SlideShare a Scribd company logo

Session Slide

Download as PPTX, PDF
M
Muralidharan Radhakrishnan

Two Days National Level Workshop on Network Security on Februrary 27th and 28th 2015 organzied by Department of Computer Science, Rathinam College of Arts and Science, Eachanari, Coimbatore. The sessions are handled by Mr. Neeraj Kumar, Associate Consultant Information and Network Security, UTL Technologies, Banagalore. The program was organized in association with UTL Technologies, Bangalore.

1 of 50
Network Security Workshop 27th & 28th Feb 2015
Network Security • A specialized field in computer networking that involves securing a computer network infrastructure. • Network security is typically handled by a network administrator or system administrator who implements the security policy, network software and hardware needed to protect a network.
Goals of Network Security
Goals of Network Security
Hacking • Hacking is the process of exploiting vulnerabilities to gain unauthorized access to systems or resources.
Hacktivism
Types of Hackers
The Art of Breaking In 1) Information Gathering 2) Scanning and Enumeration 3) Breaking In or Gaining Access 4) Privilege Escalation on the victim 5) Post Exploitation cleanup and Backdooring
Information Gathering (Footprinting) • Uncovering and collecting as much information as possible about a target network.
Ways for Information Gathering • Social Networking websites • Professional & Business Networking websites • Job Search websites • People search websites • Company websites • Whois lookup • Google Hacking • And many more…
Google Hacking • Google hacking is the use of a search engine, such as Google, to locate a security vulnerability on the Internet. • Using complex search engine queries to get relevant result in less time. • There are generally two types of vulnerabilities to be found on the Web: software vulnerabilities and misconfigurations.
Port Scanning • Port Scanning is the name for the technique used to identify open ports and services available on a network host. • There are many tools to facilitate port scanning. • The best tool is NMAP Port Scanner.
Packet Sniffers • Packet sniffers or protocol analyzers are tools that are commonly used by network technicians to diagnose network-related problems. • Packet sniffers can also be used by hackers for less than noble purposes such as spying on network user traffic and collecting passwords. • The best tool is Wireshark.
Pivoting • Attacker does not have direct access to Server 2. • Attacker first breaks into Server 1 and then uses Server 1 as a staging point to break into Server 2.
Pivoting Attack
Penetration Testing
What is Penetration Testing? • Penetration testing, often called “pentesting”, “pen testing”, or “security testing”, is the practice of attacking your own or your clients’ IT systems in the same way a hacker would to identify security holes. • Of course, you do this without actually harming the network. The person carrying out a penetration test is called a penetration tester or pentester. • Let’s make one thing crystal clear: Penetration testing requires that you get permission from the person who owns the system. Otherwise, you would be hacking the system, which is illegal in most countries.
Types of Penetration Testing Black Box Pentesting: requires no previous information and usually takes the approach of an uninformed attacker. In a black box penetration test the penetration tester has no previous information about the target system. White Box Pentesting: is an approach that uses the knowledge of the internals of the target network that organization should provide you during the agreement.
Understanding Basic Terms Vulnerability: A weakness that allows an attacker to break into and compromise a system’s security. Exploit: code which allows an attacker to take advantage of a vulnerable system. Payload: code that lets you control a computer system after it’s been exploited.
How does Exploitation work ? 1) Vulnerability 2) Exploit 3) Payload
On a more serious note …
Metasploit Framework • Tools for development and testing of vulnerabilities. • Started by HD Moore in 2003. • Acquired by Rapid7 • Remains open source and free for use. • Written in Ruby
Metasploit for Pentesting • Over 1000 tested exploits • Over 250 payloads and 28 encoders • Metasploit offers “Plug & Play” of payloads with exploits • Tons of other features for better and faster pentests
Demo Metasploit • Lab Setup:
Malware / Virus • The term malware is short for "malicious software.“ • Malware refers to any computer program that is designed to do things that are harmful to or unwanted by a computer's legitimate user — meaning you. • A virus is a programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document.
Malware / Virus • Viruses can be transmitted as attachments to an e- mail or in a downloaded file, or be present on a pendrive, CD. • The receiver of the e-mail, downloaded file is usually unaware that it contains a virus.
Backdoor • A backdoor is a technique in which a system security mechanism is bypassed undetectably to access a computer or its data. • The backdoor access method is sometimes written by the programmer who develops a program.
DoS & DDoS Attack • It is an attack on the availability of an information system. • A denial-of-service (DoS) or distributed denial-of- service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users.
TCP 3 Way Handshake
DoS Attack
DDoS Attack
Symptoms of DoS & DDoS Attack
Impact of DDoS Attack
Impact of DDoS Attack
Impact of DDoS Attack
Impact of DDoS Attack
Impact of DDoS Attack
Impact of DDoS Attack
Cryptography • Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. • Cryptography is the art of converting your information from human readable form to human unreadable form.
Cryptography • In Cryptography Human unreadable information is known as “Cipher Text” or “Encrypted Text” • In Cryptography Human readable information is known as “Clear Text” or “Plain Text” or “Decrypted Text”
Cryptography Encryption: Conversion of information from “Plain- Text” to “Cipher-Text” is known as encryption, so that information remains confidential. Decryption: Conversion of information from “Cipher- Text” to “Plain-Text” is known as decryption.
Popular Cryptographic Encryption Algorithms • AES • DES • 3DES • RC2 • RC4 • Blowfish
Steganography • Steganography is the science of hiding information. • The purpose of Steganography is covert communication to hide a message from a third party. • Examples Hiding a message in a Image • Hiding a message in a MP3 file. • Hiding a message in a video file.
Image Steganography
Image Steganography
Image Steganography in Terrorism
Web Applications • A Web application (Web app) is an application program that is stored on a remote server and delivered over the Internet through a browser interface. • Any application that you access through a web browser is a web application.
Web Application Architecture
Web Application Vulnerabilities • Web applications suffer from many number of vulnerabilities. • SQL Injection • Cross Site Scripting • Web Server Misconfigurations • Insecure protocol usage • and many more
Thank you !

Recommended

Network sec 1
Network sec 1Network sec 1
Network sec 1Jasleen Kaur
 
Cyber security
Cyber securityCyber security
Cyber security
JahirUddinKomol
 
Spamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSpamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attack
Syed Ali Mujtaba Jaffary
 
Incident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresIncident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and Countermeasures
Jose L. Quiñones-Borrero
 
Cs8792 cns - unit v
Cs8792 cns - unit vCs8792 cns - unit v
Cs8792 cns - unit v
ArthyR3
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testing
Abdul Rahman
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentals
Manesh T
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & Attacks
Netwax Lab
 

Recommended

Network sec 1
Network sec 1Network sec 1
Network sec 1Jasleen Kaur
 
Cyber security
Cyber securityCyber security
Cyber security
JahirUddinKomol
 
Spamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSpamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attack
Syed Ali Mujtaba Jaffary
 
Incident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresIncident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and Countermeasures
Jose L. Quiñones-Borrero
 
Cs8792 cns - unit v
Cs8792 cns - unit vCs8792 cns - unit v
Cs8792 cns - unit v
ArthyR3
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testing
Abdul Rahman
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentals
Manesh T
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & Attacks
Netwax Lab
 
Types of Attack in Information and Network Security
Types of Attack in Information and Network SecurityTypes of Attack in Information and Network Security
Types of Attack in Information and Network Security
padmeshagrekar
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer Attacks
Sam Bowne
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network Attacks
Savvius, Inc
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCU
Jose L. Quiñones-Borrero
 
CNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking OverviewCNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking Overview
Sam Bowne
 
Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0
Q Fadlan
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics Intro
Jake K.
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasures
karanwayne
 
Certified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book SummaryCertified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book Summary
udemy course
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical Hacking
Viral Parmar
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKS
Shaurya Gogia
 
Cyber Security: Trends and Globar War
Cyber Security: Trends and Globar WarCyber Security: Trends and Globar War
Cyber Security: Trends and Globar WarNasir Bhutta
 
CNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksCNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer Attacks
Sam Bowne
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9koolkampus
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
Dr. Kapil Gupta
 
Intruders detection
Intruders detectionIntruders detection
Intruders detectionEhtisham Ali
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network security
NEHA PATEL
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and Attacks
Information Technology
 
Introduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivismIntroduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivism
Global Micro Solutions
 
VB6 Using ADO Data Control
VB6 Using ADO Data ControlVB6 Using ADO Data Control
VB6 Using ADO Data ControlNotre Dame of Midsayap College
 
ADO CONTROLS - Database usage
ADO CONTROLS - Database usageADO CONTROLS - Database usage
ADO CONTROLS - Database usage
Muralidharan Radhakrishnan
 

More Related Content

What's hot

Types of Attack in Information and Network Security
Types of Attack in Information and Network SecurityTypes of Attack in Information and Network Security
Types of Attack in Information and Network Security
padmeshagrekar
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer Attacks
Sam Bowne
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network Attacks
Savvius, Inc
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCU
Jose L. Quiñones-Borrero
 
CNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking OverviewCNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking Overview
Sam Bowne
 
Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0
Q Fadlan
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics Intro
Jake K.
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasures
karanwayne
 
Certified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book SummaryCertified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book Summary
udemy course
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical Hacking
Viral Parmar
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKS
Shaurya Gogia
 
Cyber Security: Trends and Globar War
Cyber Security: Trends and Globar WarCyber Security: Trends and Globar War
Cyber Security: Trends and Globar WarNasir Bhutta
 
CNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksCNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer Attacks
Sam Bowne
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9koolkampus
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
Dr. Kapil Gupta
 
Intruders detection
Intruders detectionIntruders detection
Intruders detectionEhtisham Ali
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network security
NEHA PATEL
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and Attacks
Information Technology
 
Introduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivismIntroduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivism
Global Micro Solutions
 

What's hot (20)

Types of Attack in Information and Network Security
Types of Attack in Information and Network SecurityTypes of Attack in Information and Network Security
Types of Attack in Information and Network Security
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer Attacks
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network Attacks
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCU
 
CNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking OverviewCNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking Overview
 
Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics Intro
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasures
 
Certified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book SummaryCertified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book Summary
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical Hacking
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKS
 
Cyber Security: Trends and Globar War
Cyber Security: Trends and Globar WarCyber Security: Trends and Globar War
Cyber Security: Trends and Globar War
 
CNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksCNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer Attacks
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
 
Intruders detection
Intruders detectionIntruders detection
Intruders detection
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network security
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and Attacks
 
Introduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivismIntroduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivism
 

Viewers also liked

ADO CONTROLS - Database usage
ADO CONTROLS - Database usageADO CONTROLS - Database usage
ADO CONTROLS - Database usage
Muralidharan Radhakrishnan
 
ADO Controls - Database Usage from Exploring MS Visual Basic 6.0 Book
ADO Controls - Database Usage from Exploring MS Visual Basic 6.0 BookADO Controls - Database Usage from Exploring MS Visual Basic 6.0 Book
ADO Controls - Database Usage from Exploring MS Visual Basic 6.0 Book
Muralidharan Radhakrishnan
 
Tutorial 7 - Wireless Networking and Security
Tutorial 7 - Wireless Networking and SecurityTutorial 7 - Wireless Networking and Security
Tutorial 7 - Wireless Networking and Securitydpd
 
CS4443 - Modern Programming Language - I Lecture (1)
CS4443 - Modern Programming Language - I Lecture (1)CS4443 - Modern Programming Language - I Lecture (1)
CS4443 - Modern Programming Language - I Lecture (1)
Dilawar Khan
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
Wayne Jones Jnr
 
assembly language programming and organization of IBM PC" by YTHA YU
assembly language programming and organization of IBM PC" by YTHA YUassembly language programming and organization of IBM PC" by YTHA YU
assembly language programming and organization of IBM PC" by YTHA YU
Education
 
Micro hydro power plant final 1
Micro hydro power plant final 1Micro hydro power plant final 1
Micro hydro power plant final 1richa khatri
 
Microprocessor chapter 9 - assembly language programming
Microprocessor chapter 9 - assembly language programmingMicroprocessor chapter 9 - assembly language programming
Microprocessor chapter 9 - assembly language programming
Wondeson Emeye
 
It essentials pc hardware and software overview
It essentials pc hardware and software overviewIt essentials pc hardware and software overview
It essentials pc hardware and software overviewAhmed Sultan
 
C Programming Language Tutorial for beginners - JavaTpoint
C Programming Language Tutorial for beginners - JavaTpointC Programming Language Tutorial for beginners - JavaTpoint
C Programming Language Tutorial for beginners - JavaTpoint
JavaTpoint.Com
 
Hydro power ppt
Hydro power pptHydro power ppt
Hydro power pptsrgirlsdk
 
Active directory
Active directory Active directory
Active directory deshvikas
 
Computer hardware presentation
Computer hardware presentationComputer hardware presentation
Computer hardware presentation
Jisu Dasgupta
 
Networking devices
Networking devicesNetworking devices
Networking devicesrupinderj
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
Allan Pratt MBA
 
Introduction to computer hardware
Introduction to computer hardwareIntroduction to computer hardware
Introduction to computer hardware
mite6025.hku
 

Viewers also liked (20)

VB6 Using ADO Data Control
VB6 Using ADO Data ControlVB6 Using ADO Data Control
VB6 Using ADO Data Control
 
ADO CONTROLS - Database usage
ADO CONTROLS - Database usageADO CONTROLS - Database usage
ADO CONTROLS - Database usage
 
ADO Controls - Database Usage from Exploring MS Visual Basic 6.0 Book
ADO Controls - Database Usage from Exploring MS Visual Basic 6.0 BookADO Controls - Database Usage from Exploring MS Visual Basic 6.0 Book
ADO Controls - Database Usage from Exploring MS Visual Basic 6.0 Book
 
IT Essentials Chapter 9
IT Essentials Chapter 9IT Essentials Chapter 9
IT Essentials Chapter 9
 
Tutorial 7 - Wireless Networking and Security
Tutorial 7 - Wireless Networking and SecurityTutorial 7 - Wireless Networking and Security
Tutorial 7 - Wireless Networking and Security
 
CS4443 - Modern Programming Language - I Lecture (1)
CS4443 - Modern Programming Language - I Lecture (1)CS4443 - Modern Programming Language - I Lecture (1)
CS4443 - Modern Programming Language - I Lecture (1)
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
 
assembly language programming and organization of IBM PC" by YTHA YU
assembly language programming and organization of IBM PC" by YTHA YUassembly language programming and organization of IBM PC" by YTHA YU
assembly language programming and organization of IBM PC" by YTHA YU
 
Micro hydro power plant final 1
Micro hydro power plant final 1Micro hydro power plant final 1
Micro hydro power plant final 1
 
Microprocessor chapter 9 - assembly language programming
Microprocessor chapter 9 - assembly language programmingMicroprocessor chapter 9 - assembly language programming
Microprocessor chapter 9 - assembly language programming
 
It essentials pc hardware and software overview
It essentials pc hardware and software overviewIt essentials pc hardware and software overview
It essentials pc hardware and software overview
 
Hydro power presentation
Hydro power presentationHydro power presentation
Hydro power presentation
 
C Programming Language Tutorial for beginners - JavaTpoint
C Programming Language Tutorial for beginners - JavaTpointC Programming Language Tutorial for beginners - JavaTpoint
C Programming Language Tutorial for beginners - JavaTpoint
 
Hydro power ppt
Hydro power pptHydro power ppt
Hydro power ppt
 
Active directory
Active directory Active directory
Active directory
 
Computer hardware presentation
Computer hardware presentationComputer hardware presentation
Computer hardware presentation
 
Networking devices
Networking devicesNetworking devices
Networking devices
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
Network security
Network securityNetwork security
Network security
 
Introduction to computer hardware
Introduction to computer hardwareIntroduction to computer hardware
Introduction to computer hardware
 

Similar to Session Slide

Ethical hacking and cyber security intro
Ethical hacking and cyber security introEthical hacking and cyber security intro
Ethical hacking and cyber security intro
Abhilash Ak
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
baabtra.com - No. 1 supplier of quality freshers
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptx
vamshimatangi
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.
Ankur Kumar
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and tools
chrizjohn896
 
building foundation for ethical hacking.ppt
building foundation for ethical hacking.pptbuilding foundation for ethical hacking.ppt
building foundation for ethical hacking.ppt
ShivaniSingha1
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
ankit sarode
 
Botnets Attacks.pptx
Botnets Attacks.pptxBotnets Attacks.pptx
Botnets Attacks.pptx
MuhammadRehan856177
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
Joshua Prince
 
Types of attack -Part2
Types of attack -Part2Types of attack -Part2
Types of attack -Part2
SHUBHA CHATURVEDI
 
cyber sequirety Terms.pptx
cyber sequirety Terms.pptxcyber sequirety Terms.pptx
cyber sequirety Terms.pptx
AritMistri1
 
Computer security
Computer securityComputer security
Computer security
Mahesh Singh Madai
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Rishabha Garg
 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
MadhuKumar114889
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
Institute of Information Security (IIS)
 
Introduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf fileIntroduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf file
debmajumder741249
 
ethical hacking.pptx
ethical hacking.pptxethical hacking.pptx
ethical hacking.pptx
daxgame
 
sourabh_sipPPT.pptx
sourabh_sipPPT.pptxsourabh_sipPPT.pptx
sourabh_sipPPT.pptx
SourabhRuhil4
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
parveen837153
 
Ethical Hacking Redefined
Ethical Hacking RedefinedEthical Hacking Redefined
Ethical Hacking Redefined
Pawan Patil
 

Similar to Session Slide (20)

Ethical hacking and cyber security intro
Ethical hacking and cyber security introEthical hacking and cyber security intro
Ethical hacking and cyber security intro
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptx
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and tools
 
building foundation for ethical hacking.ppt
building foundation for ethical hacking.pptbuilding foundation for ethical hacking.ppt
building foundation for ethical hacking.ppt
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
 
Botnets Attacks.pptx
Botnets Attacks.pptxBotnets Attacks.pptx
Botnets Attacks.pptx
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
 
Types of attack -Part2
Types of attack -Part2Types of attack -Part2
Types of attack -Part2
 
cyber sequirety Terms.pptx
cyber sequirety Terms.pptxcyber sequirety Terms.pptx
cyber sequirety Terms.pptx
 
Computer security
Computer securityComputer security
Computer security
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
Introduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf fileIntroduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf file
 
ethical hacking.pptx
ethical hacking.pptxethical hacking.pptx
ethical hacking.pptx
 
sourabh_sipPPT.pptx
sourabh_sipPPT.pptxsourabh_sipPPT.pptx
sourabh_sipPPT.pptx
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Ethical Hacking Redefined
Ethical Hacking RedefinedEthical Hacking Redefined
Ethical Hacking Redefined
 

Recently uploaded

Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
vaibhavrinwa19
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
TechSoup
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
TechSoup
 
Honest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptxHonest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptx
timhan337
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Thiyagu K
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
Jean Carlos Nunes Paixão
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
Jisc
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
Peter Windle
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
Tamralipta Mahavidyalaya
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
Mohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
EduSkills OECD
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
Marketing internship report file for MBA
Marketing internship report file for MBAMarketing internship report file for MBA
Marketing internship report file for MBA
gb193092
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
MysoreMuleSoftMeetup
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
Celine George
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
Celine George
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
DeeptiGupta154
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
Levi Shapiro
 
Chapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdfChapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdf
Kartik Tiwari
 

Recently uploaded (20)

Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
 
Honest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptxHonest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptx
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
Marketing internship report file for MBA
Marketing internship report file for MBAMarketing internship report file for MBA
Marketing internship report file for MBA
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
 
Chapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdfChapter -12, Antibiotics (One Page Notes).pdf
Chapter -12, Antibiotics (One Page Notes).pdf
 

Session Slide

  • 2. Network Security • A specialized field in computer networking that involves securing a computer network infrastructure. • Network security is typically handled by a network administrator or system administrator who implements the security policy, network software and hardware needed to protect a network.
  • 3. Goals of Network Security
  • 4. Goals of Network Security
  • 5. Hacking • Hacking is the process of exploiting vulnerabilities to gain unauthorized access to systems or resources.
  • 8. The Art of Breaking In 1) Information Gathering 2) Scanning and Enumeration 3) Breaking In or Gaining Access 4) Privilege Escalation on the victim 5) Post Exploitation cleanup and Backdooring
  • 9. Information Gathering (Footprinting) • Uncovering and collecting as much information as possible about a target network.
  • 10. Ways for Information Gathering • Social Networking websites • Professional & Business Networking websites • Job Search websites • People search websites • Company websites • Whois lookup • Google Hacking • And many more…
  • 11. Google Hacking • Google hacking is the use of a search engine, such as Google, to locate a security vulnerability on the Internet. • Using complex search engine queries to get relevant result in less time. • There are generally two types of vulnerabilities to be found on the Web: software vulnerabilities and misconfigurations.
  • 12. Port Scanning • Port Scanning is the name for the technique used to identify open ports and services available on a network host. • There are many tools to facilitate port scanning. • The best tool is NMAP Port Scanner.
  • 13. Packet Sniffers • Packet sniffers or protocol analyzers are tools that are commonly used by network technicians to diagnose network-related problems. • Packet sniffers can also be used by hackers for less than noble purposes such as spying on network user traffic and collecting passwords. • The best tool is Wireshark.
  • 14. Pivoting • Attacker does not have direct access to Server 2. • Attacker first breaks into Server 1 and then uses Server 1 as a staging point to break into Server 2.
  • 17. What is Penetration Testing? • Penetration testing, often called “pentesting”, “pen testing”, or “security testing”, is the practice of attacking your own or your clients’ IT systems in the same way a hacker would to identify security holes. • Of course, you do this without actually harming the network. The person carrying out a penetration test is called a penetration tester or pentester. • Let’s make one thing crystal clear: Penetration testing requires that you get permission from the person who owns the system. Otherwise, you would be hacking the system, which is illegal in most countries.
  • 18. Types of Penetration Testing Black Box Pentesting: requires no previous information and usually takes the approach of an uninformed attacker. In a black box penetration test the penetration tester has no previous information about the target system. White Box Pentesting: is an approach that uses the knowledge of the internals of the target network that organization should provide you during the agreement.
  • 19. Understanding Basic Terms Vulnerability: A weakness that allows an attacker to break into and compromise a system’s security. Exploit: code which allows an attacker to take advantage of a vulnerable system. Payload: code that lets you control a computer system after it’s been exploited.
  • 20. How does Exploitation work ? 1) Vulnerability 2) Exploit 3) Payload
  • 21. On a more serious note …
  • 22. Metasploit Framework • Tools for development and testing of vulnerabilities. • Started by HD Moore in 2003. • Acquired by Rapid7 • Remains open source and free for use. • Written in Ruby
  • 23. Metasploit for Pentesting • Over 1000 tested exploits • Over 250 payloads and 28 encoders • Metasploit offers “Plug & Play” of payloads with exploits • Tons of other features for better and faster pentests
  • 25. Malware / Virus • The term malware is short for "malicious software.“ • Malware refers to any computer program that is designed to do things that are harmful to or unwanted by a computer's legitimate user — meaning you. • A virus is a programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document.
  • 26. Malware / Virus • Viruses can be transmitted as attachments to an e- mail or in a downloaded file, or be present on a pendrive, CD. • The receiver of the e-mail, downloaded file is usually unaware that it contains a virus.
  • 27. Backdoor • A backdoor is a technique in which a system security mechanism is bypassed undetectably to access a computer or its data. • The backdoor access method is sometimes written by the programmer who develops a program.
  • 28. DoS & DDoS Attack • It is an attack on the availability of an information system. • A denial-of-service (DoS) or distributed denial-of- service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users.
  • 29. TCP 3 Way Handshake
  • 32. Symptoms of DoS & DDoS Attack
  • 33. Impact of DDoS Attack
  • 34. Impact of DDoS Attack
  • 35. Impact of DDoS Attack
  • 36. Impact of DDoS Attack
  • 37. Impact of DDoS Attack
  • 38. Impact of DDoS Attack
  • 39. Cryptography • Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. • Cryptography is the art of converting your information from human readable form to human unreadable form.
  • 40. Cryptography • In Cryptography Human unreadable information is known as “Cipher Text” or “Encrypted Text” • In Cryptography Human readable information is known as “Clear Text” or “Plain Text” or “Decrypted Text”
  • 41. Cryptography Encryption: Conversion of information from “Plain- Text” to “Cipher-Text” is known as encryption, so that information remains confidential. Decryption: Conversion of information from “Cipher- Text” to “Plain-Text” is known as decryption.
  • 42. Popular Cryptographic Encryption Algorithms • AES • DES • 3DES • RC2 • RC4 • Blowfish
  • 43. Steganography • Steganography is the science of hiding information. • The purpose of Steganography is covert communication to hide a message from a third party. • Examples Hiding a message in a Image • Hiding a message in a MP3 file. • Hiding a message in a video file.
  • 47. Web Applications • A Web application (Web app) is an application program that is stored on a remote server and delivered over the Internet through a browser interface. • Any application that you access through a web browser is a web application.
  • 49. Web Application Vulnerabilities • Web applications suffer from many number of vulnerabilities. • SQL Injection • Cross Site Scripting • Web Server Misconfigurations • Insecure protocol usage • and many more