Lesson 5 Knowing the Threat. Unauthorized use of Computer Systems 2000 CSI/FBI Survey Trend.

Slides:



Advertisements
Similar presentations
Lesson 3-Hacker Techniques
Advertisements

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Cryptography and Network Security Chapter 20 Intruders
Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Information Networking Security and Assurance Lab National Chung Cheng University Network Security (I) 授課老師 : 鄭伯炤 Office: Dept. of Communication Rm #112.
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Forces that Have Brought the world to it’s knees over the centuries.
Exploits Dalia Solomon. Categories Trojan Horse Attacks Trojan Horse Attacks Smurf Attack Smurf Attack Port Scan Port Scan Buffer Overflow Buffer Overflow.
Hacking Linux Based on Hacking Linux Exposed Hatch, Lee, and Kurtz ISBN
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
1 Telstra in Confidence Managing Security for our Mobile Technology.
System and Network Security Practices COEN 351 E-Commerce Security.
 Single sign-on o Centralized and federated passport o Federated Liberty Alliance and Shibboleth  Authorization o Who can access which resource o ACM.
Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.
Computer Security and Penetration Testing
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Hacking Windows Justin Bell Department of Computer Science University of Wisconsin, Platteville
Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
L esson 1 Course Introduction. UTSA IS 6353 Incident Response Overview Course Administrivia Info Assurance Review Incident Response.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
Honeypot and Intrusion Detection System
Software Security Testing Vinay Srinivasan cell:
Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Information Systems Security Operations Security Domain #9.
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.
© 1999 Ernst & Young LLP e e treme hacking Black Hat 1999 Over the Router, Through the Firewall, to Grandma’s House We Go George Kurtz & Eric Schultze.
Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.
ID-IR Review. UTSA IS 3532 IR-ID Overview Incident Response Takeaways Test 2 Final Paper.
# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.
INTRUDERS BY VISHAKHA RAUT TE COMP OUTLINE INTRODUCTION TYPES OF INTRUDERS INTRUDER BEHAVIOR PATTERNS INTRUSION TECHNIQUES QUESTIONS ON INTRUDERS.
1 cs591 chow Hacking Methodology (Steps) An excellent description inside of the back cover page of “Hacking Exposed” text by McClure et al. Scanning Footprinting.
L esson 1 Course Introduction. UTSA IS 3523 ID & Incident Response Overview Course Administrivia Info Assurance Review Incident Response.
Cracking Techniques Onno W. Purbo
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.
Footprinting and Scanning
Network Reconnaissance CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.
Ethical Hacking Keith Brooks CIO and Director of Services
Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.
Intro to Network Security. Vocabulary Vulnerability Weakness that can be compromised Threat A method to exploit a vulnerability Attack Use of one or more.
Filip Chytrý Everyone of you in here can help us improve online security....
 Terms:  “Security”: is a system’s ability to provide services while maintaining the five IA pillars  “Attack”: an action that violates one of the.
 Computer Network Attack  “… actions taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in computers.
Comparison of Network Attacks COSC 356 Kyler Rhoades.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Seminar On Ethical Hacking Submitted To: Submitted By:
Operating Systems Services provided on internet
Footprinting and Scanning
Common Methods Used to Commit Computer Crimes
Secure Software Confidentiality Integrity Data Security Authentication
Onno W. Purbo Cracking Techniques Onno W. Purbo
Kennesaw State University
Answer the questions to reveal the blocks and guess the picture.
Footprinting and Scanning
Intrusion Detection system
How hackers do it Ron Woerner Security Administrator CSG Systems, Inc.
6. Application Software Security
Presentation transcript:

Lesson 5 Knowing the Threat

Unauthorized use of Computer Systems 2000 CSI/FBI Survey Trend

Frequency Point of Attack 2000 CSI/FBI Survey Trend

Foreign Corporations U.S. Corporations Likely Sources of Attack 2000 CSI/FBI Survey

E-Commerce Security Example Breaking an E-Business

WEB Server DBA Server Router Investment App servers Network User Clients Server Consider this Network How Can A Hacker Attack?

ATTACKER WEB Server DBA Server Router Investment App servers Network User Clients Server Step 1: Attacker exploits weakness in CGI script to break through firewall and gain shell privileges on host

ATTACKER WEB Server DBA Server Router Investment App servers Network User Clients Server Step 1: Attacker exploits weakness in CGI script to break through firewall and gain shell privileges on host Step 2: Attacker finds dBase PW in CGI Script and downloads all account numbers and PWs

ATTACKER WEB Server DBA Server Router Investment App servers Network User Clients Server Step 1: Attacker exploits weakness in CGI script to break through firewall and gain shell privileges on host Step 2: Attacker finds dBase PW in CGI Script and downloads all account numbers and PWs Step 3: Attacker installs NetBus and controls manager’s terminal

Going for the Kill! Customer Enters account ID and PW Customer is Authenticated and access is granted Customer Checks portfolio performance Customer updates portfolio tracking preferences Customer buys/sells shares Step 4: Attacker credits account under their control Investment bank debits/credits customer’s cash account and updates portfolios Investment bank notifies customer with confirmation of transaction

So What Happens When Computer Security Fails? Incident Response--A Six Step Process –Preparation: Proactive Computer Security –Identification –Containment –Eradication –Recovery –Hot Wash

History Lesson The Art of War, Sun Tzu Lesson for you Know the enemy Know yourself…and in a 100 battles you will never be defeated If ignorant both of your enemy and of yourself you are certain in every battle to be in peril

History Lesson The Art of War, Sun Tzu Lesson for the Hacker Probe him and learn where his strength is abundant and where deficient To subdue the enemy without fighting is the acme of skill One able to gain victory by modifying his tactics IAW with enemy situation may be said to be divine

Hacker Attacks Intent is for you to know your enemy Not intended to make you a hacker Need to know defensive techniques Need to know where to start recovery process Need to assess extent of investigative environment

Anatomy of a Hack FOOTPRINTINGSCANNINGENUMERATION GAINING ACCESS ESCALATING PRIVILEGE PILFERING COVERING TRACKS CREATING BACKDOORS DENIAL OF SERVICE Source: Hacking Exposed, McClure, Sacmbray, and Kurtz

Anatomy of The Hack FOOTPRINTINGSCANNINGENUMERATION GAINING ACCESS ESCALATING PRIVILEGE PILFERING COVERING TRACKS CREATING BACKDOORS DENIAL OF SERVICE Source: Hacking Exposed, McClure, Sacmbray, and Kurtz

Footprinting Objective Target Address Range Acquire Namespace Information Gathering Surgical Attack Don’t Miss Details Technique Open Source Search whois Web Interface to whois ARIN whois DNS Zone Transfer Source: Hacking Exposed, McClure, Sacmbray, and Kurtz

Scanning Objective Bulk target assessment Determine Listening Services Focus attack vector Technique Ping Sweep TCP/UDP Scan OS Detection Source: Hacking Exposed, McClure, Sacmbray, and Kurtz

Enumeration Objective Intrusive Probing Commences Identify valid accounts Identify poorly protected shares Technique List user accounts List file shares Identify applications Source: Hacking Exposed, McClure, Sacmbray, and Kurtz

Gaining Access Objective Informed attempt to access target Typically User level access Technique Password sniffing File share brute forcing File share brute forcing Password file grab Buffer overflows Source: Hacking Exposed, McClure, Sacmbray, and Kurtz

Escalating Privilege Objective Gain Root level access Technique Password cracking Known exploits Source: Hacking Exposed, McClure, Sacmbray, and Kurtz

Pilfering Objective Info gathering to access trusted systems Technique Evaluate trusts Search for cleartext passwords Source: Hacking Exposed, McClure, Sacmbray, and Kurtz

Cover Tracks Objective Ensure highest access Hide access from system administrator or owner Technique Clear logs Hide tools Source: Hacking Exposed, McClure, Sacmbray, and Kurtz

Creating Back Doors Objective Deploy trap doors Ensure easy return access Technique Create rogue user accounts Schedule batch jobs Infect startup files Plant remote control services Install monitors Trojanize Source: Hacking Exposed, McClure, Sacmbray, and Kurtz

Denial of Service Objective If unable to escalate privilege then kill Build DDOS network Technique SYN Flood ICMP Attacks Identical src/dst SYN requests Out of bounds TCP options DDOS Source: Hacking Exposed, McClure, Sacmbray, and Kurtz

Hacker Exploits per SANS RECONNAISSANCESCANNING EXPLOIT SYSTEMS KEEPING ACCESS COVER TRACKS Source: SANs Institute

Hacking Summary Hacking on the rise Hacktivism New crime vector Loose international laws Tools automated and readily available Blended Threats Multi-axis attacks Automated Zombies

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.