This document summarizes a presentation on cyber security and open source tools. It introduces the speaker and their background in cyber security research. The presentation covers an overview of cyber security risks, why security is important, common attack methods and vulnerabilities. It also discusses strategies for securing networks, software, mobile devices and privacy. The latter part demonstrates security issues and provides references for open source security tools.

1. Cyber Security & Open Source
FOSS @ FISAT, Cochin, Kerala
Sajan Kumar.S
Research Associate,
TIFAC CORE in Cyber Security
Apr-21-2010

2. Background Information
• Who am I?
• When did I start security?
• Where do I work?
• What is my job?
• What was your inspiration for this talk?
The only truly secure system is one that is powered off, cast in a block of
concrete and sealed in a lead-lined room with armed guards. — Gene Spafford

3. Agenda
• Part 1 :
– Insight into Cyber Security
– Web In-Security
– Network Security Myths
– References

4. What’s Cyber Security?
• When a computer connects to a network and
begins communicating with others, it is taking
a risk. Internet security involves the protection
of a computer's internet account and files
from intrusion of an unknown user.
• Nut Shell:
– Computer security is a branch of
computer technology known as information
security as applied to computers and networks

5. Cyber Security in Nut Shell!

6. Why do WE need Cyber Security?

7. What are the Risks Involved around
YOU?

9. Aren’t these just Technology issues?
If you think technology can solve your security problems, then you don't
understand the problems and you don't understand the technology. — Bruce Schneier

10. NO

11. Its all about PEOPLE who makes
Insecurity!

12. It’s all about people, who
Break into Corporates &
Organizational networks to get
access to confidential data
Penetrate major bank’s security
system to steal $10 million

13. It’s all about people, who
Write Software Code which can
completely make your computer
useless
Create Denial of Service attacks on Sites
like Twitter, Facebook & Amazon
Recently to bring the sites to a idle

14. If large Organizations and Institutions
are not safe from Cyber Attacks…!!

15. Are YOU Safe?

16. Not Always…..

17. Can YOU be Cautious?

18. Yes. YOU can!

19. The first step in becoming
Cyber Safe is
Awareness!

20. General Security

21. General Security
Passwords
• No personal information(Name, College, Friend’s
Name, Date of Birth etc)
• Complex, but easy to remember
• Number, Special Characters, Upper Case
• Not Dictionary words
• Don’t write it down some where
• Don’t allow programs to “remember” your
password

22. General Security
Anti-Virus Software
– Use a good, well known software
– Set up Automatic Scans
– Manually Scan files received from Outside
– Regularly update the software – to get latest
definitions
– Not always 100% effective !
Firewalls
– Enable your Operating System Firewall (if built in)
– If your broadband is always on – Good to have firewall

23. General Security
• Good Security Habits
– Lock your computer when you are away from it
– Disconnect your computer from the internet, if
you are not using it
– Evaluate your security settings
– Back up all of your data

24. SAFE BROWSING, EMAIL

25. Email & Chat
Attachments
Spam
Chat & IM

26. Social Networks
Limit Personal Info
Privacy Settings
Billboard Rule ! Links & Add-Ons

27. Secure Sites & Cookies
• https vs http
• Check if the website has a valid Certificate
• Cookies store information about you and your
browsing habits
• To increase your level of security, adjust your
privacy and security settings on your browser

28. SSL In-Security Demo
• open Source Tools used for the Demo:
– Fragrouter
– Arpspoof
– Dnspoof
– Nslookup
– Webmitm
– Wireshark
– ssldump

29. Mobile Devices

30. MOBILE DEVICES
Wireless Security Key
Physical Security Password Protection
Caution! Bluetooth
Caution! USB

31. Attacks & Threats

32. Well Publicized Attack Methods
Parameters in Application. Authentication/Authorisation.
Cross Site Scripting (XSS) Character Set Manipulation Broken Session Management
SQL Injection Information Gathering Broken Access Control
OS Injection Brute Force Broken Authentication
Value Tampering Broken Session Value Tampering
Cookie Poisoning Management Cookie Poisoning
Buffer Overflow SQL Injection
HTTP/XML Known Vulnerabilities.
Structure Malformation Multi-part Post/Put
Published OS Vulnerabilities
Buffer Overflow Character Set Manipulation
Published App Vulnerabilities
Directory Transversal Information Gathering
Development Tool Vulnerabilities
Forceful Browsing Embedded Parameter
DoS and DDos
Buffer Overflow Attacks (XML)
Default Installs
Response Splitting``` Insecure Storage
One can familiar with all the attacks using a vulnerable App project : WebGoat – Ref:

33. Web Vulnerabilities in Nut Shell

34. Privacy

35. Privacy
• Limit exposure of your private information
online
• Encrypt confidential communication
• Supplementing Passwords –Use secure
data/passwords while supplementing

36. Software and applications

37. Software and applications
• Licensing!
• Updates and patches
• File sharing
• Anonymity
• Trojan Horses
• Key Loggers
• Logic Bomb
• Backdoors, etc…

38. Web In-Security

39. Attack Scenario
How to protect yourself with open source tools / distros?

40. Strategies & Solutions!

48. Insight into:
• Information Gathering
• XSS Attack
• Phishing
• Email Tracing
• DOS Attack
• SQL Injection Attack

49. Network Security Myths

51. How to get Your Network Hacked in 10
Easy Steps
• Don’t patch anything
• Run unhardened applications
• Use one account, everywhere
• Open lots of holes in firewall
• Allow unrestricted internal traffic
• Allow all outbound traffic
• Don’t harden servers
• Reuse your email/server passwords
• Use high-level service accounts, in multiple places
• Assume everything is OK.
• Post Issues on public forums with sample configurations

52. Commonly known Vulnerabilities of
Windows Systems
• Internet Information Services (IIS)
• Microsoft Data Access Components (MDAC) -Remote Data
Services
• Microsoft SQL Server
• NETBIOS -Unprotected Windows Networking Shares
• Anonymous Logon -Null Sessions
• LAN Manager Authentication -Weak LM Hashing
• General Windows Authentication - Accounts with No
Passwords or Weak Passwords
• Internet Explorer
• Remote Registry Access
• Windows Scripting Host

53. Commonly Known Vulnerabilities of
Unix Systems
• Remote Procedure Calls (RPC)
• Apache Web Server
• Secure Shell (SSH)
• Simple Network Management Protocol (SNMP)
• File Transfer Protocol (FTP)
• R-Services -Trust Relationships
• Line Printer Daemon (LPD)
• Sendmail
• BIND/DNS
• General Unix Authentication -Accounts with No Passwords or
Weak Passwords

54. Internal Pen Testing
• Footprint
• Host Identification
• Service Identification
• Service Enumeration
• Host Enumeration
• Network Map
• HSV Scans
• Vulnerability Mapping/Exploitation

55. References
• http://planet-websecurity.org
• http://www.owasp.org
• http://sourceforge.net/
• https://addons.mozilla.org/en-US/firefox/addon/3899
• http://www.owasp.org/index.php/OWASP_WebScarab
_NG_Project
• http://www.owasp.org/index.php/Category:OWASP_W
ebGoat_Project
• http://web-sniffer.net/
• http://www.t1shopper.com/tools/

56. Q&A

57. Thank You!
• Ping me
Email: ammsajan@gmail.com
Skype: ammasajan