Network Security Risk


Network Risks and Vulnerabilities
Network Security Workshop

Dedi Dwianto, C|EH, OSCP
Daftar ISI

2

Contents

 Network Vulnerabilities

 Network Risk Assesment

 Network Risk Mitigation


3

Vulnerabilities

 Vulnerabilities are software flaws or misconfigurations
that cause a weakness in the security of a system.

 Vulnerabilities can be exploited by a malicious entity to
violate policies—for example, to gain greater access or
permission than is authorized on a computer.


4

Security Vulnerability Problem

 Design Flaws

 poor security management,

 incorrect implementation,

 Internet technology vulnerability,

 the nature of intruder activity,

 the difficulty of fixing vulnerable systems,

 the limits of effectiveness of reactive solutions,

 social engineering


5

Design Flaws

 The two major components of a computer system,
hardware and software, quite often have design flaws
 Hardware systems are less susceptible to design flaws
than their software counterparts owing to less
complexity and the long history of hardware
engineering.
 But even with all these factors backing up hardware
engineering, design flaws are still common.
 But the biggest problems in system security vulnerability
are due to software design flaws


6

Design Flaws

 three major factors contribute a great deal to
software design flaws:
 human factors,
 software complexity,
 trustworthy software sources


7

Classification by Software Development
LifeCycle (SDLC) Phase
 Taxonomies of this kind attempt to categorize
vulnerabilities according to when they were
introduced in the software lifecycle.

 Classically, 6 phases are recognized: feasibility
study, requirements definition, design,
implementation, integration and testing, and
operations and maintenance.


8

Classification by Location in Object Models

 These classifications attempt to categorize
vulnerabilities according to which model object or
“entity” they belong to. Examples are classifying
vulnerabilities using the ISO Open Systems
Interconnect (OSI) reference model for networking


9

Classification by Location in Object Models

 These classifications attempt to categorize
vulnerabilities according to which model object or
“entity” they belong to. Examples are classifying
vulnerabilities using the ISO Open Systems
Interconnect (OSI) reference model for networking


10

Viruses

 A virus, a parasitic program that cannot function
independently, is a program or code fragment that is self-
propagating. It is called a virus, because like its biological
counterpart, it requires a "host" to function. In the case of a
computer virus the host is some other program to which the
virus attaches itself.

 A virus is usually spread by executing an infected program or
by sending an infected file to someone else, usually in the
form of an e-mail attachment.


11

Impersonation/Masquerading

 Impersonation or masquerading is the act of pretending to be
someone or something you are not gain unauthhorized
access to a system.
 This usually implies that authentication credentials have
been stolen.
 Impersonation is often possible through the capture of
usernames and passwords or of session setip procedures for
network services.
 Prevent using one-time pads, token and Kerberos


12

Worm

 A worm is a self-contained and independent program that is
usually designed to propagate or spawn itself on infected
systems and to seek other systems via available networks.


13

Port Scanning

 Like a burglar casing a target to plan a break-in, a hacker will
often case a system to gather information that can later be
used to attack the system. One of the tools that hackers often
use for this type of reconnaissance is a port scanner.

 A port scanner is a program that listens to well-known port
numbers to detect services running on a system that can be
exploited to break into the system.


14

Man in the Middle Attack (MITM)

 In a MIM attack, a hacker inserts himself or herself between
a client program and a server on a network. By doing so the
hacker can intercept information entered by the client, such
as credit card numbers, passwords, and account information.

 Under one execution of this scheme, a hacker would place
himself or herself between a browser and a Web server. The
MIM attack, which is also sometimes called Web spoofing, is
usually achieved by DNS or hyperlink spoofing.


15

Denial of Service

 DoS is an attempt to make a machine or network resource
unavailable to its intended users. Although the means to
carry out, motives for, and targets of a DoS attack may vary,

 it generally consists of the efforts of one or more people to
temporarily or indefinitely interrupt or suspend services of a
host connected to the Internet.


16

Network Risk Assesment

 Risk assessment is the first process in the risk management
methodology.

 To determine the likelihood of a future adverse event, threats
to an network system must be analyzed in conjunction with
the potential vulnerabilities and the controls in place for the
network system.


17

Network Risk Assesment Methodology

 The risk assessment methodology encompasses nine primary steps :
 System Characterization
 Threat Identification
 Vulnerability Identification
 Control Analysis
 Likelihood Determination
 Impact Analysis
 Risk Determination
 Control Recommendations
 Results Documentation


18

Network Risk Assesment Methodology


19

Impact Analysis

 The next major step in measuring level of risk is to determine the
adverse impact resulting from a successful threat exercise of a
vulnerability.

 Common impact :
 Loss of Integrity
 Loss of Availability
 Loss of Confidentiality


20

Network Risk Mitigation

 Risk mitigation is a systematic methodology used by senior management
to reduce mission risk.


21

Network Risk Mitigation


Network Security Risk

More Related Content

What's hot

Viewers also liked

Similar to Network Security Risk

Network Security Risk