Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Information Security

Published byRosemary Shonda Montgomery Modified over 5 years ago

Similar presentations

Presentation on theme: "Introduction to Information Security"— Presentation transcript:

1 Introduction to Information Security
Wireshark and Scapy

2 Exercise 6 Submission deadline extended to 3.5 to fix the following issues: Check the exit code only to determine whether convert failed Put the explanation as to why fuzzing the first and last 750 is enough at the top of the .txt file Use the correct format 0x<byte>.<bit>\n Bits are numbered from 0 to 7 Bytes are numbered from 1 Don't copy the entire file over for every bit flip, that's ridiculously inefficient

3 The Great Ascent We shift our focus from low-level vulnerabilities (buffer overflows) to high-level ones (DNS poisoning) Network vulnerabilities are just as sophisticated and interesting! They are not simpler, but they are easier to debug Tools: Wireshark (and maybe tcpdump) Scapy

4 A Few Words about Python

5 Python Probably the best language in the world For scripts, we know...
But also: For web development (django, flask) For scientific research (numpy, scipy, sympy, matplotlib, ipython notebook) For big data analysis (pandas) For machine learning (scikit.learn) For big and complex systems (twisted, sqlalchemy) Other stuff (re, pycrypto, PIL, nltk, scrapy)

6 A Few Words About Python
How can it be? It's modern and cool It's extremely dynamic Everything is an object (even classes!) You can overload and hook just about anything Focuses on developer time Simplicity Interactivity As a side-note for skeptics, with stuff like PyPy it's also incredibly fast Nowadays, that's what takes 90% of the time!

7 Example class A(object): def __call__(self, x, y):
return x + y def __getitem__(self, key): return key.upper() def __getattr__(self, key): return key.ljust(10, '.') >>> a = A() >>> a(1, 2) 3 >>> a['foo'] 'FOO' >>> a.foo 'foo '

8 How to Learn If you're not sure how to do something, Google it or look in Stack Overflow Don't copy solutions blindly – but do learn from them For example, many of you reinvented the wheel instead of using binascii / struct Almost nobody automated the core dump address extraction  Sounds hard?

9 Example

10 Back to the Point

11 Wireshark Allows to capture ("sniff") incoming and outgoing packets
Amazing deconstruction and visualisation Incredible number of supported protocols Filters and more

12 Wireshark

13 Scapy A Python library that allows constructing, deconstructing, sending, receiving, sniffing and virtually doing anything you can imagine with packets Read the tutorial: >>> from scapy.all import * >>> s = IP(dst=' ') / TCP(sport=65000, dport=80, flags='S') >>> a = sr1(s) >>> a[TCP].sport 80 >>> a[TCP].sprintf('%TCP.flags%') 'SA' >>> sniff(lfilter=lambda p: UDP in p, prn=lambda p: p.summary()) ...

14 Exercise 7 A series of unrelated question, each about a problem and its solutions The problems themselves may have been learned in class But anyway, they are explained in detail and are in fact quite simple A big open bonus I will personally grade "by ear" (so no appeals – but do try to impress me)

Download ppt "Introduction to Information Security"

Similar presentations

Guy Griffiths. General purpose interpreted programming language Widely used by scientists and programmers of all stripes Supported by many 3 rd -party.

Guy Griffiths. General purpose interpreted programming language Widely used by scientists and programmers of all stripes Supported by many 3 rd -party.
Python for Science Shane Grigsby. What is python? Why python? Interpreted, object oriented language Free and open source Focus is on readability Fast.

Python for Science Shane Grigsby. What is python? Why python? Interpreted, object oriented language Free and open source Focus is on readability Fast.
Snejina Lazarova Senior QA Engineer, Team Lead CRMTeam Dimo Mitev Senior QA Engineer, Team Lead SystemIntegrationTeam Telerik QA Academy SOAP-based Web.

Snejina Lazarova Senior QA Engineer, Team Lead CRMTeam Dimo Mitev Senior QA Engineer, Team Lead SystemIntegrationTeam Telerik QA Academy SOAP-based Web.
Introduction to InfoSec – Recitation 6 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Introduction to InfoSec – Recitation 6 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.
Sarah Reonomy OSCON 2014 ANALYZING DATA WITH PYTHON.

Sarah Reonomy OSCON 2014 ANALYZING DATA WITH PYTHON.
Netprog: Buffer Overflow1 Buffer Overflow Exploits Taken shamelessly from: netprog/overflow.ppt.

Netprog: Buffer Overflow1 Buffer Overflow Exploits Taken shamelessly from: netprog/overflow.ppt.
SM3121 Software Technology Mark Green School of Creative Media.

SM3121 Software Technology Mark Green School of Creative Media.
CIT 590 Intro to Programming Last lecture on Python.

CIT 590 Intro to Programming Last lecture on Python.
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-

Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-
CS 11 C track: lecture 5 Last week: pointers This week: Pointer arithmetic Arrays and pointers Dynamic memory allocation The stack and the heap.

CS 11 C track: lecture 5 Last week: pointers This week: Pointer arithmetic Arrays and pointers Dynamic memory allocation The stack and the heap.
CIT 590 Intro to Programming Last lecture on Python.

CIT 590 Intro to Programming Last lecture on Python.
Introduction to Python By Neil Cook Twitter: njcuk9999 Slides/Notes:

Introduction to Python By Neil Cook Twitter: njcuk Slides/Notes:
Sniffer, tcpdump, Ethereal, ntop

Sniffer, tcpdump, Ethereal, ntop
Scientific Python Numpy Linear Algebra Matrices Scipy Signal Processing Optimization IPython Interactive Console Matplotlib Plotting Sympy Symbolic Math.

Scientific Python Numpy Linear Algebra Matrices Scipy Signal Processing Optimization IPython Interactive Console Matplotlib Plotting Sympy Symbolic Math.
9/2/2015BCHB524 - 2015 - Edwards Introduction to Python BCHB524 Lecture 1.

9/2/2015BCHB Edwards Introduction to Python BCHB524 Lecture 1.
Python & NetworkX 2013. 3 Youn-Hee Han

Python & NetworkX Youn-Hee Han
Homework 4 Responses Most people really did make this assignment an illusion – not good –tempted to now cancel this class and just give everyone an A The.

Homework 4 Responses Most people really did make this assignment an illusion – not good –tempted to now cancel this class and just give everyone an A The.
COMP2322 Lab 4 Socket Programming Toby Lam March 2, 2016.

COMP2322 Lab 4 Socket Programming Toby Lam March 2, 2016.
Get your software working before putting it on the robot!

Get your software working before putting it on the robot!

Similar presentations

Ads by Google