Session 161 National Incident Management Systems Session 16 Slide Deck.
Session Slide
-
Upload
muralidharan-radhakrishnan -
Category
Education
-
view
129 -
download
0
Transcript of Session Slide
![Page 1: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/1.jpg)
Network SecurityWorkshop
27th & 28th Feb 2015
![Page 2: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/2.jpg)
Network Security
• A specialized field in computer networking thatinvolves securing a computer network infrastructure.
• Network security is typically handled by a networkadministrator or system administrator whoimplements the security policy, network software andhardware needed to protect a network.
![Page 3: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/3.jpg)
Goals of Network Security
![Page 4: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/4.jpg)
Goals of Network Security
![Page 5: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/5.jpg)
Hacking
• Hacking is the process of exploiting vulnerabilities togain unauthorized access to systems or resources.
![Page 6: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/6.jpg)
Hacktivism
![Page 7: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/7.jpg)
Types of Hackers
![Page 8: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/8.jpg)
The Art of Breaking In
1) Information Gathering2) Scanning and Enumeration3) Breaking In or Gaining Access4) Privilege Escalation on the victim5) Post Exploitation cleanup and Backdooring
![Page 9: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/9.jpg)
Information Gathering (Footprinting)
• Uncovering and collecting as much information aspossible about a target network.
![Page 10: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/10.jpg)
Ways for Information Gathering
• Social Networking websites• Professional & Business Networking websites• Job Search websites• People search websites• Company websites• Whois lookup• Google Hacking• And many more…
![Page 11: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/11.jpg)
Google Hacking
• Google hacking is the use of a search engine, such asGoogle, to locate a security vulnerability on theInternet.
• Using complex search engine queries to get relevantresult in less time.
• There are generally two types of vulnerabilities to befound on the Web: software vulnerabilities andmisconfigurations.
![Page 12: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/12.jpg)
Port Scanning
• Port Scanning is the name for the technique used toidentify open ports and services available on anetwork host.
• There are many tools to facilitate port scanning.
• The best tool is NMAP Port Scanner.
![Page 13: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/13.jpg)
Packet Sniffers
• Packet sniffers or protocol analyzers are tools thatare commonly used by network technicians todiagnose network-related problems.
• Packet sniffers can also be used by hackers for lessthan noble purposes such as spying on network usertraffic and collecting passwords.
• The best tool is Wireshark.
![Page 14: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/14.jpg)
Pivoting
• Attacker does not have direct access to Server 2.• Attacker first breaks into Server 1 and then usesServer 1 as a staging point to break into Server 2.
![Page 15: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/15.jpg)
Pivoting Attack
![Page 16: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/16.jpg)
Penetration Testing
![Page 17: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/17.jpg)
What is Penetration Testing?
• Penetration testing, often called “pentesting”, “pen testing”, or“security testing”, is the practice of attacking your own or yourclients’ IT systems in the same way a hacker would to identifysecurity holes.
• Of course, you do this without actually harming the network.The person carrying out a penetration test is called a penetrationtester or pentester.
• Let’s make one thing crystal clear: Penetration testing requiresthat you get permission from the person who owns the system.Otherwise, you would be hacking the system, which is illegal inmost countries.
![Page 18: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/18.jpg)
Types of Penetration Testing
Black Box Pentesting: requires no previousinformation and usually takes the approach of anuninformed attacker. In a black box penetration testthe penetration tester has no previous informationabout the target system.
White Box Pentesting: is an approach that uses theknowledge of the internals of the target network thatorganization should provide you during theagreement.
![Page 19: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/19.jpg)
Understanding Basic Terms
Vulnerability: A weakness that allows an attacker tobreak into and compromise a system’s security.
Exploit: code which allows an attacker to takeadvantage of a vulnerable system.
Payload: code that lets you control a computer systemafter it’s been exploited.
![Page 20: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/20.jpg)
How does Exploitation work ?
1) Vulnerability2) Exploit3) Payload
![Page 21: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/21.jpg)
On a more serious note …
![Page 22: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/22.jpg)
Metasploit Framework
• Tools for development and testing of vulnerabilities.
• Started by HD Moore in 2003.
• Acquired by Rapid7
• Remains open source and free for use.
• Written in Ruby
![Page 23: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/23.jpg)
Metasploit for Pentesting
• Over 1000 tested exploits• Over 250 payloads and 28 encoders
• Metasploit offers “Plug & Play” of payloads withexploits
• Tons of other features for better and faster pentests
![Page 24: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/24.jpg)
Demo Metasploit
• Lab Setup:
![Page 25: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/25.jpg)
Malware / Virus
• The term malware is short for "malicious software.“
• Malware refers to any computer program that isdesigned to do things that are harmful to orunwanted by a computer's legitimate user — meaningyou.
• A virus is a programming code that replicates bybeing copied or initiating its copying to anotherprogram, computer boot sector or document.
![Page 26: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/26.jpg)
Malware / Virus
• Viruses can be transmitted as attachments to an e-mail or in a downloaded file, or be present on apendrive, CD.
• The receiver of the e-mail, downloaded file is usuallyunaware that it contains a virus.
![Page 27: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/27.jpg)
Backdoor
• A backdoor is a technique in which a system securitymechanism is bypassed undetectably to access acomputer or its data.
• The backdoor access method is sometimes writtenby the programmer who develops a program.
![Page 28: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/28.jpg)
DoS & DDoS Attack
• It is an attack on the availability of an informationsystem.
• A denial-of-service (DoS) or distributed denial-of-service (DDoS) attack is an attempt to make a machineor network resource unavailable to its intended users.
![Page 29: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/29.jpg)
TCP 3 Way Handshake
![Page 30: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/30.jpg)
DoS Attack
![Page 31: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/31.jpg)
DDoS Attack
![Page 32: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/32.jpg)
Symptoms of DoS & DDoS Attack
![Page 33: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/33.jpg)
Impact of DDoS Attack
![Page 34: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/34.jpg)
Impact of DDoS Attack
![Page 35: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/35.jpg)
Impact of DDoS Attack
![Page 36: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/36.jpg)
Impact of DDoS Attack
![Page 37: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/37.jpg)
Impact of DDoS Attack
![Page 38: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/38.jpg)
Impact of DDoS Attack
![Page 39: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/39.jpg)
Cryptography
• Cryptography is a method of storing andtransmitting data in a particular form so that onlythose for whom it is intended can read and process it.
• Cryptography is the art of converting yourinformation from human readable form to humanunreadable form.
![Page 40: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/40.jpg)
Cryptography
• In Cryptography Human unreadable information isknown as “Cipher Text” or “Encrypted Text”
• In Cryptography Human readable information isknown as “Clear Text” or “Plain Text” or “DecryptedText”
![Page 41: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/41.jpg)
Cryptography
Encryption: Conversion of information from “Plain-Text” to “Cipher-Text” is known as encryption, so thatinformation remains confidential.
Decryption: Conversion of information from “Cipher-Text” to “Plain-Text” is known as decryption.
![Page 42: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/42.jpg)
Popular Cryptographic Encryption Algorithms
• AES• DES• 3DES• RC2• RC4• Blowfish
![Page 43: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/43.jpg)
Steganography
• Steganography is the science of hiding information.
• The purpose of Steganography is covert communication to hide a message from a third party.
• Examples Hiding a message in a Image
• Hiding a message in a MP3 file.
• Hiding a message in a video file.
![Page 44: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/44.jpg)
Image Steganography
![Page 45: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/45.jpg)
Image Steganography
![Page 46: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/46.jpg)
Image Steganography in Terrorism
![Page 47: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/47.jpg)
Web Applications
• A Web application (Web app) is an applicationprogram that is stored on a remote server anddelivered over the Internet through a browserinterface.
• Any application that you access through a webbrowser is a web application.
![Page 48: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/48.jpg)
Web Application Architecture
![Page 49: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/49.jpg)
Web Application Vulnerabilities
• Web applications suffer from many number ofvulnerabilities.• SQL Injection• Cross Site Scripting• Web Server Misconfigurations• Insecure protocol usage• and many more
![Page 50: Session Slide](https://reader031.fdocuments.in/reader031/viewer/2022020307/55a809bc1a28ab5e748b45a8/html5/thumbnails/50.jpg)
Thank you !