Remote Control and Advanced Techniques. Remote Control Software What do they do? Connect through dial-in and/or TCP/IP. Replicate remote screen on local.

Slides:



Advertisements
Similar presentations
Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.
Advertisements

COEN 250 Computer Forensics Unix System Life Response.
Week 6-1 Week 6: Trojans and Backdoors What is a Trojan Horse? Overt and Covert.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
System Security Scanning and Discovery Chapter 14.
Exploits Dalia Solomon. Categories Trojan Horse Attacks Trojan Horse Attacks Smurf Attack Smurf Attack Port Scan Port Scan Buffer Overflow Buffer Overflow.
Database Encryption. Encryption: overview Encrypting Data-in-transit As it is transmitted between client-server Encrypting Data-at-rest Storing data in.
Trojan Horse Program Presented by : Lori Agrawal.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
SSH: An Internet Protocol By Anja Kastl IS World Wide Web Standards.
Network Administration Procedures Tools –Ping –SNMP –Ethereal –Graphs 10 commandments for PC security.
Computer Security and Penetration Testing
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.
MIS Week 7 Site:
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Troubleshooting Your Network Networking for Home and Small Businesses.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
Instant Messaging for the Workplace A pure collaborative communication tool that does not distract users from their normal activities.
ECE4112 Lab 7: Honeypots and Network Monitoring and Forensics Group 13 + Group 14 Allen Brewer Jiayue (Simon) Chen Daniel Chu Chinmay Patel.
Honeypot and Intrusion Detection System
CIS 450 – Network Security Chapter 16 – Covering the Tracks.
Instant Messaging for the Workplace A pure collaborative communication tool that does not distract users from their normal activities.
XP New Perspectives on The Internet, Sixth Edition— Comprehensive Tutorial 5 1 Downloading and Storing Data Using FTP and Other Services to Transfer and.
COEN 250 Computer Forensics Windows Life Analysis.
Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.
Hacker’s Strategies Revealed WEST CHESTER UNIVERSITY Computer Science Department Yuchen Zhou March 22, 2002.
IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It.
1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.
CHAPTER 9 Sniffing.
1 Chapter 34 Internet Applications (Telnet, FTP).
Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Backdoors and Rootkits.
FTP File Transfer Protocol Graeme Strachan. Agenda  An Overview  A Demonstration  An Activity.
Network Security & Accounting
TCOM Information Assurance Management System Hacking.
Protocols COM211 Communications and Networks CDA College Olga Pelekanou
XWN740 X-Windows Configuring and Using Remote Access (Chapter 13: Pages )‏
TCOM Information Assurance Management Software Hacking.
Retina Network Security Scanner
Rootkits, Backdoors, and Trojans ECE 4112 – Lab 5 Summary – Spring 2006 Group 9 Greg Sheridan Terry Harvey Group 10 Matthew Bowman Laura Silaghi Michael.
COEN 250 Computer Forensics Unix System Life Response.
Footprinting and Scanning
Unix Servers Used in This Class  Two Unix servers set up in CS department will be used for some programming projects  Machine name: eustis.eecs.ucf.edu.
W elcome to our Presentation. Presentation Topic Virus.
File Transfer Protocol (FTP) CIS 130. File Transfer Protocol (FTP) Copy files from one internet host (server) to your account on another host –Need domain.
Spyware, Adware & Malware JEEP HOBSON JEEP HOBSON ITE-130 ITE-130 SPRING 2007 SPRING 2007.
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
Kali Linux BY BLAZE STERLING. Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Internet security for the home Paul Norton MEng(Hons) MIEE Electronic engineer working for Pascall Electronics Ltd. on the Isle of Wight A talk on Internet.
Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.
Remote Control and Advanced Techniques Lesson 16.
Dial-up, VPN and Network Devices hacking. Dial-up hacking Phone number footprinting: phone directories (on-line and CD-ROM) Wardialing (scanning): automatically.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.
Enumeration.
Footprinting and Scanning
Remote Control and Advanced Techniques
Footprinting and Scanning
Telnet/SSH Connecting to Hosts Internet Technology.
A Distributed DoS in Action
Internet Applications (Telnet, FTP)
Presentation transcript:

Remote Control and Advanced Techniques

Remote Control Software What do they do? Connect through dial-in and/or TCP/IP. Replicate remote screen on local machine (graphical)graphical Allow running graphical, text-based application in remote machine, displaying the results in the local machine. A variety of applications, most with free download as demo.download pcAnywherepcAnywhere is one of the pioneers and very popular. VNCVNC is also very popular because it is cross-platform and free. Discovering and connecting to remote control software Use Nmap or Superscan to search for ports 22, 799, 800, 1494, 2000, 2001, 5631, 5632, 5800, 5801, 5900, 5901, 43188, Once software is identified download free demo and try brute force. Major weakness: only password is encrypted, traffic is compressed, only. Countermeasures: strong password (again), encrypt traffic (SSL, SSN, etc.), limit and log login attempts, change default listening port. In dial-in use: logoff user with call completion.

Advanced Techniques Adding to what we have seen before: TrojansTrojans: we have seen that BO, NetBus and SubSeven are the most common Trojan, backdoor hacker tools. TCP/IP ports: official, Internet services. Different from protocol ports.officialInternet servicesprotocol ports Trojan ports: list, more details, and resources.listmore detailsresources Port listening software: netstat, Active Ports (example), BackOfficer Friendly (example).netstatActive PortsexampleBackOfficer Friendly example Checking and removing Trojans: Symantec on-line check (example), Moosoft Cleaner shareware.on-line checkexampleMoosoft Cleaner Weeding out rogue processes: Windows Task Manager, Linux ps – auxTask Managerps – aux Be aware of traps: Whack-A-Mole (pseudo game), BoSniffer (BO in disguise), eLiTeWrap (packs Trojans as exe). Generic: download, scan for virus, then execute, do not run from Internet. Rootkits: Difficult to detectDifficult to detect keep a record of your files using Tripwire,Tripwire create image of your hard-drive: hardware and software solutions (Norton Ghost, Drive Image).hardwareNorton GhostDrive Image

Other Techniques TCP hijacking JuggernautJuggernaut: spy on a TCP connection and issue commands as the logged user. HuntHunt: spy on a TCP connection (works with shared and switched nets). Countermeasures: encrypted protocols such as IPSec, SSH. TFTPTFTP: Trivial File Transfer Protocol. Used by routers, and there are free servers for Windows.free servers Standard client in Windows 2000: tftp.exe protected by Windows File Protection so it can't be removed. See use here.clienthere Prevent its use by Nimda :Nimda 1) Edit the services file: %systemroot%/system32/drivers/etc/services 2) Find this line: tftp 69/udp 3) Replace it with: tftp 0/udp Social Engineering Help desk information: on the Web, , voice User information: on the Web, , voice

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.