CIT 380: Securing Computer Systems
|
|
- Arthur Garrison
- 8 years ago
- Views:
Transcription
1 CIT 380: Securing Computer Systems Scanning CIT 380: Securing Computer Systems Slide #1
2 Topics 1. Port Scanning 2. Stealth Scanning 3. Version Identification 4. OS Fingerprinting 5. Vulnerability Scanning CIT 380: Securing Computer Systems Slide #2
3 Port Scanning Port scanning is a method of discovering potential input channels on a host by proving the TCP and UDP ports on which services may be listening. CIT 380: Securing Computer Systems Slide #3
4 nmap TCP connect() scan > nmap -st scanme.nmap.org Starting Nmap 6.40 ( ) at Nmap scan report for scanme.nmap.org ( ) Host is up (0.11s latency). Not shown: 996 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 1720/tcp filtered H.323/Q /tcp open nping-echo done: 1 IP address (1 host up) scanned in 9.92 seconds CIT 380: Securing Computer Systems Slide #4
5 Scanning Techniques 1. TCP connect() scan 2. TCP SYN scan 3. TCP FIN scan 4. TCP Xmas scan 5. TCP Null scan 6. TCP ACK scan 7. Fragmentation Scan 8. FTP bounce scan 9. Idle Scan 10. UDP scan CIT 380: Securing Computer Systems Slide #5
6 TCP connect() scan Use connect() system call on each port, following normal TCP connection protocol (3-way handshake). connect() will succeed if port is listening. Advantages: fast, requires no privileges Disadvantages: easily detectable and blockable. CIT 380: Securing Computer Systems Slide #6
7 TCP SYN Scan Send SYN packet and wait for response SYN+ACK Port is open Send RST to tear down connection RST Port is closed Advantage: less likely to be logged or blocked Disadvantage: requires root privilege CIT 380: Securing Computer Systems Slide #7
8 TCP FIN scan Send TCP FIN packet and wait for response No response Port is open RST Port is closed. Advantages: more stealthy than SYN scan Disadvantages: MS Windows doesn t follow standard (RFC 793) and responds with RST in both cases, requires root privilege. CIT 380: Securing Computer Systems Slide #8
9 Xmas and Null Scans Similar to FIN scan with different flag settings. Xmas Scan: Sets FIN, URG, and PUSH flags. Null Scan: Turns off all TCP flags. CIT 380: Securing Computer Systems Slide #9
10 TCP ACK Scan Does not identify open ports Used to determine firewall type Packet filter (identifies responses by ACK bit) Stateful Send TCP ACK packet to specified port RST Port is unfiltered (packet got through) No response or ICMP unreachable Port is filtered CIT 380: Securing Computer Systems Slide #10
11 Fragmentation Scan Modify TCP stealth scan (SYN, FIN, Xmas, NULL) to use tiny fragmented IP datagrams. Advantages: increases difficulty of scan detection and blocking. Disadvantages: does not work on all Oses, and may crash some firewalls/sniffers. CIT 380: Securing Computer Systems Slide #11
12 FTP Bounce Scan FTP protocol supports proxy ftp Client requests server send file to another IP, port. If server can open connection, port is open. Advantages: Hide identity of scanning host. Bypass firewalls by using ftp server behind firewall. Disadvantages: Most ftp servers no longer support proxying. Printer ftp servers often do still support. CIT 380: Securing Computer Systems Slide #12
13 Idle Scan Use intermediate idle host to do scan. Idle host must increment IP ID for each packet. Idle host must not receive traffic from anyone other than attacker. Scan Process 1. Attacker connects to idle host to obtain initial IP ID X. 2. Send SYN packet to port Y of target with spoofed IP of idle host. 3. If port is open, target host will send SYN+ACK to idle host. 4. Idle host with send RST packet with IP ID X+1 to target. 5. Attacker connects with SYN to idle host to obtain updated IP ID. 6. Idle host sends back SYN+ACK to attacker. Note that this action will increment IP ID by 1. If IP ID is X+2, then port Y on target is open. Advantages: hides scanner IP address from target. CIT 380: Securing Computer Systems Slide #13
14 UDP Scans Send 0-byte UDP packet to each UDP port UDP packet returned Port is open ICMP port unreachable Port is closed Nothing Port listed as open filtered Could be that packet was lost. Could be that server only returns UDP on valid input. Disadvantages: ICMP error rate throttled to a few packets/second (RFC 1812), making UDP scans of all ports very slow. MS Windows doesn t implement rate limiting. CIT 380: Securing Computer Systems Slide #14
15 Version Scanning Port scanning reveals which ports are open Guess services on well-known ports. How can we do better? Find what server: vendor and version telnet/netcat to port and check for banner Version scanning CIT 380: Securing Computer Systems Slide #15
16 Banner Checking with netcat > nc 80 GET / HTTP/1.1 HTTP/ Bad Request Date: Sun, 07 Oct :27:08 GMT Server: Apache/ (Unix) mod_perl/1.29 PHP/4.4.1 mod_ssl/ OpenSSL/0.9.7a Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=iso <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <HTML><HEAD> <TITLE>400 Bad Request</TITLE> </HEAD><BODY> <H1>Bad Request</H1> Your browser sent a request that this server could not understand.<p> client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /<P> </BODY></HTML> CIT 380: Securing Computer Systems Slide #16
17 Version Scanning 1. If port is TCP, open connection. 2. Wait for service to identify self with banner. 3. If no identification or port is UDP, 1. Send probe string based on well-known service. 2. Check response against db of known results. 4. If no match, test all probe strings in list. CIT 380: Securing Computer Systems Slide #17
18 nmap version scan > nmap -sv scanme.nmap.org Starting Nmap 6.40 ( ) at :11 EDT Nmap scan report for scanme.nmap.org ( ) Host is up (0.10s latency). Not shown: 996 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 5.3p1 Debian 3ubuntu7 (protocol 2.0) 80/tcp open http Apache httpd ((Ubuntu)) 1720/tcp filtered H.323/Q /tcp open nping-echo Nping echo Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel CIT 380: Securing Computer Systems Slide #18
19 Set source port More nmap Tools Bypass firewall by using allowed source port. Use port 80 for TCP, port 53 for UDP scans. Decoys Send additional scans from list of decoys. Spoof IP addresses of decoy hosts. Defender has to investigate decoys + attacker. CIT 380: Securing Computer Systems Slide #19
20 Defences Prevention Disable unnecessary services. Block ports at firewall. Use a stateful firewall instead of packet filter. Detection Network Intrusion Detection Systems. Port scans often have distinct signatures. IPS can react to scan by blocking IP address. CIT 380: Securing Computer Systems Slide #20
21 OS Fingerprinting Identify OS by specific features of its TCP/IP network stack implementation. Explore TCP/IP differences between OSes. Build database of OS TCP/IP fingerprints. Send set of specially tailored packets to host Match results to identical fingerprint in db to identify operating system type and version. CIT 380: Securing Computer Systems Slide #21
22 nmap OS fingerprint examples > sudo nmap -O scanme.nmap.org Device type: general purpose Running: Linux 2.6.X 3.X OS CPE: cpe:/o:linux:linux_kernel:2.6 OS details: Linux Uptime guess: day TCP Sequence Prediction: Difficulty=202 (Good luck!) IP ID Sequence Generation: All zeros > sudo nmap v -O Device type: general purpose Running: Linux 2.4.X OS CPE: cpe:/o:linux:linux_kernel:2.4 OS details: Linux (likely embedded) Uptime guess: days TCP Sequence Prediction: Difficulty=196 (Good luck!) IP ID Sequence Generation: All zeros CIT 380: Securing Computer Systems Slide #22
23 OS Fingerprinting Techniques FIN probe RFC 793 requires no response MS Windows, BSDI, Cisco IOS send RST Bogus flag probe Bit 7 of TCP flags unused Linux < keeps flag set in response TCP ISN sampling Different algorithms for TCP ISNs IP Identification Different algorithms for incrementing IPID CIT 380: Securing Computer Systems Slide #23
24 Passive Fingerprinting Identify OSes of hosts on network by sniffing packets sent by each host. Use similar characteristics as active techniques: TTL MSS Initial Window Size Don t Fragment bit Tools: p0f CIT 380: Securing Computer Systems Slide #24
25 Fingerprinting Defences Detection NIDS Blocking Firewalling Some probes can t be blocked. Deception IPpersonality changes Linux TCP/IP stack signature to that of another OS in nmap db. CIT 380: Securing Computer Systems Slide #25
26 Vulnerability Scanning Scan for vulnerabilities in systems Configuration errors Well-known system vulnerabilities Scanning Tools Nessus OpenVAS Nexpose GFI LANguard Network Security Scanner ISS Internet Scanner CIT 380: Securing Computer Systems Slide #26
27 Vulnerability Scanner Architecture User Interface Vulnerability Database Scanning Engine Scan Results Report Generation CIT 380: Securing Computer Systems Slide #27
28 Nessus Report CIT 380: Securing Computer Systems Slide #28
29 Scanning Tools Summary Information IP addresses of hosts Network topology Open ports Service versions OS Vulnerabilities Tool ping, nmap -sp traceroute, lft nmap -st -su nmap -sv nmap O, p0f Nessus, OpenVAS CIT 380: Securing Computer Systems Slide #29
30 References 1. Fyodor, NMAP documentation, 2. Fyodor, Remote OS detection via TCP/IP Stack FingerPrinting, Phrack 54, 3. Gordon Fyodor Lyon, Nmap Network Scanning, Ed Skoudis, Counter Hack Reloaded, Prentice Hall, CIT 380: Securing Computer Systems Slide #30
An Introduction to Nmap with a Focus on Information Gathering. Ionuț Ambrosie
An Introduction to Nmap with a Focus on Information Gathering Ionuț Ambrosie January 12, 2015 During the information gathering phase of a penetration test, tools such as Nmap can be helpful in allowing
More informationPort Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology
Port Scanning and Vulnerability Assessment ECE4893 Internetwork Security Georgia Institute of Technology Agenda Reconnaissance Scanning Network Mapping OS detection Vulnerability assessment Reconnaissance
More informationNetwork and Services Discovery
A quick theorical introduction to network scanning January 8, 2016 Disclaimer/Intro Disclaimer/Intro Network scanning is not exact science When an information system is able to interact over the network
More informationPort Scanning. Objectives. Introduction: Port Scanning. 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap.
Port Scanning Objectives 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap. Introduction: All machines connected to a LAN or connected to Internet via a modem
More informationRemote Network Analysis
Remote Network Analysis Torsten Hoefler htor@cs.tu-chemnitz.de (DMZ), mostly between two packet filters and application gateways. The different possibilities to connect DMZ-hosts are also shown in Figure
More informationHost Fingerprinting and Firewalking With hping
Host Fingerprinting and Firewalking With hping Naveed Afzal National University Of Computer and Emerging Sciences, Lahore, Pakistan Email: 1608@nu.edu.pk Naveedafzal gmail.com Abstract: The purpose
More informationScanning Tools. Scan Types. Network sweeping - Basic technique used to determine which of a range of IP addresses map to live hosts.
Scanning Tools The goal of the scanning phase is to learn more information about the target environment and discover openings by interacting with that target environment. This paper will look at some of
More informationLecture 5: Network Attacks I. Course Admin
Lecture 5: Network Attacks I CS 336/536: Computer Network Security Fall 2013 Nitesh Saxena Adopted from previous lectures by Keith Ross Course Admin HW/Lab 1 Due Coming Monday 11am Lab sessions are active
More informationChapter 6 Phase 2: Scanning
Chapter 6 Phase 2: Scanning War Dialer Tool used to automate dialing of large pools of telephone numbers in an effort to find unprotected THC-Scan 2.0 Full-featured, free war dialing tool Runs on Win9x,
More informationNetwork Scanning. What is a Network scanner? Why are scanners needed? How do scanners do? Which scanner does the market provide?
Network Scanning What is a Network scanner? Why are scanners needed? How do scanners do? Which scanner does the market provide? Where will our research go? Page : 1 Function - attacker view What hosts
More informationNetwork Security CS 192
Network Security CS 192 Network Scanning (Idlescan) Department of Computer Science George Washington University Jonathan Stanton 1 Today s topics Discussion of new DNS flaws Network Scanning (Idlescan)
More informationCYBER ATTACKS EXPLAINED: PACKET CRAFTING
CYBER ATTACKS EXPLAINED: PACKET CRAFTING Protect your FOSS-based IT infrastructure from packet crafting by learning more about it. In the previous articles in this series, we explored common infrastructure
More informationDivide and Conquer Real World Distributed Port Scanning
Divide and Conquer Real World Distributed Port Scanning Ofer Maor CTO Hacktics 16 Feb 2006 Hackers & Threats I, 3:25PM (HT1-302) Introduction Divide and Conquer: Real World Distributed Port Scanning reviews
More informationIntroduction. Nmap from an Ethical Hacker's View Part 1. By Kirby Tucker
Nmap from an Ethical Hacker's View Part 1 By Kirby Tucker Editor's Note: Kirby is a long time contributor and supporter of EH-Net. So when he came to me with the idea to do a more approachable tutorial
More informationAlgorithms and Techniques Used for Auto-discovery of Network Topology, Assets and Services
Algorithms and Techniques Used for Auto-discovery of Network Topology, Assets and Services CS4983 Senior Technical Report Brian Chown 0254624 Faculty of Computer Science University of New Brunswick Canada
More informationNmap: Scanning the Internet
Nmap: Scanning the Internet by Fyodor Black Hat Briefings USA August 6, 2008; 10AM Defcon 16 August 8, 2008; 4PM Abstract The Nmap Security Scanner was built to efficiently scan large networks, but Nmap's
More informationLinux Network Security
Linux Network Security Course ID SEC220 Course Description This extremely popular class focuses on network security, and makes an excellent companion class to the GL550: Host Security course. Protocols
More informationAttacks and Defense. Phase 1: Reconnaissance
Attacks and Defense Phase 1: Reconnaissance Phase 2: Port Scanning Phase 3: Gaining Access Using Application and Operating System Using Networks Phase 1: Reconnaissance Known as information gathering.
More informationPassive Network Traffic Analysis: Understanding a Network Through Passive Monitoring Kevin Timm,
Passive Network Traffic Analysis: Understanding a Network Through Passive Monitoring Kevin Timm, Network IDS devices use passive network monitoring extensively to detect possible threats. Through passive
More informationHONEYD (OPEN SOURCE HONEYPOT SOFTWARE)
HONEYD (OPEN SOURCE HONEYPOT SOFTWARE) Author: Avinash Singh Avinash Singh is a Technical Evangelist currently worksing at Appin Technology Lab, Noida. Educational Qualification: B.Tech from Punjab Technical
More informationAttack and Defense Techniques
Network Security Attack and Defense Techniques Anna Sperotto, Ramin Sadre Design and Analysis of Communication Networks (DACS) University of Twente The Netherlands Attack Taxonomy Many different kind of
More informationNetwork Security. Marcus Bendtsen Institutionen för Datavetenskap (IDA) Avdelningen för Databas- och Informationsteknik (ADIT)
Network Security ICMP, TCP, DNS, Scanning Marcus Bendtsen Institutionen för Datavetenskap (IDA) Avdelningen för Databas- och Informationsteknik (ADIT) Agenda A couple of examples of network protocols that
More informationA Very Incomplete Diagram of Network Attacks
A Very Incomplete Diagram of Network Attacks TCP/IP Stack Reconnaissance Spoofing Tamper DoS Internet Transport Application HTTP SMTP DNS TCP UDP IP ICMP Network/Link 1) HTML/JS files 2)Banner Grabbing
More informationNetwork Security. Network Scanning
Network Security Network Scanning Module 2 Keith A. Watson, CISSP, CISA IA Research Engineer, CERIAS kaw@cerias.purdue.edu 1 Network Scanning Definition: Sending packets configured to evoke a response
More information1.0 Introduction. 2.0 Data Gathering
Nessus Scanning 1.0 Introduction Nessus is a vulnerability scanner, a program that looks for security bugs in software. There is a freely available open source version which runs on Unix. Tenable Security
More informationSecurity: Attack and Defense
Security: Attack and Defense Aaron Hertz Carnegie Mellon University Outline! Breaking into hosts! DOS Attacks! Firewalls and other tools 15-441 Computer Networks Spring 2003 Breaking Into Hosts! Guessing
More informationPenetration Testing Workshop
Penetration Testing Workshop Who are we? Carter Poe Nathan Ritchey Mahdi Shapouri Fred Araujo Outline Ethical hacking What is penetration testing? Planning Reconnaissance Footprinting Network Endpoint
More informationPenetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, 2011. Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat.
1 Penetration Testing NTS330 Unit 1 Penetration V1.0 February 20, 2011 Juan Ortega Juan Ortega, juaorteg@uat.edu 1 Juan Ortega, juaorteg@uat.edu 2 Document Properties Title Version V1.0 Author Pen-testers
More informationNETWORK SECURITY WITH OPENSOURCE FIREWALL
NETWORK SECURITY WITH OPENSOURCE FIREWALL Vivek Kathayat,Dr Laxmi Ahuja AIIT Amity University,Noida vivekkathayat@gmail.com lahuja@amity.edu ATTACKER SYSTEM: Backtrack 5r3( 192.168.75.10 ) HOST: Backtrack
More informationLooking for Trouble: ICMP and IP Statistics to Watch
Looking for Trouble: ICMP and IP Statistics to Watch Laura Chappell, Senior Protocol Analyst Protocol Analysis Institute [lchappell@packet-level.com] www.packet-level.com www.podbooks.com HTCIA Member,
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Vulnerability Analysis 1 Roadmap Why vulnerability analysis? Example: TCP/IP related vulnerabilities
More informationPenetration Testing. What Is a Penetration Testing?
Penetration Testing 1 What Is a Penetration Testing? Testing the security of systems and architectures from the point of view of an attacker (hacker, cracker ) A simulated attack with a predetermined goal
More informationSolution of Exercise Sheet 5
Foundations of Cybersecurity (Winter 15/16) Prof. Dr. Michael Backes CISPA / Saarland University saarland university computer science Protocols = {????} Client Server IP Address =???? IP Address =????
More informationRemote Network Analysis
Remote Network Analysis - I know what you know - Torsten Höfler htor@cs.tu-chemnitz.de Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 1/41 Outline 1. 2. 3. 4. Advanced Scanning 5. 6. Torsten
More informationFirewalls. configuring a sophisticated GNU/Linux firewall involves understanding
Firewalls slide 1 configuring a sophisticated GNU/Linux firewall involves understanding iptables iptables is a package which interfaces to the Linux kernel and configures various rules for allowing packets
More informationHost Discovery with nmap
Host Discovery with nmap By: Mark Wolfgang moonpie@moonpie.org November 2002 Table of Contents Host Discovery with nmap... 1 1. Introduction... 3 1.1 What is Host Discovery?... 4 2. Exploring nmap s Default
More informationUsing Nessus to Detect Wireless Access Points. March 6, 2015 (Revision 4)
Using Nessus to Detect Wireless Access Points March 6, 2015 (Revision 4) Table of Contents Introduction... 3 Why Detect Wireless Access Points?... 3 Wireless Scanning for WAPs... 4 Detecting WAPs using
More informationHow To Understand A Network Attack
Network Security Attack and Defense Techniques Anna Sperotto (with material from Ramin Sadre) Design and Analysis of Communication Networks (DACS) University of Twente The Netherlands Attacks! Many different
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationNessus. A short review of the Nessus computer network vulnerability analysing tool. Authors: Henrik Andersson Johannes Gumbel Martin Andersson
Nessus A short review of the Nessus computer network vulnerability analysing tool Authors: Henrik Andersson Johannes Gumbel Martin Andersson Introduction What is a security scanner? A security scanner
More informationnmap, nessus, and snort Vulnerability Analysis & Intrusion Detection
nmap, nessus, and snort Vulnerability Analysis & Intrusion Detection agenda Vulnerability Analysis Concepts Vulnerability Scanning Tools nmap nikto nessus Intrusion Detection Concepts Intrusion Detection
More informationPresented By: Holes in the Fence. Agenda. IPCCTV Attack. DDos Attack. Why Network Security is Important
Presented By: Holes in the Fence Dave Engebretson, Contributing Technology writer, SDM Magazine Industry Instructor in Fiber and Networking Prevention of Security System breaches of networked Edge Devices
More informationStateful Firewalls. Hank and Foo
Stateful Firewalls Hank and Foo 1 Types of firewalls Packet filter (stateless) Proxy firewalls Stateful inspection Deep packet inspection 2 Packet filter (Access Control Lists) Treats each packet in isolation
More informationIP Network Scanning & Reconnaissance
IP Network Scanning & Reconnaissance Hacking for Techies Technical Primer Booklet Matta Security Limited 16 19 Southampton Place London WC1A 2AX +44 (0) 8700 77 11 00 courses@trustmatta.com http://www.trustmatta.com
More informationDevelopment of a Network Intrusion Detection System
Development of a Network Intrusion Detection System (I): Agent-based Design (FLC1) (ii): Detection Algorithm (FLC2) Supervisor: Dr. Korris Chung Please visit my personal homepage www.comp.polyu.edu.hk/~cskchung/fyp04-05/
More informationInternet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering
Internet Firewall CSIS 4222 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 27: Internet Routing Ch 30: Packet filtering & firewalls
More informationDos & DDoS Attack Signatures (note supplied by Steve Tonkovich of CAPTUS NETWORKS)
Dos & DDoS Attack Signatures (note supplied by Steve Tonkovich of CAPTUS NETWORKS) Signature based IDS systems use these fingerprints to verify that an attack is taking place. The problem with this method
More informationHow To Set Up A Network Map In Linux On A Ubuntu 2.5 (Amd64) On A Raspberry Mobi) On An Ubuntu 3.5.2 (Amd66) On Ubuntu 4.5 On A Windows Box
CSC-NETLAB Packet filtering with Iptables Group Nr Name1 Name2 Name3 Date Instructor s Signature Table of Contents 1 Goals...2 2 Introduction...3 3 Getting started...3 4 Connecting to the virtual hosts...3
More informationNetwork Forensics: Detection and Analysis of Stealth Port Scanning Attack
International Journal of Computer Networks and Communications Security VOL. 3, NO. 2, FEBRUARY 2015, 33 42 Available online at: www.ijcncs.org E-ISSN 2308-9830 (Online) / ISSN 2410-0595 (Print) Network
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationChapter 8 Network Security
[Computer networking, 5 th ed., Kurose] Chapter 8 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 84Securing 8.4 e-mail 8.5 Securing TCP connections: SSL 8.6 Network
More informationFirewalls. Pehr Söderman KTH-CSC Pehrs@kth.se
Firewalls Pehr Söderman KTH-CSC Pehrs@kth.se 1 Definition A firewall is a network device that separates two parts of a network, enforcing a policy for all traversing traffic. 2 Fundamental requirements
More informationSECURITY TOOLS SOFTWARE IN AN OPEN SOURCE ENVIRONMENT. Napoleon Alexandru SIRETEANU *
ANALELE ŞTIINłIFICE ALE UNIVERSITĂłII ALEXANDRU IOAN CUZA DIN IAŞI Tomul LV ŞtiinŃe Economice 2008 SECURITY TOOLS SOFTWARE IN AN OPEN SOURCE ENVIRONMENT Napoleon Alexandru SIRETEANU * Abstract In a penetration
More informationA1.1.1.11.1.1.2 1.1.1.3S B
CS Computer 640: Network AdityaAkella Lecture Introduction Networks Security 25 to Security DoS Firewalls and The D-DoS Vulnerabilities Road Ahead Security Attacks Protocol IP ICMP Routing TCP Security
More informationWindows Insecurity. Penetrated. v0.11
Windows Insecurity Penetrated v0.11 1 Cop y r i g h t (c) 2004 ADR I A N PAS T O R. Per m i s s i o n is gran t e d to cop y, dis t r i b u t e and / o r mod i f y this docu m e n t und e r the ter m s
More informationStop that Big Hack Attack Protecting Your Network from Hackers. www.lauraknapp.com
Stop that Big Hack Attack Protecting Your Network from Hackers Laura Jeanne Knapp Technical Evangelist 1-919-224-2205 laura@lauraknapp.com www.lauraknapp.com NetSec_ 010 Agenda Components of security threats
More informationComputer forensics 2015-12-01
Computer forensics Evidence acquisition Protocol analysis Packet analysis Flow analysis Network Logs Network devices Network intrusion detection/prevention systems Common network attacks Web browser forensics
More informationInstalling and Configuring Nessus by Nitesh Dhanjani
Unless you've been living under a rock for the past few years, it is quite evident that software vulnerabilities are being found and announced quicker than ever before. Every time a security advisory goes
More informationLab 3: Recon and Firewalls
Lab 3: Recon and Firewalls IP, UDP, TCP and ICMP Before we can create firewall rules, we have to know the basics of network protocols. Here's a quick review... IP ICMP UDP TCP The underlying packet delivery
More informationIntroduction of Intrusion Detection Systems
Introduction of Intrusion Detection Systems Why IDS? Inspects all inbound and outbound network activity and identifies a network or system attack from someone attempting to compromise a system. Detection:
More informationAttack Lab: Attacks on TCP/IP Protocols
Laboratory for Computer Security Education 1 Attack Lab: Attacks on TCP/IP Protocols Copyright c 2006-2010 Wenliang Du, Syracuse University. The development of this document is funded by the National Science
More informationChapter 8 Security Pt 2
Chapter 8 Security Pt 2 IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross,
More informationVulnerability Assessment and Penetration Testing. CC Faculty ALTTC, Ghaziabad
Vulnerability Assessment and Penetration Testing CC Faculty ALTTC, Ghaziabad Need Vulnerabilities Vulnerabilities are transpiring in different platforms and applications regularly. Information Security
More informationFIREWALLS. Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others
FIREWALLS FIREWALLS Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others FIREWALLS: WHY Prevent denial of service attacks: SYN flooding: attacker
More informationAC 2012-3856: TEACHING NETWORK SECURITY THROUGH SIGNA- TURE ANALYSIS OF COMPUTER NETWORK ATTACKS
AC 2012-3856: TEACHING NETWORK SECURITY THROUGH SIGNA- TURE ANALYSIS OF COMPUTER NETWORK ATTACKS Dr. Te-Shun Chou, East Carolina University Te-Shun Chou received his bachelor s degree in electronics engineering
More informationVulnerability Assessment and Penetration Testing
Vulnerability Assessment and Penetration Testing Module 1: Vulnerability Assessment & Penetration Testing: Introduction 1.1 Brief Introduction of Linux 1.2 About Vulnerability Assessment and Penetration
More informationNetwork reconnaissance and IDS
Network reconnaissance and IDS CS642: Computer Security Professor Ristenpart h9p://www.cs.wisc.edu/~rist/ rist at cs dot wisc dot edu University of Wisconsin CS 642 Let s play over the network Target
More information20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7
20-CS-6053-00X Network Security Spring, 2014 An Introduction To Network Security Week 1 January 7 Attacks Criminal: fraud, scams, destruction; IP, ID, brand theft Privacy: surveillance, databases, traffic
More informationFirewalls. Firewalls. Idea: separate local network from the Internet 2/24/15. Intranet DMZ. Trusted hosts and networks. Firewall.
Firewalls 1 Firewalls Idea: separate local network from the Internet Trusted hosts and networks Firewall Intranet Router DMZ Demilitarized Zone: publicly accessible servers and networks 2 1 Castle and
More informationIntroduction to Network Security Lab 2 - NMap
Introduction to Network Security Lab 2 - NMap 1 Introduction: Nmap as an Offensive Network Security Tool Nmap, short for Network Mapper, is a very versatile security tool that should be included in every
More informationhttps://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting
https://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting Chapter 1 1. Introducing Penetration Testing 1.1 What is penetration testing 1.2 Different types of test 1.2.1 External Tests
More informationFirewalls. Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49. Firewall Design Principles
Firewalls Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49 1 Firewall Design Principles Firewall Characteristics Types of Firewalls Firewall Configurations
More informationNetwork reconnaissance and IDS
Network reconnaissance and IDS CS642: Computer Security Professor Ristenpart h9p://www.cs.wisc.edu/~rist/ rist at cs dot wisc dot edu University of Wisconsin CS 642 Let s play over the network Target
More informationFirewall Testing. Cameron Kerr Telecommunications Programme University of Otago. May 16, 2005
Firewall Testing Cameron Kerr Telecommunications Programme University of Otago May 16, 2005 Abstract Writing a custom firewall is a complex task, and is something that requires a significant amount of
More informationVULNERABILITY ASSESSMENT WHITEPAPER INTRODUCTION, IMPLEMENTATION AND TECHNOLOGY DISCUSSION
VULNERABILITY ASSESSMENT WHITEPAPER INTRODUCTION, IMPLEMENTATION AND TECHNOLOGY DISCUSSION copyright 2003 securitymetrics Security Vulnerabilities of Computers & Servers Security Risks Change Daily New
More informationNetwork Mapper and Vulnerability Scanning
Network Mapper and Vulnerability Scanning Avviso Per la legge italiana questi strumenti sono equivalenti a strumenti per lo scasso Possono essere posseduti solo da chi ha un ruolo professionale che lo
More informationCIT 480: Securing Computer Systems. Firewalls
CIT 480: Securing Computer Systems Firewalls Topics 1. What is a firewall? 2. Types of Firewalls 1. Packet filters (stateless) 2. Stateful firewalls 3. Proxy servers 4. Application layer firewalls 3. Configuring
More informationCS2107 Introduction to Information and System Security (Slid. (Slide set 8)
Networks, the Internet Tool support CS2107 Introduction to Information and System Security (Slide set 8) National University of Singapore School of Computing July, 2015 CS2107 Introduction to Information
More informationTime has something to tell us about Network Address Translation
Time has something to tell us about Network Address Translation Elie Bursztein Abstract In this paper we introduce a new technique to count the number of hosts behind a NAT. This technique based on TCP
More informationDenial of Service Attacks. Notes derived from Michael R. Grimaila s originals
Denial of Service Attacks Notes derived from Michael R. Grimaila s originals Denial Of Service The goal of a denial of service attack is to deny legitimate users access to a particular resource. An incident
More informationEvading Infrastructure Security Mohamed Bedewi Penetration Testing Consultant
Evading Infrastructure Security Mohamed Bedewi Penetration Testing Consultant What infrastructure security really means? Infrastructure Security is Making sure that your system services are always running
More information8 steps to protect your Cisco router
8 steps to protect your Cisco router Daniel B. Cid daniel@underlinux.com.br Network security is a completely changing area; new devices like IDS (Intrusion Detection systems), IPS (Intrusion Prevention
More informationDenial Of Service. Types of attacks
Denial Of Service The goal of a denial of service attack is to deny legitimate users access to a particular resource. An incident is considered an attack if a malicious user intentionally disrupts service
More informationFirewalls Netasq. Security Management by NETASQ
Firewalls Netasq Security Management by NETASQ 1. 0 M a n a g e m e n t o f t h e s e c u r i t y b y N E T A S Q 1 pyright NETASQ 2002 Security Management is handled by the ASQ, a Technology developed
More informationIxLoad-Attack: Network Security Testing
IxLoad-Attack: Network Security Testing IxLoad-Attack tests network security appliances determining that they effectively and accurately block attacks while delivering high end-user quality of experience
More informationAbstract. Introduction. Section I. What is Denial of Service Attack?
Abstract In this report, I am describing the main types of DoS attacks and their effect on computer and network environment. This report will form the basis of my forthcoming report which will discuss
More informationCodebox 2: simple configuration changes in Apache and PHP configuration files
Do Reverse Proxies provide real security? In the process of building / designing the infrastructure for a new project the following question was asked: shouldn't we use a reverse proxy to secure or protect
More informationInternet Firewall CSIS 3230. Internet Firewall. Spring 2012 CSIS 4222. net13 1. Firewalls. Stateless Packet Filtering
Internet Firewall CSIS 3230 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 8.8: Packet filtering, firewalls, intrusion detection Ch
More informationCSE331: Introduction to Networks and Security. Lecture 12 Fall 2006
CSE331: Introduction to Networks and Security Lecture 12 Fall 2006 Announcements Midterm I will be held Friday, Oct. 6th. True/False Multiple Choice Calculation Short answer Short essay Project 2 is on
More informationOverview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP
Overview Securing TCP/IP Chapter 6 TCP/IP Open Systems Interconnection Model Anatomy of a Packet Internet Protocol Security (IPSec) Web Security (HTTP over TLS, Secure-HTTP) Lecturer: Pei-yih Ting 1 2
More informationNetwork Penetration Testing and Ethical Hacking Scanning/Penetration Testing. SANS Security 560.2. Sans Mentor: Daryl Fallin
Network Penetration Testing and Ethical Hacking Scanning/Penetration Testing SANS Security 560.2 Sans Mentor: Daryl Fallin http://www.sans.org/info/55868 Copyright 2010, All Rights Reserved Version 4Q10
More informationPenetration Testing SIP Services
Penetration Testing SIP Services Using Metasploit Framework Writer Version : 0.2 : Fatih Özavcı (fatih.ozavci at viproy.com) Introduction Viproy VoIP Penetration Testing Kit Sayfa 2 Table of Contents 1
More informationHTTP Fingerprinting and Advanced Assessment Techniques
HTTP Fingerprinting and Advanced Assessment Techniques Saumil Shah Director, Net-Square Author: Web Hacking - Attacks and Defense BlackHat 2003, Washington DC The Web Hacker s playground Web Client Web
More informationMake a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.
CMSC 355 Lab 3 : Penetration Testing Tools Due: September 31, 2010 In the previous lab, we used some basic system administration tools to figure out which programs where running on a system and which files
More informationCIT 480: Securing Computer Systems. Firewalls
CIT 480: Securing Computer Systems Firewalls Topics 1. What is a firewall? 2. Types of Firewalls 1. Packet filters (stateless) 2. Stateful firewalls 3. Proxy servers 4. Application layer firewalls 3. Configuring
More informationnoway.toonux.com 09 January 2014
noway.toonux.com p3.7 10 noway.toonux.com 88.190.52.71 Debian Linux 0 CRITICAL 0 HIGH 5 MEDIUM 2 LOW Running Services Service Service Name Risk General Linux Kernel Medium 22/TCP OpenSSH 5.5p1 Debian 6+squeeze4
More informationWhat is a Firewall? A choke point of control and monitoring Interconnects networks with differing trust Imposes restrictions on network services
Firewalls What is a Firewall? A choke point of control and monitoring Interconnects networks with differing trust Imposes restrictions on network services only authorized traffic is allowed Auditing and
More informationWorkshop on Network Traffic Capturing and Analysis IITG, DIT, CERT-In, C-DAC. Host based Analysis. {Himanshu Pareek, himanshup@cdac.
Workshop on Network Traffic Capturing and Analysis IITG, DIT, CERT-In, C-DAC Host based Analysis {Himanshu Pareek, himanshup@cdac.in} {C-DAC Hyderabad, www.cdachyd.in} 1 Reference to previous lecture Bots
More informationUsing IPM to Measure Network Performance
CHAPTER 3 Using IPM to Measure Network Performance This chapter provides details on using IPM to measure latency, jitter, availability, packet loss, and errors. It includes the following sections: Measuring
More information