We are under attack, aren't we?

Size: px
Start display at page:

Download "We are under attack, aren't we?"

Transcription

1 We are under attack, aren't we? Hans Schächl Senior Consultant kippdata informationstechnologie Gmbh, Bonn Security-Meeting 2002 kippdata informationstechnologie GmbH Bornheimer Straße 33a Bonn Telefon Telefax

2 Problemlage Hosts (Mio) ,7 3,2 6,6 Hosts on the Internet (Quelle: 12,8 19,5 36,7 56, ,8 162, Jahr

3 Problemlage sicherheitsrelevante Vorfälle (Quelle: an CERT/CC gemeldete Vorfälle Jahr 2002: Hochrechnung aus Q1/Q2 2002

4 Problemlage Schadensausmaß über 455 Mio US$ in 2002 bei 44% der Befragten! "For the fifth year in a row, more respondents (74%) cited their Internet connection as a frequent point of attack than cited their internal systems as a frequent point of attack (33%)" "Seventy percent of those attacked reported vandalism" (Quelle: CSI/FBI computer crime and security survey, 2002)

5 Problemlage Folgerungen noch immer hohe Dunkelziffer wachsende Wahrscheinlichkeit, als Ziel entdeckt zu werden Intention von "Angreifern" kaum vorhersagbar Angriffe werden professioneller, Tools frei verfügbar

6 Problemlage Gegenmaßnahmen Anti-Virus (98%) Firewalls (95%) physical Security (92%) Access Control (90%) IDS (61%) Encryption (53%) Digital Identification (42%) Biometrics (9%)

7 Lösung...

8 Und nun? Sicheres Gefühl?

9 Was die Firewall nicht sieht... local hacks: $ id uid=9001(foo) gid=9001(foouser) $ uname -srp SunOS 5.7 sparc $ wget $ gcc -o hackthem admtool c $./hackthem Jumping address = efffea90 # id uid=9001(foo) gid=9001(foouser) euid=0(root)

10 "Exploits" Now for the fun part! how to hack a box remotely Sun Solaris 7 Sun UltraSPARC II default Installation Apache Webserver

11 Alptraum "root compromise" Oder wie es Tripwire Inc. sagt:

12 Was geschah? login buffer overflow über telnetd Buffer Overflow in cachefsd "snmpxdmid" allows remote Root access

13 Backdoors Root-Kits der nächsten Generation Loadable Kernel Module versteckt seine eigene Anwesenheit und die anderer Prozesse, Files Trojaner / Backdoor z.b. ICMP Root Shell UDP Port 53 Tunnel HTTP Trojaner

14 Konsequenzen Patch-Management z.b. Sun Patch Manager Filter, Proxy und Wrapper für Dienste stateful Firewall, Content Scanner, tcpwrapper etc. hardened OS / RBAC Sun JASS, ARGUS, Trusted Solaris und Co. Intrusion Detection Host-based (Tripwire), Netzwerk-basiert (SmartDefense)

15 "Exploits" Ohne Worte... "windows exploits" -> hits "linux exploits" -> hits "solaris exploits" -> hits

16 "Exploits" OS out of the box werden auch immer "härter" Solaris > 30 exploits 11'1996 erscheint Phrack #49: Aleph One / "Smashing The Stack For Fun And Profit" Solaris 2.6 -> 46 exploits Solaris 7 -> 18 exploits Solaris 8 -> 2 exploits Solaris 9 -> noch 0...

17 From war dialing to... John T. Draper AKA Captain Crunch

18 ... war driving!

19 The new kid in town Wireless Insecurity und WEP Wire Equivalent Privacy isn't! rc4 ist nicht schlecht - Implementierung in WEP schon... wer montiert RJ-45-Dosen an der Fassade? es hilft zur Zeit nur VPN auf IP-Layer Verschlüsselung auf Application Layer Warten auf WEPv2 / 802.1x?

20 WEP or not - you're scanned! vortex, :"A Co-conspirator (you know who you are ;-) and I have performed initial scans (standing relatively still) in the major London financial district of Canary Wharf, and were shocked to have detected around 150 wireless devices - most of which were not even using WEP." "Shipley recently sat with a friend in his car in the Silicon Valley parking lot of <company>. They were using laptops loaded with special monitoring software to observe lots of <company>'s traffic, most of it coming from Windows machines. They were able to observe as someone transferred a file and someone else turned on an NT machine and received .""a <company> spokeswoman said later that any network heard that day was part of a <company> test, though she didn't know what was being tested, and added that the network was no longer operational."

21 ... and mapped! San Francisco Bay Area

22 ... auch in Bonn!

23 Literaturhinweise Building Internet Firewalls, Chapman und Zwicky, O'Reilly Practical Unix & Internet Security, Garfinkel und Spafford, O'Reilly Firewalls and Internet Security, Cheswick und Bellovin, Addison- Wesley TCP/IP Illustrated, W. Richard Stevens, Addison-Wesley Cracking DES, Electronic Frontier Foundation, O'Reilly Applied Cryptography, Bruce Schneier, John Wiley & Sons SSL and TLS, Eric Rescorla, Addison-Wesley Intrusion Signatures and Analysis, S. Northcutt, New Riders Pub.

24 Online-Ressourcen Sun Security Products Sun Recommended and Security Patches Sun JASS Solaris Security Toolkit CheckPoint Firewall-1 / VPN-1 Firewalls Mailing Liste Bugtraq Mailingliste Bundesamt für Sicherheit in der Informationstechnik CERT Coordination Center "The Design of a Secure Internet Gateway" v. Bill Cheswick

25 Online-Ressourcen Solaris Fingerprint Database Sun Security BluePrints Online Solaris and Tripwire Tripwire for Servers ARGUS WEP Cypherpunk Vortrag bei den Black Hat Briefings InSecurity of the WEP Algorithm Air Snort Quellen War dialing / war driving FAQ

Networking: EC Council Network Security Administrator NSA

Networking: EC Council Network Security Administrator NSA coursemonster.com/uk Networking: EC Council Network Security Administrator NSA View training dates» Overview The EC-Council's NSA certification looks at network security from a defensive view. The NSA

More information

Unix Network Security

Unix Network Security / UnixNetworkSecuirty-05-2004-CIT-ACDS Unix Network Security Mehmet Balman / Introduction A machine connected to phone lines or local network has the potential for intruders. Therefore security aspect

More information

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.

More information

Network Attacks and Defenses

Network Attacks and Defenses Network Attacks and Defenses Tuesday, November 25, 2008 Sources: Skoudis, CounterHack; S&M Chapter 5 (including many images) CS342 Computer Security Department of Computer Science Wellesley College Networks

More information

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN) MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file

More information

CRYPTUS DIPLOMA IN IT SECURITY

CRYPTUS DIPLOMA IN IT SECURITY CRYPTUS DIPLOMA IN IT SECURITY 6 MONTHS OF TRAINING ON ETHICAL HACKING & INFORMATION SECURITY COURSE NAME: CRYPTUS 6 MONTHS DIPLOMA IN IT SECURITY Course Description This is the Ethical hacking & Information

More information

Network Security Foundations

Network Security Foundations Network Security Foundations Matthew Strebe O San SrBBC Francisco London Introduction xv Chapter 1 Security Principles 1 Why Computers Aren't Secure 2 The History of Computer Security 4-1945 5 1945-1955

More information

NETWORK SECURITY HACKS *

NETWORK SECURITY HACKS * NETWORK SECURITY HACKS * Andrew %pckhart Ji O'REILLY* Beijing Cambridge Farnham Koln Paris Sebastopol Taipei Tokyo Contents Credits Preface ix xi Chapter 1. Unix Host Security 1 1. Secure Mount Points

More information

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM Course Description This is the Information Security Training program. The Training provides you Penetration Testing in the various field of cyber world.

More information

Internet Security Specialist Compaq Computer

Internet Security Specialist Compaq Computer Internet Security Specialist Compaq Computer Proof of Concept Partners Projects Workshop Seminars Customer Briefings Compaq White Paper Performance White Papers ASE Symposium $40-80 billion potential

More information

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings Computer Security Principles and Practice Second Edition William Stailings Lawrie Brown University ofnew South Wales, Australian Defence Force Academy With Contributions by Mick Bauer Security Editor,

More information

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months MODULE: INTRODUCTION TO INFORMATION SECURITY INFORMATION SECURITY ESSENTIAL TERMINOLOGIES SECURITY

More information

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT Roopa K. Panduranga Rao MV Dept of CS and Engg., Dept of IS and Engg., J.N.N College of Engineering, J.N.N College of Engineering,

More information

Cybersecurity Foundations

Cybersecurity Foundations Cybersecurity Foundations Course Number: 13198 Category: Technical Applications Duration: 5 Days Overview When you consider just a few of the consequences of a security breach - your proprietary information

More information

Introduction to Cyber Security / Information Security

Introduction to Cyber Security / Information Security Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be

More information

Network Security and Firewall 1

Network Security and Firewall 1 Department/program: Networking Course Code: CPT 224 Contact Hours: 96 Subject/Course WEB Access & Network Security: Theoretical: 2 Hours/week Year Two Semester: Two Prerequisite: NET304 Practical: 4 Hours/week

More information

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation

More information

Linux Operating System Security

Linux Operating System Security Linux Operating System Security Kenneth Ingham and Anil Somayaji September 29, 2009 1 Course overview This class is for students who want to learn how to configure systems to be secure, test the security

More information

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours Ethical Hacking and Information Security Duration Detailed Module Foundation of Information Security Lecture with Hands On Session: 90 Hours Elements of Information Security Introduction As technology

More information

Topics in Network Security

Topics in Network Security Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure

More information

Chapter 11 Phase 5: Covering Tracks and Hiding

Chapter 11 Phase 5: Covering Tracks and Hiding Chapter 11 Phase 5: Covering Tracks and Hiding Attrition Web Site Contains an archive of Web vandalism attacks http://www.attrition.org/mirror/attrition Most attackers, however, wish to keep low profile

More information

Host/Platform Security. Module 11

Host/Platform Security. Module 11 Host/Platform Security Module 11 Why is Host/Platform Security Necessary? Firewalls are not enough All access paths to host may not be firewall protected Permitted traffic may be malicious Outbound traffic

More information

Linux & Docker auf Azure

Linux & Docker auf Azure Linux & Docker auf Azure Linux in der Azure Cloud Web Mail Twitter Rainer Stropek software architects gmbh http://www.timecockpit.com rainer@timecockpit.com @rstropek Saves the day. Your Host Rainer Stropek

More information

A43. Modern Hacking Techniques and IP Security. By Shawn Mullen. Las Vegas, NV IBM TRAINING. IBM Corporation 2006

A43. Modern Hacking Techniques and IP Security. By Shawn Mullen. Las Vegas, NV IBM TRAINING. IBM Corporation 2006 IBM TRAINING A43 Modern Hacking Techniques and IP Security By Shawn Mullen Las Vegas, NV 2005 CSI/FBI US Computer Crime and Computer Security Survey 9 out of 10 experienced computer security incident in

More information

Internet Firewalls Policy Development and Technology Choices

Internet Firewalls Policy Development and Technology Choices Internet Firewalls Policy Development and Technology Choices Leonard J. D Alotto GTE Laboratories, Incorporated Abstract Since the development of the World Wide Web (WWW), more and more organizations are

More information

Presented By: Holes in the Fence. Agenda. IPCCTV Attack. DDos Attack. Why Network Security is Important

Presented By: Holes in the Fence. Agenda. IPCCTV Attack. DDos Attack. Why Network Security is Important Presented By: Holes in the Fence Dave Engebretson, Contributing Technology writer, SDM Magazine Industry Instructor in Fiber and Networking Prevention of Security System breaches of networked Edge Devices

More information

AnyWeb AG 2008 www.anyweb.ch

AnyWeb AG 2008 www.anyweb.ch HP SiteScope (End-to-End Monitoring, System Availability) Christof Madöry AnyWeb AG ITSM Practice Circle September 2008 Agenda Management Technology Agentless monitoring SiteScope in HP BTO SiteScope look

More information

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker ALL ElNis ONE CEH Certified Ethical Hacker EXAM GUIDE Matt Walker Mc Grain/ New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto McGraw-Hill

More information

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)

More information

Section 12 MUST BE COMPLETED BY: 4/22

Section 12 MUST BE COMPLETED BY: 4/22 Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege

More information

Security + Certification (ITSY 1076) Syllabus

Security + Certification (ITSY 1076) Syllabus Security + Certification (ITSY 1076) Syllabus Course: ITSY 1076 Security+ 40 hours Course Description: This course is targeted toward an Information Technology (IT) professional who has networking and

More information

Worms, Trojan Horses and Root Kits

Worms, Trojan Horses and Root Kits Worms, Trojan Horses and Root Kits Worms A worm is a type of Virus that is capable of spreading and replicating itself autonomously over the internet. Famous Worms Morris Internet worm (1988) Currently:

More information

Network Security: A Practical Approach. Jan L. Harrington

Network Security: A Practical Approach. Jan L. Harrington Network Security: A Practical Approach Jan L. Harrington ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann is an imprint of

More information

USING SOLARIS OPERATING SYSTEM SECURITY TO ADDRESS PAYMENT CARD INDUSTRY (PCI) DSS COMPLIANCE: A SYSTEMIC APPROACH TO SECURITY

USING SOLARIS OPERATING SYSTEM SECURITY TO ADDRESS PAYMENT CARD INDUSTRY (PCI) DSS COMPLIANCE: A SYSTEMIC APPROACH TO SECURITY USING SOLARIS OPERATING SYSTEM SECURITY TO ADDRESS PAYMENT CARD INDUSTRY (PCI) DSS COMPLIANCE: A SYSTEMIC APPROACH TO SECURITY Glenn Brunette, Distinguished Engineer, GSS Security Office Mark Thacker,

More information

Intrusion Detection and Intrusion Prevention on a Large Network: A Case Study

Intrusion Detection and Intrusion Prevention on a Large Network: A Case Study THE ADVANCED COMPUTING SYSTEMS ASSOCIATION The following paper was originally published in the Proceedings of the Workshop on Intrusion Detection and Network Monitoring Santa Clara, California, USA, April

More information

TECHNICAL NOTE 08/04 IINTRODUCTION TO VULNERABILITY ASSESSMENT TOOLS

TECHNICAL NOTE 08/04 IINTRODUCTION TO VULNERABILITY ASSESSMENT TOOLS TECHNICAL NOTE 08/04 IINTRODUCTION TO VULNERABILITY ASSESSMENT TOOLS 1 OCTOBER 2004 This paper was previously published by the National Infrastructure Security Co-ordination Centre (NISCC) a predecessor

More information

City University of Hong Kong. Information on a Course offered by Department of Electronic Engineering with effect from Semester A in 2012/2013

City University of Hong Kong. Information on a Course offered by Department of Electronic Engineering with effect from Semester A in 2012/2013 City University of Hong Kong Information on a Course offered by Department of Electronic Engineering with effect from Semester A in 01/013 Part I Course Title: Course Code: Course Duration: Cryptography

More information

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes Category Question Name Question Text C 1.1 Do all users and administrators have a unique ID and password? C 1.1.1 Passwords are required to have ( # of ) characters: 5 or less 6-7 8-9 Answer 10 or more

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

Description: Objective: Attending students will learn:

Description: Objective: Attending students will learn: Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of

More information

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses

More information

SOLARIS 10 SECURITY. Technical Overview. Andreas Neuhold Systems Practice Lead Austria Sun Microsystems, GesmbH

SOLARIS 10 SECURITY. Technical Overview. Andreas Neuhold Systems Practice Lead Austria Sun Microsystems, GesmbH SOLARIS 10 SECURITY Technical Overview Andreas Neuhold Systems Practice Lead Austria Sun Microsystems, GesmbH Solaris 10 Lizenzen Millions ~ 7M ZFS 7,0 6,5 6,0 5,5 Solaris Container 5,0 4,5 4,0 3,5 3,0

More information

CIT 480: Securing Computer Systems. Firewalls

CIT 480: Securing Computer Systems. Firewalls CIT 480: Securing Computer Systems Firewalls Topics 1. What is a firewall? 2. Types of Firewalls 1. Packet filters (stateless) 2. Stateful firewalls 3. Proxy servers 4. Application layer firewalls 3. Configuring

More information

HOB Remote Desktop VPN Secure access for remote workers and business partners to your enterprise network

HOB Remote Desktop VPN Secure access for remote workers and business partners to your enterprise network HOB GmbH & Co. KG Schwadermühlstr. 3 90556 Cadolzburg Tel: +49 9103 / 715-0 Fax: +49 9103 / 715-271 E-Mail: support@hobsoft.com Internet: www.hobsoft.com HOB Remote Desktop VPN Secure access for remote

More information

Network Access Security. Lesson 10

Network Access Security. Lesson 10 Network Access Security Lesson 10 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Firewalls Given a scenario, install and configure routers and switches.

More information

Benutzerfreundlich, tiefe Betriebskosten und hohe Sicherheit. Warum sich diese Ziele nicht widersprechen müssen

Benutzerfreundlich, tiefe Betriebskosten und hohe Sicherheit. Warum sich diese Ziele nicht widersprechen müssen Benutzerfreundlich, tiefe Betriebskosten und hohe Sicherheit. Warum sich diese Ziele nicht widersprechen müssen Jean Paul Kölbl CEO IT-Secure.com AG Total access security Heutige Situation Kostendruck

More information

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp ECSA/LPT is a security class like no other! Providing real world hands on experience, it is the only in-depth

More information

Citrix NetScaler Best Practices. Claudio Mascaro Senior Systems Engineer BCD-Sintrag AG

Citrix NetScaler Best Practices. Claudio Mascaro Senior Systems Engineer BCD-Sintrag AG Citrix NetScaler Best Practices Claudio Mascaro Senior Systems Engineer BCD-Sintrag AG Agenda Deployment Initial Konfiguration Load Balancing NS Wizards, Unified GW, AAA Feature SSL 2 FTP SQL NetScaler

More information

Intrusion Detection Systems. Darren R. Davis Student Computing Labs

Intrusion Detection Systems. Darren R. Davis Student Computing Labs Intrusion Detection Systems Darren R. Davis Student Computing Labs Overview Intrusion Detection What is it? Why do I need it? How do I do it? Intrusion Detection Software Network based Host based Intrusion

More information

Computer Networks. Secure Systems

Computer Networks. Secure Systems Computer Networks Secure Systems Summary Common Secure Protocols SSH HTTPS (SSL/TSL) IPSec Wireless Security WPA2 PSK vs EAP Firewalls Discussion Secure Shell (SSH) A protocol to allow secure login to

More information

SYSTEM ADMINISTRATION MTAT.08.021 LECTURE 8 SECURITY

SYSTEM ADMINISTRATION MTAT.08.021 LECTURE 8 SECURITY SYSTEM ADMINISTRATION MTAT.08.021 LECTURE 8 SECURITY Prepared By: Amnir Hadachi and Artjom Lind University of Tartu, Institute of Computer Science amnir.hadachi@ut.ee / artjom.lind@ut.ee 1 OUTLINE 1.Is

More information

A Decision Maker s Guide to Securing an IT Infrastructure

A Decision Maker s Guide to Securing an IT Infrastructure A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose

More information

NETWORK SECURITY HACKS

NETWORK SECURITY HACKS SECOND EDITION NETWORK SECURITY HACKS 2008 AGI-Information Management Consultants May be used for personal purporses only or by libraries associated to dandelon.com network. Andrew Lockhart O'REILLY Beijing

More information

CYBERTRON NETWORK SOLUTIONS

CYBERTRON NETWORK SOLUTIONS CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified

More information

Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard Payment Card Industry (PCI) Data Security Standard Technical and Operational Requirements for Approved Scanning Vendors (ASVs) Version 1.1 Release: September 2006 Table of Contents Introduction...1-1 Naming

More information

TIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13

TIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13 COURSE TITLE : INFORMATION SECURITY COURSE CODE : 5136 COURSE CATEGORY : ELECTIVE PERIODS/WEEK : 4 PERIODS/SEMESTER : 52 CREDITS : 4 TIME SCHEDULE MODULE TOPICS PERIODS 1 Introduction to Computer Security

More information

Build Your Own Security Lab

Build Your Own Security Lab Build Your Own Security Lab A Field Guide for Network Testing Michael Gregg WILEY Wiley Publishing, Inc. Contents Acknowledgments Introduction XXI xxiii Chapter 1 Hardware and Gear Why Build a Lab? Hackers

More information

VULNERABILITY ASSESSMENT WHITEPAPER INTRODUCTION, IMPLEMENTATION AND TECHNOLOGY DISCUSSION

VULNERABILITY ASSESSMENT WHITEPAPER INTRODUCTION, IMPLEMENTATION AND TECHNOLOGY DISCUSSION VULNERABILITY ASSESSMENT WHITEPAPER INTRODUCTION, IMPLEMENTATION AND TECHNOLOGY DISCUSSION copyright 2003 securitymetrics Security Vulnerabilities of Computers & Servers Security Risks Change Daily New

More information

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0 EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single

More information

Intrusion Detection Systems

Intrusion Detection Systems Intrusion Detection Systems Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-07/

More information

Course Title: Penetration Testing: Security Analysis

Course Title: Penetration Testing: Security Analysis Course Title: Penetration Testing: Security Analysis Page 1 of 9 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics in advanced

More information

Network Incident Report

Network Incident Report To submit copies of this form via facsimile, please FAX to 202-406-9233. Network Incident Report United States Secret Service Financial Crimes Division Electronic Crimes Branch Telephone: 202-406-5850

More information

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained home Network Vulnerabilities Detail Report Grouped by Vulnerability Report Generated by: Symantec NetRecon 3.5 Licensed to: X Serial Number: 0182037567 Machine Scanned from: ZEUS (192.168.1.100) Scan Date:

More information

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security? 7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

More information

CS5008: Internet Computing

CS5008: Internet Computing CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is

More information

Computer Security. Overview. Bad Computer Security Costs. Bad Computer Security Costs. Costs Graph. Costs Graph

Computer Security. Overview. Bad Computer Security Costs. Bad Computer Security Costs. Costs Graph. Costs Graph Overview Computer Security Vast topic only space here to touch on some of the key issues. Extremely important sloppy computer security costs time, money and even lives. David Gamez IUA Week 5 Autumn 2007

More information

CEH Version8 Course Outline

CEH Version8 Course Outline CEH Version8 Course Outline Module 01: Introduction to Ethical Hacking Information Security Overview Information Security Threats and Attack Vectors Hacking Concepts Hacking Phases Types of Attacks Information

More information

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting Network Security: 30 Questions Every Manager Should Ask Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting Network Security: 30 Questions Every Manager/Executive Must Answer in Order

More information

UNDERSTANDING AND DEPLOYING HOST-BASED INTRUSION PREVENTION TECHNOLOGY

UNDERSTANDING AND DEPLOYING HOST-BASED INTRUSION PREVENTION TECHNOLOGY UNDERSTANDING AND DEPLOYING HOST-BASED INTRUSION PREVENTION TECHNOLOGY SESSION 1 Agenda Defining Host-Based Intrusion Prevention Host-Based Intrusion Prevention Components and Capabilities Cisco Security

More information

Fundamentals of Network Security - Theory and Practice-

Fundamentals of Network Security - Theory and Practice- Fundamentals of Network Security - Theory and Practice- Program: Day 1... 1 1. General Security Concepts... 1 2. Identifying Potential Risks... 1 Day 2... 2 3. Infrastructure and Connectivity... 2 4. Monitoring

More information

Network Security Essentials:

Network Security Essentials: Network Security Essentials: Applications and Standards Fifth Edition William Stallings International Editions contributions by B. R. Chandavarkar National Institute of Technology Karnataka, Surathkal

More information

Open Source Security Tool Overview

Open Source Security Tool Overview Open Source Security Tool Overview Presented by Kitch Spicer & Douglas Couch Security Engineers for ITaP 1 Introduction Vulnerability Testing Network Security Passive Network Detection Firewalls Anti-virus/Anti-malware

More information

Unix Security Technologies. Pete Markowsky

Unix Security Technologies. Pete Markowsky <peterm[at] ccs.neu.edu> Unix Security Technologies Pete Markowsky What is this about? The goal of this CPU/SWS are: Introduce you to classic vulnerabilities Get you to understand security advisories Make

More information

SonicWALL PCI 1.1 Implementation Guide

SonicWALL PCI 1.1 Implementation Guide Compliance SonicWALL PCI 1.1 Implementation Guide A PCI Implementation Guide for SonicWALL SonicOS Standard In conjunction with ControlCase, LLC (PCI Council Approved Auditor) SonicWall SonicOS Standard

More information

How to scan/exploit a ssl based webserver. by xxradar. http://www.radarhack.com mailto:xxradar@radarhack.com. Version 1.

How to scan/exploit a ssl based webserver. by xxradar. http://www.radarhack.com mailto:xxradar@radarhack.com. Version 1. How to scan/exploit a ssl based webserver. by xxradar. http://www.radarhack.com mailto:xxradar@radarhack.com. Version 1.0 21-09-2003 1. Introduction Sometimes late at night, playing with openssl and connecting

More information

LINUX NETWORK SECURITY

LINUX NETWORK SECURITY LINUX NETWORK SECURITY PETER G. SMITH CHARLES CHARLES RIVER MEDIA, INC. Hingham, Massachusetts Contents Preface xvii 1 Introduction: The Need For Security 1 1.1 Introducing the Enemy 1 The Hacker Myth

More information

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology Port Scanning and Vulnerability Assessment ECE4893 Internetwork Security Georgia Institute of Technology Agenda Reconnaissance Scanning Network Mapping OS detection Vulnerability assessment Reconnaissance

More information

SCP - Strategic Infrastructure Security

SCP - Strategic Infrastructure Security SCP - Strategic Infrastructure Security Lesson 1 - Cryptogaphy and Data Security Cryptogaphy and Data Security History of Cryptography The number lock analogy Cryptography Terminology Caesar and Character

More information

Cisco ASA und FirePOWER Services

Cisco ASA und FirePOWER Services Cisco ASA und FirePOWER Services 1 Die Abwehr von Bedrohungen ist ein Prozess Attack Continuum BEFORE Control Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Firewall/VPN Applikations-Kontrolle

More information

IPv6 Security Best Practices. Eric Vyncke evyncke@cisco.com Distinguished System Engineer

IPv6 Security Best Practices. Eric Vyncke evyncke@cisco.com Distinguished System Engineer IPv6 Best Practices Eric Vyncke evyncke@cisco.com Distinguished System Engineer security 2007 Cisco Systems, Inc. All rights reserved. Cisco CPub 1 Agenda Shared Issues by IPv4 and IPv6 Specific Issues

More information

Security: Attack and Defense

Security: Attack and Defense Security: Attack and Defense Aaron Hertz Carnegie Mellon University Outline! Breaking into hosts! DOS Attacks! Firewalls and other tools 15-441 Computer Networks Spring 2003 Breaking Into Hosts! Guessing

More information

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011) Host Hardening (March 21, 2011) Abdou Illia Spring 2011 CERT Report on systems vulnerabilities Source: CERT Report @ http://www.kb.cert.org/vuls/bymetric 2 OS Vulnerability test Source: http://www.omninerd.com/articles/2006_operating_system_vulnerabilit

More information

Open Source Security: Opportunity or Oxymoron?

Open Source Security: Opportunity or Oxymoron? Open Source Security: Opportunity or Oxymoron? by George Lawton Presented by Eduard Kuziner COMP 595 SEC CSUN May 2002 1 Outline 1. What is Open Source? 2. Open Source Pros and Cons 3. Current Projects

More information

Inside-Out Attacks. ivan.buetler@csnc.ch. Covert Channel Attacks Inside-out Attacks Seite 1 GLÄRNISCHSTRASSE 7 POSTFACH 1671 CH-8640 RAPPERSWIL

Inside-Out Attacks. ivan.buetler@csnc.ch. Covert Channel Attacks Inside-out Attacks Seite 1 GLÄRNISCHSTRASSE 7 POSTFACH 1671 CH-8640 RAPPERSWIL Inside-Out Attacks ivan.buetler@csnc.ch Covert Channel Attacks Inside-out Attacks Seite 1 Goals of this presentation! Responses to the following questions! What are inside-out attacks! Who will use this

More information

Firewalls. Castle and Moat Analogy. Dr.Talal Alkharobi. Dr.Talal Alkharobi

Firewalls. Castle and Moat Analogy. Dr.Talal Alkharobi. Dr.Talal Alkharobi Castle and Moat Analogy 2 More like the moat around a castle than a firewall Restricts access from the outside Restricts outbound connections, too (!!) Important: filter out undesirable activity from internal

More information

Information Security Measures and Monitoring System at BARC. - R.S.Mundada Computer Division B.A.R.C., Mumbai-85

Information Security Measures and Monitoring System at BARC. - R.S.Mundada Computer Division B.A.R.C., Mumbai-85 Information Security Measures and Monitoring System at BARC - R.S.Mundada Computer Division B.A.R.C., Mumbai-85 Information Security Approach Secure Network Design, Layered approach, with SPF and Application

More information

CIT 480: Securing Computer Systems. Firewalls

CIT 480: Securing Computer Systems. Firewalls CIT 480: Securing Computer Systems Firewalls Topics 1. What is a firewall? 2. Types of Firewalls 1. Packet filters (stateless) 2. Stateful firewalls 3. Proxy servers 4. Application layer firewalls 3. Configuring

More information

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)

More information

CS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24

CS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24 Introduction to Computer Networks Lecture24 Network security (continued) Key distribution Secure Shell Overview Authentication Practical issues Firewalls Denial of Service Attacks Definition Examples Key

More information

Achieving PCI-Compliance through Cyberoam

Achieving PCI-Compliance through Cyberoam White paper Achieving PCI-Compliance through Cyberoam The Payment Card Industry (PCI) Data Security Standard (DSS) aims to assure cardholders that their card details are safe and secure when their debit

More information

Systems and Principles Unit Syllabus

Systems and Principles Unit Syllabus Systems and Principles Unit Syllabus Level 3 Implementing an ICT systems security policy 7540-032 www.cityandguilds.com September 2010 Version 1.0 About City & Guilds City & Guilds is the UK s leading

More information

Network Security Bible Dr. Eric Cole, Dr. Ronald Krutz, and James W. Conley WILEY

Network Security Bible Dr. Eric Cole, Dr. Ronald Krutz, and James W. Conley WILEY WILEY Wiley Publishing, Inc. Network Security Bible Dr. Eric Cole, Dr. Ronald Krutz, and James W. Conley Contents Acknowledgments Introduction Part I: Security Principles and Practices Chapter 1: Information

More information

Footprinting and Reconnaissance Tools

Footprinting and Reconnaissance Tools Footprinting and Reconnaissance Tools Topic 1: Common Port Scanning Techniques Do some research on computer ports that are most often scanned by hackers. Identify a port scanning exploit that is interesting

More information

Network Security Controls. CSC 482: Computer Security

Network Security Controls. CSC 482: Computer Security Network Security Controls Topics 1. Firewalls 2. Virtual Private Networks 3. Intrusion Detection and Prevention 4. Honeypots What is a Firewall? A software or hardware component that restricts network

More information

In today s world the Internet has become a valuable resource for many people.

In today s world the Internet has become a valuable resource for many people. In today s world the Internet has become a valuable resource for many people. However with the benefits of being connected to the Internet there are certain risks that a user must take. In many cases people

More information

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

CH ENSA EC-Council Network Security Administrator Detailed Course Outline CH ENSA EC-Council Network Security Administrator Detailed Course Outline Summary Duration Vendor Audience 5 Days hands-on training EC-Council Security Professionals Level Technology Category Advance Ethical

More information

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls CS426 Fall 2010/Lecture 36 1 Announcements There will be a quiz on Wed There will be a guest lecture on Friday, by Prof. Chris Clifton

More information

Network and Host-based Vulnerability Assessment

Network and Host-based Vulnerability Assessment Network and Host-based Vulnerability Assessment A guide for information systems and network security professionals 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free:

More information

Securing E-Commerce. Agenda. The Security Problem IC Security: Key Elements Designing and Implementing. 3203 1346_06_2000_c1_sec3

Securing E-Commerce. Agenda. The Security Problem IC Security: Key Elements Designing and Implementing. 3203 1346_06_2000_c1_sec3 Securing E-Commerce 1 Agenda The Security Problem IC Security: Key Elements Designing and Implementing 2 The Security Dilemma Internet Business Value Internet Access Corporate Intranet Internet Presence

More information

SONDRA SCHNEIDER JOHN NUNES

SONDRA SCHNEIDER JOHN NUNES TECHNOLOGY TRANSFER PRESENTS SONDRA SCHNEIDER JOHN NUNES CERTIFIED ETHICAL HACKER TM THE ONLY WAY TO STOP A HACKER IS TO THINK LIKE ONE MAY 21-25, 2007 VISCONTI PALACE HOTEL - VIA FEDERICO CESI, 37 ROME

More information