Workshop on Cyber security

Cyber Security
Workshop on Information Security
Mehedi Hasan

Introduction
Mehedi Hasan
Masters of Information System Security
Bangladesh University of Professionals (BUP),
Email: mehedi0001@yahoo.com
Cell Phone : 01713000056
Working Area: Electronics and Industrial Security.
Job Experience: 15 Years (Multinational Company)
• Brother International Singapore (Full Time)
• Law Enforcement & Intelligence
• Bangladesh Computer Council (Guest Trainer)
• BPATC (Guest Trainer)
• Tracer Electrocom (Consultant)
Professional Training: Singapore, Indonesia, Malaysia,
Vietnam, Thailand, Nepal and India.

Chapter Outline
• Introduction to Cyber Crime & Security
• Information Gathering.
• Malware
• Different types of Attack.
• Social Engineering.
• Digital Forensic.
• Banking Sector
• Countermeasure.
• Conclusion.

Introduction
Hacking: Unauthorized access in a system

Types of Hacking
• Website Hacking.
• Email Hacking.
• Network Hacking.
• Password Hacking.
• Online Bank Hacking
• Computer Hacking.

Why Information Security
• Cyber Criminals weapon:
PC/Mobile phones are becoming a primary tool of cyber
criminal & terrorist.
• Academic ravel:
Decreasing level of skill set of professionals. Cyber-
criminals are becoming the master’s of international
Cooperation.
• Updating Technology:
Increasing use of complex computer infrastructure and
network elements.

Types of Cyber crime
CHILD PORNOGRAPHY
The Internet is being highly used by its abusers to reach
and abuse children sexually, worldwide. As more homes
have access to internet, more children would be using the
internet and more are the chances of falling victim to the
aggression of Pedophiles.
How Do They Operate
How do they operate Pedophiles use false identity to trap
the children , Pedophiles connect children in various chat
rooms which are used by children to interact with other
children.

DENIAL OF SERVICE ATTACKS :
This is an act by the criminals who floods the bandwidth of the
victims network or fills his E-mail box with spam mail depriving
him of the service he is entitled to access or provide. Many
DOS attacks, such as the ping of death and Tear drop attacks.
VIRUS DISSMINITION : Malicious software that attaches itself
to other software. VIRUS , WORMS, TROJAN HORSE ,WEB
JACKING, E-MAIL BOMBING etc.
COMPUTER VANDALISM :
Damaging or destroying data rather than stealing or misusing
them is called cyber vandalism. These are program that attach
themselves to a file and then circulate.

CYBER TERRORISM
Terrorist attacks on the Internet is by
distributed denial of service attacks, hate
websites and hate E-mails , attacks on service
network etc.
SOFTWARE PIRACY
Theft of software through the illegal copying of
genuine programs or the counterfeiting and
distribution of products intended to pass for
the original.

Who is a Hacker
He is not a Hacker
He is a Hacker
•Think outside the box.
•Wants to test his limits.
•Wants to try things that are not in the manual.
•Has unlimited curiosity.
•Discover s unknown features about technology.
•Dedicated to knowledge
•Believes in stretching the limits.
•Highly creative.
• Not a Criminal
• Not someone who is good on Microsoft word, excel.

Who is Hacker
Hacker Cracker
Lots of Knowledge & Experience Lots of Knowledge & Experience
Good person Bad person
Strong Ethics Poor Ethics
No Crime Involved with crime
Like to fights against criminal They are criminal

Modern Hacker
Networking Programming Operating System
Hacker

Steps Of Hackers
•Step 1: Information Gathering/Network reconnaissance.
•Step 2: Identify Loophole.
•Step 3: Actual Hack.
•Step 4: Escape without a trace.
Hacking into computer, is just like breaking into a house

Case Study
• Balancing money.
• Mumbai Lady.
• Nasa
• Bangladesh Bank.
• American Bank.

What will we learn?
• Not teach you how to become a criminal
• Teach you to think like a computer hacker.
• Teach you how computer criminals work.
• Teach you to implement solutions &
countermeasures against criminals.
• Prepare you to fight cyber criminals.
• Techniques to protect yourself.

The Anatomy of IP Addresses
• Every system connected to a network has a
unique internet protocol (IP) address
associated with itself.
• An IP address acts as the unique identity of a
computer at which if can be contacted.
• If I wan to connect to your computer, then I
need to know your computer's IP address.
• All data sent or received by a system will be
addressed from or to its IP address.

The Anatomy of IP Addresses
Class Range
A 0.0.0.0 to 126.255.255.255
B 128.0.0.0 to 191.255.255.255
C 192.0.0.0 to 223.255.255.255
D 224.0.0.0 to 239.255.255.255
E 240.0.0.0 to 255.255.255.255

How to find a remote system’s IP address
www.getnotify.com

www.didtheyreadit.com

www.politemail.com

www.readnotify.com

Email header analysis

EmailtrakerPro

By sending link to victim

www.whatismyipaddress.com

Internet Chat: netstat -n

Prot monitoring
CurrPorts (Port monitoring tools)

Trace an IP address
Visualroute.visualware.com

Trace an IP address
Path analyzer pro

Trace an IP address
Visual trace/ Neo trace

Trace an IP address
3dtraceroute

Trace an IP address
www.vtrace.pl

Mobile phone tracing
www.trace.bharatiyamobile.com

Mobile phone tracing
www.lookout.com

IP Address
www. anonymizer.com

IP Address
www.samair.ru/proxy

IP Address
www.torrent2exe.com

IP Address
How to unblock Tor?

IP Address
• Change the name of the exe file.
• Change the port being used by tor.
• Add bridge relays to tor.
How to unblock Tor?

IP Address
www.bridges.torproject.org
Introduction to NAT

IP Address
bridges@bridges.torproject.org will get bridges in the
body. Introduction to NAT

IP Address
Ultrasurf: Anonymous browsing from your pen drive,
encrypts connection, hide your IP and unblocks stuff.

IP Address
Types of Proxy Servers: Socks and http
HTTP Proxy Server:
Http Proxy server allow you to bypass filtering mechanism & access
blocked control. User sends HTTP request to proxy server, who then
reads the host header in the HTTP request, connects to the target
server and transmits back whatever data the server sends back.
Usually works with only HTTP apps. For example,
www.anonymizer.com

IP Scanning
SOCKSChain: Connects you to a chain of various SOCKS of
HTTP proxies. (Proxy Bouncing)

People Hacking
Whatever you do online, you are leaving a trace behind on some
website, server of system in some part of the world or other.
People hacking is the technique of searching the entire internet
looking for private information about some individual. The
information that you can find out is the following.
• Contact Addresses.
•Date of Birth.
•Email Address.
•Contact Number.
•Place of Work.
•Satellite Photos.
•Work History.

Proxy Workbench
www.anywho.com

Proxy Workbench
www.googlemap.com
www.googleearth.com

Proxy Workbench
IptoMAC
Coverts know IP to MAC Address.

Port Scanning
Port Number Type of Service
21 FTP
23 Telnet
25 SMTP
53 DNS
80 HTTP
110 POP3
443 SSL/HTTPS
513 Rlogin

Email Spoofing
Email Spoofing is the art of sending a spoofed email from
somebody else’s email account.
www.anonymizer.in/fake-mailer/

SMS Spoofing
SMS Spoofing is the art of sending a spoofed SMS from
somebody else’s mobile phone.
http://www.spranked.com
http://www.phonytext.com

Virus
A computer virus is a program or piece of code that is loaded
onto your computer without your knowledge and runs against
your wishes. Viruses can also replicate themselves.
Vital Information Resources Under Siege

Trojans
Trojans are RATs or Remote Administration tools that
give an attacker remote control or remote to the
victim’s computer
NETBUS, BACK ORRIFICE, SUB7, GIRLFRIEND and WIN BACKDOOR.

Trojans
Keylogger
Ardamax Keylogger, Sniperspy, Winspy.

Types of ATM frauds
Card Stolen
PIN Compromise
Card Skimming
Cash Trapping
Transaction Reversal
Deposit Fraud

How PIN is Compromised
Its obtaining debit card information by
unauthorized individual.
Shoulder surfing or using use of a
miniature camera.
Video surveillance
Hidden video camera
Overhead cell phone camera
Remotely positioned cameras
PIN pad overlay

How PIN is Compromised
• Choose your ATM machines carefully
• Prefer ATMs near Bank
• Don´t let anyone distract or assist you
• Cancel your card immediately if it is lost
• Check the card slot carefully
• Ensure that there are no hidden cameras
• Shield your hand when you enter in your PIN
• Ensure that no one is peeking or shoulder surfing
while you are entering PIN.
• Avoid using ATMs in isolated locations
• Always prefer ATM machines near Bank Branch.

Windows Hacking
The SAM File
Windows login Passwords
The typical Structure of the SAM file is like the following:
Username: UserID: LM_Hash: NTLM_hash
For Example:
Mehedi Hasan
423nfkdfkjio34lkerirelkfnm.z,dmworulkadj.,sdJDSAHREIRs
(Note: UserID 500 is for admin, 501 is for guest and 1000+ for
standard user)
(Note: LM Hash has been disabled in windows vista, windows
7 onwards. Instead of the LM Hash, blank will be displayed.)

Windows Hacking
Online Attack : Cain and Able
Dumps password hashes from the SAM file requires admin access
http://www.oxid.it

Cracking Network Passwords
Brutus
Fantastic Brute Force Password cracking tools

Captcha
Solution Against Brute force attacks

DOS Attack
TYPES OF DOS ATTACKS
Application Specific DOS Attacks: Instead of attacking the entire system,
it is possible for a criminal to DOS attack only specific applications on
the victim system. For example, the criminal can DOS atack only the
FTP, HTTP or SQL application by flooding any of them with infinite
requests, hence bringing them down.

DOS Attack
NPING
Command line packet generator

DOS Attack
Cyber terrorism War
Case Study

Types of Cyber attack
• Financial fraud 11%
• Data & Network Hacking: 17%
• Personal Identity stolen: 20%
• System penetration from outside: 25%
• DoS Attack: 27%
• Unauthorized access by insider: 71%
• Employee abuse of internet privileges: 79%
• Viruses / Trojan: 85%

Low Orbit lon Cannon (LOIC)
It is an open source network stress tool. But can also be used as
a dDOS attack application.
It tries to bring down a server by flooding the victim with infinite
number of TCP or UDP packets. If a lot of people run LOIC
against the same victim simultaneously then it becomes a
distributed VOS Attack.
For example, the anonymous hacker group were using IRC
channels and online forums to inform all their supporters about
which computer to attack using LOIC on a specific day.
Http://cisko.fr/

CCTV Hacking
• inurl:/view.shtml
• intitle:”Live View / – AXIS” | inurl:view/view.shtml^
• inurl:ViewerFrame?Mode=
• inurl:ViewerFrame?Mode=Refresh
• inurl:axis-cgi/jpg
• inurl:view/index.shtml inurl:view/view.shtml
• allintitle:”Network Camera NetworkCamera”
• intitle:axis intitle:”video server”
• intitle:liveapplet inurl:LvAppl
• intitle:”EvoCam” inurl:”webcam.html”
• intitle:”Live NetSnap Cam-Server feed”
• intitle:”Live View / – AXIS 206M”
• intitle:”Live View / – AXIS 210″

Hacking Password with google
• intitle:index.of ws_ftp.ini
• "index of/" "ws_ftp.ini" "parent directory“
• "cache:www.abc.com/ws_ftp.ini“
• intitle:index.of config.php
• site:pastebin.com intext:@gmail.com | @yahoo.com
• filetype:log intext:password | pass | pw
• Index of //file name

Digital forensic
• Forensic & Digital forensic:
• Forensics is the application of science to solve a legal
problem
• Digital Forensics is a part of forensic science (in relation to
computer crime) focusing on the recovery and investigation
of material (essentially data) found in digital devices.
In a word, It is recovery Science

Computer forensic
Identity Finder

Digital Forensic
• Power off the device.
• Do not delete or install any apps.
• Handover to responsible person.

Install Safety software program
• Secure browsing tools.
Cleaner, Antivirus Program, Awareness.
• Data safety tools
Folder Locker, True Crypt, SafeHouse
Explorar, BitLocker.
Countermeasure

Countermeasure
• Password Changing policy.
• Don’t use simple password. (apni123, apni789,
apni111, 123456, 098765, 0171300056, apni00056,
apniabc)
• Don’t click on un trusted link.
• Spoofing email (Lottery, Girlfriend/boyfriend, Job)
• Remove unknown friend social media.
• Use Antivirus.
•Use strong password.
• Do not give your device to un trusted people.

• Avoid sharing personal details such as email-ID, Passwords,
Bank information, on telephone.
• Do not click on spam emails, directly delete them.
• Regularly scan computer and external portable devices for
viruses.
• Turn off the file sharing when you are working in the network.
• Always check a website name in the browser before entering
your private information.
• Always sign out from your account when you are working in
the internet café.
• Protect your computer and its hard disk with password.
• Always ask guidance from expert incase of doubt.
Countermeasure

•Install firewalls, pop up blocker
• uninstall unnecessary software & apps
• Use secure connection.
• Set secure password and do not writ that
anywhere
• Use virtual keyboard for banking transaction.
Conclusion

Workshop on Cyber security

More Related Content

Viewers also liked

Similar to Workshop on Cyber security

More from Shekh Md Mehedi Hasan

Recently uploaded

Workshop on Cyber security