1 Israeli Internet Hacking Analysis for 2000 Hank Nussbacher Internet Society of Israel Conference Tel Aviv, Israel, March 4, 2001.

Slides:



Advertisements
Similar presentations
Computer Emergency Response Teams
Advertisements

Internet Applications INTERNET APPLICATIONS. Internet Applications Domain Name Service Proxy Service Mail Service Web Service.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.
Internet Threats Denial Of Service Attacks “The wonderful thing about the Internet is that you’re connected to everyone else. The terrible thing about.
Crowd Funding – Legal and other Issues Recent Legal Developments affecting the Technology Industry Conference July 25, 2013 Dr. Ayal Shenhav, Adv.
Consortium Conference 13 July 2012 Operational Developments Ian Lehmann Chief Operations Officer London Grid for Learning.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
CS682- Network Management and Security Prof. Katz.
Information Security Overview in the Israeli E-Government April 2010 Ministry of Finance – Accountant General E-government Division.
Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Hands-On Ethical Hacking and Network Defense
1 Telstra in Confidence Managing Security for our Mobile Technology.
I.1 ii.2 iii.3 iv.4 1+1=. i.1 ii.2 iii.3 iv.4 1+1=
Cyberspace and the Police Mamoru TAKAHASHI Head of Computer Forensic Center, Hi-tech Crime Technology Division National Police Agency, Japan.
I.1 ii.2 iii.3 iv.4 1+1=. i.1 ii.2 iii.3 iv.4 1+1=
100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
COEN 252: Computer Forensics Router Investigation.
| University of Missouri Copyright ©2007 MOREnet and The Curators of the University of Missouri Statenet Security on the cheap and easy Beth.
Appliance Firewalls A Technology Review By: Brent Huston T h e B l a c k H a t B r i e f i n g s July 7-8, 1999 Las Vegas.
APA of Isfahan University of Technology In the name of God.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.
CIS 450 – Network Security Chapter 3 – Information Gathering.
Orphaned Servers and Broken Processes 2007 Security Professionals Conference April 12, 2007.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Cyber Attacks Response of the Criminal Law Margus Kurm State Prosecutor Office of the Prosecutor General of Estonia.
# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.
The Arab Spring r Internet shutdowns in Egypt originally attributed to govt. shutdown/redirection via DNS r Later reported to be a more brute-force approach.
Distributed Denial of Service Attacks
Denial of Service Sharmistha Roy Adversarial challenges in Web Based Services.
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
Denial of Service DoS attacks try to deny legimate users access to services, networks, systems or to other resources. There are DoS tools available, thus.
ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.
1 Distributed Denial of Service Attacks. Potential Damage of DDoS Attacks l The Problem: Massive distributed DoS attacks have the potential to severely.
Network Reconnaissance CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.
An Analysis of Using Reflectors for Distributed Denial-of- Service Attacks Paper by Vern Paxson.
Sydney Baize Mrs. Shirley Miller BPC110. “In the most familiar sense, a hacker is anyone who attempts to break into computer systems by surreptitious.
1 Figure 4-11: Denial-of-Service (DoS) Attacks Introduction  Attack on availability  Act of vandalism Single-Message DoS Attacks  Crash a host with.
Data Security in Local Network Using Distributed Firewall Presented By- Rahul N.Bais Guide Prof. Vinod Nayyar H.O.D Prof.Anup Gade.
Keeping Business Record. What are quarters in accounting? January – March is the 1 st quarter April – June is the 2 nd quarter July – Sept is the 3 rd.
WINS Monthly Meeting 06/05/2003 WINS Monthly Meeting 06/05/2003.
1 Web Technologies Website Publishing/Going Live! Copyright © Texas Education Agency, All rights reserved.
PRESENTED BY : Bhupendra Singh
Security Benefits of Firewall Protection
4.3 Network Layer Logical Addressing
Module 3 (Ground Rules and Rules of Engagement)
Backdoor Attacks.
Cyber Crime What’s all the fuss about?
Distributed Denial of Service Attacks
Real-time protection for web sites and web apps against ATTACKS
The Internet.
Introduction to Networking
Internet Applications
Background Because of the large amount of copyright infringement and piracy many companies are reaching and claiming that ISPs should be responsible for.
Protecting Your Maps and Data when using ArcGIS Server
Logo Calendar – January 2012 TO DO LIST 01/04/2012 Example TO DO LIST
Learn in Israel in English and get credit!
Distributed Denial of Service Attacks
April May April May June July July June August Sept August
INTERNET APPLICATIONS
How hackers do it Ron Woerner Security Administrator CSG Systems, Inc.
IPv6 Allocation Service in JPNIC
Distributed Denial of Service Attacks
Presentation transcript:

1 Israeli Internet Hacking Analysis for 2000 Hank Nussbacher Internet Society of Israel Conference Tel Aviv, Israel, March 4, 2001

2 Israeli Internet Hacking Analysis for 2000 Preamble lThe word hacking is used to mean cracking systems lRaw data: incident reports and Excel spreadsheet won’t be made available so don’t ask for it! lNames listed in this presentation have not been changed so as to not protect the innocent

3 Israeli Internet Hacking Analysis for 2000 From where does the data come? lMy name registered on most Israeli IP blocks as contact - l /16, /16, /16, /16, /16 lUsers report incidents to l Firewall logs, Jammer, BlackICE lUsers report incidents to contact name for.il domain lMy estimate is that only 50% of incidents reach me (other than for IBM -> AT&T)

4 Israeli Internet Hacking Analysis for 2000 How many incidents reported? lHow many incidents reported? l 1999: : 385 lHow many incidents reported that involved Israelis hacking foreign sites? l 1999: : 272 lHow many incidents reported that involved foreigners hacking Israeli sites? l 1999: : 99 lHow many incidents reported that involved Israelis hacking Israeli sites? l 1999: : 14

5 Israeli Internet Hacking Analysis for 2000 Monthly Distribution

6 Israeli Internet Hacking Analysis for 2000 From which ISPs? lOnly those that had more than 10 incidents recorded lAT&T has all incidents recorded - since I am recorded as contact for their IPs l the other ISPs are underrecorded

7 Israeli Internet Hacking Analysis for 2000 Which domains are being hacked lMost attacked sites: l home.com (15) l llnl.gov (22) l ornl.gov (10) l cw.net (9) l renater.fr (8) l rr.com (7) l vt.edu (7)

8 Israeli Internet Hacking Analysis for 2000 Are the attacks successful? l13% of reported attacks in 1999 are successful l28% of reported attacks in 2000 are successful l most are site defacements lWhich ISP has the most successful hackers? l Internet Zahav

9 Israeli Internet Hacking Analysis for 2000 What were the most popular attacks in 1999? lPort scans - 32% lTelnet attempts - 11% lNetbus and Back Orifice - 10% lDoS - 8% l Smurf, Mail bombing, WinNuke, SYN flooding lRPC attacks - 5%

10 Israeli Internet Hacking Analysis for 2000 What were the most popular attacks in 2000? lSite defacements - 25% l only 2 out of 94 site defacements happened before Rosh HaShana lPort scans - 21% lNetbus, Sub-7, Hacka’Tack and Back Orifice - 17% lFTP scans - 6% lTelnet attempts - 5% lDoS - 4% l Smurf, Mail bombing, WinNuke, SYN flooding

11 Israeli Internet Hacking Analysis for 2000 Site defacements lFirst recorded site defacement - most.gov.il - April 23, 2000 lSecond recorded site defacement - webgate.co.il - June 27, 2000 lThird recorded site defacement - tel-aviv.gov.il - Aug 29, 2000 lOctober 3 - start of massive site defacements

12 Israeli Internet Hacking Analysis for 2000 Site defacements - part II lLast 3 months l 57 - co.il l 27 - ac.il l 4 - org.il l 1 - k12.il l 1 - gov.il l 1 - net.il l Total - 88 site defacements lOn December 29, 80+ sites defaced by Gforce Pakistan - #1 defacer group in the world

13 Israeli Internet Hacking Analysis for 2000 Site defacements - part III lMany other countries with many more site defacements l Brazil l UK l Mexico lTo see more details: l

14 Israeli Internet Hacking Analysis for 2000 Site defacements - part IV

15 Israeli Internet Hacking Analysis for 2000 Site defacements - part V

16 Israeli Internet Hacking Analysis for 2000 Which IPs are the worst hackers? l l Jan 2 - Sept 30, 2000 l 33 reported incidents l Netbus, BO, Sub-7 scans to mainly.com &.net l belongs to AT&T l l Jan 10 - July 5, 2000 l 16 reported incidents l SNMP, ICMP, port scans to many.gov sites l belongs to Internet Zahav

17 Israeli Internet Hacking Analysis for 2000 Lessons learned lIsraeli ISPs don’t want to handle the problem l too much work and effort involved legal - lawyers don’t understand hacking, courts give lenient sentences police - overworked, lack of public interest l too few skills to handle the problem Good security sysadmins earn over 20K NIS/month l lose of revenue if customer leaves lSurvival of the fittest l Arab hackers doing us a favor in weeding out the sites with poor server security

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.