Packet saga Using Strategic Hacking To Terrorize Commercial And Governmental Entities On The Internet. By: Khaled M.A. Nassar Wael A. Ali.

Slides:

Advertisements

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Advertisements

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Network Security and its Impact on Network Continuity.

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

System and Network Security Practices COEN 351 E-Commerce Security.

1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Website Hardening HUIT IT Security | Sep

PROJECT IN COMPUTER SECURITY MONITORING BOTNETS FROM WITHIN FINAL PRESENTATION – SPRING 2012 Students: Shir Degani, Yuval Degani Supervisor: Amichai Shulman.

COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.

Adware, Spyware, and Malware Anand Dedhia Bharath Raj ECE 4112 Project 28 April 2005.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.

Staying Safe Online Keep your Information Secure.

Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.

IST 210 Web Application Security. IST 210 Introduction Security is a process of authenticating users and controlling what a user can see or do.

Honeypot and Intrusion Detection System

Software Security Testing Vinay Srinivasan cell:

CIS 450 – Network Security Chapter 3 – Information Gathering.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

بسم الله الرحمن الرحيم Islamic University of Gaza Electrical & Computer Engineering Department Prepared By : Eman Khaled El-mashharawi Miriam Mofeed El-Mukhallalati.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

Protecting Students on the School Computer Network Enfield High School.

Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.

# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.

1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.

Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.

7400 Samsung Confidential & Proprietary Information Copyright 2006, All Rights Reserved. -0/17- OfficeServ 7400 Enterprise IP Solutions Quick Install Guide.

SNORT Biopsy: A Forensic Analysis on Intrusion Detection System By Asif Syed Chowdhury.

I-Hack’08 International Hacking Competition “Details”

1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.

1 Security Penetration Testing Angela Davis Mrinmoy Ghosh ECE4112 – Internetwork Security Georgia Institute of Technology.

Network Security Chapter 11 powered by DJ 1. Chapter Objectives  Describe today's increasing network security threats and explain the need to implement.

Cracking Techniques Onno W. Purbo

Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.

Module 7 – Gaining Access & Privilege Escalation  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability.

Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.

Footprinting and Scanning

Computer Security By Duncan Hall.

Role Of Network IDS in Network Perimeter Defense.

Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Intro to Network Security. Vocabulary Vulnerability Weakness that can be compromised Threat A method to exploit a vulnerability Attack Use of one or more.

DOS Attacks Lyle YapDiangco COEN 150 5/21/04. Background DOS attacks have been around for decades Usually intentional and malicious Can cost a target.

1 Botnets Group 28: Sean Caulfield and Fredrick Young ECE 4112 Internetwork Security Prof. Henry Owen.

 Terms:  “Security”: is a system’s ability to provide services while maintaining the five IA pillars  “Attack”: an action that violates one of the.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Seminar On Ethical Hacking Submitted To: Submitted By:

Operating Systems Services provided on internet

NET 536 Network Security Firewalls and VPN

Footprinting and Scanning

Backdoor Attacks.

Secure Software Confidentiality Integrity Data Security Authentication

Lesson Objectives Aims You should be able to:

Footprinting and Scanning

A Trojan is a computer program that contains the malicious code and it misleads users and user's computer. It aims to designed to perform something is.

Welcome To : Group 1 VC Presentation

Ways to Secure CMS Websites. The most widely used Content Management Systems are Wordpress, Joomla and Drupal as per statistics. The highest CMS platforms.

Information Security Session October 24, 2005

Intro to Ethical Hacking

Lecture 2 - SQL Injection

Crime committed using a computer and the internet to steal a person’s identity or illegal imports or malicious programs cybercrime is nothing but where.

Test 3 review FTP & Cybersecurity

6. Application Software Security

Presentation transcript:

Packet saga Using Strategic Hacking To Terrorize Commercial And Governmental Entities On The Internet. By: Khaled M.A. Nassar Wael A. Ali

Agenda –Introduction. –Methodology. Simple attack. Professional hacking. Strategic Hacking. –Scenarios. DOS Scenario. Takeover scenario. –Conclusions. –Recommendations.

Introduction motive attack Network

Methodology Simple attack. Professional hacking. Strategic Hacking.

Simple attack Target host Vulnerable service Login service Exploit Brute force DOS

Professional hacking Foot-printing Scanning Enumeration Gaining Access Pilfering Covering Tracks Creating Backdoors Escalating Privileges Misinformation Denial of service

Strategic Hacking Information Gathering Footprinting Scanning Enumeratio n Information Analysis Locating Entities Locating Patterns What- if analysi s Reliability checks Stealth testing Brute-force unmonitore d services Planning Sequences & prerequisites Critical timing consideration Design Attack trees and Scenarios Initiating attack DOS attacks Misinforma tion Attacks Gainin g access Escalation loop Escalatin g privileges Pilferi ng Ending the attack Hiding traces Installing backdoor s Accomplishing objectives Denial of service Information Tampering Information Stealing Network takeover Name, Piece of information

Scenarios Switch Manager Secretary Service Web dev. DB admin Web admin Switch + Non.op. DB Operational db Web srv. Service Firewall switch …….. …… ….. Administrator …….. switch + DB server Web server … … … ….. Firewall switch

Takeover scenario The targeted network: – A governmental unit that provides computerized license renovation. –The online service is not yet running but is being developed. The time: –Nothing specific. Intruders: –Someone who has interest in making the electronic government project fail. So, he hired a professional team of intruders to do the job for him. Motive: –He wants to take over the network so he could manipulate it anytime he wants to prove something. And if have to he would want to destroy all the data in the network.

Takeover (targeted network) Switch Ma na ger Sec reta ry Ser vic e We b dev. DB ad min We b ad mi n Switch + Non.op. DB Operat ional db Web srv. Ser vic e Firewall

Takeover (Footprinting) The secretary from the website. The IP addresses for the network xxx.xxx.xxx All real IP’s. A good idea about how the system works by going to the physical place and asking how to renovate a license. The intruder notices that there is a room called “the server room”. The developer is a professional in a different OS platform than administrators. This could mean non- standard Operating systems.

Takeover (Scanning) The firewall is badly configured to block only suspicious ports. The attackers presume that the firewall also allows all outgoing traffic. The Machines scanning results are as following: –Web server is listening on: 1- 80, static pages , some dynamic pages the developer is developing for the forthcoming service. –Operational database server: apparently the SQL server port is filtered as it shows from the scan. –Non-operational DB server: SQL port is opened as well as terminal server port.

Takeover ( Enumeration ) Web server and operational database servers are updated with patches and have antivirus. Non-operational database server is not. Manager machine is sharing the printer and a writable folder. All service machines have the names “service1-3” and username and password “service”. All client machines are windows 2000.

Takeover ( Analysis) Location of critical individuals, Groups and technologies The secretary machine usually is less secured but has more information about the company than the whole company. Web developer machine usually has more privileges than normal users but the developer most of time is not keen on security as administrator. The technical group (web admin, database admin and developer) has access on the servers group. The server group is in a separate room (maybe on a separate hub). Only two users on the administrators’ machines. This implies that the two different administrators (DB, web) most probably know the system’s, web’s, and database’s password to be able to fill in for each others.

Takeover ( Analysis) Pattern location The service machine is a pattern. Having terminal service on the non- operational database could be a pattern on other servers. The password for the servers could be similar (a pattern). If we could sniff one, we would get the rest.

Takeover ( Analysis) What-if analysis and Attack Scenarios Send the secretary a Trojan horse. –They could find critical information about the manager, the company, and maybe even backup of the source codes and databases. –They could find old password or any other critical in mail boxes. Attack the un-armored web server on the developer machine. –They will be able to get the source code and designs. –This goes for all client machines: they will sure gather new information and use it to sniff at least local password, brute force other machines, and make misinformation and DOS attacks. Attack the SQL server on the non-operational server. –They maybe able to sniff passwords of the hub. –Download the data of the server. –Know the structure of the operational database and try to send queries.

Takeover (Reliability checking) Stealth-testing the vulnerabilities Switch Manager Secretary Service Web dev. DB admin Web admin Switch + Non.op. DB Operation al db Web srv. Service Firewall

Takeover (Reliability checking) Brute forcing unmonitored services Switch Manager Secretary Service Web dev. DB admin Web admin Switch + Non.op. DB Operation al db Web srv. Service Firewall

Takeover (Planning for the attack) Sequence of attack and prerequisites Attack trees and scenarios

Takeover (Initiating the attack ) Gaining access Switch Manager Secretary Service Web dev. DB admin Web admin Switch + Non.op. DB Operation al db Web srv. Service Firewall

Takeover (Escalation loop ) Pilfering Switch Manager Secretary Service Web dev. DB admin Web admin Switch + Non.op. DB Operation al db Web srv. Service Firewall

Takeover (Escalation loop ) Escalation Switch Manager Secretary Service Web dev. DB admin Web admin Switch + Non.op. DB Operation al db Web srv. Service Firewall

Takeover (Escalation loop ) Escalation Switch Manager Secretary Service Web dev. DB admin Web admin Switch + Non.op. DB Operation al db Web srv. Service Firewall

Takeover (Escalation loop ) Escalation Switch Manager Secretary Service Web dev. DB admin Web admin Switch + Non.op. DB Operation al db Web srv. Service Firewall

Takeover (Escalation loop ) Escalation Switch Manager Secretary Service Web dev. DB admin Web admin Switch + Non.op. DB Operation al db Web srv. Service Firewall

Takeover Accomplishing the objectives They are ready to do whatever their employer asks them to do.

Takeover Ending the attack Installing backdoors –The intruders install 2 instances of “netcat” on the server. The first one will act as a server. The other one will act as a client that tries to connect every week to a previously compromised server by the intrusion team. Hiding traces. –The team executes a root-kit that erases the logs, hide the binaries and erase any users they may have added to some systems.

Takeover Impact on the organization Invading the privacy of at least thousands of citizens which could very much compromise the electronic government project in Egypt.

Conclusions Malicious hacking cause companies great deals of money, effort, and time. Malicious hacking could be motivated by electronic terrorism. Advanced or strategic hacking could be used to terrorize commercial as well as governmental organizations. A well design attack may compromise the organization’s integrity. Such attacks could also threaten national projects like electronic government. Facing such threats is a must.

Countermeasures Intelligence. IIDS. Honey pots.

Recommendation Developing a research and development institution for cyber security that should provide solutions and consultation services for the governmental as well as the private organizations. Increasing the awareness of people in the field of cyber security to increase the possibility of a new generation that could explore and develop this new space.

Inspiration Presentation artwork is inspired by: –Boris Vallejo. –Hackers (the movie). –TCP/IP packets’ headers. –Dr. Strangelove (the movie).

Thanks Questions?