SECURITY ANALYSIS TOOLS FOR INFORMATION MANAGEMENT Alicia Coon.

Slides:

Advertisements

Similar presentations

IS 376 NOVEMBER 5, DATA BREACH INVESTIGATIONS REPORT By The Verizon RISK Team Research Investigations Solutions Knowledge.

Advertisements

Uzair Masood MASYU001.  What is a honey Pot ? “ A honey pot is an information system resource whose value lies in unauthorized or illicit use.

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.

Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.

Protection from Internet Theft By James Seegars. What Is Hacking? Definition – A)To change or alter(Computer Program) – B) To gain access to (a computer.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

System Security Scanning and Discovery Chapter 14.

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

Hands-On Ethical Hacking and Network Defense

9-Performing Vulnerability Assessments Dr. John P. Abraham Professor UTPA.

Vulnerability Analysis Borrowed from the CLICS group.

BOTNETS/Cyber Criminals  How do we stop Cyber Criminals.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.

Packet Capture Using Ethereal. Definition for Sniffer: A program and/or device that monitors data traveling over a network. Sniffers can be used both.

Lesson 1-What Is Information Security?. Overview History of security. Security as a process.

Computer Security and Penetration Testing

LittleOrange Internet Security an Endpoint Security Appliance.

Lesson 19: Configuring Windows Firewall

1 Presentation ISS Security Scanner & Retina by Adnan Khairi

Security+ Guide to Network Security Fundamentals, Fourth Edition

Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

Introduction to Honeypot, Botnet, and Security Measurement

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

What is FORENSICS? Why do we need Network Forensics?

Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 4 Finding Network Vulnerabilities By Whitman, Mattord, & Austin© 2008 Course Technology.

1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.

HoneyD (Part 2) Small Business NIDS This presentation demonstrates the ability for Small Businesses to emulate virtual operating systems and conduct.

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.

This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Vulnerabilities in peer to peer communications Web Security Sravan Kunnuri.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.

HONEYPOT By SIDDARTHA ELETI CLEMSON UNIVERSITY. Introduction Introduced in 1990/1991 by Clifford Stoll’s in his book “The Cuckoo’s Egg” and by Bill Cheswick’s.

Chapter 1 Ethical Hacking Overview. Objectives After reading this chapter and completing the exercises, you will be able to: Describe the role of an ethical.

Linux Networking and Security

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #14 Network Forensics September 26, 2007.

1 Commonwealth Security Information Resource Center Michael Watson Security Incident Management Director 10/17/2008

Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006.

Computer Networking.  The basic tool for observing the messages exchanged between executing protocol entities  Captures (“sniffs”) messages being sent/received.

Advanced Packet Analysis and Troubleshooting Using Wireshark 23AF

13LECTURE NET301 11/23/2015Lect13 NET THE PROBLEM OF NETWORK SECURITY The Internet allows an attacker to attack from anywhere in the world from.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.

Computer Security Fundamentals by Chuck Easttom Chapter 11 Network Scanning and Vulnerability Scanning.

Matt Broman Kodiac Gamble Devin Nichol SECTION 4.2 INFORMATION SECURITY.

UNIX SYSTEM SECURITY Tanusree Sen Agenda Introduction Three Different Levels of Security Security Policies Security Technologies Future of.

Introduction Web analysis includes the study of users’ behavior on the web Traffic analysis – Usage analysis Behavior at particular website or across.

Enumeration March 2, 2010 MIS 4600 – MBA © Abdou Illia.

ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools.

Kevin Watson and Ammar Ammar IT Asset Visibility.

Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools Ch7 Part III Principles of Information Security, Fourth Edition.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Seminar On Ethical Hacking Submitted To: Submitted By:

CHAPTER FOUR OVERVIEW SECTION ETHICS

Calvin Wilson Craig Delzangle

Secure Software Confidentiality Integrity Data Security Authentication

Click to edit Master subtitle style

Traffic Analysis with Ethereal

Computer Security Tools.

Computer Security Fundamentals

Chapter 4: Protecting the Organization

Traffic Analysis– Wireshark Simple Example

CHAPTER FOUR OVERVIEW SECTION ETHICS

Net301 LECTURE 11 11/23/2015 Lect13 NET301.

Protection Mechanisms in Security Management

Presentation transcript:

SECURITY ANALYSIS TOOLS FOR INFORMATION MANAGEMENT Alicia Coon

OVERVIEW Security Analysis Tools Security Analysis Tools Fingerprinting Fingerprinting Types of Analysis Tools Types of Analysis Tools Examples Examples References References Questions Questions

SECURITY ANALYSIS TOOLS The ability to look at systems from the attacker’s point of view The ability to look at systems from the attacker’s point of view Find vulnerabilities Find vulnerabilities Help prevent future attacks on systems Help prevent future attacks on systems Create a better way to protect systems from attacks Create a better way to protect systems from attacks Majority can be downloaded Majority can be downloaded

FINGERPRINTING “a data-gathering process that discovers the assets that can be accessed from a network, usually performed in advance of a planned attack. It is the systematic examination of the entire set of Internet addresses of the organization” “a data-gathering process that discovers the assets that can be accessed from a network, usually performed in advance of a planned attack. It is the systematic examination of the entire set of Internet addresses of the organization”

TYPES OF ANALYSIS TOOLS Scanners Scanners Packet Sniffers Packet Sniffers Content Filters Content Filters Trap and Trace Tools Trap and Trace Tools

SCANNERS Are tools that automatically search networks for hosts and/or vulnerabilities Are tools that automatically search networks for hosts and/or vulnerabilities Two Types Two Types Port Scanners Port Scanners Vulnerability Scanners Vulnerability Scanners

PORT SCANNERS Software that is capable of finding all of the active computers, open ports, and services on a network Software that is capable of finding all of the active computers, open ports, and services on a network Example Example Foundstone’s SuperScan 4 Foundstone’s SuperScan 4

VULNERABILITY SCANNERS Are capable of scanning networks for very detailed information Are capable of scanning networks for very detailed information Examples Examples Nmap Nmap Nessus Nessus

PACKET SNIFFERS A network tool that collects and analyzes copies of packets from a network A network tool that collects and analyzes copies of packets from a network Needs to be on the network that you want to sniff Needs to be on the network that you want to sniff Example Example Ethereal Ethereal

LEGAL USE OF PACKET SNIFFERS Be on a network that the organization owns, not leases Be on a network that the organization owns, not leases Be under the direct authorization of the network’s owners Be under the direct authorization of the network’s owners Have the knowledge and consent of the content creators (users) Have the knowledge and consent of the content creators (users) Have a justifiable business reason for doing so Have a justifiable business reason for doing so

CONTENT FILTERS A software program or a hardware/software appliance that allows administrators to restrict content that comes in to a network A software program or a hardware/software appliance that allows administrators to restrict content that comes in to a network Example Example NetNanny NetNanny

TRAP AND TRACE TOOLS Trap Trap Luring an attacker into the network Luring an attacker into the network Example Example Honeypot Honeypot Trace Trace Attempt to determine the identity of someone discovered in unauthorized areas of the network Attempt to determine the identity of someone discovered in unauthorized areas of the network Example Example Recourse Technologies’ ManHunt Recourse Technologies’ ManHunt

HONEYPOTS An electronic decoy that is put on a system’s network to trick an attacker into thinking he/she has hacked into the system An electronic decoy that is put on a system’s network to trick an attacker into thinking he/she has hacked into the system Goal is to capture information about the activity of the attacker Goal is to capture information about the activity of the attacker

HONEYPOT LOCATIONS

MANHUNT Used to track down an attacker Used to track down an attacker TrackBack feature TrackBack feature

SUMMARY Security analysis tools are used by both security professionals and attackers Security analysis tools are used by both security professionals and attackers Different types of analysis tools and examples Different types of analysis tools and examples

REFERENCES Anderson, Harry. “Introduction to Nessus.” 28 October April Anderson, Harry. “Introduction to Nessus.” 28 October April 2006.< Costello, Sam. “Recourse updates ManHunt security product.” 26 June Costello, Sam. “Recourse updates ManHunt security product.” 26 June April < Foundstone, Inc. 16 April 2006 Foundstone, Inc. 16 April 2006 Shuja, Faiz Ahmad. “Honeypots: Pakistan Honeynet Project.” 16 April 2006 Shuja, Faiz Ahmad. “Honeypots: Pakistan Honeynet Project.” 16 April 2006< SnapFiles. 16 April SnapFiles. 16 April Whitman, Michael E. and Herbert J. Mattord. Managemanet of Information Security. Thomson Course Technology. Canada Whitman, Michael E. and Herbert J. Mattord. Managemanet of Information Security. Thomson Course Technology. Canada

QUESTIONS???