Network and System Security Risk Assessment

Slides:



Advertisements
Similar presentations
Network Vulnerabilities and Attacks Dr. John Abraham UTPA.
Advertisements

Man in the Middle Attack
Lesson 3-Hacker Techniques
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
CIS 193A – Lesson13 Attack and Defense. CIS 193A – Lesson13 Focus Question Describe how Nmap, psad, and iptables work together for playing out attack.
Network Security of Labnet ******. Introduction Test the network security of the servers on our Labnet domain Find Potential Weaknesses Find Security.
Sniffing, Spoofing, Hijacking This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added.
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
Hacking Linux Based on Hacking Linux Exposed Hatch, Lee, and Kurtz ISBN
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Network Attacks Mark Shtern.
IP Spoofing, CS2651 IP Spoofing Bao Ho ToanTai Vu CS Security Engineering Spring 2003 San Jose State University.
Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
COEN 252: Computer Forensics Router Investigation.
Introduction to InfoSec – Recitation 12 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.
Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.
CS426Fall 2010/Lecture 331 Computer Security CS 426 Lecture 33 Network Security (1)
Ana Chanaba Robert Huylo
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
TCP/IP Vulnerabilities. Outline Security Vulnerabilities Denial of Service Worms Countermeasures: Firewalls/IDS.
IIT Indore © Neminath Hubballi
Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
1 Network Packet Generator Midway presentation Supervisor: Mony Orbach Presenting: Eugeney Ryzhyk, Igor Brevdo.
Chapter 6: Packet Filtering
CS 640: Introduction to Computer Networks Aditya Akella Lecture 25 – Network Security.
This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.
Introduction to InfoSec – Recitation 11 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
CHAPTER 10 Session Hijacking. INTRODUCTION The act of taking over a connection of some sort, for examples, network connection, a modem connection or other.
CS426Network Security1 Computer Security CS 426 Network Security (1)
Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.
CHAPTER 9 Sniffing.
Chapter 23: ARP, ICMP, DHCP CS332, IS333 Spring 2014.
DoS Suite and Raw Socket Programming Group 16 Thomas Losier Paul Obame Group 16 Thomas Losier Paul Obame.
Advanced Packet Analysis and Troubleshooting Using Wireshark 23AF
Lab #2 NET332 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,
FIREWALLS An Important Component in Computer Systems Security By: Bao Ming Soh.
Session 25: Netlink Sockets 문준혁. Index What are netlink sockets? Opening a netlink socket –Family Netlink messages –nlmsg_type –nlmsg_flags Lab.
SESSION HIJACKING It is a method of taking over a secure/unsecure Web user session by secretly obtaining the session ID and masquerading as an authorized.
Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
Firewalls. A Firewall is: a) Device that interconnects two networks b) Network device that regulates the access to an internal network c) Program that.
© SYBEX Inc All Rights Reserved. CompTIA Security+ Study Guide (SY0-201) “Chapter 2: Identifying Potential Risks”
Advanced Network Labs & Remote Network Agent
Network Security (part 2)
Lab #2 NET332 By Asma AlOsaimi.
Protection (tools).
An Introduction To ARP Spoofing & Other Attacks
Introduction to Information Security
Executive Director and Endowed Chair
Networks Fall 2009.
IT443 – Network Security Administration Instructor: Bo Sheng
The Internet! Layers, TCP, UDP, IP DDoS Reflection Attacks IPSEC, ARP
Course Review 2015 Computer networks 赵振刚
LAN Vulnerabilities.
Introduction to Network Security
Overview of Networking & Operating System Security
* Essential Network Security Book Slides.
What Makes a Network Vulnerable?
Firewalls Purpose of a Firewall Characteristic of a firewall
Setting Up Firewall using Netfilter and Iptables
IP-Spoofing and Source Routing Connections
IP Spoofing Sometimes on the internet, a girl named Alice is really a man named Yves.
Firewalls.
Wireless Spoofing Attacks on Mobile Devices
Presentation transcript:

Network and System Security Risk Assessment --Introduction

Outline Why to begin this subject? What is in this course? 知己知彼,百战不殆。 Network Security System Security What is in this course? Network protocols and problems System security configuration and programming 知己知彼,百战不殆。

some interesting examples Conan Kevin Mitnick And other hackers

An interesting movie clip Phreaking is a slang term coined to describe the activity of a culture of people who study, experiment with, or explore telecommunication systems, such as equipment and systems connected to public telephone networks.

An interesting interview Kevin Mitnick interview Kevin Mitnick attack in 1994 From the material we know, unlike most other hackers, Kevin Mitnick is quite social.

Purpose of the Course provide a basic introduction on common network and system security vulnerabilities; Cultivate basic networking and system programming skills;

Content of the Course Analysis of packet structure Packet sniffing Port scanning…. …. Introduction to a number of threats and vulnerabilities of TCP/IP protocol stack: ARP poison… TCP SYN Flooding

Content of the Course Cover some computer system security problems and programming Firewall: iptables & netfilter Kernel module Rootkit ….

Experiments Write simple programs: backdoor; sniffer; Firewall; Rootkit; ….

Expectation: Get an in-depth understanding of TCP/IP protocol stack Familiarize with usage of various network commands and tools Master socket programming, netfilter, etc.

Contents of Network Security Protocols, Vulnerabilities, Attacks & Defences ARP Protocol and ARP cache poisioning IP protocol, packet sniffering, IP spoofing, IP fragmentation attacks ICMP protocol and ICMP misbehaviors TCP protocol, TCP session hijacking, SYN flooding attacks, DoS attacks, and DDoS attacks IP Routing protocols and Attacks DNS and Pharming Port scanning and signature identification.

Skills to be mastered Various commands Various tools

Grading (subject to change) Final Exam: 60% Labs and Projects: 30% Class Attendance: 10%

Demo: Security Tricks ARP Poisoning Attackers use spoofed ARP message in LAN to associate MAC address and IP address in a malicious way to poison victim’s ARP cache Netwox 80 –eth –ip –eth-dst --ip-dst

Demo: Security Tricks ICMP Redirect Attack Attackers sends ICMP redirect message to user, spoofing as default route, to change the best routing to attacker itself netwox 86 –gw 192.168.137.220 –src-ip 192.168.137.2

Demo: Security Tricks SYN Flooding Attacks: Perform denial of service attack, attacker sends packets of SYN request message to target and never sends ACK message. Netwox 76 –dst-ip --dst-port

Demo: Security Attacks Backdoor Based on socket programming, this program will bind to a port and waits for a password The program is with root priviledge

Demo: Security Tricks A packet sniffer: Write a program to sniff packets on the local machine with libpcap Compile self-defined rules

Demo: security tricks A simple packet filter: Which will filter packets on lo interface, UDP packets, etc.

Demo: Security Tricks A simple rootkit to hide a process When using ps, a process can be kept from shown

Reference http://baike.baidu.com/view/165032.htm http://en.wikipedia.org/wiki/Kevin_Mitnick http://www.cis.syr.edu/~wedu/Teaching/cis758/netw522/netwox-doc_html/html/examples.html

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.