Download as PDF, PPTX
More Related Content
Infosec
- 1.
- 2. Why InfoSec??? Nobody is perfect. World is digitalized. We are “System engineers,Programmers,Database administrators,Web developers” At least we are “users”
- 3. Sniffing Sniffer:computer software or computer hardware that can intercept and log traffic passing over a network or part of a network. Depending on the network structure (hub or switch).
- 4. Spoofing Is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage. “URL spoofing and phishing,Dns spoofing,Arp spoofing,MITM,E-mail address spoofing,Ip spoofing,Mac Spoofing”
- 5. E-mail spoofing Describes e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source.
- 6. DNS spoofing Is the art of making a DNS entry to point to an another IP than it would be supposed to point to. DNS Cache Poisoning. DNS ID Spoofing. Birthday Paradox.
- 7. ARP spoofing Faking the ARP message. Associates the attacker's MAC address with the IP address of another machine. Any traffic meant for that IP address would be mistakenly sent to the attacker.
- 8. Phishing Attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity. often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
- 9. IP spoofing The creation of IP packets with a spoofed source IP address with the purpose of concealing the identity of another machine.
- 10. MAC Spoofing ifconfig eth0 down hw ether 00:00:00:00:00:00 Allows the bypassing of access control lists on servers or routers,
- 11. MITM Attack inwhich the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other.
- 12. Session hijacking Refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.
- 13. Dos attacks Is an attempt to make a computer resource unavailable to its intended users. prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. saturating the target (victim) machine with external communications requests, such that it cannot respond to legitimate traffic.
- 14. Dos attacks (cont) ICMP flood (Smurf attack”Reflected attack”,Ping flood,Ping of death). SYN flood. login/logout. Distributed attack. Prevented by (switches,routers,firewall,ips).
- 15. Buffer overflow Is an anomaly where a process stores data in a buffer outside the memory the programmer set aside for it. 1-overflow an input field, command-line argument, or input buffer. 2-overflow the current return address on the stack with address of the exploit code loaded in step 3. 3-write a simple set of code for the next space in the stack that includes attacker commands.
- 16. Exploits Apiece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic. Metasploit. Coreimpact.
- 17. SQL injection Is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters “select * from `users` where `username` = '$userName' and `password` = '$password'” What if user has entered his username as: ' + 1 = 1. Query where clause will be true, which will authenticate user in.
- 18. Password attacks Bruteforce. Dictionary.
- 19.