa, Conpot,
Honeywall, etc...
Close Source: BackOfficer Friendly, Spectir, HoneyBot,
etc...
This Thesis: Honeyd, KippoSSH, Dionaa, Conpot,
BackOfficer Friendly, Spectir,
Let’s See The Implementation of Them. But Before!!!
Darwish Ahmad Herati Designing Countermeasures
38. 14/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Implement Different Technologies
Open Source: Honeyd, KippoSSH, Dionaa, Conpot,
Honeywall, etc...
Close Source: BackOfficer Friendly, Spectir, HoneyBot,
etc...
This Thesis: Honeyd, KippoSSH, Dionaa, Conpot,
BackOfficer Friendly, Spectir,
Let’s See The Implementation of Them. But Before!!!
Darwish Ahmad Herati Designing Countermeasures
39. 14/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Implement Different Technologies
Open Source: Honeyd, KippoSSH, Dionaa, Conpot,
Honeywall, etc...
Close Source: BackOfficer Friendly, Spectir, HoneyBot,
etc...
This Thesis: Honeyd, KippoSSH, Dionaa, Conpot,
BackOfficer Friendly, Spectir,
Let’s See The Implementation of Them. But Before!!!
Darwish Ahmad Herati Designing Countermeasures
40. 15/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Used Technologies
LAMP: Apache 2, PHP, MySQL
Python: Powerful Scripting Language
Darwish Ahmad Herati Designing Countermeasures
41. 16/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
We Love AFGHANISTAN and Proud To Be Afghans
Darwish Ahmad Herati Designing Countermeasures
43. 18/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Conclusion
The Network Security Problems In Everywhere:
Military, Organizations, Universities, Banks, Private Sectors,
ISPs, Airport, Transport... and
We Need to Learn Who, How , What.
Researches
Search about different solutions for the Problems and
Implement different Security Technologies Exist Today to
Achieve the best solution For DEFEND Against the Attackers.
Solution
The Best Solution For Afghanistan
Darwish Ahmad Herati Designing Countermeasures
44. 19/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Challenges
Complex and Difficult Configurations
!!! NO PAIN NO GAIN !!!
Darwish Ahmad Herati Designing Countermeasures
45. 19/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Challenges
Complex and Difficult Configurations
!!! NO PAIN NO GAIN !!!
Darwish Ahmad Herati Designing Countermeasures
46. 20/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Future Work
Research on High Interaction Honeypot Systems
Research on Honeynet Systems
Darwish Ahmad Herati Designing Countermeasures
47. 20/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
Future Work
Research on High Interaction Honeypot Systems
Research on Honeynet Systems
Darwish Ahmad Herati Designing Countermeasures
48. 21/22
Theoritical Section
Practical Section
Countries and Honeynet Systems
Organizations and Honeynet Systems
Thesis Solution
References
Michael D. Bauer. (2005). Linux Server Security. January.
Andy Oram, John Viega. (2009). Beautiful Leading
Security Experts Explain How They Think. April
Nitesh Dhanjani, Billy Rios and Brett Hardin. (2009).
Hacking The Next Generation. September.
Lance Spitzner. (2002). Honeypots: Tracking
Hackers.September.
etc...
Darwish Ahmad Herati Designing Countermeasures