Common
Internet User



                Security
                Objective




                            Modus
         ...
Uses internet for his credit managing his day
Blogsinternet banking for card transactions.
 Uses Uses social networking si...
How to secure the elements like
username, password, credit card
number ,etc for a particular web
resource (Gmail /Yahoo/Ba...
In this form of attack, an automated tool is used.All possible combinations of
letters,numbers and symbols are tried out o...
Phishing is the act of creating fake page of any legitimate web-service and hosting
them on web server in order to fool th...
 TROJAN …The Name Tells It All !!
A Trojan or Trojan Horse is a program which carries out an unauthorized function
while ...
• web cookies are parcels of text sent by
a server to a web browser and then
sent back unchanged by the browser
each time ...
Vulnerabilities are open security holes that can allow other applications to connect
to the computer system without author...
 Cross-site scripting (XSS) is a type of computer security vulnerability
  typically found in web applications which allo...
XSS
                                                                www.mailprovider.com
   Hacker finds out www. mailpro...
 It is basically a security exploit in which
 attacker injects SQL code through a web
  form input box,to gain access to ...
var sql = quot;select * from users where username = ' username ' and
                               password = ' password ...
 Try to use combination of alphabets both upper and lower case, numbers and
special characters for assigning a password a...
Presented By
Preetish Panda
 preetish88@gmail.com
Cyber Security By Preetish Panda
Cyber Security By Preetish Panda
Cyber Security By Preetish Panda
Cyber Security By Preetish Panda
Cyber Security By Preetish Panda
Cyber Security By Preetish Panda
Cyber Security By Preetish Panda
Cyber Security By Preetish Panda
Cyber Security By Preetish Panda
Upcoming SlideShare
Loading in …5
×

Cyber Security By Preetish Panda

867 views

Published on

In this presentation I have tried to figure out common loop holes through which internet users may fall prey to the attackers, common tools used in the trade and some preventive security measures to put us on a safer side.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
867
On SlideShare
0
From Embeds
0
Number of Embeds
18
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Cyber Security By Preetish Panda

  1. 1. Common Internet User Security Objective Modus Operandi Countermeasures
  2. 2. Uses internet for his credit managing his day Blogsinternet banking for card transactions. Uses Uses social networking sites as well as on internet for professional like Usesex. Citibank, ICICI bank, HSBC etc For Emailpersonal purpose. well as orkut,myspace,facebook. to day professional as for finance activity personal communication. For ex. Gmail, Yahoo or Corporate webemail
  3. 3. How to secure the elements like username, password, credit card number ,etc for a particular web resource (Gmail /Yahoo/Banking website etc)
  4. 4. In this form of attack, an automated tool is used.All possible combinations of letters,numbers and symbols are tried out one by one for an username till the password is found out.
  5. 5. Phishing is the act of creating fake page of any legitimate web-service and hosting them on web server in order to fool the user to get the passwords, credit card no., social security no. etc
  6. 6.  TROJAN …The Name Tells It All !! A Trojan or Trojan Horse is a program which carries out an unauthorized function while hidden inside an authorized program. It is designed to do something other than what it claims to and frequently is destructive in its actions. These trojans give the attacker a total access to victim's machine. Looks for other passwords entered & then send them to a specific mail address. They only log the keystrokes of the victim & then let the attacker search for sensitive data.
  7. 7. • web cookies are parcels of text sent by a server to a web browser and then sent back unchanged by the browser each time it accesses that server. Used for login or registration information, online “shopping cart” information, user preferences, etc. Cookie stealing can be effectively done with knowledge of javascripts, ajax, xss ,html ,php etc.
  8. 8. Vulnerabilities are open security holes that can allow other applications to connect to the computer system without authorization.
  9. 9.  Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by web users into the web pages viewed by other users.  Examples of such code include JavaScript code. Stored Attack Reflected Attack
  10. 10. XSS www.mailprovider.com  Hacker finds out www. mailprovider.com suffers from XSS. Mail Users get mail asking to click a hyperlink for getting a free gift Click here For free gift When the user click malicious script gets executed. www.mailprovider.com/default.asp?name=<script>evilScript()</script> Your browser correctly interprets this as Vulnerable Web browser script and runs the script site If this script instructs the browser to send a cookie , to the hacker's computer, it quickly complies. May take the user to a fake web page of his online banking site.
  11. 11.  It is basically a security exploit in which attacker injects SQL code through a web form input box,to gain access to resources and make changes to data.  SQL Injection attacks can often be executed from address bar, from within application fields, and through queries and searches
  12. 12. var sql = quot;select * from users where username = ' username ' and password = ' password ' quot; ; Username: anything‘ or 1=1-- Password: quot; select * from users where username = 'anything' or 1=1--'and password ='' quot;;
  13. 13.  Try to use combination of alphabets both upper and lower case, numbers and special characters for assigning a password and change it at regular intervals.  While creating a email id it is a good practice to give fake information .  Use updated version of software.  Now a days some site advisor software are available .  Don’t accept any kind of files from anonymous users in chat rooms.  If required hide your IP address for anonymous browsing.  Don’t blindly believe emails as they can be sent without authentication.  Don’t reveal your password in any kind of email.  While logging in give a close look to the domain name.  Try to avoid running scripts in the address bar of your web browser .  Extra care has to be taken with files of .exe extension.  Always use your common sense.
  14. 14. Presented By Preetish Panda preetish88@gmail.com

×