Download presentation
Presentation is loading. Please wait.
Published byBeryl Blake Modified over 8 years ago
1
SECURITY ANALYSIS TOOLS FOR INFORMATION MANAGEMENT Alicia Coon
2
OVERVIEW Security Analysis Tools Security Analysis Tools Fingerprinting Fingerprinting Types of Analysis Tools Types of Analysis Tools Examples Examples References References Questions Questions
3
SECURITY ANALYSIS TOOLS The ability to look at systems from the attacker’s point of view The ability to look at systems from the attacker’s point of view Find vulnerabilities Find vulnerabilities Help prevent future attacks on systems Help prevent future attacks on systems Create a better way to protect systems from attacks Create a better way to protect systems from attacks Majority can be downloaded Majority can be downloaded
4
FINGERPRINTING “a data-gathering process that discovers the assets that can be accessed from a network, usually performed in advance of a planned attack. It is the systematic examination of the entire set of Internet addresses of the organization” “a data-gathering process that discovers the assets that can be accessed from a network, usually performed in advance of a planned attack. It is the systematic examination of the entire set of Internet addresses of the organization”
5
TYPES OF ANALYSIS TOOLS Scanners Scanners Packet Sniffers Packet Sniffers Content Filters Content Filters Trap and Trace Tools Trap and Trace Tools
6
SCANNERS Are tools that automatically search networks for hosts and/or vulnerabilities Are tools that automatically search networks for hosts and/or vulnerabilities Two Types Two Types Port Scanners Port Scanners Vulnerability Scanners Vulnerability Scanners
7
PORT SCANNERS Software that is capable of finding all of the active computers, open ports, and services on a network Software that is capable of finding all of the active computers, open ports, and services on a network Example Example Foundstone’s SuperScan 4 Foundstone’s SuperScan 4
9
VULNERABILITY SCANNERS Are capable of scanning networks for very detailed information Are capable of scanning networks for very detailed information Examples Examples Nmap Nmap Nessus Nessus
12
PACKET SNIFFERS A network tool that collects and analyzes copies of packets from a network A network tool that collects and analyzes copies of packets from a network Needs to be on the network that you want to sniff Needs to be on the network that you want to sniff Example Example Ethereal Ethereal
14
LEGAL USE OF PACKET SNIFFERS Be on a network that the organization owns, not leases Be on a network that the organization owns, not leases Be under the direct authorization of the network’s owners Be under the direct authorization of the network’s owners Have the knowledge and consent of the content creators (users) Have the knowledge and consent of the content creators (users) Have a justifiable business reason for doing so Have a justifiable business reason for doing so
15
CONTENT FILTERS A software program or a hardware/software appliance that allows administrators to restrict content that comes in to a network A software program or a hardware/software appliance that allows administrators to restrict content that comes in to a network Example Example NetNanny NetNanny
17
TRAP AND TRACE TOOLS Trap Trap Luring an attacker into the network Luring an attacker into the network Example Example Honeypot Honeypot Trace Trace Attempt to determine the identity of someone discovered in unauthorized areas of the network Attempt to determine the identity of someone discovered in unauthorized areas of the network Example Example Recourse Technologies’ ManHunt Recourse Technologies’ ManHunt
18
HONEYPOTS An electronic decoy that is put on a system’s network to trick an attacker into thinking he/she has hacked into the system An electronic decoy that is put on a system’s network to trick an attacker into thinking he/she has hacked into the system Goal is to capture information about the activity of the attacker Goal is to capture information about the activity of the attacker
19
HONEYPOT LOCATIONS
20
MANHUNT Used to track down an attacker Used to track down an attacker TrackBack feature TrackBack feature
21
SUMMARY Security analysis tools are used by both security professionals and attackers Security analysis tools are used by both security professionals and attackers Different types of analysis tools and examples Different types of analysis tools and examples
22
REFERENCES Anderson, Harry. “Introduction to Nessus.” 28 October 2003. 16 April 2006. Anderson, Harry. “Introduction to Nessus.” 28 October 2003. 16 April 2006.<http://www.securityfocus.com/infocus/1741> Costello, Sam. “Recourse updates ManHunt security product.” 26 June 2001. Costello, Sam. “Recourse updates ManHunt security product.” 26 June 2001. 16 April 2006. <http://www.networkworld.com/news/2001/0626manhunt.html> Foundstone, Inc. 16 April 2006 Foundstone, Inc. 16 April 2006 Shuja, Faiz Ahmad. “Honeypots: Pakistan Honeynet Project.” 16 April 2006 Shuja, Faiz Ahmad. “Honeypots: Pakistan Honeynet Project.” 16 April 2006<http://www.honeynet.org.pk/honeypots.html> SnapFiles. 16 April 2006. SnapFiles. 16 April 2006. Whitman, Michael E. and Herbert J. Mattord. Managemanet of Information Security. Thomson Course Technology. Canada. 2004. Whitman, Michael E. and Herbert J. Mattord. Managemanet of Information Security. Thomson Course Technology. Canada. 2004.
23
QUESTIONS???
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.