Presentation is loading. Please wait.

Presentation is loading. Please wait.

(see also Q1 and Q2 Topics)

Published byAngela Hollie Randall Modified over 6 years ago

Similar presentations

Presentation on theme: "(see also Q1 and Q2 Topics)"— Presentation transcript:

1 (see also Q1 and Q2 Topics)
ECE6612 Quiz 2 -> Exam Topics (see also Q1 and Q2 Topics) Fall 2006

2 Chapter 9 - Viruses, Worms
Prevention, Detection, Phases (Dor.,Prop,Trig.,Exec.), Types, How fast can they spread. Virus - code that copies itself into other programs. A Bacteria replicates until it fills all disk space, or CPU cycles. Payload - harmful things the malicious program does, after it has had time to spread. Worm - a program that replicates itself across the network (usually riding on messages or attached documents (e.g., macro viruses). “viruses” are technically “worms”. Trojan Horse - instructions in an otherwise good program that cause bad things to happen (sending your data or password to an attacker over the net). Logic Bomb - malicious code that activates on an event (e.g., date). Trap Door (or Back Door) - undocumented entry point written into code for debugging that can allow unwanted users. Vulnerability - a program defect that permits Intrusions. Easter Egg - extraneous code that does something “cool.” A way for programmers to show that they control the product. 2

3 Simple Firewall - drops packets based on IP, port
Chapter 10a - Firewalls Simple Firewall - drops packets based on IP, port Stateful - Keeps track of connections, set up inside or outside. NAT - Network Address Translation, Private Address ranges (10. ) Proxy Server - checks application header and data. Attacks - how does Firewall protect against scanning, bad-fragments, bad TCP flags, Smuft attack, ... Host-based Firewalls - xinetd (/etc/hosts.allow), iptables, Zone Alarm, Black Ice (now ISS Desktop Proventia) 3

4 Chapter 10b - Trusted Systems
Subject, Object, Access Rights (permissions) Policy - Access matrix or ACL (access control list) Basic Security Rules: No read up (simple security property) No write down (do not widen accessibility) Need to Know. Reference Monitor, audit file, security kernel database. Requirements to be a “Trusted System”: Complete Mediation, Isolation, Verifiability “Common Criteria” Security Specifications - multinational trust ratings 4

5 Use of bad fragments to crash Operating System (OS).
Chapter 11 - TCP/IP Use of bad fragments to crash Operating System (OS). Use of ICMP packets (ping, “unreachable”, “time-out”) Smuft attack (packet multiplication, use of broadcast address). “Spoofed” addresses. TCP Flags - bad combinations to map OS, cause crashes. TCP - Highjacked connection. 5

6 Chapter 12 - Traffic Visualization
Not covered. 6

7 Chapter 13 - NetSec Utilities
What do they do? Tripwire Saint and Satan Nessus Ethereal and “tcpdump” Security Organizations: US-CERT (U.S. Computer Emergency Response Team) SANS NIPC (FBI - Nat. Infrastructure Protection Center) What to do if a host is compromised. Evidence - chain of custody 7

8 Slide Set 14 - Wireless Security
WEP is weak security, but far better than nothing. WPA is better, but needs long passphases (22 characters) Use longest key-length possible. Enable use of “allowed list” of MAC addresses. Use higher-layer security - IPsec or SSL. Use a firewall and IDS to isolate wireless access points (WAP’s) just like you do for the Internet. Search for “Rogue” WAP’s. 8

9 Hidden Files (on UNIX, name starts with “.”)
Slide set 15 - Hidden Data Hidden Files (on UNIX, name starts with “.”) Startup scripts (great place to hide a Trojan Horse) Covert channels (hide in “Ping” packets, SSH, port 80, FTP) Steganography (hiding data in an image file) Watch for new processes ( use 'ps aux')., new files (particularly “suid” files), open Internet TCP and UDP ports ('netstat -lp' or 'sockstat -4') 9

10 (The 1st rule is "No security without physical security.")
Slide Set 16 - Safe Computing Buffer Overflow(what is it, what does it do) How to code to prevent possibility of a “Buffer Overflow” Eliminate unneeded daemons, “suid programs,” open ports, and user accounts (to "harden" the computer). Enforce long, mixed-character passwords. Explain “Once root, always root” (Copeland's 2nd rule*) (The 1st rule is "No security without physical security.") (The 3rd rule is "Layers of protection and detection are needed ... .") Good Luck! and Best Wishes for 2007 10

Download ppt "(see also Q1 and Q2 Topics)"

Similar presentations

Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Web Server Administration TEC 236 Securing the Web Environment.

Web Server Administration TEC 236 Securing the Web Environment.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.

Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.

Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.
Henric Johnson1 Intruders and Viruses Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Intruders and Viruses Henric Johnson Blekinge Institute of Technology, Sweden
Copyright © 1995-2009 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.
After this session, you should be able to:

After this session, you should be able to:
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
1 Computer Viruses (and other “Malicious Programs) Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.

1 Computer Viruses (and other “Malicious Programs) Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
CSCE 815 Network Security Lecture 20 Intruders / Intrusion Detection April 3, 2003.

CSCE 815 Network Security Lecture 20 Intruders / Intrusion Detection April 3, 2003.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

Similar presentations

Ads by Google