The document provides an overview of cyber security and vulnerability scanning. It discusses the history of cyber security including early computer worms like Creeper and Reaper. The CIA triad of confidentiality, integrity and availability is introduced as a model for security policies. Types of attacks and how cyber security is implemented are covered. Vulnerability scanners are defined as tools that assess vulnerabilities across systems and networks. Their benefits, limitations, architecture and types including network-based and host-based are outlined.
Application Security - Your Success Depends on itWSO2
Traditional information security mainly revolves around network and operating system (OS) level protection. Regardless of the level of security guarding those aspects, the system can be penetrated and the entire deployment can be brought down if your application's security isn't taken into serious consideration. Information security should ideally start at the application level, before network and OS level security is ensured. To achieve this, security needs to be integrated into the application at the software development phase.
In this session, Dulanja will discuss the following:
The importance of application security - why network and OS security is insufficient.
Challenges in securing your application.
Making security part of the development lifecycle.
Application Security - Your Success Depends on itWSO2
Traditional information security mainly revolves around network and operating system (OS) level protection. Regardless of the level of security guarding those aspects, the system can be penetrated and the entire deployment can be brought down if your application's security isn't taken into serious consideration. Information security should ideally start at the application level, before network and OS level security is ensured. To achieve this, security needs to be integrated into the application at the software development phase.
In this session, Dulanja will discuss the following:
The importance of application security - why network and OS security is insufficient.
Challenges in securing your application.
Making security part of the development lifecycle.
Companies are generally very good at protecting themselves against external attacks, but only rarely do they guard themselves against internal attacks. By using what’s known as ‘Social Engineering’, hackers exploit unsuspecting people who in good faith open up their doors to unwanted strangers.
Social engineering, or SE, is the art of manipulating people into performing actions or so they give up confidential information. Social Engineering can mean different things to different people.
This Edureka PPT on "Application Security" will help you understand what application security is and measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities.
Following are the topics covered in this PPT:
Introduction to Cybersecurity
What is Application Security?
What is an SQL Injection attack
Demo on SQL Injection
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
malware, types of malware, virus, trojans, worm, rootkit, ransomware, malware protection, malware protection laws India, how malware works, history of malware
These slides guides you through the tools and techniques one can use for footprinting websites or people.You will find amazing tools and techniques have a look
Currently, market has a wide range of systems, products and services focused on computer security services: Antivirus, Antispyware, Firewalls, IPS, WAF, SIEM systems, etc.
All these measures are indispensable and have become a priority for any company or organization towards ensuring its assets, but social engineering plays with the advantage that you can use techniques that violate own vulnerabilities inherent in human beings and, as is well known, for this there is no patch or upgrade that provides effective protection against such attacks.
People is normally “the weak link in the chain”.
Companies are generally very good at protecting themselves against external attacks, but only rarely do they guard themselves against internal attacks. By using what’s known as ‘Social Engineering’, hackers exploit unsuspecting people who in good faith open up their doors to unwanted strangers.
Social engineering, or SE, is the art of manipulating people into performing actions or so they give up confidential information. Social Engineering can mean different things to different people.
This Edureka PPT on "Application Security" will help you understand what application security is and measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities.
Following are the topics covered in this PPT:
Introduction to Cybersecurity
What is Application Security?
What is an SQL Injection attack
Demo on SQL Injection
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
malware, types of malware, virus, trojans, worm, rootkit, ransomware, malware protection, malware protection laws India, how malware works, history of malware
These slides guides you through the tools and techniques one can use for footprinting websites or people.You will find amazing tools and techniques have a look
Currently, market has a wide range of systems, products and services focused on computer security services: Antivirus, Antispyware, Firewalls, IPS, WAF, SIEM systems, etc.
All these measures are indispensable and have become a priority for any company or organization towards ensuring its assets, but social engineering plays with the advantage that you can use techniques that violate own vulnerabilities inherent in human beings and, as is well known, for this there is no patch or upgrade that provides effective protection against such attacks.
People is normally “the weak link in the chain”.
A brief introduction to Computer Security and its threats, Security Mechanism(Cryptography, Digital Signature, Firewall, IDS etc) and Security Services.
chap-1 : Vulnerabilities in Information SystemsKashfUlHuda1
Introduction to Cyber Security. Chapter #1. Vulnerabilities in Information Systems. What is a vulnerability?
Cyberspace: From terra incognita to terra nullius.
Cyberspace performance expectations. Measuring vulnerabilities. CVSS XCCDF OVAL
Avoiding vulnerabilities through secure coding
Tools and Mechanisms for Network Security in an Organization.
Physical Security, Administrative Security and Technical Security measures have been described.
Security Testing Tools are Nessus, THC Hydra, Kismet, Nikto, WireShark and NMAP.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
The Roman Empire A Historical Colossus.pdfkaushalkr1407
The Roman Empire, a vast and enduring power, stands as one of history's most remarkable civilizations, leaving an indelible imprint on the world. It emerged from the Roman Republic, transitioning into an imperial powerhouse under the leadership of Augustus Caesar in 27 BCE. This transformation marked the beginning of an era defined by unprecedented territorial expansion, architectural marvels, and profound cultural influence.
The empire's roots lie in the city of Rome, founded, according to legend, by Romulus in 753 BCE. Over centuries, Rome evolved from a small settlement to a formidable republic, characterized by a complex political system with elected officials and checks on power. However, internal strife, class conflicts, and military ambitions paved the way for the end of the Republic. Julius Caesar’s dictatorship and subsequent assassination in 44 BCE created a power vacuum, leading to a civil war. Octavian, later Augustus, emerged victorious, heralding the Roman Empire’s birth.
Under Augustus, the empire experienced the Pax Romana, a 200-year period of relative peace and stability. Augustus reformed the military, established efficient administrative systems, and initiated grand construction projects. The empire's borders expanded, encompassing territories from Britain to Egypt and from Spain to the Euphrates. Roman legions, renowned for their discipline and engineering prowess, secured and maintained these vast territories, building roads, fortifications, and cities that facilitated control and integration.
The Roman Empire’s society was hierarchical, with a rigid class system. At the top were the patricians, wealthy elites who held significant political power. Below them were the plebeians, free citizens with limited political influence, and the vast numbers of slaves who formed the backbone of the economy. The family unit was central, governed by the paterfamilias, the male head who held absolute authority.
Culturally, the Romans were eclectic, absorbing and adapting elements from the civilizations they encountered, particularly the Greeks. Roman art, literature, and philosophy reflected this synthesis, creating a rich cultural tapestry. Latin, the Roman language, became the lingua franca of the Western world, influencing numerous modern languages.
Roman architecture and engineering achievements were monumental. They perfected the arch, vault, and dome, constructing enduring structures like the Colosseum, Pantheon, and aqueducts. These engineering marvels not only showcased Roman ingenuity but also served practical purposes, from public entertainment to water supply.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
2. History
• 1970’s, Robert Thomas, a researcher for BBN Technologies in Cambridge,
Massachusetts, created the first computer “worm”. It was called The
Creeper.
• It infected computers by hopping from system to system with the message “I’M
THE CREEPER: CATCH ME IF YOU CAN.”
• Ray Tomlinson, the inventor of email, created a replicating program
called The Reaper, the first antivirus software, which would chase
Creeper and delete it.
• In 1988, Robert Morris wrote a program Morris worm that went through
networks, invaded Unix terminals, and copied itself.
• The Morris worm was so aggressive that it slowed down computers to the point
of being unusable. He subsequently became the first person to be convicted
under Computer Fraud and Abuse Act.
3. What is Cyber Security
Cybersecurity is the body of technologies, processes, and practices
designed to protect networks, computers, programs and data from
attack, damage or unauthorized access.
4. Why is cybersecurity important?
• With each passing year, the sheer volume of threats is increasing
rapidly.
• According to the report by McAfee, cybercrime now stands at over $400 billion,
while it was $250 billion two years ago.
• Cyber attacks can be extremely expensive for businesses to endure.
• In addition to financial damage suffered by the business, a data breach can also
inflict untold reputational damage.
• Cyber-attacks these days are becoming progressively destructive.
• Cybercriminals are using more sophisticated ways to initiate cyber attacks.
• Regulations such as General Data Protection Regulation (GDPR)
are forcing organizations into taking better care of the personal data
they hold.
5. The CIA Triad
• Confidentiality, integrity, and availability, also known as the CIA
triad, is a model designed to guide companies and organizations to
form their security policies.
6. Confidentiality
• Confidentiality is about preventing the disclosure of data to
unauthorized parties.
• It also means trying to keep the identity of authorized parties
involved in sharing and holding data private and anonymous.
• Often confidentiality is compromised by cracking poorly encrypted
data, Man-in-the-middle(MITM) attacks, disclosing sensitive data.
• Standard measures to establish confidentiality include:
• Data encryption
• Two-factor authentication
• Biometric verification
• Security tokens
7. Integrity
• Integrity refers to protecting information from being modified by
unauthorized parties.
• It is a requirement that information and programs are changed only in
a specified and authorized manner.
• Challenges that could endanger integrity include turning a machine
into a “zombie computer”, embedding malware into web pages.
• Standard measures to guarantee integrity include:
• Cryptographic checksums
• Using file permissions
• Uninterrupted power supplies
• Data backups
8. Availability
• Availability is making sure that authorized parties are able to access
the information when needed.
• Data only has value if the right people can access it at the right time.
• Information unavailability can occur due to security incidents such as
DDoS attacks, hardware failures, programming errors, human errors.
• Standard measures to guarantee availability include:
• Backing up data to external drives
• Implementing firewalls
• Having backup power supplies
• Data redundancy
13. Classification of Security Hackers
Black Hat Hackers’ objective:
• To steal valuable information from another user
• To steal money through transactions and accounts
• To get access to free music and videos
• Downloading free hacking software which is considered an
illegal activity
• To steal valuable information from military/navy organizations
• To access restricted networking spaces
White Hat Hackers’ objective:
• To improve the security framework in a system
• Developing high security programming language like Linux
• Developing most of the security software for organizations
• Checking and updating security softwares
• Developing programs like pop up blocker, firewall and ad
blocker
14. Vulnerability Scanner
A vulnerability scanner can assess a variety of vulnerabilities across
information systems like computers, network systems, operating systems,
and software applications, that may be:
1. Vendor-originated: this includes software bugs, missing operating system patches,
vulnerable services, insecure default configurations, and web application
vulnerabilities.
2. System administration-originated: this includes incorrect or unauthorised system
configuration changes, lack of password protection policies, and so on.
3. User-originated: this includes sharing directories to unauthorised parties, failure
to run virus scanning software, and malicious activities, such as deliberately
introducing system backdoors activities
15. Benefits of Vulnerability Scanners
• Early detection and handling of known security problems
• Identify security vulnerabilities that may be present in the network, from both
the internal and external perspective.
• Identification of new device or even a new system that may be
connected to the network without authorisation
• The scanner can help identify rogue machines, which might endanger overall
system and network security.
• Verify the inventory of all devices on the network.
• Inventory includes the device type, operating system version and patch level,
hardware configurations and other relevant system information. This
information is useful in security management and tracking.
16. Limitations of Vulnerability Scanners
• Snapshot only: a vulnerability scanner can only assess a "snapshot of
time" in terms of a system or network's security status.
• Scanning needs to be conducted regularly, as new vulnerabilities can emerge, or
system configuration changes can introduce new security holes.
• Human judgement is needed: Vulnerability scanners can only report
vulnerabilities according to the plug-ins installed in the scan database.
• They cannot determine whether the response is a false negative or a false
positive. Human judgement is always needed in analysing the data after the
scanning process.
• Others: a vulnerability scanner is designed to discover known
vulnerabilities only.
• It cannot identify other security threats, such as those related to physical,
operational or procedural issues.
17. Architecture of Vulnerability Scanners
• Scan Engine executes security checks
according to its installed plug-ins,
identifying system information and
vulnerabilities.
• It can scan more than one host at a time and
compares the results against known
vulnerabilities.
• Scan Database stores vulnerability
information, scan results, and other data
used by scanner.
• Number of available plug-ins, and the updating
frequency of plug-ins will vary depending on
vendor. Scanners with an "auto-update" feature
• Each plug-in might contain not only the test
case itself, but also a vulnerability description, a
Common Vulnerabilities and Exposures (CVE)
identifier; and even fixing instructions for a
detected vulnerability.
18. Architecture of Vulnerability Scanners
(Contd..)
• Report Module provides different levels of reports on the scan results,
• Such as detailed technical reports with suggested remedies for system
administrators,
• Summary reports for security managers,
• High-level graph and trend reports for executives.
• User Interface allows the administrator to operate the scanner.
• It may be either a Graphical User Interface (GUI), or just a command line interface.
For enterprise networks : Use Distributed Network Scanners with more
complex architecture, capable of assessing vulnerabilities across multiple or
geographically dispersed networks . Composed
• Remote scanning agents,
• Plug-in update mechanism for those agents,
• Centralised management point.
19. Types of Vulnerability Scanner
• NETWORK-BASED SCANNERS
• Usually installed on a single machine that scans a number of other hosts on
the network.
• It helps detect critical vulnerabilities such as mis-configured firewalls,
vulnerable web servers, risks associated with vendor-supplied software, and
risks associated with network and systems administration.
• Different types of network-based scanners include:
1. Port Scanners that determine the list of open network ports in remote systems;
2. Web Server Scanners that assess the possible vulnerabilities (e.g. potentially dangerous
files) in remote web servers;
3. Web Application Scanners that assess the security aspects of web applications (such as
cross site scripting and SQL injection) running on web servers.
Cross-site Scripting (XSS) is a client-side code injection attack. The actual attack occurs when the victim visits the
web page or web application that executes the malicious code.
SQL injection is a code injection technique that might destroy your database and is one of the most common web
hacking techniques.
20. Types of Vulnerability Scanner (Contd..)
• HOST-BASED SCANNERS
• Scanner is installed in the host to be scanned,
• Has direct access to low-level data, such as specific services and configuration
details of the host's operating system.
• Provide insight into risky user activities such as using easily guessed passwords or
even no password.
• Detect signs that an attacker has already compromised a system, including
looking for suspicious file names, unexpected new system files or device files, and
unexpected privileged programs.
• Perform baseline (or file system) checks not done by Network-based scanners as
they do not have direct access to the file system on the target host.
• Database scanner is an example of a host-based vulnerability scanner.
• It performs detailed security analysis of the authorisation, authentication, and integrity of
database systems, and can identify any potential security exposures in database systems,
ranging from weak passwords and security mis-configurations to Trojan horses.
21. Open Port Service Identification: Introduction
• A port scanner is an application designed to probe a server or host for
open ports.
• Such an application may be used by administrators to verify security policies
of their networks and by attackers to identify network services running on a
host and exploit vulnerabilities.
• A port scan is a process that sends client requests to a range of server
port addresses on a host, with the goal of finding an active port.
• Basically port scan are not attacks, but rather simple probes to determine
services available on a remote machine.
• Portsweep is to scan multiple hosts for a specific listening port.
• For example, an SQL-based computer worm may portsweep looking for hosts
listening on TCP port 1433.
22. Categories
Result of a scan on a port is usually generalized into one of three categories:
• Open or Accepted: The host sent a reply indicating that a service is listening
on the port.
• Closed or Denied or Not Listening: The host sent a reply indicating that
connections will be denied to the port.
• Filtered, Dropped or Blocked: There was no reply from the host.
• Two vulnerabilities of which administrators must be cautioned:
• Security and stability concerns associated with the program responsible for
delivering the service- Open ports.
• Security and stability concerns associated with the operating system that is running
on the host- Open or Closed ports.
• Filtered ports do not present any vulnerabilities.
23. Types
• TCP scanning
• Use the operating system's network functions and are generally the next option to go to
when SYN is not a feasible option
• If a port is open,
• the operating system completes the TCP three-way handshake,
• The scanner immediately closes the connection to avoid performing a Denial-of-service attack.
• Otherwise an error code is returned.
• Advantage of the mode
• No special privileges required for user does not require.
• Disadvantage of the mode
• Since mode prevents low-level control, so this scan type is less common.
• Method is "noisy", particularly if it is a "portsweep“.
• The services can log the sender IP address and Intrusion detection systems can raise an alarm.
24. Types (Contd..)
• SYN scanning
• Another form of TCP scanning.
• Port scanner generates raw IP packets itself, and monitors for responses instead of
running OS based network functions.
• Also known as "half-open scanning", because it never actually opens a full TCP
connection.
• The port scanner generates a SYN packet.
• If the target port is open, it will respond with a SYN-ACK packet.
• The scanner host responds with an RST packet, closing the connection before the
handshake is completed.
• If the port is closed but unfiltered, the target will instantly respond with an RST
packet.
• Advantages,
• Scanner has full control of the packets sent and the timeout for responses, and
allowing detailed reporting of the responses.
25. Types (Contd..)
• UDP scanning
• There are technical challenges as UDP is a connectionless protocol , hence no
equivalent to a TCP SYN packet.
• If a UDP packet is sent to a port that is not open,
• System will respond with an ICMP port unreachable message.
• Hence, use the absence of a response to infer that a port is open.
• However, if a port is blocked by a firewall, this method will falsely report that the port is
open.
• If the port unreachable message is blocked, all ports will appear open.
• Method is also affected by ICMP rate limiting.
• Other scanning Method but rarely used are
• ACK scanning
• Window scanning
• FIN scanning
26. Examples
• For example a scanner could connect to using nmap application to
• port 1 - to see if tcpmux is running.
• Specification describes a multiplexing service that may be accessed with a network
protocol to contact any one of a number of available TCP services of a host on a single,
well-known port number
• port 7 - to see if echo is running.
• Display of data
• port 22 - to see if openssh is available.
• OpenSSH is a freely available version of the Secure Shell (SSH) protocol family of tools for
remotely controlling, or transferring files between, computers.
• port 25 - to see if smtp is available.
• Set of communication guidelines that allow software to transmit an electronic mail over
the internet i
27. Version Check
• Footprinting is the technique to collect as much information as possible
about the targeted network/victim/system.
• It helps hackers in various ways to intrude on an organization's system.
• Use nmap to discover the web server version, Operating System Version
check the servers to make sure that their ports are operating properly, ping
network segments.
• Some commands for version check include
• -sV (Version detection)
• -allports (Don't exclude any ports from version detection)
• -version-intensity <intensity> (Set version scan intensity)
• -version-all (Try every single probe)
• - version-trace (Trace version scan activity)
28. TRAFFIC PROBE
• High-Speed Traffic Processing
• LAN and MAN has evolved to support speeds from 1 Mb/s to 100 Gb/s.
• The total amount of data created or replicated on the planet in 2010 was over
1 zettabyte (143 GB for each of the 7 billion people on the planet.
• This volume of information requires high-speed links between server farms,
cloud storage, and end users to make sure that it can be processed in a timely
and reliable fashion.
• It will not be possible to analyse such huge traffic volumes in the coming 100
GbE network installations with the current generation of network
measurement tools
• FPGA cards (intel 82599, Myri-10G Lanai Z8ES) are still used in applications
which perform in-depth analysis, patter matching, and low latency operations
in 40/100 Gb/s networks
29. TRAFFIC PROBE (Contd..)
• Network Traffic Measurement
• Full packet traces.
• Flow statistics provide information from Internet Protocol (IP).
• Volume statistics are provided by most network appliances for network
management.
• Network Intrusion Detection
• Signature-based approach inspects the evaluated content.
• Anomaly-based detection.
• Stateful protocol analysis.
30. Vulnerability Probe: HTML injection check
• Some security bugs can’t be identified without sending a payload that
exploits a suspected vulnerability.
• Vulnerability probe for a web application. Imagine a web app that has
a search box for users to find text within its pages.
HTML EXAMPLE :-
• <div id="search"><span class="results">Results for '<xss>'...</span>
Example of Cross Site Scripting (XSS)
To do with caution
<script>alert (1)</script>
31. Vulnerability Probe: Buffer Overflow
• A buffer overflow occurs when a program or process attempts to
write more data to a fixed length block of memory (a buffer), than
the buffer is allocated to hold.
• By sending carefully crafted input to an application, an
attacker can cause the application to execute arbitrary code, possibly
taking over the machine
32. Vulnerability Probe: Buffer Overflow
• Minimalist vulnerable program
#include <string.h>
int main(int argc, char *argv[])
{
char buffer[512];
if (argc > 1)
strcpy(buffer,argv[1]);
}
• Compile the program with the following command :
• $ gcc -o vulnerable main.c
33. References
1. What is Cybersecurity? – A Beginner’s Guide to Cybersecurity
World available at https://www.edureka.co/blog/what-is-
cybersecurity/
2. Cybersecurity Fundamentals – Introduction to Cybersecurity
available at https://www.edureka.co/blog/cybersecurity-
fundamentals-introduction-to-cybersecurity/
3. An Overview Of Vulnerability Scanners available at
https://www.infosec.gov.hk/english/technical/files/