Presentation is loading. Please wait.

Presentation is loading. Please wait.

Filip Chytrý Everyone of you in here can help us improve online security....

Published byWhitney Parrish Modified over 8 years ago

Similar presentations

Presentation on theme: "Filip Chytrý Everyone of you in here can help us improve online security...."— Presentation transcript:

1 Filip Chytrý chytry@seculu.com

2 Everyone of you in here can help us improve online security....

3 Let's start with terminology.... Hacker The person who hack Cracker System intruder /destroyer

4

5

6 Why do people hack? To make security stronger ( Ethical Hacking ) Steal important information Destroy enemy’s computer network Just for fun!

7 Hackers need to know only one security hole to hack the system vs. Admin need to know all security holes to defend the system

8 9 steps of white hacking....

9 1. Preparation Identification of Targets Signing of Contract Specific attacks Time window Prior Knowledge of the systems Key people

10 2. Footprinting Collecting as much information about the target... Search engines Forums Databases – whois, ripe, arin, apnic Tools – PING, whois, Traceroute, DIG, nslookup

11 3. Enumeration & Fingerprinting Identification of Services / open ports Operating System Enumeration Banner grabbing Responses to various protocol (ICMP &TCP) commands Port / Service Scans – TCP Connect, TCP SYN, TCP FIN

12

13 4. Identification of Vulnerabilities Social engeneering Insecure Configuration Unpatched vulnerabilities Brute force

14

15 5. Attack – Exploit the Vulnerabilities Network Infrastructure Attacks Operating System Attacks Application Specific Attacks Exploits

16

17 6. Gaining access Enough data has been gathered at this point to make successful access/intrusion to the target Techniques Password eavesdropping Password file grab Buffer overflows

18

19 7. Escalating Privileges If only user-level access was obtained in the last step, the attacker will now seek to gain complete control of the system Techniques Password cracking Known exploits

20 8. Covering Tracks Once total ownership of the target is secured, hiding this fact from system administrators becomes priority. Otherwise there will be no long term fun! Techniques Clear logs Hide tools

21 9. Creating Back Doors Trap doors will be laid in various parts of the system to ensure that privileged access is easily gained Techniques Infect startup files Plant remote control services Replace apps with trojans

22 How many attacks you can expect in Czech republic within 24 hours?

23

24

25 MOBILE DIVECES IoT DEVICES (*source IDC) IoT DEVICES (*source Cisco) 212 B Connected devices by 2020 201020152020 9 B 50 B 212 B 1.2 per person MOBILE DEVICES 6.6 per person IoT DEVICES 27.9 per person IoT DEVICES

26 90% of devices collecting one piece of personal information IoT Six out of ten devices are vulnerable to known attack 60% of devices using unencrypted network 50% of devices using unsecure way to storing data

27 It´s almost impossible for one solution to protect them all…

28 IoT vs IIoT

29 Seculu.com/sign

30

31

32

33

34 Filip Chytrý chytry@seculu.com seculu.com

Download ppt "Filip Chytrý Everyone of you in here can help us improve online security...."

Similar presentations

ETHICAL HACKING.

ETHICAL HACKING.
Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.
Introduction to Ethical Hacking, Ethics, and Legality.

Introduction to Ethical Hacking, Ethics, and Legality.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod5_L1 1 Implementing Secure Converged Wide Area Networks (ISCW)

© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod5_L1 1 Implementing Secure Converged Wide Area Networks (ISCW)
CS682- Network Management and Security Prof. Katz.

CS682- Network Management and Security Prof. Katz.
Cryptography and Network Security Chapter 20 Intruders

Cryptography and Network Security Chapter 20 Intruders
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.

Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Forces that Have Brought the world to it’s knees over the centuries.

Forces that Have Brought the world to it’s knees over the centuries.
Ethical Hacking Adapted from Zephyr Gauray’s slides found here: And from Achyut Paudel’s.

Ethical Hacking Adapted from Zephyr Gauray’s slides found here: And from Achyut Paudel’s.
Hacking Linux Based on Hacking Linux Exposed Hatch, Lee, and Kurtz ISBN 0-07-212773-2.

Hacking Linux Based on Hacking Linux Exposed Hatch, Lee, and Kurtz ISBN
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Ethical Hacking by Shivam.

Ethical Hacking by Shivam.
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
Hacking and Network Defense. Introduction  With the media attention covering security breaches at even the most tightly controlled organization, it is.

Hacking and Network Defense. Introduction  With the media attention covering security breaches at even the most tightly controlled organization, it is.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Penetration Testing Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802

Penetration Testing Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802
Penetration Testing.

Penetration Testing.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
ETHICAL HACKING ETHICAL HACKING A LICENCE TO HACK Submitted By: Usha Kalkal M.Tech(1 st Sem) Information technology.

ETHICAL HACKING ETHICAL HACKING A LICENCE TO HACK Submitted By: Usha Kalkal M.Tech(1 st Sem) Information technology.

Similar presentations

Ads by Google