Presentation is loading. Please wait.

Presentation is loading. Please wait.

Big Picture How many ways can a system be attacked? What can we do about it?

Published byAbel Lee Modified over 5 years ago

Similar presentations

Presentation on theme: "Big Picture How many ways can a system be attacked? What can we do about it?"— Presentation transcript:

1 Big Picture How many ways can a system be attacked? What can we do about it?

2 System Security Part 2

3 Learning Objectives To understand what is meant by computer system threats To understand how computer systems rely on policies to run safely

4 Data Interception and Theft
Brute Force DoS and DDoS Data Interception and Theft SQL Injection Network Policy

5 Research ‘brute force attack’
TASK! Research ‘brute force attack’ Create a one page document that acts as an FAQ for brute force providing advice to system managers When a brute force attack is made on a system, the attackers try repeated combinations of passwords and usernames. On many systems and websites there are hidden files and folders. An attacker may attempt to brute force their way to these.

6 Denial of Service & Distributed Denial of Service
TASK! Answer the following questions: 1 What is the difference between DoS and DDoS? 2 Who might launch a DoS or DDoS attack 3 Why? A system that is subject to a DoS or DDoS attack has mssive amounts of server calls made to the system website or other servers. At best they slow down the system. At worst they close the system down. Gaming website hit with a massive DNS flood, peaking at over 25 million packets per second

7 Data Interception and Theft 1
Theft of data eg personal information and bank details is a big problem. This can happen in a number of ways: breaking into and stealing data from a system and intercepting data are 2 ways. Ways that a site tells you is is secure is through the use of https and the lock icon. This tells you that the site is using hypertext transfer protocol secure. Clicking on the lock will show a security certificate Question in exercise books How does https protect data

8 Data Interception and Theft 2
Even if data is sent securely packet sniffers could capture data. On a secure network it would be encrypted (that doesn’t mean it cannot be decypted!)

9 SQL Injection SQL injection is normally used on database information (most data is kept in a database!). The attacker will force, ‘inject’, code into the database that will either return data eg a list of user names and passwords or ‘crack’ the access credentials so that data can be searched.

10 Network Policy Using the image to the right as your starting point, create a podcast that provides advice and guidance on what network policies are required and why

Download ppt "Big Picture How many ways can a system be attacked? What can we do about it?"

Similar presentations

Nasca 2007 200 400 600 800 1000 Internet Ch. 5Internet Ch. 8 Networking and Security Ch. 6 Networking and Security Ch. 8.

Nasca Internet Ch. 5Internet Ch. 8 Networking and Security Ch. 6 Networking and Security Ch. 8.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson.

Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson.
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.

Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.

Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
WHAT IS A WEBSITE AND HOW TO GET YOUR BUSINESS ONLINE Anna Gabali – 30/07/2010 - MKLC.

WHAT IS A WEBSITE AND HOW TO GET YOUR BUSINESS ONLINE Anna Gabali – 30/07/ MKLC.
Microsoft ® Virtual Academy Module 3 Understanding Security Policies Christopher Chapman | Content PM, Microsoft Thomas Willingham | Content Developer,

Microsoft ® Virtual Academy Module 3 Understanding Security Policies Christopher Chapman | Content PM, Microsoft Thomas Willingham | Content Developer,
Privacy & Security Online Ivy, Kris & Neil Privacy Threat - Ivy Is Big Brother Watching You? - Kris Identity Theft - Kris Medical Privacy - Neil Children’s.

Privacy & Security Online Ivy, Kris & Neil Privacy Threat - Ivy Is Big Brother Watching You? - Kris Identity Theft - Kris Medical Privacy - Neil Children’s.
Jeopardy Computer Internet Policy & Legal Potpourri Q $100 Q $200 Q $300 Q $400 Q $500 Q $100 Q $200 Q $300 Q $400 Q $500 Final Jeopardy.

Jeopardy Computer Internet Policy & Legal Potpourri Q $100 Q $200 Q $300 Q $400 Q $500 Q $100 Q $200 Q $300 Q $400 Q $500 Final Jeopardy.
Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.

Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.

What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Kamran Didcote.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Kamran Didcote.
IT tools to communicate By Suleman Kalam. Podcast What is Podcasts? A podcasts is a downloadable media file which can be downloaded into many electronic.

IT tools to communicate By Suleman Kalam. Podcast What is Podcasts? A podcasts is a downloadable media file which can be downloaded into many electronic.
Security Risks Viruses, worms, Trojans Hacking Spyware, phishing Keylogging Online fraud Identity theft DOS (Denial of Service attacks.

Security Risks Viruses, worms, Trojans Hacking Spyware, phishing Keylogging Online fraud Identity theft DOS (Denial of Service attacks.
Unit 12 – IT Technical Support – Anne Sewell Aims of the lesson: To carry out a back-up of files to a USB or desktop. This is a build-up exercise towards.

Unit 12 – IT Technical Support – Anne Sewell Aims of the lesson: To carry out a back-up of files to a USB or desktop. This is a build-up exercise towards.
Threats To Data 30 Threats To Data 30. Threats To Data 30 We’re now going to look at a range of different threats to people’s data: Opportunity Threats.

Threats To Data 30 Threats To Data 30. Threats To Data 30 We’re now going to look at a range of different threats to people’s data: Opportunity Threats.
Scientific data storage: How are computers involved in the following?

Scientific data storage: How are computers involved in the following?
By Collin Donaldson Man in the Middle Attack: Password Sniffing and Cracking.

By Collin Donaldson Man in the Middle Attack: Password Sniffing and Cracking.

Similar presentations

Ads by Google