This is final presentation of IT security project. In this project tested terminal server security and built the system. Project consist of :
*Build the system
*Try to break
*Detect
*Prevent
So, project is implemented fully and all requirement are done.
As soluções da NetWitness capturam todos os dados que circulam na rede e os contextualizam, filtrando o que pode ser crítico ou não. O usuario pode ver quem está indo aonde e vendo o quê.
As soluções da NetWitness capturam todos os dados que circulam na rede e os contextualizam, filtrando o que pode ser crítico ou não. O usuario pode ver quem está indo aonde e vendo o quê.
Security+ Guide to Network Security Fundamentals, 3rd Edition, by Mark Ciampa
Knowledge and skills required for Network Administrators and Information Technology professionals to be aware of security vulnerabilities, to implement security measures, to analyze an existing network environment in consideration of known security threats or risks, to defend against attacks or viruses, and to ensure data privacy and integrity. Terminology and procedures for implementation and configuration of security, including access control, authorization, encryption, packet filters, firewalls, and Virtual Private Networks (VPNs).
CNIT 120: Network Security
http://samsclass.info/120/120_S09.shtml#lecture
Policy: http://samsclass.info/policy_use.htm
Many thanks to Sam Bowne for allowing to publish these presentations.
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
Network breaches are on the rise, and the consequences are getting more dire. Needless to say, you don't want to be the next Target.You've invested in security tools like firewalls and IPS systems. But today's stealthy attacks can still get through. When you suspect an attack, you need your insurance policy—network forensics.
In this seminar, you'll learn how network forensics—network recording along with powerful search and analysis tools—can enable your in-house security team to track down, verify, and characterize attacks.
You'll also learn about the requirements for effective forensics on today's 10G and 40G networks.
And you'll learn some best practices for configuring captures to help you and your team pinpoint and remediate anomalous behavior that could signal an attack.
A Presentation On Basic Network Security And Viruses For College Level. Basics on Networking, Network Security, Virus, Spyware, Vulnerability, Hacking And Indian Laws To Prevent Hacking
Safe never sleep - a peak into the IT underworld. Security briefing from McAfee and Global Micro - Microsoft Hosting Partner of the Year 2010 and 2011. Presentation by Christo Van Staden www.globalmicro.co.za. Follow me on twitter @jjrmilner
Slide 2:
Introduction to System Threats
( What is threats, Software Attacks & Malware)
Slide 3:
Program Threats & System Threats with example
Slide 4:
What are the System Threats?
Slides 5:
Security of a system can be threatened via two breach(Threat & Attack)
Slides 6:
Malicious Threats & Accidental Threats
Slides 7:
Security can be compromised by any of the breaches
Slides 8:
Security Goals
Slides 9:
Security Measures
Slide 10, 11 & 12:
Worms, Port Scanning & DOS
This is a presentation I gave to senior high school students. The 1st part is an overview the 2nd part is more detailed on the ways to perform the Ethical Hacking.
Need my help? Contact Keith Brooks via one of the following ways:
Blog http://blog.vanessabrooks.com
Twitter http://twitter.com/lotusevangelist
http://about.me/keithbrooks
Security+ Guide to Network Security Fundamentals, 3rd Edition, by Mark Ciampa
Knowledge and skills required for Network Administrators and Information Technology professionals to be aware of security vulnerabilities, to implement security measures, to analyze an existing network environment in consideration of known security threats or risks, to defend against attacks or viruses, and to ensure data privacy and integrity. Terminology and procedures for implementation and configuration of security, including access control, authorization, encryption, packet filters, firewalls, and Virtual Private Networks (VPNs).
CNIT 120: Network Security
http://samsclass.info/120/120_S09.shtml#lecture
Policy: http://samsclass.info/policy_use.htm
Many thanks to Sam Bowne for allowing to publish these presentations.
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
Network breaches are on the rise, and the consequences are getting more dire. Needless to say, you don't want to be the next Target.You've invested in security tools like firewalls and IPS systems. But today's stealthy attacks can still get through. When you suspect an attack, you need your insurance policy—network forensics.
In this seminar, you'll learn how network forensics—network recording along with powerful search and analysis tools—can enable your in-house security team to track down, verify, and characterize attacks.
You'll also learn about the requirements for effective forensics on today's 10G and 40G networks.
And you'll learn some best practices for configuring captures to help you and your team pinpoint and remediate anomalous behavior that could signal an attack.
A Presentation On Basic Network Security And Viruses For College Level. Basics on Networking, Network Security, Virus, Spyware, Vulnerability, Hacking And Indian Laws To Prevent Hacking
Safe never sleep - a peak into the IT underworld. Security briefing from McAfee and Global Micro - Microsoft Hosting Partner of the Year 2010 and 2011. Presentation by Christo Van Staden www.globalmicro.co.za. Follow me on twitter @jjrmilner
Slide 2:
Introduction to System Threats
( What is threats, Software Attacks & Malware)
Slide 3:
Program Threats & System Threats with example
Slide 4:
What are the System Threats?
Slides 5:
Security of a system can be threatened via two breach(Threat & Attack)
Slides 6:
Malicious Threats & Accidental Threats
Slides 7:
Security can be compromised by any of the breaches
Slides 8:
Security Goals
Slides 9:
Security Measures
Slide 10, 11 & 12:
Worms, Port Scanning & DOS
This is a presentation I gave to senior high school students. The 1st part is an overview the 2nd part is more detailed on the ways to perform the Ethical Hacking.
Need my help? Contact Keith Brooks via one of the following ways:
Blog http://blog.vanessabrooks.com
Twitter http://twitter.com/lotusevangelist
http://about.me/keithbrooks
In my college i will created this presentation for seminar with my own interest so this will help you for your career.Please you also create any presentation and upload it,Thank you.
a brief introduction of cyber war and its methods, may be called "cyber warfare introduction" . i have good knowledge on this domain and i practically follow this method. in this presentation i explain the reference 50% and it will complete on my next upload. please give your feedback if any suggestions to help me. thank you.
orientation of CS awareness.orientation of CS awareness.orientation of CS awareness.orientation of CS awareness.orientation of CS awareness.orientation of CS awareness.
Here in this slide i describe the BASIC ... For the Beginners...some general idea & topics i have covered here...My next slide can give more information about hacking... this is the general & only for the beginners.Hope my slide help you to get the thing you want for.
Similar to Final presentation of IT security project (20)
1. Security test and
implementation
of terminal computer
Authors:
Armandas Rokas
Andrius Sinkevicius
Edvinas Butenas
December 7, 2011
2. Overview
Background story
Breakin attacks
Risk determination and security control recommendations
for breakin attacks
Network attacks
Risk determination and security control recommendations
for network attacks
Security solutions
Questions?
3. Background story
XpUnlimited.LT company
Software works on all previous Windows OS`s
Try the security of terminal server
Built fully protected ( included network security)
9. Exploit
(Infection with key logger)
Exploited by executing file on victims machine
File with payload
Meterpreter command line
Key log:
On Windows 7 only affected user
only affected
On Windows Xp all user
all
10. Mail infection
External attack
Attack was made from BackTrack 5 to infect the
Terminal thin client server with Windows 7
operating system.
Exploit which let me break in to victim computer
when he got the infected message to his mail box.
12. Some details
reverse_tcp payload.
local port 4444(it is vulnerable port) to create active
server which listening when victim click on
message.
After victim activate the payload included into
message I open meterpreter.
13. Human Threats
Threat-Source Motivation Threat Action
Computer Criminal Monetary Gain-my Computer Crime
credit card info Fraudulent Act
Hacker, Cracker Challenge, Ego Hacking, Social
Engineering, System
Intrusion, Unauthorized
System Access.
User Negligence Spill Fluids on System
Idiocy Drop System
14. Vulnerability Identification
Vulnerability Threat-Source Threat Action
Outdated Software Hacker, Cracker, System File Loss,
Computer Criminal. Unauthorized System
Accesses.
Misconfigured System Users, Computer System Files Loss,
Criminal. Hacker, System Failure
Cracker.
Absence Of Security Hacker, Cracker, System Files Loss,
Software Computer Criminal. System Failure.
15. Likelihood Determination
Threat-Source Vulnerability Likelihood
Hacker, Cracker, Outdated Software Medium
Computer Criminal.
Users, Computer Misconfigured System Medium
Criminal.
Hacker, Cracker, Absence Of Security High
Computer Criminal. Software
16. Impact Analysis
Threat-Source Loss of Loss of Loss of
Integrity Availability Confidentialit
y
Hacker, None High High
Cracker.
Computer None High High
Criminal.
Users Low Low Low
17. Likelihood, Impact Analysis &
Risk
Vulnerability Threat - Likelihood Impact Risk
Source
Outdated Hacker, Medium Medium Medium
Software Cracker,
Computer
Criminal.
Misconfigured Users, High High High
System Computer
Criminal.
Hacker,
Cracker.
Absence Of Hacker, High Medium Medium
Security Cracker,
Software Computer
Criminal.
18. Control Recommendations
Risk Risk Recommended Controls Activity
Level Priority
Outdated Software Medium Regularly Updating Software. Medium
Misconfigured High Hire Qualified Specialists. High
System
Absence Of Security Medium Install legally IPS & IDS. Medium
Software
20. ARP - Man in the middle
attack
After I broke in through Metasploit exploit to
victim pc I try do more harm to him.
I use ARP protocol vulnerability, with which you
are invisible, but same time making damage to
victim.
With fake arpsoof regues and response package
sending I make MITM “Man In The Middle”
attack.
21. After that I get full information float from router and my selected other
computer.
In that information are included logins, emails other sensitive
information.
Victim become full infected, he needs get out of this situation and
prevent for another time.
26. Human Threats
Threat-Source Motivation Threat Action
Computer Criminal Monetary Gain-my Computer Crime
credit card info Fraudulent Act
Hacker, Cracker Challenge, Ego Hacking, Social
Engineering, System
Intrusion, Unauthorized
System Access.
Competitors Injure Company Economic Exploitation,
Stability. Compromise System Penetration,
Network work. Spoofing/Sniffing of
Network. Run Of
Company Data.
27. Vulnerability Identification
Vulnerability Threat-Source Threat Action
Absence Of System Hacker, Cracker System Failure,
Security Competitors Connection Damage,
Computer Criminal Information
Conversion.
29. Impact Analysis
Threat-Source Loss of Loss of Loss of
Integrity Availability Confidentialit
y
Hacker, None High High
Cracker.
Computer None High High
Criminal.
Competitors Medium High High
30. Likelihood, Impact Analysis &
Risk
Vulnerability Threat - Likelihood Impact Risk
Source
Absence Of Hacker, Medium High Medium
System Cracker
Security Competitors
Computer
Criminal
31. Control Recommendations
Risk Risk Recommended Controls Activity
Level Priority
Absence Of System Medium Install legally IPS & IDS. High
Security Implement encryption. Users
Access Control.
33. Terminal server security
configuration
User groups:
• Administrative Users group – privileges to
configure terminal server
• Remote Desktop Users group – privileges only to
connect remote desktop without possibility to
configure it.
• All users including administrator have credentials to
login the services, no password less connection
available.
34. Application control for users
• The users can use only specified applications by the
system administrator.
• Not active user sessions are terminated according
time limit.
• Applications that can be started by other application
are not visible to user.
• User attempt to open not assigned application are
restricted by popout message that user have not
privilege to open it.
35. Anti-virus
Implement security antivirus, which gives you updated
database and protect from intruders.
Shut down any untruthful connection.
Scanning web pages, your downloads.
Made with reliable Firewall.
Security isn’t about blocking malicious actions, it’s about
keeping your data safe, so arrange the reliable
Encryption software.
Users to upload viruses for future updates.
#1 Bitdefender