Presentation is loading. Please wait.

Presentation is loading. Please wait.

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 3 Network Security Threats Chapter 4.

Published byEdwin Lynch Modified over 8 years ago

Similar presentations

Presentation on theme: "© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 3 Network Security Threats Chapter 4."— Presentation transcript:

1 © ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 3 Network Security Threats Chapter 4

2 © ITT Educational Services, Inc. All rights reserved.Page 2 IS3220 Information Technology Infrastructure Security Class Agenda 1  Learning Objectives  Discussion of Project  Lesson Presentation and Discussions.  Discussion on Assignments.  Discussion on Lab Activities.  Break Times. 10 Minutes break in every 1 Hour.  Note: Submit all Assignment and labs due today.

3 © ITT Educational Services, Inc. All rights reserved.Page 3 IS3220 Information Technology Infrastructure Security Class Agenda 2  Theory: Network Security Threats ( 6:00pm -8:00pm)  Lab: Network Discovery & Security Scanning Using ZenMap GUI (Nmap) (8:15pm to 11:00pm)

4 © ITT Educational Services, Inc. All rights reserved.Page 4 IS3220 Information Technology Infrastructure Security Reading  Stewart, Chapter 4. “Network Security Threats and Issues”  NIST SP 800-30: Risk Management Guide for Information Technology Systems (http://csrc.nist.gov/publications/nistpubs/800-30/sp800- 30.pdf)http://csrc.nist.gov/publications/nistpubs/800-30/sp800- 30.pdf  Other Website: CWE/SANS TOP 25 Most Dangerous Software Errors https://www.sans.org/top25-software-errors/

5 © ITT Educational Services, Inc. All rights reserved.Page 5 IS3220 Information Technology Infrastructure Security Learning Objective  Recognize the impact that malicious exploits and attacks have on network security

6 © ITT Educational Services, Inc. All rights reserved.Page 6 IS3220 Information Technology Infrastructure Security Key Concepts  What are you protecting and from whom?  Intellectual property and privacy data  Risk assessment for network infrastructure  Wired and wireless network infrastructure risks, threats, and vulnerabilities  Common network hacking tools, applications, exploits, and attacks  Social engineering practices and their impact on network security efforts

7 © ITT Educational Services, Inc. All rights reserved.Page 7 IS3220 Information Technology Infrastructure Security EXPLORE: CONCEPTS

8 © ITT Educational Services, Inc. All rights reserved.Page 8 IS3220 Information Technology Infrastructure Security Malware ~ Malacious Code  Distribution Methods Software downloads E-mail Malicious web sites File transfer Flaws in software  Effects of Malware Data loss, exposure, or change Poor system performance Pop-up ads System becomes a “bot” or “zombie”

9 © ITT Educational Services, Inc. All rights reserved.Page 9 IS3220 Information Technology Infrastructure Security Common Types of Malware  Viruses and Worms  Trojan Horses  Keystroke Loggers (“keyloggers”)  Spyware and Adware  Rootkits  Logic Bombs  Trapdoors and Backdoors  URL Injectors and Browser Redirectors  Exploits

10 © ITT Educational Services, Inc. All rights reserved.Page 10 IS3220 Information Technology Infrastructure Security Malware: Viruses and Worms  Viruses Infect boot sectors or files, such as executables, drivers, and system Need user interaction to spread  Worms Infect systems Don’t need user interaction to spread Can be carriers for other types of malicious code

11 © ITT Educational Services, Inc. All rights reserved.Page 11 IS3220 Information Technology Infrastructure Security Malware: Trojan Horses  Delivery method for a malicious payload  Usually appear to be a benign program, such as a game or utility  Installed by users without knowledge of malicious payload  Allows remote access to attackers

12 © ITT Educational Services, Inc. All rights reserved.Page 12 IS3220 Information Technology Infrastructure Security Malware: Keystroke Loggers  Also called “keyloggers”  Software-based keyloggers can be installed via worms or Trojan horses  Record keystrokes and transmit them to the attacker  Hardware-based keyloggers

13 © ITT Educational Services, Inc. All rights reserved.Page 13 IS3220 Information Technology Infrastructure Security Malware: Spyware and Adware  Spyware  Adware  May be bundled together  May be embedded in other programs  May masquerade as antimalware product

14 © ITT Educational Services, Inc. All rights reserved.Page 14 IS3220 Information Technology Infrastructure Security Malware: Rootkits  Codes that position themselves between the operating system kernel and hardware  Allows attacker to gain root/administrative access to system  Uses of rootkits

15 © ITT Educational Services, Inc. All rights reserved.Page 15 IS3220 Information Technology Infrastructure Security Malware: Logic Bombs  Malicious code that lies dormant until triggered  Triggering events Time and date Program launch Keyword Accessing a URL

16 © ITT Educational Services, Inc. All rights reserved.Page 16 IS3220 Information Technology Infrastructure Security Malware: Backdoors and Trapdoors  Synonyms for the same type of malware  Bypass normal authentication or security controls  Benefits to the attacker  Examples of backdoors and trapdoors

17 © ITT Educational Services, Inc. All rights reserved.Page 17 IS3220 Information Technology Infrastructure Security Malware: URL Injectors and Browser Redirection  Also called browser hijacking  Replace URLs with alternative addresses  Redirect browser to target Web sites  May also change browser home page  May prevent access to anti-malware Web sites  May inject entries into HOSTS file  Other malware may contain URL injector code

18 © ITT Educational Services, Inc. All rights reserved.Page 18 IS3220 Information Technology Infrastructure Security Malware: Exploits  Take advantage of flaws or bugs in software  Often embedded into other forms of malware  May be stand-alone or part of hacker toolkits

19 © ITT Educational Services, Inc. All rights reserved.Page 19 IS3220 Information Technology Infrastructure Security Impact of Malware on Organizations  Melissa Virus caused $80 million in damages in North America  SQL Slammer Virus  Code Red

20 © ITT Educational Services, Inc. All rights reserved.Page 20 IS3220 Information Technology Infrastructure Security Application Vulnerabilities  Buffer overflow  SQL Injection  Cross-site scripting (XSS)  Cached credentials

21 © ITT Educational Services, Inc. All rights reserved.Page 21 IS3220 Information Technology Infrastructure Security Mitigating Application Vulnerabilities  In-House Coding  Operating systems or applications  Vulnerability scanning  Open Web Application Security Project (OWASP) for Web application security

22 © ITT Educational Services, Inc. All rights reserved.Page 22 IS3220 Information Technology Infrastructure Security Port Scanning MechanicsUses  TCP or UDP packets are sent to ports on a system  Scanning performed on single IP address or IP address range  Open ports can verify:  Indicators of open ports  Noticeable and detectable  Useful to both hackers and security professionals  Hackers  Security Professionals

23 © ITT Educational Services, Inc. All rights reserved.Page 23 IS3220 Information Technology Infrastructure Security EXPLORE: PROCESS

24 © ITT Educational Services, Inc. All rights reserved.Page 24 IS3220 Information Technology Infrastructure Security What is Risk?  Risk has several meanings Danger Consequences Likelihood or probability  Definition of risk in formal risk assessment

25 © ITT Educational Services, Inc. All rights reserved.Page 25 IS3220 Information Technology Infrastructure Security Risk Assessment Methodology  Identification  Analysis  Determine risk for each threat-vulnerability pair  Prioritize mitigation efforts

26 © ITT Educational Services, Inc. All rights reserved.Page 26 IS3220 Information Technology Infrastructure Security Measuring Risk  Risk = Impact x Likelihood Impact: The consequence of a successful exploitation of a vulnerability Likelihood: How probable is it that an impact will occur?  Risk can be measured

27 © ITT Educational Services, Inc. All rights reserved.Page 27 IS3220 Information Technology Infrastructure Security Risk Matrix Likelihood LowMediumHigh Impact Low Medium LowMediumHigh MediumHighCritical

28 © ITT Educational Services, Inc. All rights reserved.Page 28 IS3220 Information Technology Infrastructure Security EXPLORE: ROLES

29 © ITT Educational Services, Inc. All rights reserved.Page 29 IS3220 Information Technology Infrastructure Security The Hacking Process: Reconnaissance

30 © ITT Educational Services, Inc. All rights reserved.Page 30 IS3220 Information Technology Infrastructure Security The Hacking Process: Scanning

31 © ITT Educational Services, Inc. All rights reserved.Page 31 IS3220 Information Technology Infrastructure Security The Hacking Process: Enumeration

32 © ITT Educational Services, Inc. All rights reserved.Page 32 IS3220 Information Technology Infrastructure Security The Hacking Process: Attacking

33 © ITT Educational Services, Inc. All rights reserved.Page 33 IS3220 Information Technology Infrastructure Security The Hacking Process: Post-Attack Activities

34 © ITT Educational Services, Inc. All rights reserved.Page 34 IS3220 Information Technology Infrastructure Security The Hacking Process: Fall Back Attacks

35 © ITT Educational Services, Inc. All rights reserved.Page 35 IS3220 Information Technology Infrastructure Security Social Engineering Basics  “Hacking” people instead of systems  Conducing research or reconnaissance to identify appropriate targets  Communication methods  Manipulating targets

36 © ITT Educational Services, Inc. All rights reserved.Page 36 IS3220 Information Technology Infrastructure Security Social Engineering Techniques  Methods for conducting research  Building relationships with targets then exploiting them  Impersonating  Reciprocity or a favor for a favor

37 © ITT Educational Services, Inc. All rights reserved.Page 37 IS3220 Information Technology Infrastructure Security Seven Domains of a Typical IT Infrastructure

38 © ITT Educational Services, Inc. All rights reserved.Page 38 IS3220 Information Technology Infrastructure Security Definitions Review  Risk  Threat  Vulnerability

39 © ITT Educational Services, Inc. All rights reserved.Page 39 IS3220 Information Technology Infrastructure Security Unit 3 Class Activities  Discussion 3.1: Social Engineering Defense Issues  Lab 3.2: Configuring a pfSense Firewall on the Client

Download ppt "© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 3 Network Security Threats Chapter 4."

Similar presentations

Let’s Talk About Cyber Security

Let’s Talk About Cyber Security
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.

Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy

Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.

Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.

Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
Quiz Review.

Quiz Review.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.

Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.
Introduction to Honeypot, Botnet, and Security Measurement

Introduction to Honeypot, Botnet, and Security Measurement
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Protecting Your Computer & Your Information

Protecting Your Computer & Your Information
Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security.

Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security.

Similar presentations

Ads by Google