Forces that Have Brought the world to it’s knees over the centuries.

Slides:

Advertisements

Similar presentations

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

Advertisements

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

Cryptography and Network Security Chapter 20 Intruders

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

System Security Scanning and Discovery Chapter 14.

Hacking Linux Based on Hacking Linux Exposed Hatch, Lee, and Kurtz ISBN

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

System and Network Security Practices COEN 351 E-Commerce Security.

Firewalls and Intrusion Detection Systems

Network Security Testing Techniques Presented By:- Sachin Vador.

Computer Security and Penetration Testing

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

COEN 252: Computer Forensics Router Investigation.

Hacking Web Server Defiana Arnaldy, M.Si

Module 7: Configuring TCP/IP Addressing and Name Resolution.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind.

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.

Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.

CIS 450 – Network Security Chapter 16 – Covering the Tracks.

Module 14: Configuring Server Security Compliance

Attack Lifecycle Many attacks against information systems follow a standard lifecycle: –Stage 1: Info. gathering (reconnaissance) –Stage 2: Penetration.

CIS 450 – Network Security Chapter 3 – Information Gathering.

COEN 350 Security Threats. Network Based Exploits Phases of an Attack  Reconnaissance  Scanning  Gaining Access  Expanding Access  Covering Tracks.

Lesson 5 Knowing the Threat. Unauthorized use of Computer Systems 2000 CSI/FBI Survey Trend.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

DIYTP Assessing a System - Basics  Why?  Vulnerabilities  What to look at:  The six ‘P’s  Patch  Ports  Protect  Policies  Probe  Physical.

Information Systems Security Operations Security Domain #9.

# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.

Linux Networking and Security

Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.

Client-based Application Attacks Adli Abdul Wahid Dept. of Comp. Science, IIUM

CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.

Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.

CHAPTER 9 Sniffing.

COEN 250 Security Threats. Network Based Exploits Phases of an Attack Reconnaissance Scanning Gaining Access Expanding Access Covering Tracks.

Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.

Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.

Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.

Footprinting and Scanning

Computer Security By Duncan Hall.

Enumeration. Definition Scanning identifies live hosts and running services Enumeration probes the identified services more fully for known weaknesses.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Web Server Security: Protecting Your Pages NOAA OAR WebShop 2001 August 2 nd, 2001 Jeremy Warren.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Security Operations Chapter 11 Part 3 Pages 1279 to 1309.

Filip Chytrý Everyone of you in here can help us improve online security....

 Terms:  “Security”: is a system’s ability to provide services while maintaining the five IA pillars  “Attack”: an action that violates one of the.

General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.

Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Chapter 7. Identifying Assets and Activities to Be Protected

Seminar On Ethical Hacking Submitted To: Submitted By:

Footprinting and Scanning

Backdoor Attacks.

Secure Software Confidentiality Integrity Data Security Authentication

Kennesaw State University

Footprinting and Scanning

Network hardening Chapter 14.

How hackers do it Ron Woerner Security Administrator CSG Systems, Inc.

Presentation transcript:

Forces that Have Brought the world to it’s knees over the centuries

Hackers and their art An introduction into why they do it and how they research it.

If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle. Sun Tzu, The Art of War

What Is Hacking? The Act of Gaining Access to a Computer File or Network Without Authorization.

The Hackers Motivation Is the Hacker a Criminal?

“We seek after knowledge and you call us criminals. Yes, I am a criminal. My crime is that of curiosity. My crime is that of outsmarting you, Something that you will never forgive me for. You may stop this individual but, you can’t stop us all… After all, we’re all alike.” The Hackers Manifesto The Mentor

The Five Phases Reconnaissance Scanning Gaining access Maintaining access Covering the tracks

Phase I Reconnaissance

Low Technology Reconnaissance Social engineering Physical break in / Piggybacking Dumpster Diving

Computer Based Reconnaissance Information Gathered on line through the use of tools such as “Sam Spade”. Tools available to the hacker in this program include but are not limited to: Ping Traceroute Finger Client Multiple Whois databases DNS lookup DNZ Zone transfer IP block registration View web site source code Crawl a web site Notepad for taking system notes

What the Hacker Hopes to Gain at This Stage of Attack: Domain name Contacts at the target organization DNS server IP addresses Other target system addresses A glimpse of technologies in use User names and passwords (or their format)

Basic Defenses at This Stage Disabling Ping on border routers Split DNS Keep Whois database records up to date Do not use OS type or system function in domain names Create, implement, and enforce a user password policy

Split DNS

Phase II Scanning

Typical Scanning Techniques War dialing using THC-Scan Network mapping using Cheops-ng Port Scanning using Nmap Vulnerability scanning using Nessus

What the Hacker Hopes to Gain at This Stage of Attack: List of telephone #’s with active modems List of open ports Map of the network List of vulnerabilities

Basic Defenses Against War Dialing Create, Implement, and enforce a Dial up policy Use of Call back service on server Removal of banner from dial up connection

Basic Defenses Against Network Mapping Remove telnet and web server from firewall Implement ACL’s on all border routers Use ACL’s to block ICMP to internal net Disable unused ports / services on routers

Basic Defenses Against Port Scanning Run a port scan against your own system to find open ports and close them Disable unneeded services through the services control panel Use software firewalls and proxy servers

Basic Defenses for Vulnerability Scanning Routinely update servers with latest patches and service packs Run multiple vulnerability scanners against your network to find the “Holes” before they do Ensure that all software installed on firewalls and servers is from a reputable source

Phase III Gaining Access

Typical Methods of Gaining System Access On site Hacking Stolen user ID’s and Passwords Running “Brute force attacks” Trojan horses Cracking password files

Access Methods Continued Utilization of data gathered while “Sniffing” IP spoofing and ARP cache poisoning Exploiting buffer overflows in software

What the Hacker Hopes to Gain at This Stage of the Attack: Access!!! Just making sure you were still awake ;)

LAN Sniffing (HUB)

LAN Sniffing (Switch)

Basic Defenses Against Sniffing Use Secure Shell instead of Telnet Use VPN tools to encrypt data between systems Install Switches instead of Hubs Create VLANS on switches Hard code the ARP tables on your systems

Buffer Overflow

Basic Defenses Against Buffer Overflows Implement a non-executable stack (Ex: set noexec_user_stack=1) On windows 2000 use SecureStack Use automated code examining tools like ITS4

Basic Defenses Against Password Cracking Create and implement a strong PW policy (At least 8 characters alpha and numeric) Force users to change passwords regularly by using Windows Users policy Install PW filtering software to ensure integrity of user chosen passwords Conduct PW audits with their programs (L0phtCrack or John the Ripper)

Phase IV Maintaining Access

Methods of maintaining access Trojan Horses Backdoors

Basic Defenses against Trojans and Backdoors Routinely scan for Trojans on your network Ensure definition files for Anti-virus software are up to date Look for changes in the system Install anti-virus software on both server and client machines Create “fingerprints” of key files and run an integrity checker against them on a regular basis

Phase V Covering the tracks

Methods of avoiding detection NTFS alternate data streams and hidden files Reverse WWW shell Altering, Replacing, or Moving log files

NTFS alternate data streams and hidden files NTFS supports file streaming (each filename is like a chest of drawers) 1.) Name of file viewed in explorer 2.) “Normal” Stream (Contains the expected contents of the file) 3.) Alternate Data Streams hidden under normal file

Why are Streams Stealthy? Streams don’t show up in windows explorer (only “Normal” streams are displayed) Length of file displayed in explorer only includes “Normal” stream When files are copied all streams follow the name if copied into an NTFS partition

Basic Defenses Against File Hiding in Windows Most commercial anti-virus packages detect malicious code LADS

Reverse WWW Shell Client / server implemented in a single program Carries a command shell over HTTP Attacker uses client to access server from off site Software appears to be surfing the web but, is really polling client for commands to be executed on the server

Reverse WWW Shell

Basic defenses against Reverse WWW Shell Physical security of Servers Utilization of intrusion detection systems Investigate “Strange” or unknown processes (especially those running with root privileges)

Basic Defenses against log file tampering Setup logs to track failed logons attempts (Don’t just set them up ….. USE THEM!!! ) Periodically review logs for any anomalies Use logs as a baseline to periodically review if new security measures need to be implemented

Conclusion

“Imagine a school where children can read and write, but with teachers who can not, and you have a metaphor of the information age in which we live.” Peter Cochrane

Web Resources for Keeping Up to Date SANS: Security Focus: Search Security:

Acquisition of Software Resources Sam Spade: THC-Scan: Cheops-ng Nmap

Acquisition of Software Resources NESSUS: SecureStack: ITS4: John the Ripper:

Acquisition of Software Resources L0phtCrack: Sniffit: Secure Shell (Open Source) : Netcat:

Acquisition of Software Resources AIDE (Advanced Intrusion Detection Environment) : LADS (Locate Alternate Data Streams) : Reverse WWW Shell: