Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Network Security By Alan S H Lam 2003/7/29. 2 Outlines Threat and Attack trends Attackers’ Activities (live demo) Forensic Tools (live demo) IT-Related.

Published byMilton Barker Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Network Security By Alan S H Lam 2003/7/29. 2 Outlines Threat and Attack trends Attackers’ Activities (live demo) Forensic Tools (live demo) IT-Related."— Presentation transcript:

1 1 Network Security By Alan S H Lam 2003/7/29

2 2 Outlines Threat and Attack trends Attackers’ Activities (live demo) Forensic Tools (live demo) IT-Related Laws in HK Q & A You can review this presentation material at http://www.ie.cuhk.edu.hk/~shlam/talk/ico/

3 3 Sophistication VS Population Source: CERT

4 4 Less Knowledge Required to Attack Source: Symantec

5 5 Vulnerabilities reported Source: CERT

6 6 Incidents reported Source: CERT As both the number of internet users grows and the intruder tools become more sophisticated as well as easy to use, more people can become “ successful ” intruders.

7 7 Vulnerability Exploit Cycle (1) Source: CERT

8 8 Vulnerability Exploit Cycle (2)

9 9 Vulnerability Exploit Cycle (3) For some vulnerabilities, there may be a resurgence in its exploitation

10 10 Typical Network Attack Source: CERT

11 11 Attack Trends (1) 1. Automation; speed of attack tools Scanning for potential victims. Compromising vulnerable systems. Propagate the attack. Coordinated management of attack tools. 2. Increasing sophistication of attack tools Anti-forensics. Dynamic behavior. Modularity of attack tools.

12 12 Attack Trends (2) 3. Faster discovery of vulnerabilities 4. Increasing permeability of firewalls 5. Increasingly asymmetric threat 6. Increasing threat from infrastructure attacks Distributed denial of service (DDOS) Worms Attacks on the Internet Domain Name System (DNS) Attacks against or using routers

13 13 The Classic DDoS model

14 14 DoS Impact to Infrastructure Traffic VS router CPU Loading

15 15 Attack Trends (3) Potential Impact Denial of service Compromise of sensitive information Misinformation Time and resources diverted from other tasks

16 16 Our Honeynet Network Infrastructure

17 17 Attackers ’ Activities (1) Identify/locate the victim by some scanning tools Break-in the victim through system security holes. The following vulnerabilities were used by the hackers to break-in our honeynet. sshd CRC32 Overflow Buffer overflow in openssl WU-FTP RNFR././ attack execve/ptrace race condition

18 18 Attackers ’ Activities (2) After break-in, the hackers may Install rootkit to setup backdoor, sniffer, or IRC proxy Use victim as a stepping stone to find and attack other victims Fix the victim vulnerability and undo other hackers jobs Send back the victim information through e-mail Propagate the attack to other victims. Deface/remove victim web page

19 19 Forensic Tools scp, dd, tar, nc tcptrace, tcpdump, snort ps, netstat, lsof, fuser, kill -STOP, pcat, ltrace, strace, /dev/kmem /proc directory find, ldd, strings, gbd, od, bvi, icat chkrootkit

20 20 IT-Related Laws in HK Unauthorized access to computer Access to computer with criminal or dishonest intent Destroying or damaging property Burglary False Accounting Infringement by making available of copies to the public Publishing obscene articles

Download ppt "1 Network Security By Alan S H Lam 2003/7/29. 2 Outlines Threat and Attack trends Attackers’ Activities (live demo) Forensic Tools (live demo) IT-Related."

Similar presentations

Network Vulnerabilities and Attacks Dr. John Abraham UTPA.

Network Vulnerabilities and Attacks Dr. John Abraham UTPA.
Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.

Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.
Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.

Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Data Center Security Overview Dr. Natheer Khasawneh Ziad BashaBsheh.

Data Center Security Overview Dr. Natheer Khasawneh Ziad BashaBsheh.
The development of Internet A cow was lost in Jan 14th 2003. If you know where it is, please contact with me. My QQ number is 87881405. QQ is one of the.

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.

1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
IT Security Doug Brown Jeff Bollinger. What is security? P.H.P. People Have Problems Security is the mitigation and remediation of human error in information.

IT Security Doug Brown Jeff Bollinger. What is security? P.H.P. People Have Problems Security is the mitigation and remediation of human error in information.
Use of Honey-pots to Detect Exploited Systems Across Large Enterprise Networks Ashish Gupta Network Security May 2004

Use of Honey-pots to Detect Exploited Systems Across Large Enterprise Networks Ashish Gupta Network Security May 2004
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.

100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.
DDos Distributed Denial of Service Attacks by Mark Schuchter.

DDos Distributed Denial of Service Attacks by Mark Schuchter.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Similar presentations

Ads by Google