Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet Service Provider Attack Scenario

Published byGitta Albrecht Modified over 6 years ago

Similar presentations

Presentation on theme: "Internet Service Provider Attack Scenario"— Presentation transcript:

1 Internet Service Provider Attack Scenario
MENOG 2018

2 About me Mohammad Reza Mostame Expert in information security

3 Internet Service Provider threats
Service unavailability Data leakage Abuse of network resources Mohammad Reza Mostame – CTO of RNPG

4 Network access through web applications
Web application vulnerability SQL Injection OS access Privilege escalation Layer 2 network attack Mohammad Reza Mostame – CTO of RNPG

5 Routers access method monitoring software vulnerabilities
Routers vulnerabilities Routers misconfigurations Mohammad Reza Mostame – CTO of RNPG

6 Attack scenario against Internet Service Provider
Getting access to the routers and hijack the network traffic Mohammad Reza Mostame – CTO of RNPG

7 Attack scenario against Internet Service Provider
BGP hijack Mohammad Reza Mostame – CTO of RNPG

8 Attack scenario against Internet Service Provider
Remote File Inclusion’s vulnerability leads to Firewall bypass Mohammad Reza Mostame – CTO of RNPG

9 Attack scenario against Internet Service Provider
LDAP Injection attack Pass The Hash vulnerability Escalate privileges to the administrator in Active Directory Mohammad Reza Mostame – CTO of RNPG

10 How to secure the Internet Service Provider’s infrastructure!
Mohammad Reza Mostame – CTO of RNPG

11 First: Identify threats
Penetration testing can help us to find the threats. ISP’s threats divided into 4 sections Web application vulnerability and exploitation Misuse of Network resources Misuse of OS vulnerability Mobile applications threats Mohammad Reza Mostame – CTO of RNPG

12 Penetration testing benefits
Preventing Information Loss Preventing Financial Loss Protect Your Brand in Market Essential part of compliance standards or certifications for your business Mohammad Reza Mostame – CTO of RNPG

13 Second: Secure your business
Web application hardening Network hardening OS hardening DLP Mohammad Reza Mostame – CTO of RNPG

14 Web application hardening
Runtime Application Self-Protection (RASP) Web Application Firewall (WAF) Secure Software Development Life Cycle (SDLC) Database Firewall (DBFW) Mohammad Reza Mostame – CTO of RNPG

15 Network hardening Service hardening Device hardening
Intrusion Prevention System & Firewall Mohammad Reza Mostame – CTO of RNPG

16 OS hardening Application hardening Sandbox Vulnerability management
Mandatory Access Control (SE Linux) Mohammad Reza Mostame – CTO of RNPG

17 Data Loss Prevention AD RMS (Active Directory Rights Management Services) Host Based DLP Network Based DLP Mohammad Reza Mostame – CTO of RNPG

18 Defense In Depth Mohammad Reza Mostame – CTO of RNPG

19 Questions and Answer Thanks

Download ppt "Internet Service Provider Attack Scenario"

Similar presentations

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
4/14/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/14/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Current Security Threats WMO CBS ET-CTS Toulouse, France 26-30 May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.

© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.

Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Enterprise Network Security Accessing the WAN – Chapter 4.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Enterprise Network Security Accessing the WAN – Chapter 4.
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.
Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.

Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.

CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
SECURITY ZONES. Security Zones  A security zone is a logical grouping of resources, such as systems, networks, or processes, that are similar in the.

SECURITY ZONES. Security Zones  A security zone is a logical grouping of resources, such as systems, networks, or processes, that are similar in the.
Software Security Testing Vinay Srinivasan cell: +91 9823104620.

Software Security Testing Vinay Srinivasan cell:
Michael McDonnell GIAC Certified Intrusion Analyst Creative Commons License: You are free to share and remix but you must provide.

Michael McDonnell GIAC Certified Intrusion Analyst Creative Commons License: You are free to share and remix but you must provide.
Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Similar presentations

Ads by Google