Computer Security Introduction to Security In 1983, Kevin Mitnick did an intrusion on a Pentagon’s computer Robert Tappan Morris created the first worm and sent it from MIT to the web and caused $50,000 of damages In 1994, Vladimir Levin intruded in an American bank computer and stole 10 millions dollars Jonathan James “c0mrade”, 16 years old, infiltrated a NASA computer in 1999 and had access to data worth 1,7 millions dollars Today (CSI Report, 2007): –46% of companies have admitted to suffering financial losses due to security incidences. The reported loss amounted to a total of approximately $66,930,000. –39% of companies have been unable (or unwilling) to estimate the cost of their losses. Financial Losses, Personal losses, Privacy losses, Data Losses, Computer Malfunction and more…..
Welcome to Early Bird Class Networking And IT Security Ravi
Chandra Gurung Our Game Plan Computer Networking Day 1:
Introduction to Networking Day 2: IP address system DHCP Gateway
NAT Router Setup Computer Operating System Day 3: Introduction to
Operating System Day 4: Basic Linux Command OS Installation File
Sharing Day 5: Web Server Configuration DNS Server Configuration
FTP Server Configuration Computer Security Day 6: Introduction to
Security Types of attack Process of attack Introduction to hacking
tools and techniques Counter Measures against attack Computer
Security Introduction to Security In 1983, Kevin Mitnick did an
intrusion on a Pentagons computer Robert Tappan Morris created the
first worm and sent it from MIT to the web and caused $50,000 of
damages In 1994, Vladimir Levin intruded in an American bank
computer and stole 10 millions dollars Jonathan James c0mrade, 16
years old, infiltrated a NASA computer in 1999 and had access to
data worth 1,7 millions dollars Today (CSI Report, 2007): 46% of
companies have admitted to suffering financial losses due to
security incidences. The reported loss amounted to a total of
approximately $66,930,000. 39% of companies have been unable (or
unwilling) to estimate the cost of their losses. Financial Losses,
Personal losses, Privacy losses, Data Losses, Computer Malfunction
and more.. Computer Security Introduction to Security Computer
Security Introduction to Security Computer and Network security was
not at all well known, even about 12 years ago Today, it is
something everyone is aware of the need, but not sure what is
really means Interesting topic of threats, countermeasures, risks,
stories, events and paranoia With some mathematics, algorithms,
designs and software issues mixed in Yet, not enough people, even
security specialists understand the issues and implications
Computer Security Introduction to Security Computer and Network
security was not at all well known, even about 12 years ago Today,
it is something everyone is aware of the need, but not sure what is
really means Interesting topic of threats, countermeasures, risks,
stories, events and paranoia With some mathematics, algorithms,
designs and software issues mixed in Yet, not enough people, even
security specialists understand the issues and implications
Computer Security: Media Introduction to Security Consumers are
bombarded with media reports narrating dangers of the online world
Identity Theft Embezzlement and fraud Credit card theft Corporate
Loss Just fear mongering? Computer Security Introduction to
Security Lock the doors and windows and you are secure NOT Call the
police when you feel insecure Really? Computers are powerful,
programmable machines Whoever programs them controls them (and not
you) Networks are ubiquitous Carries genuine as well as malicious
traffic End result: Complete computer security is unattainable, it
is a cat and mouse game Similar to crime vs. law enforcement
Computer Security Introduction to Security Integrity: Guarantee
that the data is what we expect Confidentiality The information
must just be accessible to the authorized people Reliability
Computers should work without having unexpected problems
Authentication Guarantee that only authorized persons can access to
the resources Computer Security Introduction to Security What does
it mean to be secure? Include protection of information from theft
or corruption, or the preservation of availability, as defined in
the security policy. - The Wikipedia Types of Security Network
Security System and software security Physical Security Very little
in computing is inherently secure, you must protect yourself!
Software cannot protect software (maybe hardware can) Networks can
be protected better than software Computer Security Introduction to
Security What does it mean to be secure? Include protection of
information from theft or corruption, or the preservation of
availability, as defined in the security policy. - The Wikipedia
Types of Security Network Security System and software security
Physical Security Very little in computing is inherently secure,
you must protect yourself! Software cannot protect software (maybe
hardware can) Networks can be protected better than software Today,
people rely on computers to create, store, and manage critical
information. Thus, it is important that computers and the data they
store are accessible and available when needed. It also is crucial
that users take measures to protect their computers and data from
loss, damage, and misuse. Computer Security Introduction to
Security A computer security risk is any event or action that could
cause a loss of or damage to computer hardware, software, data,
information, or processing capability While some breaches to
computer security are accidental, many are intentional. Some
intruders do no damage; they merely access data, information, or
programs on the computer before logging off. Other intruders
indicate some evidence of their presence either by leaving a
message or by deliberately altering or damaging data Computer
Security Introduction to Security An intentional breach of computer
security often involves a deliberate act that is against the law.
Any illegal act involving a computer generally is referred to as a
computer crime. A cybercrime is an online or Internet-based illegal
act HackersCrackersScript Kiddies Corporate Spies Unethical
Employees Cyber extortionists Cyberterrorists Computer Security
Introduction to Security The term hacker, although originally a
complimentary word for a computer enthusiast, now has a derogatory
meaning and refers to someone who accesses a computer or network
illegally. Some hackers claim the intent of their security breaches
is to improve security. A cracker also is someone who accesses a
computer or network illegally but has the intent of destroying
data, stealing information, or other malicious action. Both hackers
and crackers have advanced computer and network skills. Computer
Security Introduction to Security A script kiddie has the same
intent as a cracker but does not have the technical skills and
knowledge. Script kiddies often use prewritten hacking and cracking
programs to break into computers. Some corporate spies have
excellent computer and networking skills and are hired to break
into a specific computer and steal its proprietary data and
information, or to help identify security risks in their own
organization. Unscrupulous companies hire corporate spies, a
practice known as corporate espionage, to gain a competitive
advantage. Computer Security Introduction to Security Unethical
employees may break into their employers computers for a variety of
reasons. Some simply want to exploit a security weakness. Others
seek financial gains from selling confidential information.
Disgruntled employees may want revenge. A cyber-extortionist is
someone who usesas a vehicle for extortion. These perpetrators send
an organization a threateningmessage indicating they will expose
confidential information, exploit a security flaw, or launch an
attack that will compromise the organizations network if they are
not paid a sum of money. Computer Security Introduction to Security
A cyberterroristis someone who uses the Internet or network to
destroy or damage computers for political reasons. The
cyberterrorist might target the nations air traffic control system,
electricity-generating companies, or a telecommunications
infra-structure. The term, cyberwarfare, describes an attack whose
goal ranges from disabling a governments computer network to
crippling a country. Cyberterrorism and cyberwarfare usually
require a team of highly skilled individuals, millions of dollars,
and several years of planning. Computer Security Introduction to
Security Information transmitted over networks has a higher degree
of security risk than information kept on an organizations premises
An online security service is a Web site that evaluates your
computer to check for Internet andvulnerabilities Internet and
Network Attacks Introduction to Security Computer Virus Affects a
computer negatively by altering the way the computer works Worm
Copies itself repeatedly, using up resources and possibly shutting
down the computer or network Trojan Horse A malicious program that
hides within or looks like a legitimate program Rootkit Program
that hides in a computer and allows someone from a remote location
to take full control Introduction to Security Internet and Network
Attacks An infected computer has one or more of the following
symptoms: Operating system runs much slower than usual Available
memory is less than expected Files become corrupted Screen displays
unusual message or image Music or unusual sound plays randomly
Existing programs and files disappear Programs or files do not work
properly Unknown programs or files mysteriously appear System
properties change Operating system does not start up Operating
system shuts down unexpectedly Introduction to Security Internet
and Network Attacks Users can take several precautions to protect
their home and work computers and mobile devices from these
malicious infections Introduction to Security Internet and Network
Attacks Introduction to Security Internet and Network Attacks A
botnet is a group of compromised computers connected to a network A
compromised computer is known as a zombie A denial of service
attack (DoS attack) disrupts computer access to Internet services
Distributed DoS (DDoS) A back door is a program or set of
instructions in a program that allow users to bypass security
controls Spoofing is a technique intruders use to make their
network or Internet transmission appear legitimate Introduction to
Security Internet and Network Attacks A firewall is hardware and/or
software that protects a networks resources from intrusion
Introduction to Security Internet and Network Attacks Intrusion
detection software Analyzes all network traffic Assesses system
vulnerabilities Identifies any unauthorized intrusions Notifies
network administrators of suspicious behavior patterns or security
breaches Honeypot Vulnerable computer that is set up to entice an
intruder to break into it Introduction to Security Internet and
Network Attacks Unauthorized access is the use of a computer or
network without permission Unauthorized use is the use of a
computer or its data for unapproved or possibly illegal activities
Introduction to Security Internet and Network Attacks Access
controls define who can access a computer, when they can access it,
and what actions they can take Two-phase processes called
identification and authentication User name Password CAPTCHA
Introduction to Security Unauthorized Access and Use Introduction
to Security Unauthorized Access and Use A possessed object is any
item that you must carry to gain access to a computer or computer
facility Often are used in combination with a personal
identification number (PIN) A biometric device authenticates a
persons identity by translating a personal characteristic into a
digital code that is compared with a digital code in a computer
Introduction to Security Unauthorized Access and Use Digital
forensics is the discovery, collection, and analysis of evidence
found on computers and networks Many areas use digital forensics
Law enforcement Criminal prosecutors Military intelligence
Insurance agencies Information security departments Introduction to
Security Unauthorized Access and Use Digital forensics is the
discovery, collection, and analysis of evidence found on computers
and networks Many areas use digital forensics Law enforcement
Criminal prosecutors Military intelligence Insurance agencies
Information security departments Introduction to Security
Unauthorized Access and Use Introduction to Security Hacker
Methodology Introduction to Security Hacker Methodology
Footprinting: This is the process of conducting target analysis,
identification, and discovery; typically through the use of open
source tools. This includes dumpster diving, social engineering and
the use of utilities such as web-search hacking, traceroutes,
pings, network lookups, etc. Scanning: This step will take the
findings from footprinting and begin to drill-down a bit further.
In a traditional sense, this step includes port scanning, OS
identification, and determining whether or not a machine is
accessible. Enumeration: This is the phase where you further
interrogate specific services to determine exact operating systems,
software, etc. Normal enumeration techniques include searching for
network share information, specific version of applications
running, user accounts, SNMP traffic, etc. Introduction to Security
Hacker Methodology Network Mapping: This step is exactly as the
name implies, laying out an illustration of the targeted network.
This includes taking all available resources (logs, target surveys,
etc) to create a visualization of the target environment. This
often looks different from the exploiters perspective then from the
Admins perspective. Gaining Access: This step is the exploitation
process. Basically, this is gaining access to the machine or the
network by a client-side exploit, insider threat, supply
interdiction attack, or remote exploitation opportunity. This could
be conducted via spear-fishing attacks, buffer overflows, embedded
device exploitation, credential masquerade attacks, etc. Privilege
Escalation: Depending on the exploitation opportunity which was
used the attacker may need to elevate privileges to a different
user. Typically, this is conducted through the use of a local
exploit opportunity in order to gain root or system-level
privileges the highest possible user. Introduction to Security
Hacker Methodology Post Exploitation: This step is really a
compilation of many steps and is dependent upon the objective of
the mission. This step combination or all of the following
examples; couldincludeany Target Survey & Remote Forensics
Analysis Cover Tracks (cleanup) Data Collection Rootkit (aka
Backdoor, Implant, Computer Network Attack Persistence) Disrupt
Deny Degrade Deceive Destroy Delay Introduction to Security Hacker
Tools and Techniques At Real Network!!! Your action Your
Responsibility Dont Try This Introduction to Security Hacker Tools
and Techniques Introduction to Security Hacker Tools and Techniques
Introduction to Security Hacker Tools and Techniques Introduction
to Security Hacker Tools and Techniques Introduction to Security
Hacker Tools and Techniques Introduction to Security Hacker Tools
and Techniques Nessus Nessus is the best free network vulnerability
scanner available, and the best to run on UNIX at any price. It is
constantly updated, with more than 11,000 plugins for the free (but
registration and EULA-acceptance required) feed. Key features
include remote and local (authenticated) security checks, a
client/server architecture with a GTK graphical interface, and an
embedded scripting language for writing your own plugins or
understanding the existing ones. Nessus 3 is now closed source, but
is still free-of-cost unless you want the very newest plugins.
Introduction to Security Hacker Tools and Techniques Wireshark
Wireshark (known as Ethereal until a trademark dispute in Summer
2006) is a fantastic open source network protocol analyzer for Unix
and Windows. It allows you to examine data from a live network or
from a capture file on disk. You can interactively browse the
capture data, delving down into just the level of packet detail you
need. Wireshark has several powerful features, including a rich
display filter language and the ability to view the reconstructed
stream of a TCP session. It also supports hundreds of protocols and
media types. One word of caution is that Ethereal has suffered from
dozens of remotely exploitable security holes, so stay up-to-date
and be wary of running it on untrusted or hostile networks (such as
security conferences). Introduction to Security Hacker Tools and
Techniques Kismet Kismet is an console (ncurses) based layer2
wireless network detector, sniffer, and intrusion detection system.
It identifies networks by passively sniffing (as opposed to more
active tools such as NetStumbler), and can even decloak hidden
(non-beaconing) networks if they are in use. It can automatically
detect network IP blocks by sniffing TCP, UDP, ARP, and DHCP
packets, log traffic in Wireshark/TCPDump compatible format, and
even plot detected networks and estimated ranges on downloaded
maps. As you might expect, this tool is commonly used for
wardriving. Oh, and also warwalking, warflying, and warskating,...
Introduction to Security Hacker Tools and Techniques Airsnort
AirSnort is a wireless LAN (WLAN) tool that recovers encryption
keys. It was developed by the Shmoo Group and operates by passively
monitoring transmissions, computing the encryption key when enough
packets have been gathered. You may also be interested in the
similar Aircrack. Introduction to Security Hacker Tools and
Techniques NetStumbler Netstumbler is the best known Windows tool
for finding open wireless access points ("wardriving"). They also
distribute a WinCE version for PDAs and such named Ministumbler.
The tool is currently free but Windows-only and no source code is
provided. It uses a more active approach to finding WAPs than
passive sniffers such as Kismet or KisMAC. Introduction to Security
Hacker Tools and Techniques Aircrack Aircrack is a suite of tools
for a/b/g WEP and WPA cracking. It can recover a 40 through 512-bit
WEP key once enough encrypted packets have been gathered. It can
also attack WPA 1 or 2 networks using advanced cryptographic
methods or by brute force. The suite includes airodump (an packet
capture program), aireplay (an packet injection program), aircrack
(static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA
capture files). Introduction to Security Hacker Tools and
Techniques Cain & Able UNIX users often smugly assert that the
best free security tools support their platform first, and Windows
ports are often an afterthought. They are usually right, but Cain
& Abel is a glaring exception. This Windows-only password
recovery tool handles an enormous variety of tasks. It can recover
passwords by sniffing the network, cracking encrypted passwords
using Dictionary, Brute-Force and Cryptanalysis attacks, recording
VoIP conversations, decoding scrambled passwords, revealing
password boxes, uncovering cached passwords and analyzing routing
protocols. It is also well documented. Introduction to Security
Hacker Tools and Techniques John the Ripper John the Ripper is a
fast password cracker, currently available for many flavors of Unix
(11 are officially supported, not counting different
architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose
is to detect weak Unix passwords. It supports several crypt(3)
password hash types which are most commonly found on various Unix
flavors, as well as Kerberos AFS and Windows NT/2000/XP LM hashes.
Several other hash types are added with contributed patches.
Introduction to Security Hacker Tools and Techniques Nikto Nikto is
an open source (GPL) web server scanner which performs
comprehensive tests against web servers for multiple items,
including over 3200 potentially dangerous files/CGIs, versions on
over 625 servers, and version specific problems on over 230
servers. Scan items and plugins are frequently updated and can be
automatically updated (if desired). It uses Whisker/libwhisker for
much of its underlying functionality. It is a great tool, but the
value is limited by its infrequent updates. The newest and most
critical vulnerabilities are often not detected. Introduction to
Security Hacker Tools and Techniques THC Hydra When you need to
brute force crack a remote authentication service, Hydra is often
the tool of choice. It can perform rapid dictionary attacks against
more then 30 protocols, including TELNET, FTP, HTTP, HTTPS, HTTP-
PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC, RSH, RLOGIN, CVS, SNMP,
SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3,
LDAP2, LDAP3, Postgres, Teamspeak, Cisco auth, Cisco enable, LDAP2,
Cisco AAA (incorporated in telnet module). Introduction to Security
Hacker Tools and Techniques Retina Like Nessus, Retina's function
is to scan all the hosts on a network and report on any
vulnerabilities found. It was written by eEye, who are well known
for their security research. Introduction to Security Hacker Tools
and Techniques Google Hacking While it is far more than a security
tool, Google's massive database is a good mind for security
researchers and penetration testers. You can use it to dig up
information about a target company by using directives such as
site:target-domain.com and find employee names, sensitive
information that they wrongly thought was hidden, vulnerable
software installations, and more. Similarly, when a bug is found in
yet another popular webapp, Google can often provide a list of
vulnerable servers worldwide within seconds. Check out his Google
Hacking Database or his excellent book: Google Hacking for
Penetration Testers. Introduction to Security Hacker Tools and
Techniques Google Hacking Introduction to Security Hacker Tools and
Techniques Searching for files database on government websites:
site:gov.pl Searching for a specific server inurl:powered by
site:test.com Search search files informat. MDB inurl: filetype:mdb
This research seeks phones available on the intranet found Google
nurl:intranet + intext:phone Conducting research in this way it is
possible to identify many of subdomains Oracle site:oracle.com
-site:www.oracle.com Finding Active Webcam Active Webcam Page
inurl:8080 Thank you
