SlideShare a Scribd company logo

Information-Security-Lecture-7.pptx

Download as PPTX, PDF
A
anbersattar

This document discusses various types of cyber attackers and threats. It describes traditional hackers who are motivated by thrill-seeking and reputation. It also discusses script kiddies who use pre-written scripts to launch attacks despite having low technical skills. Additionally, the document outlines the anatomy of a hack, including reconnaissance, exploiting vulnerabilities, and using botnets to launch distributed denial of service attacks. Social engineering tactics like phishing emails are also summarized.

Software
1 of 26
Reference: Corporate & Network Security, Chapter 1 Raymond R. Panko :
Copyright Pearson Prentice-Hall 2010  The threat environment—attackers and their attacks  Basic security terminology  Employee and ex-employee threats  Traditional external attackers  The criminal era and competitor threats  Cyberwar and cyberterror 2
Copyright Pearson Prentice-Hall 2010  Traditional Hackers 3 In the 1970s, malware writers were joined by external hackers who began to break into corporate computers that were connected to modems. Today nearly every firm is connected to the Internet which harbors millions of external hackers
Copyright Pearson Prentice-Hall 2010  Traditional Hackers ◦ Motivated by thrill, validation of skills, sense of power ◦ Motivated to increase reputation among other hackers ◦ Often do damage as a byproduct ◦ Often engage in petty crime 4 ComputerWeekly.com 2008
Copyright Pearson Prentice-Hall 2010  Traditional Hackers 5 In 2009, vandals broke into a computerized road sign in Austin, Texas, and changed its message to read: “The end is near ! Caution ! Zombies Ahead !” Dallasnews.com, January 2009 Raymond Torricelli, broke into NASA computers and used up processor time, money, and disk resources to divert chat users to a website for which he admitted to being paid USD 400 per week. Cybercrime.gov, 2001
Copyright Pearson Prentice-Hall 2010 6 Just like a thief who wants to rob a home does reconnaissance of the neighborhood and gathers information to determine which house to break into, hackers also tend to do reconnaissance before breaking into a computer. As the figure shows, the attacker often sends probe packets into a network. These probe packets are designed to elicit replies from internal hosts and routers.
Copyright Pearson Prentice-Hall 2010  Anatomy of a Hack ◦ Reconnaissance probes (see figure)  IP address scans to identify possible victims  Identify active hosts  ICMP Echo and Echo reply messages  Port scans (connection requests) to learn which services are open on each potential victim host 7 Port 80 is the well known port for HTTP web servers. There are many well known port numbers between 0 and 1023. each indicates the presence of a particular type of application.
Copyright Pearson Prentice-Hall 2010 8 Corporate Site 128.171.17.13 128.171.17.47 Attacker 1. IP Address Scanning Packet Response Conf irms a Host at 128.171.17.13 3. Exploit Packet 128.171.17.22 2. Port Scanning Packet to Identif y Running Applications 1. ICMP Echo and Echo reply 2. Connection requests On a particular port number 3. Exploit or break-in
Copyright Pearson Prentice-Hall 2010  Anatomy of a Hack ◦ The exploit  The specific attack method that the attacker uses to break into the computer is called the attacker’s exploit  The act of implementing the exploit is called exploiting the host 9
Copyright Pearson Prentice-Hall 2010 10 128.171.17.13 128.171.17.47 Attacker 1. Spoof ed Packet to 128.171.17.13 Source IP address = 128.171.17.47 Instead of 10.6.4.3 10.6.4.3 2. Reply goes to Host 128.171.17.47 IP Address Spoof ing Hides the Attacker's Identity . But Replies do Not Go to the Attacker, So IP address Spoof ing Cannot be Used f or All Purposes Some exploit packets cannot be spoofed so the attacker uses chain of attack
Copyright Pearson Prentice-Hall 2010  Chain of attack computers (see figure) ◦ The attacker attacks through a chain of victim computers ◦ Probe and exploit packets contain the source IP address of the last computer in the chain ◦ The final attack computer receives replies and passes them back to the attacker ◦ Often, the victim can trace the attack back to the final attack computer ◦ But the attack usually can only be traced back a few computers more 11
Copyright Pearson Prentice-Hall 2010 12 Target Host 60.168.47.47 Attacker 1.34.150.37 Compromised Attack Host 3.35.126.7 Compromised Attack Host 123.125.33.101 Usually Can Only Trace Attack to Direct Attacker (123.125.33.101) or Second Direct Attacker (3.35.126.7) Log In Log In Attack Command For probes whose replies must be received, attacker sends probes through a chain of attack computers. Victim only knows the identity of the last compromised host (123.125.33.101) Not that of the attacker
Copyright Pearson Prentice-Hall 2010  Social Engineering ◦ Social engineering is often used in hacking ◦ Social engineering (as we saw earlier) is attempting to trick users into doing something that goes against the interests of security ◦ Often successful because it focuses on human weaknesses instead of technological weaknesses 13
Copyright Pearson Prentice-Hall 2010  Social Engineering  Call and ask for passwords and other confidential information 14 In one social engineering ploy, a hacker calls a secretary claiming to be working with the secretary’s boss. The hacker then asks for sensitive information such as a password or sensitive file.
Copyright Pearson Prentice-Hall 2010  Social Engineering 15 In one study, US Treasury Dept. inspectors posing as computer technicians called 100 Internal Revenue Service (IRS) employees and managers. The treasury agents asked each target for his or her username and asked the user to change the password to a specific password chosen by the “technician.” This was a clear violation of policy but 35% fell for the ploy in 2005. Washington Post, March 2005
Copyright Pearson Prentice-Hall 2010  Social Engineering  E-mail attack messages with attractive subjects  Piggybacking  Shoulder surfing  Pretexting 16 Piggybacking is following someone through a secure door, without entering a pass code. Looking over someone’s shoulder when he or she types a password is shoulder surfing. In pretexting the attacker calls claiming to be a certain customer in order to get private information about that customer.
Copyright Pearson Prentice-Hall 2010  Denial-of-Service (DoS) Attacks ◦ Make a server or entire network unavailable to legitimate users ◦ Typically send a flood of attack messages to the victim ◦ Distributed DoS (DDoS) Attacks ( see figure)  Bots flood the victim with attack packets  Attacker controls the bot 17
Copyright Pearson Prentice-Hall 2010 18 Victim Attacker Bot Bot Bot Attack Command Attack Packets Attack Packets Attack Packets Attack Command Attack Command
Copyright Pearson Prentice-Hall 2010 19 In 2001, the Code Red virus attacked the US Whitehouse website. Fortunately the attacks were made against the website’s IP address in stead of its host name. The White House merely changed the IP address of whitehouse.gov To attack a server, the bots might flood the server with TCP connection-opening requests (TCP SYN segments). A server reserves a certain amount of capacity each time it receives a SYN segment. By flooding a computer with SYN segments, the attacker can cause the server to run out of resources and therefore crash.
Copyright Pearson Prentice-Hall 2010  Bots ◦ Updatable attack programs ( see figure) ◦ Botmaster can update the software to change the type of attack the bot can do  May sell or lease the botnet to other criminals ◦ Botmaster can update the bot to fix bugs 20
Copyright Pearson Prentice-Hall 2010 21 DOS Victim Botmas ter Bot Bot Bot 1. DoSAttack Command 1. DoSAttack Packets 2. Spam E- Mail 2. Software update for Spam 3. Software update to f ix bug in the attack so ftware 2. Spam E- Mail SpamVictims
Copyright Pearson Prentice-Hall 2010 22  Bots Jeanson Ancheta was indicted for crimes involving a large botnet. Ancheta was charged with creating the botnet and installing adware programs, which constantly pop up advertisements, on these computers for a fee. He was also charged with renting parts of his botnet to other criminals for spam and denial of service attacks. http://www.cybercrime.gov (Nov 2005)
Copyright Pearson Prentice-Hall 2010  Skill Levels ◦ Expert attackers are characterized by strong technical skills and dogged persistence ◦ Expert attackers create hacker scripts to automate some of their work ◦ Scripts are also available for writing viruses and other malicious software 23 Todays hacker scripts often have easy to use graphical user interfaces and look like commercial products. Many scripts are available on the Internet…These easy to use scripts have created a new type of hacker “the script kiddie”
Copyright Pearson Prentice-Hall 2010  Skill Levels ◦ Script kiddies use these scripts to make attacks ◦ Script kiddies have low technical skills ◦ Script kiddies are dangerous because of their large numbers 24 In February 2000 a number of major firms were affected by devastatingly effective DDOS attacks that blocked each of their e-commerce systems for hours at a time. Victims included CNN, ebay, Yahoo, ZDNET, and others. At first the attacks were thought to be work of an elite hacker. However, the culprit was found to be a 15 year old script kiddie in Canada
Copyright Pearson Prentice-Hall 2010  Skill Levels 25 Virus and other Malware writers also have written long programs for creating new malware. Viruses have become so easy to create with these tools that Svan Jaschan, an 18 year old German student, who had never written a virus before, was responsible for 70% of the virus activity in the first half of 2004. (http://www.sophos.com)
Copyright Pearson Prentice-Hall 2010  Skill Levels 26 Today tools are available for creating all types of exploits. One of the most important is the MetaSploit Framework which makes it easy to take a new exploitation method and rapidly turn it into a full attack program. Metasploit is used both by attackers to launch attacks, and by security professionals to test the vulnerability of their systems to specific exploits. (http://www.metasploit.com)

Recommended

Information-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptxInformation-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptx
anbersattar
 
Information-Security-Lecture-4.pptx
Information-Security-Lecture-4.pptxInformation-Security-Lecture-4.pptx
Information-Security-Lecture-4.pptx
anbersattar
 
Information-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxInformation-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptx
anbersattar
 
Information-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxInformation-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptx
anbersattar
 
Operating Systems: Computer Security
Operating Systems: Computer SecurityOperating Systems: Computer Security
Operating Systems: Computer Security
Damian T. Gordon
 
Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its Prevention
Dinesh O Bareja
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeRanjana Adhikari
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.
Coder Tech
 

Recommended

Information-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptxInformation-Security-Lecture-6.pptx
Information-Security-Lecture-6.pptx
anbersattar
 
Information-Security-Lecture-4.pptx
Information-Security-Lecture-4.pptxInformation-Security-Lecture-4.pptx
Information-Security-Lecture-4.pptx
anbersattar
 
Information-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxInformation-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptx
anbersattar
 
Information-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxInformation-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptx
anbersattar
 
Operating Systems: Computer Security
Operating Systems: Computer SecurityOperating Systems: Computer Security
Operating Systems: Computer Security
Damian T. Gordon
 
Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its Prevention
Dinesh O Bareja
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeRanjana Adhikari
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.
Coder Tech
 
File000145
File000145File000145
File000145Desmond Devendran
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Salma Zafar
 
E crime thesis Cyber Crime and its several types
E crime thesis Cyber Crime and its several typesE crime thesis Cyber Crime and its several types
E crime thesis Cyber Crime and its several types
Assignment Studio
 
Computer crime (1)
Computer crime (1)Computer crime (1)
Computer crime (1)Shahd Elbadri
 
Cyber Crime and Security Presentation
Cyber Crime and Security PresentationCyber Crime and Security Presentation
Cyber Crime and Security Presentation
Preethi Kumaresh
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Debayon Saha
 
Cyber crime report
Cyber crime reportCyber crime report
Cyber crime reportRonson Calvin Fernandes
 
Ceh v5 module 09 social engineering
Ceh v5 module 09 social engineeringCeh v5 module 09 social engineering
Ceh v5 module 09 social engineering
Vi Tính Hoàng Nam
 
Module 3 social engineering-b
Module 3 social engineering-bModule 3 social engineering-b
Module 3 social engineering-bBbAOC
 
Report of cyber crime
Report of cyber crimeReport of cyber crime
Report of cyber crimeAlisha Korpal
 
Hacking
Hacking Hacking
Hacking
Farkhanda Kiran
 
Hackers and cyber crimes
Hackers and cyber crimesHackers and cyber crimes
Hackers and cyber crimes
Sweta Kumari Barnwal
 
Unit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimesUnit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimes
Sweta Kumari Barnwal
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
DivithC
 
Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010
Vicky Shah
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)
Thangaraj Murugananthan
 
SECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURESSECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURES
Shyam Kumar Singh
 
Hacking Presentation v2 By Raffi
Hacking Presentation v2 By Raffi Hacking Presentation v2 By Raffi
Hacking Presentation v2 By Raffi
Shawon Raffi
 
Cyber crime
Cyber crime Cyber crime
Cyber crime Soreingam Ragui
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
alinainglis
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
Tenet Systems Pvt Ltd
 

More Related Content

What's hot

Cyber crime
Cyber crimeCyber crime
Cyber crime
Salma Zafar
 
E crime thesis Cyber Crime and its several types
E crime thesis Cyber Crime and its several typesE crime thesis Cyber Crime and its several types
E crime thesis Cyber Crime and its several types
Assignment Studio
 
Cyber Crime and Security Presentation
Cyber Crime and Security PresentationCyber Crime and Security Presentation
Cyber Crime and Security Presentation
Preethi Kumaresh
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Debayon Saha
 
Ceh v5 module 09 social engineering
Ceh v5 module 09 social engineeringCeh v5 module 09 social engineering
Ceh v5 module 09 social engineering
Vi Tính Hoàng Nam
 
Module 3 social engineering-b
Module 3 social engineering-bModule 3 social engineering-b
Module 3 social engineering-bBbAOC
 
Report of cyber crime
Report of cyber crimeReport of cyber crime
Report of cyber crimeAlisha Korpal
 
Hacking
Hacking Hacking
Hacking
Farkhanda Kiran
 
Hackers and cyber crimes
Hackers and cyber crimesHackers and cyber crimes
Hackers and cyber crimes
Sweta Kumari Barnwal
 
Unit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimesUnit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimes
Sweta Kumari Barnwal
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
DivithC
 
Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010
Vicky Shah
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)
Thangaraj Murugananthan
 
SECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURESSECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURES
Shyam Kumar Singh
 
Hacking Presentation v2 By Raffi
Hacking Presentation v2 By Raffi Hacking Presentation v2 By Raffi
Hacking Presentation v2 By Raffi
Shawon Raffi
 

What's hot (20)

File000145
File000145File000145
File000145
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
E crime thesis Cyber Crime and its several types
E crime thesis Cyber Crime and its several typesE crime thesis Cyber Crime and its several types
E crime thesis Cyber Crime and its several types
 
Computer crime (1)
Computer crime (1)Computer crime (1)
Computer crime (1)
 
Cyber Crime and Security Presentation
Cyber Crime and Security PresentationCyber Crime and Security Presentation
Cyber Crime and Security Presentation
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime report
Cyber crime reportCyber crime report
Cyber crime report
 
Ceh v5 module 09 social engineering
Ceh v5 module 09 social engineeringCeh v5 module 09 social engineering
Ceh v5 module 09 social engineering
 
Module 3 social engineering-b
Module 3 social engineering-bModule 3 social engineering-b
Module 3 social engineering-b
 
Report of cyber crime
Report of cyber crimeReport of cyber crime
Report of cyber crime
 
Hacking
Hacking Hacking
Hacking
 
Hackers and cyber crimes
Hackers and cyber crimesHackers and cyber crimes
Hackers and cyber crimes
 
Unit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimesUnit ii-hackers and cyber crimes
Unit ii-hackers and cyber crimes
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)
 
SECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURESSECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURES
 
Hacking Presentation v2 By Raffi
Hacking Presentation v2 By Raffi Hacking Presentation v2 By Raffi
Hacking Presentation v2 By Raffi
 
Cyber crime
Cyber crime Cyber crime
Cyber crime
 

Similar to Information-Security-Lecture-7.pptx

54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
alinainglis
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
Tenet Systems Pvt Ltd
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
Geoff Pesimo
 
HR's Critical Role in Protecting Company Data
HR's Critical Role in Protecting Company DataHR's Critical Role in Protecting Company Data
HR's Critical Role in Protecting Company Data
Parsons Behle & Latimer
 
Cybercrime presentation
Cybercrime presentationCybercrime presentation
Cybercrime presentation
Rajat Jain
 
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A PrimerThe Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primer
amiable_indian
 
hacking
hackinghacking
hacking
ADAIKKAPPANS1
 
basic knowhow hacking
basic knowhow hackingbasic knowhow hacking
basic knowhow hacking
Anant Shrivastava
 
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECTHACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
DHRUV562167
 
31.ppt
31.ppt31.ppt
31.ppt
ssuserec53e73
 
31.ppt
31.ppt31.ppt
31.ppt
KarmanChandi
 
105 Common information security threats
105 Common information security threats105 Common information security threats
105 Common information security threats
SsendiSamuel
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
Arnav Chowdhury
 
Hack the hack
Hack the hackHack the hack
Hack the hack
Shakti Ranjan
 
Security threats facing SA businessess
Security threats facing SA businessessSecurity threats facing SA businessess
Security threats facing SA businessess
SensePost
 
presentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.pptpresentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.ppt
JatinRajput67
 
Cybersecurity2021
Cybersecurity2021Cybersecurity2021
Cybersecurity2021
PrabhatChoudhary11
 
Hacking and its Defence
Hacking and its DefenceHacking and its Defence
Hacking and its Defence
Greater Noida Institute Of Technology
 
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili SaghafiComputer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Professor Lili Saghafi
 

Similar to Information-Security-Lecture-7.pptx (20)

54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
 
HR's Critical Role in Protecting Company Data
HR's Critical Role in Protecting Company DataHR's Critical Role in Protecting Company Data
HR's Critical Role in Protecting Company Data
 
Cybercrime presentation
Cybercrime presentationCybercrime presentation
Cybercrime presentation
 
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A PrimerThe Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primer
 
hacking
hackinghacking
hacking
 
basic knowhow hacking
basic knowhow hackingbasic knowhow hacking
basic knowhow hacking
 
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECTHACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
 
31.ppt
31.ppt31.ppt
31.ppt
 
31.ppt
31.ppt31.ppt
31.ppt
 
105 Common information security threats
105 Common information security threats105 Common information security threats
105 Common information security threats
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Hack the hack
Hack the hackHack the hack
Hack the hack
 
Security threats facing SA businessess
Security threats facing SA businessessSecurity threats facing SA businessess
Security threats facing SA businessess
 
presentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.pptpresentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.ppt
 
Cybersecurity2021
Cybersecurity2021Cybersecurity2021
Cybersecurity2021
 
Hacking and its Defence
Hacking and its DefenceHacking and its Defence
Hacking and its Defence
 
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili SaghafiComputer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
 

Recently uploaded

Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
Drona Infotech
 
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
Alina Yurenko
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
Shane Coughlan
 
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket ManagementUtilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate
 
Empowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - DeugloEmpowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - Deuglo
Deuglo Infosystem Pvt Ltd
 
What is Augmented Reality Image Tracking
What is Augmented Reality Image TrackingWhat is Augmented Reality Image Tracking
What is Augmented Reality Image Tracking
pavan998932
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata
 
Launch Your Streaming Platforms in Minutes
Launch Your Streaming Platforms in MinutesLaunch Your Streaming Platforms in Minutes
Launch Your Streaming Platforms in Minutes
Roshan Dwivedi
 
Transform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR SolutionsTransform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR Solutions
TheSMSPoint
 
Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
Octavian Nadolu
 
Graspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code AnalysisGraspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code Analysis
Aftab Hussain
 
Using Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional SafetyUsing Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional Safety
Ayan Halder
 
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
Łukasz Chruściel
 
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissancesAtelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Neo4j
 
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
timtebeek1
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
Neo4j
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
Google
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
Philip Schwarz
 
Why Mobile App Regression Testing is Critical for Sustained Success_ A Detail...
Why Mobile App Regression Testing is Critical for Sustained Success_ A Detail...Why Mobile App Regression Testing is Critical for Sustained Success_ A Detail...
Why Mobile App Regression Testing is Critical for Sustained Success_ A Detail...
kalichargn70th171
 

Recently uploaded (20)

Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
 
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
 
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket ManagementUtilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
 
Empowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - DeugloEmpowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - Deuglo
 
What is Augmented Reality Image Tracking
What is Augmented Reality Image TrackingWhat is Augmented Reality Image Tracking
What is Augmented Reality Image Tracking
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
 
Launch Your Streaming Platforms in Minutes
Launch Your Streaming Platforms in MinutesLaunch Your Streaming Platforms in Minutes
Launch Your Streaming Platforms in Minutes
 
Transform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR SolutionsTransform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR Solutions
 
Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
 
Graspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code AnalysisGraspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code Analysis
 
Using Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional SafetyUsing Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional Safety
 
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
 
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissancesAtelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissances
 
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
 
Why Mobile App Regression Testing is Critical for Sustained Success_ A Detail...
Why Mobile App Regression Testing is Critical for Sustained Success_ A Detail...Why Mobile App Regression Testing is Critical for Sustained Success_ A Detail...
Why Mobile App Regression Testing is Critical for Sustained Success_ A Detail...
 

Information-Security-Lecture-7.pptx

  • 1. Reference: Corporate & Network Security, Chapter 1 Raymond R. Panko :
  • 2. Copyright Pearson Prentice-Hall 2010  The threat environment—attackers and their attacks  Basic security terminology  Employee and ex-employee threats  Traditional external attackers  The criminal era and competitor threats  Cyberwar and cyberterror 2
  • 3. Copyright Pearson Prentice-Hall 2010  Traditional Hackers 3 In the 1970s, malware writers were joined by external hackers who began to break into corporate computers that were connected to modems. Today nearly every firm is connected to the Internet which harbors millions of external hackers
  • 4. Copyright Pearson Prentice-Hall 2010  Traditional Hackers ◦ Motivated by thrill, validation of skills, sense of power ◦ Motivated to increase reputation among other hackers ◦ Often do damage as a byproduct ◦ Often engage in petty crime 4 ComputerWeekly.com 2008
  • 5. Copyright Pearson Prentice-Hall 2010  Traditional Hackers 5 In 2009, vandals broke into a computerized road sign in Austin, Texas, and changed its message to read: “The end is near ! Caution ! Zombies Ahead !” Dallasnews.com, January 2009 Raymond Torricelli, broke into NASA computers and used up processor time, money, and disk resources to divert chat users to a website for which he admitted to being paid USD 400 per week. Cybercrime.gov, 2001
  • 6. Copyright Pearson Prentice-Hall 2010 6 Just like a thief who wants to rob a home does reconnaissance of the neighborhood and gathers information to determine which house to break into, hackers also tend to do reconnaissance before breaking into a computer. As the figure shows, the attacker often sends probe packets into a network. These probe packets are designed to elicit replies from internal hosts and routers.
  • 7. Copyright Pearson Prentice-Hall 2010  Anatomy of a Hack ◦ Reconnaissance probes (see figure)  IP address scans to identify possible victims  Identify active hosts  ICMP Echo and Echo reply messages  Port scans (connection requests) to learn which services are open on each potential victim host 7 Port 80 is the well known port for HTTP web servers. There are many well known port numbers between 0 and 1023. each indicates the presence of a particular type of application.
  • 8. Copyright Pearson Prentice-Hall 2010 8 Corporate Site 128.171.17.13 128.171.17.47 Attacker 1. IP Address Scanning Packet Response Conf irms a Host at 128.171.17.13 3. Exploit Packet 128.171.17.22 2. Port Scanning Packet to Identif y Running Applications 1. ICMP Echo and Echo reply 2. Connection requests On a particular port number 3. Exploit or break-in
  • 9. Copyright Pearson Prentice-Hall 2010  Anatomy of a Hack ◦ The exploit  The specific attack method that the attacker uses to break into the computer is called the attacker’s exploit  The act of implementing the exploit is called exploiting the host 9
  • 10. Copyright Pearson Prentice-Hall 2010 10 128.171.17.13 128.171.17.47 Attacker 1. Spoof ed Packet to 128.171.17.13 Source IP address = 128.171.17.47 Instead of 10.6.4.3 10.6.4.3 2. Reply goes to Host 128.171.17.47 IP Address Spoof ing Hides the Attacker's Identity . But Replies do Not Go to the Attacker, So IP address Spoof ing Cannot be Used f or All Purposes Some exploit packets cannot be spoofed so the attacker uses chain of attack
  • 11. Copyright Pearson Prentice-Hall 2010  Chain of attack computers (see figure) ◦ The attacker attacks through a chain of victim computers ◦ Probe and exploit packets contain the source IP address of the last computer in the chain ◦ The final attack computer receives replies and passes them back to the attacker ◦ Often, the victim can trace the attack back to the final attack computer ◦ But the attack usually can only be traced back a few computers more 11
  • 12. Copyright Pearson Prentice-Hall 2010 12 Target Host 60.168.47.47 Attacker 1.34.150.37 Compromised Attack Host 3.35.126.7 Compromised Attack Host 123.125.33.101 Usually Can Only Trace Attack to Direct Attacker (123.125.33.101) or Second Direct Attacker (3.35.126.7) Log In Log In Attack Command For probes whose replies must be received, attacker sends probes through a chain of attack computers. Victim only knows the identity of the last compromised host (123.125.33.101) Not that of the attacker
  • 13. Copyright Pearson Prentice-Hall 2010  Social Engineering ◦ Social engineering is often used in hacking ◦ Social engineering (as we saw earlier) is attempting to trick users into doing something that goes against the interests of security ◦ Often successful because it focuses on human weaknesses instead of technological weaknesses 13
  • 14. Copyright Pearson Prentice-Hall 2010  Social Engineering  Call and ask for passwords and other confidential information 14 In one social engineering ploy, a hacker calls a secretary claiming to be working with the secretary’s boss. The hacker then asks for sensitive information such as a password or sensitive file.
  • 15. Copyright Pearson Prentice-Hall 2010  Social Engineering 15 In one study, US Treasury Dept. inspectors posing as computer technicians called 100 Internal Revenue Service (IRS) employees and managers. The treasury agents asked each target for his or her username and asked the user to change the password to a specific password chosen by the “technician.” This was a clear violation of policy but 35% fell for the ploy in 2005. Washington Post, March 2005
  • 16. Copyright Pearson Prentice-Hall 2010  Social Engineering  E-mail attack messages with attractive subjects  Piggybacking  Shoulder surfing  Pretexting 16 Piggybacking is following someone through a secure door, without entering a pass code. Looking over someone’s shoulder when he or she types a password is shoulder surfing. In pretexting the attacker calls claiming to be a certain customer in order to get private information about that customer.
  • 17. Copyright Pearson Prentice-Hall 2010  Denial-of-Service (DoS) Attacks ◦ Make a server or entire network unavailable to legitimate users ◦ Typically send a flood of attack messages to the victim ◦ Distributed DoS (DDoS) Attacks ( see figure)  Bots flood the victim with attack packets  Attacker controls the bot 17
  • 18. Copyright Pearson Prentice-Hall 2010 18 Victim Attacker Bot Bot Bot Attack Command Attack Packets Attack Packets Attack Packets Attack Command Attack Command
  • 19. Copyright Pearson Prentice-Hall 2010 19 In 2001, the Code Red virus attacked the US Whitehouse website. Fortunately the attacks were made against the website’s IP address in stead of its host name. The White House merely changed the IP address of whitehouse.gov To attack a server, the bots might flood the server with TCP connection-opening requests (TCP SYN segments). A server reserves a certain amount of capacity each time it receives a SYN segment. By flooding a computer with SYN segments, the attacker can cause the server to run out of resources and therefore crash.
  • 20. Copyright Pearson Prentice-Hall 2010  Bots ◦ Updatable attack programs ( see figure) ◦ Botmaster can update the software to change the type of attack the bot can do  May sell or lease the botnet to other criminals ◦ Botmaster can update the bot to fix bugs 20
  • 21. Copyright Pearson Prentice-Hall 2010 21 DOS Victim Botmas ter Bot Bot Bot 1. DoSAttack Command 1. DoSAttack Packets 2. Spam E- Mail 2. Software update for Spam 3. Software update to f ix bug in the attack so ftware 2. Spam E- Mail SpamVictims
  • 22. Copyright Pearson Prentice-Hall 2010 22  Bots Jeanson Ancheta was indicted for crimes involving a large botnet. Ancheta was charged with creating the botnet and installing adware programs, which constantly pop up advertisements, on these computers for a fee. He was also charged with renting parts of his botnet to other criminals for spam and denial of service attacks. http://www.cybercrime.gov (Nov 2005)
  • 23. Copyright Pearson Prentice-Hall 2010  Skill Levels ◦ Expert attackers are characterized by strong technical skills and dogged persistence ◦ Expert attackers create hacker scripts to automate some of their work ◦ Scripts are also available for writing viruses and other malicious software 23 Todays hacker scripts often have easy to use graphical user interfaces and look like commercial products. Many scripts are available on the Internet…These easy to use scripts have created a new type of hacker “the script kiddie”
  • 24. Copyright Pearson Prentice-Hall 2010  Skill Levels ◦ Script kiddies use these scripts to make attacks ◦ Script kiddies have low technical skills ◦ Script kiddies are dangerous because of their large numbers 24 In February 2000 a number of major firms were affected by devastatingly effective DDOS attacks that blocked each of their e-commerce systems for hours at a time. Victims included CNN, ebay, Yahoo, ZDNET, and others. At first the attacks were thought to be work of an elite hacker. However, the culprit was found to be a 15 year old script kiddie in Canada
  • 25. Copyright Pearson Prentice-Hall 2010  Skill Levels 25 Virus and other Malware writers also have written long programs for creating new malware. Viruses have become so easy to create with these tools that Svan Jaschan, an 18 year old German student, who had never written a virus before, was responsible for 70% of the virus activity in the first half of 2004. (http://www.sophos.com)
  • 26. Copyright Pearson Prentice-Hall 2010  Skill Levels 26 Today tools are available for creating all types of exploits. One of the most important is the MetaSploit Framework which makes it easy to take a new exploitation method and rapidly turn it into a full attack program. Metasploit is used both by attackers to launch attacks, and by security professionals to test the vulnerability of their systems to specific exploits. (http://www.metasploit.com)