© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 3 Network Security Threats Chapter 4.

Slides:



Advertisements
Similar presentations
Let’s Talk About Cyber Security
Advertisements

Thank you to IT Training at Indiana University Computer Malware.
Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.
By Hiranmayi Pai Neeraj Jain
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
Quiz Review.
Chapter Nine Maintaining a Computer Part III: Malware.
Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.
Introduction to Honeypot, Botnet, and Security Measurement
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Protecting Your Computer & Your Information
Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security.
Hacker Zombie Computer Reflectors Target.
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Safe Computing. Computer Maintenance  Back up, Back up, Back up  External Hard Drive  CDs or DVDs  Disk Defragmenter  Reallocates files so they use.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.
Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
1 Internet Browsing Vulnerabilities and Security ECE4112 Final Lab Ye Yan Frank Park Scott Kim Neil Joshi.
INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.
CSCE 522 Lecture 12 Program Security Malicious Code.
11 CONFIGURING TCP/IP ADDRESSING AND SECURITY Chapter 11.
CSCE 522 Lecture 12 Program Security Malicious Code.
Return to the PC Security web page Lesson 5: Dealing with Malware.
Virus and Spyware Protection Group 9 Shana Reese, Jamarr Dumas, Casey Watkins.
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.
Computer Systems Security Part I ET4085 Keamanan Jaringan Telekomunikasi Tutun Juhana School of Electrical Engineering and Informatics Institut Teknologi.
CS 510 : Malicious Code and Forensics. About the course Syllabus at
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
DEFINING A VIRUS By saad. Defining a virus A virus is a piece of code or program. A virus is loaded onto the computer and runs without your command All.
BY FIOLA CARVALHO TE COMP. CONTENTS  Malicious Software-Definition  Malicious Programs Backdoor Logic Bomb Trojan Horse Mobile Code Multiple-Threat.
Malicious Software.
IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.
Understand Malware LESSON Security Fundamentals.
Types of Computer Malware. The first macro virus was written for Microsoft Word and was discovered in August Today, there are thousands of macro.
Types of Malware © 2014 Project Lead The Way, Inc.Computer Science and Software Engineering.
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 4 Network Security Tools and Techniques.
IS3220 Information Technology Infrastructure Security
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Computers Are Your Future Eleventh Edition Chapter 9: Privacy, Crime, and Security Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
DEVICE MANAGEMENT AND SECURITY NTM 1700/1702. LEARNING OUTCOMES 1. Students will manipulate multiple platforms and troubleshoot problems when they arise.
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
Viruses A computer program that can replicate itself and is spread from one computer to another Can be spread by networks, the internet, or removable mediums.
Remember effective ways to search +walk (includes words) Intitle:iPad Intext:ipad site:pbs.org Site:gov filetype:jpg.
CompTIA Security+ Study Guide (SY0-401) Chapter 9: Malware, Vulnerabilities, and Threats.
Protecting Servers and Clients
Instructor Materials Chapter 7 Network Security
Viruses and Other Malicious Content
NET 311 Information Security
Protecting Servers and Clients
WHAT IS A VIRUS? A Computer Virus is a computer program that can copy itself and infect a computer A Computer Virus is a computer program that can copy.
CompTIA Security+ Study Guide (SY0-501)
Malware CJ
How to keep the bad guys out and your data safe
Test 3 review FTP & Cybersecurity
Presentation transcript:

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 3 Network Security Threats Chapter 4

© ITT Educational Services, Inc. All rights reserved.Page 2 IS3220 Information Technology Infrastructure Security Class Agenda 1  Learning Objectives  Discussion of Project  Lesson Presentation and Discussions.  Discussion on Assignments.  Discussion on Lab Activities.  Break Times. 10 Minutes break in every 1 Hour.  Note: Submit all Assignment and labs due today.

© ITT Educational Services, Inc. All rights reserved.Page 3 IS3220 Information Technology Infrastructure Security Class Agenda 2  Theory: Network Security Threats ( 6:00pm -8:00pm)  Lab: Network Discovery & Security Scanning Using ZenMap GUI (Nmap) (8:15pm to 11:00pm)

© ITT Educational Services, Inc. All rights reserved.Page 4 IS3220 Information Technology Infrastructure Security Reading  Stewart, Chapter 4. “Network Security Threats and Issues”  NIST SP : Risk Management Guide for Information Technology Systems ( 30.pdf) 30.pdf  Other Website: CWE/SANS TOP 25 Most Dangerous Software Errors

© ITT Educational Services, Inc. All rights reserved.Page 5 IS3220 Information Technology Infrastructure Security Learning Objective  Recognize the impact that malicious exploits and attacks have on network security

© ITT Educational Services, Inc. All rights reserved.Page 6 IS3220 Information Technology Infrastructure Security Key Concepts  What are you protecting and from whom?  Intellectual property and privacy data  Risk assessment for network infrastructure  Wired and wireless network infrastructure risks, threats, and vulnerabilities  Common network hacking tools, applications, exploits, and attacks  Social engineering practices and their impact on network security efforts

© ITT Educational Services, Inc. All rights reserved.Page 7 IS3220 Information Technology Infrastructure Security EXPLORE: CONCEPTS

© ITT Educational Services, Inc. All rights reserved.Page 8 IS3220 Information Technology Infrastructure Security Malware ~ Malacious Code  Distribution Methods Software downloads Malicious web sites File transfer Flaws in software  Effects of Malware Data loss, exposure, or change Poor system performance Pop-up ads System becomes a “bot” or “zombie”

© ITT Educational Services, Inc. All rights reserved.Page 9 IS3220 Information Technology Infrastructure Security Common Types of Malware  Viruses and Worms  Trojan Horses  Keystroke Loggers (“keyloggers”)  Spyware and Adware  Rootkits  Logic Bombs  Trapdoors and Backdoors  URL Injectors and Browser Redirectors  Exploits

© ITT Educational Services, Inc. All rights reserved.Page 10 IS3220 Information Technology Infrastructure Security Malware: Viruses and Worms  Viruses Infect boot sectors or files, such as executables, drivers, and system Need user interaction to spread  Worms Infect systems Don’t need user interaction to spread Can be carriers for other types of malicious code

© ITT Educational Services, Inc. All rights reserved.Page 11 IS3220 Information Technology Infrastructure Security Malware: Trojan Horses  Delivery method for a malicious payload  Usually appear to be a benign program, such as a game or utility  Installed by users without knowledge of malicious payload  Allows remote access to attackers

© ITT Educational Services, Inc. All rights reserved.Page 12 IS3220 Information Technology Infrastructure Security Malware: Keystroke Loggers  Also called “keyloggers”  Software-based keyloggers can be installed via worms or Trojan horses  Record keystrokes and transmit them to the attacker  Hardware-based keyloggers

© ITT Educational Services, Inc. All rights reserved.Page 13 IS3220 Information Technology Infrastructure Security Malware: Spyware and Adware  Spyware  Adware  May be bundled together  May be embedded in other programs  May masquerade as antimalware product

© ITT Educational Services, Inc. All rights reserved.Page 14 IS3220 Information Technology Infrastructure Security Malware: Rootkits  Codes that position themselves between the operating system kernel and hardware  Allows attacker to gain root/administrative access to system  Uses of rootkits

© ITT Educational Services, Inc. All rights reserved.Page 15 IS3220 Information Technology Infrastructure Security Malware: Logic Bombs  Malicious code that lies dormant until triggered  Triggering events Time and date Program launch Keyword Accessing a URL

© ITT Educational Services, Inc. All rights reserved.Page 16 IS3220 Information Technology Infrastructure Security Malware: Backdoors and Trapdoors  Synonyms for the same type of malware  Bypass normal authentication or security controls  Benefits to the attacker  Examples of backdoors and trapdoors

© ITT Educational Services, Inc. All rights reserved.Page 17 IS3220 Information Technology Infrastructure Security Malware: URL Injectors and Browser Redirection  Also called browser hijacking  Replace URLs with alternative addresses  Redirect browser to target Web sites  May also change browser home page  May prevent access to anti-malware Web sites  May inject entries into HOSTS file  Other malware may contain URL injector code

© ITT Educational Services, Inc. All rights reserved.Page 18 IS3220 Information Technology Infrastructure Security Malware: Exploits  Take advantage of flaws or bugs in software  Often embedded into other forms of malware  May be stand-alone or part of hacker toolkits

© ITT Educational Services, Inc. All rights reserved.Page 19 IS3220 Information Technology Infrastructure Security Impact of Malware on Organizations  Melissa Virus caused $80 million in damages in North America  SQL Slammer Virus  Code Red

© ITT Educational Services, Inc. All rights reserved.Page 20 IS3220 Information Technology Infrastructure Security Application Vulnerabilities  Buffer overflow  SQL Injection  Cross-site scripting (XSS)  Cached credentials

© ITT Educational Services, Inc. All rights reserved.Page 21 IS3220 Information Technology Infrastructure Security Mitigating Application Vulnerabilities  In-House Coding  Operating systems or applications  Vulnerability scanning  Open Web Application Security Project (OWASP) for Web application security

© ITT Educational Services, Inc. All rights reserved.Page 22 IS3220 Information Technology Infrastructure Security Port Scanning MechanicsUses  TCP or UDP packets are sent to ports on a system  Scanning performed on single IP address or IP address range  Open ports can verify:  Indicators of open ports  Noticeable and detectable  Useful to both hackers and security professionals  Hackers  Security Professionals

© ITT Educational Services, Inc. All rights reserved.Page 23 IS3220 Information Technology Infrastructure Security EXPLORE: PROCESS

© ITT Educational Services, Inc. All rights reserved.Page 24 IS3220 Information Technology Infrastructure Security What is Risk?  Risk has several meanings Danger Consequences Likelihood or probability  Definition of risk in formal risk assessment

© ITT Educational Services, Inc. All rights reserved.Page 25 IS3220 Information Technology Infrastructure Security Risk Assessment Methodology  Identification  Analysis  Determine risk for each threat-vulnerability pair  Prioritize mitigation efforts

© ITT Educational Services, Inc. All rights reserved.Page 26 IS3220 Information Technology Infrastructure Security Measuring Risk  Risk = Impact x Likelihood Impact: The consequence of a successful exploitation of a vulnerability Likelihood: How probable is it that an impact will occur?  Risk can be measured

© ITT Educational Services, Inc. All rights reserved.Page 27 IS3220 Information Technology Infrastructure Security Risk Matrix Likelihood LowMediumHigh Impact Low Medium LowMediumHigh MediumHighCritical

© ITT Educational Services, Inc. All rights reserved.Page 28 IS3220 Information Technology Infrastructure Security EXPLORE: ROLES

© ITT Educational Services, Inc. All rights reserved.Page 29 IS3220 Information Technology Infrastructure Security The Hacking Process: Reconnaissance

© ITT Educational Services, Inc. All rights reserved.Page 30 IS3220 Information Technology Infrastructure Security The Hacking Process: Scanning

© ITT Educational Services, Inc. All rights reserved.Page 31 IS3220 Information Technology Infrastructure Security The Hacking Process: Enumeration

© ITT Educational Services, Inc. All rights reserved.Page 32 IS3220 Information Technology Infrastructure Security The Hacking Process: Attacking

© ITT Educational Services, Inc. All rights reserved.Page 33 IS3220 Information Technology Infrastructure Security The Hacking Process: Post-Attack Activities

© ITT Educational Services, Inc. All rights reserved.Page 34 IS3220 Information Technology Infrastructure Security The Hacking Process: Fall Back Attacks

© ITT Educational Services, Inc. All rights reserved.Page 35 IS3220 Information Technology Infrastructure Security Social Engineering Basics  “Hacking” people instead of systems  Conducing research or reconnaissance to identify appropriate targets  Communication methods  Manipulating targets

© ITT Educational Services, Inc. All rights reserved.Page 36 IS3220 Information Technology Infrastructure Security Social Engineering Techniques  Methods for conducting research  Building relationships with targets then exploiting them  Impersonating  Reciprocity or a favor for a favor

© ITT Educational Services, Inc. All rights reserved.Page 37 IS3220 Information Technology Infrastructure Security Seven Domains of a Typical IT Infrastructure

© ITT Educational Services, Inc. All rights reserved.Page 38 IS3220 Information Technology Infrastructure Security Definitions Review  Risk  Threat  Vulnerability

© ITT Educational Services, Inc. All rights reserved.Page 39 IS3220 Information Technology Infrastructure Security Unit 3 Class Activities  Discussion 3.1: Social Engineering Defense Issues  Lab 3.2: Configuring a pfSense Firewall on the Client

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.