HACKING RELOADED. Hacken IS simple! Christian H. Gresser
|
|
- Mervyn McGee
- 8 years ago
- Views:
Transcription
1 HACKING RELOADED Hacken IS simple! Christian H. Gresser
2 Agenda About NESEC IT-Security and control Systems Hacking is easy A short example where we currently are Possible solutions IT-security in 2008 hacking trends Lessons learned NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 2
3 About NESEC Founded 2002 in Freising near Munich/Germany Specialized in IT security and penetration testing Strong Focus on process automation Working concepts and solutions to implement IT security in process automation Interesting penetration tests steel mill, airport, chemical plant, energy plant Close relationship with manufacturer ABB, Honeywell NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 3
4 Layers of Incidents Public Infrastructure Internet Corporate Infrastructure VPN Branch Office Infrastructure Workplace Infrastructure NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 4
5 IT-Security is new to automation NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 5
6 Risks in Production Plants Viruses, Trojans, malicious mobile code 42% of all attacks! Social engineering Denial of service attacks Deficient physical infrastructure Vulnerabilities in the OS and in applications Use of protected/illegal material, private use Hacking and cracking Disasters NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 6
7 IT Security will become an important requirement Control networks are no longer isolated networks Connection to corporate LANs, remote access (this is often not known or denied by management) Automation systems are no longer specialized platforms They will suffer the same threats as PCs and servers do They are new targets Security controls are often not (yet) implemented Password protection and Antivirus not widely used They are interesting targets Shutting down plants will make you famous (at least in the hacker community, we have seen that already) NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 7
8 Hacking Cycle Cleanup Footprinting Pillage Scanning Escalation Enumeration Penetration Analysis/Research NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 8
9 Hacking is easy High Low Intruder Knowledge back doors trojans packet spoofing sweepers disabling audits network mgmt. diagnostics Attack Sophistication session burglaries hijacking exploiting known vulnerabilities password cracking self-replicating code password guessing sniffers Cross site scripting stealth / advanced scanning techniques Staged denial of service attack distributed attack tools www attacks automated probes/scans GUI Attackers Tools NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 9
10 Hacking is easy High Low Intruder Knowledge back doors trojans packet spoofing sweepers disabling audits network mgmt. diagnostics Attack Sophistication session burglaries hijacking exploiting known vulnerabilities password cracking self-replicating code password guessing sniffers Cross site scripting stealth / advanced scanning techniques Staged denial of service attack distributed attack tools www attacks automated probes/scans GUI Attackers Tools NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 10
11 Some tools are fully automated NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 11
12 Example Hack This example break-in uses only publicly available free software and information Nmap port scanner to identify the target OS (see: http// Nessus vulnerability scanner to identify the missing patches (see: http// Symantec SecurityFocus Vulnerability Database (see: or: Metasploit Exploit Framework (see: Everyone can use these tools! NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 12
13 Free Vulnerability Databases NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 13
14 133t hacker sites NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 14
15 Free Download of all Tools NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 15
16 What s in the future Microsoft currently does a good job securing their systems There already is a trend to attack different parts in the operating system backup software and anti-virus because agents are installed on all systems completely new environments production plants It is only a matter of time before automation systems will be attacked A good indicator are the SANS Top 20 Internet Security Vulnerabilities see: NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 16
17 What s in the future 2006 will be the year of application break-ins widespread automated exploits for media players but also backup software, anti-virus and personal firewalls new and automated attacks against web applications 2007 will be the year of network components exploits for router, switches and all the networking gear Critical infrastructure like DNS will be targeted again 2008 will be the year of embedded and automation systems many issues are fixed, new targets are required these systems are finally connected to the networks NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 17
18 More attacks! Infection Attempts 900M 800M 700M 600M 500M 400M 300M 200M 100M 0 Polymorphic Viruses (Tequila) Mass Mailer Viruses (Love Letter/Melissa) Zombies Denial of Service (Yahoo!, ebay) Blended Threats (Code Red, Nimda, Slammer) Malicious Code Infection Attempts Network Intrusion Attempts , , ,000 75,000 50,000 25,000 0 Network Intrusion Attempts 2004 CERT NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 18
19 More viruses! NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 19
20 New attack vectors! NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 20
21 Control System security is different Risk Impact Risk Management Reliability Performance Security Information Technology Loss of data Recover by reboot Safety is a non-issue Occasional Failures tolerated Beta test in field acceptable High throughput demanded High delay and jitter accepted Most sites insecure Little separation among intranets on same site Focus is central server security Control Networks Loss of production, equipment, life Fault tolerance essential Explicit hazard analysis expected Outages intolerable Thorough quality assurance testing expected Modest throughput acceptable High delay a serious concern Tight physical security Information systems network isolated from plant network Focus is edge control device stability NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 21
22 IT-Security is difficult Aspect of IT Anti-virus Lifetime Outsourcing Patching Change Time criticality Availability Security skills and awareness Security testing Physical security Corporate IT widely used 3-5 years widely used frequent (often daily) frequent delays OK outages OK (overnight) fairly good widely used usually secure and manned Process Control IT often difficult / impossible to deploy 5-20 years rarely used for operations slow (required vendor approval) rare critical, often safety dependent 24 / 7 / 365 poor must be used with care often remote and unmanned NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 22
23 Timeframe from official patch to released exploits is shrinking Today a patch is decoded in less than 7 days (reverse engineering) Customers have less time to test and verify patches in their environment Exploits get more sophisticated 331 Nimda Days between patch release and exploit Welchia/ SQL Slammer 25 Blaster Nachi No simple solution available. Security, incl. patch management and anti virus, has to become a standard procedures as well NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 23
24 Some vendors still don t understand Response Time for MS Security Update Test vendor A vendor B vendor C vendor D vendor E vendor F vendor G Presented by Ian Henderson, BP at Industrial Cyber Security Conference 15 March 2005, London NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 24
25 Awareness is Rising Finally ISS gave a presentation on SCADA Security at the Black Hat Federal Conference in January 2006 They found lot s of problems in widely used software OPC has many buffer overflows OPC over DCOM is often very insecure and while analyzing SCADA systems SCADA systems usually have no authentication SCADA systems are usually not patched SCADA systems are much more often connected to the Internet as anyone believes You can go to the store and buy a book on pen-testing that will give you all the knowledge you need to cause a widespread power blackout! NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 25
26 Shift in awareness necessary Control systems have become very similar to office environments They need to be treated similar Control systems are interconnected to corporate networks or even the internet They need the same (or even better) protection Shift in security awareness: IT security should be part of the initial design process not an add-on later IT security should be part of the standard maintenance procedures not only after an incident Every employee is responsible for IT security NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 26
27 Multilayered approach necessary Protecting the infrastructure Block access to sensitive parts of the infrastructure (e.g. rooms, buildings), often referred to as physical security Protecting IT-systems Use anti-virus software and install patches to protect systems from viruses, worms and exploits Protecting networks Use firewalls and filters for network segmentation Protecting applications and data Use encryption and VPNs to protect data from unauthorized access User education Train your employees to use and adopt IT security NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 27
28 Lessons learned I IT security is becoming very important Control networks are no longer isolated networks Automation systems are no longer specialized platforms They are new targets They are interesting targets Hacking Tools are easy to use Everybody can attack and break into systems The tools are readily available If you are not protected, you will be hacked NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 28
29 Lessons learned II As a customer of process automation systems, ask your vendor these questions: Does my vendor have a coherent policy how vendor patches are tested and verified in combination with your process automation software? Where is this documented? Does my vendor test and verify anti-virus software together with your process automation software? Can my vendor provide guidance to implement security including firewalls, remote access and VPN? What will be the additional costs, if you have to cover the shortcomings of your vendor? Is your vendor prepared for the future? NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 29
30 Lessons learned III As a vendor of process automation systems, ask yourself these questions: Can you provide your customers a coherent IT security concept, covering all aspects including Security policy Secure connection to corporate network / internet Secure remote access Patch management and anti virus What is your reaction time to customers regarding patch approval and security inquiries? Are you prepared for the future? NESEC Gesellschaft für angewandte Netzwerksicherheit mbh Seite 30
31 Thank you very much for your attendance Your questions please Christian H. Gresser NESEC GmbH Lichtenbergstrasse 8 D Garching Tel.: Fax: cgresser@nesec.de Web:
How To Protect Your Computer From Attack
Hacking SCADA/SAS Systems Used Techniques, Known Incidents and Possible Mitigations Seminar at Petroleum Safety Authority Norway at 29/11-2006 Christian H. Gresser cgresser@nesec.de Agenda About NESEC
More informationABB s approach concerning IS Security for Automation Systems
ABB s approach concerning IS Security for Automation Systems Copyright 2006 ABB. All rights reserved. Stefan Kubik stefan.kubik@de.abb.com The problem Most manufacturing facilities are more connected (and
More informationComputer System Security Updates
Why patch? If you have already deployed a network architecture, such as the one recommended by Rockwell Automation and Cisco in the Converged Plantwide Ethernet Design and Implementation Guide (http://www.ab.com/networks/architectures.html),
More informationDefense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks
Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks A look at multi-vendor access strategies Joel Langill TÜV FSEng ID-1772/09, CEH, CPT, CCNA Security Consultant / Staff
More informationIntrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks
Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Dale Peterson Director, Network Security Practice Digital Bond, Inc. 1580 Sawgrass Corporate Parkway, Suite 130 Sunrise, FL 33323
More informationNetwork Incident Report
To submit copies of this form via facsimile, please FAX to 202-406-9233. Network Incident Report United States Secret Service Financial Crimes Division Electronic Crimes Branch Telephone: 202-406-5850
More informationVirus Protection Across The Enterprise
White Paper Virus Protection Across The Enterprise How Firewall, VPN and /Content Security Work Together Juan Pablo Pereira Sr. Technical Marketing Manager Juniper Networks, Inc. 1194 North Mathilda Avenue
More informationCertified Ethical Hacker (CEH)
Certified Ethical Hacker (CEH) Course Number: CEH Length: 5 Day(s) Certification Exam This course will help you prepare for the following exams: Exam 312 50: Certified Ethical Hacker Course Overview The
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationCOURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM
COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM Course Description This is the Information Security Training program. The Training provides you Penetration Testing in the various field of cyber world.
More informationITEC441- IS Security. Chapter 15 Performing a Penetration Test
1 ITEC441- IS Security Chapter 15 Performing a Penetration Test The PenTest A penetration test (pentest) simulates methods that intruders use to gain unauthorized access to an organization s network and
More informationCRYPTUS DIPLOMA IN IT SECURITY
CRYPTUS DIPLOMA IN IT SECURITY 6 MONTHS OF TRAINING ON ETHICAL HACKING & INFORMATION SECURITY COURSE NAME: CRYPTUS 6 MONTHS DIPLOMA IN IT SECURITY Course Description This is the Ethical hacking & Information
More informationCEH Version8 Course Outline
CEH Version8 Course Outline Module 01: Introduction to Ethical Hacking Information Security Overview Information Security Threats and Attack Vectors Hacking Concepts Hacking Phases Types of Attacks Information
More informationCS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013
CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationProcess Control Systems in the Chemical Industry: Safety vs. Security
INL/CON-05-00001 PREPRINT Process Control Systems in the Chemical Industry: Safety vs. Security 20 th Annual CCPS International Conference Jeffrey Hahn Donna Post Guillen Thomas Anderson April 2005 This
More informationWhen a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.
Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.
More informationNational Cyber League Certified Ethical Hacker (CEH) TM Syllabus
National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)
More informationApplication Intrusion Detection
Application Intrusion Detection Drew Miller Black Hat Consulting Application Intrusion Detection Introduction Mitigating Exposures Monitoring Exposures Response Times Proactive Risk Analysis Summary Introduction
More informationInnovative Defense Strategies for Securing SCADA & Control Systems
1201 Louisiana Street Suite 400 Houston, Texas 77002 Phone: 877.302.DATA Fax: 800.864.6249 Email: info@plantdata.com Innovative Defense Strategies for Securing SCADA & Control Systems By: Jonathan Pollet
More informationKeyword: Cloud computing, service model, deployment model, network layer security.
Volume 4, Issue 2, February 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Emerging
More informationCritical IT-Infrastructure (like Pipeline SCADA systems) require cyber-attack protection
Critical IT-Infrastructure (like Pipeline SCADA systems) require cyber-attack protection Tobias WALK ILF Consulting Engineers GmbH Germany Abstract Pipeline Supervisory Control And Data Acquisition (SCADA)
More informationDDos. Distributed Denial of Service Attacks. by Mark Schuchter
DDos Distributed Denial of Service Attacks by Mark Schuchter Overview Introduction Why? Timeline How? Typical attack (UNIX) Typical attack (Windows) Introduction limited and consumable resources (memory,
More informationIntegrated Protection for Systems. João Batista Joao_batista@mcafee.com Territory Manager
Integrated Protection for Systems João Batista Joao_batista@mcafee.com Territory Manager 2 McAfee Overview Proven Expertise And what it means to you Proof of Expertise Impact of Expertise 1 17 100 300
More informationNetwork Security. 1 Pass the course => Pass Written exam week 11 Pass Labs
Network Security Ola Lundh ola.lundh@hh.se Schedule/ time-table: landris.hh.se/ (NetwoSec) Course home-page: hh.se/english/ide/education/student/coursewebp ages/networksecurity cisco.netacad.net Packet
More informationCourse Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)
Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses
More informationDesigning a security policy to protect your automation solution
Designing a security policy to protect your automation solution September 2009 / White paper by Dan DesRuisseaux 1 Contents Executive Summary... p 3 Introduction... p 4 Security Guidelines... p 7 Conclusion...
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationIf you know the enemy and know yourself, you need not fear the result of a hundred battles.
Rui Pereira,B.Sc.(Hons),CIPS ISP/ITCP,CISSP,CISA,CWNA/CWSP,CPTE/CPTC Principal Consultant, WaveFront Consulting Group ruiper@wavefrontcg.com 1 (604) 961-0701 If you know the enemy and know yourself, you
More informationJune 2006 Tiger Teams! The new face of Penetration Testing
June 2006 Tiger Teams! The new face of Penetration Testing Justin Clarke CISSP CISM AIISP Ivan Phillips MSc MBCS CITP NCSA 1 Agenda Our talk will cover the following topics: Web Application Hacking PBX,
More informationGuidelines for Website Security and Security Counter Measures for e-e Governance Project
and Security Counter Measures for e-e Governance Project Mr. Lalthlamuana PIO, DoICT Background (1/8) Nature of Cyber Space Proliferation of Information Technology Rapid Growth in Internet Increasing Online
More informationFORBIDDEN - Ethical Hacking Workshop Duration
Workshop Course Module FORBIDDEN - Ethical Hacking Workshop Duration Lecture and Demonstration : 15 Hours Security Challenge : 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once
More informationA Systems Engineering Approach to Developing Cyber Security Professionals
A Systems Engineering Approach to Developing Cyber Security Professionals D r. J e r r y H i l l Approved for Public Release; Distribution Unlimited. 13-3793 2013 The MITRE Corporation. All rights reserved.
More informationCertified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison
CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation
More informationINTRUSION DETECTION SYSTEM (IDS) D souza Adam Jerry Joseph 0925910 I MCA
INTRUSION DETECTION SYSTEM (IDS) D souza Adam Jerry Joseph 0925910 I MCA OVERVIEW Introduction Overview The IDS Puzzle Current State of IDS Threats I have a good firewall, why do I need an IDS? Expectations
More information[CEH]: Ethical Hacking and Countermeasures
[CEH]: Ethical Hacking and Countermeasures Length Audience(s) Delivery Method : 5 days : This course will significantly benefit security officers, auditors, security professionals, site administrators,
More informationCYBERTRON NETWORK SOLUTIONS
CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified
More informationIndustrial Security for Process Automation
Industrial Security for Process Automation SPACe 2012 Siemens Process Automation Conference Why is Industrial Security so important? Industrial security is all about protecting automation systems and critical
More informationPromoting Network Security (A Service Provider Perspective)
Promoting Network Security (A Service Provider Perspective) Prevention is the Foundation H S Gupta DGM (Technical) Data Networks, BSNL hsgupta@bsnl.co.in DNW, BSNL 1 Agenda Importance of Network Security
More informationEC Council Certified Ethical Hacker V8
Course Code: ECCEH8 Vendor: Cyber Course Overview Duration: 5 RRP: 2,445 EC Council Certified Ethical Hacker V8 Overview This class will immerse the delegates into an interactive environment where they
More informationComputer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)
Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2) Course number: CFED Length: 5 days Certification Exam This course will help you prepare for the following exams: CCE --
More informationa) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)
MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file
More informationHomeland Security Perspectives: Cyber Security Partnerships and Measurement Activities
16 Oct 2012 Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford Willke Cyber Security Advisor, Mid Atlantic Region National Cyber Security Division (NCSD) Office
More informationPenetration Testing Service. By Comsec Information Security Consulting
Penetration Testing Service By Consulting February, 2007 Background The number of hacking and intrusion incidents is increasing year by year as technology rolls out. Equally, there is no hiding place your
More informationChallenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG 2015. All rights reserved
Siemens AG - Corporate Technology - IT Security Challenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG 2015. All rights reserved Not a single
More informationNetwork and Host-based Vulnerability Assessment
Network and Host-based Vulnerability Assessment A guide for information systems and network security professionals 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free:
More informationOPC & Security Agenda
OPC & Security Agenda Cyber Security Today Cyber Security for SCADA/IS OPC Security Overview OPC Security Products Questions & Answers 1 Introduction CYBER SECURITY TODAY The Need for Reliable Information
More informationSemiconductor Equipment Security: Virus and Intellectual Property Protection Guidelines Harvey Wohlwend harvey.wohlwend ismi.sematech.
Semiconductor Equipment Security: Virus and Intellectual Property Protection Guidelines Harvey Wohlwend harvey.wohlwend ismi.sematech.org Advanced Materials Research Center, AMRC, International SEMATECH
More informationIntegrating Electronic Security into the Control Systems Environment: differences IT vs. Control Systems. Enzo M. Tieghi etieghi@visionautomation.
Integrating Electronic Security into the Control Systems Environment: differences IT vs. Control Systems Enzo M. Tieghi etieghi@visionautomation.it Security IT & Control System Security: where are we?
More informationINDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION
INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION Prepared for the NRC Fuel Cycle Cyber Security Threat Conference Presented by: Jon Chugg, Ken Rohde Organization(s): INL Date: May 30, 2013 Disclaimer
More informationNational Cyber League Certified Ethical Hacker (CEH) TM Syllabus
National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)
More informationNetwork Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion
Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann
More informationData Platform Security. Vinod Kumar Technology Evangelist www.extremeexperts.com http://blogs.sqlxml.org/vinodkumar
Data Platform Security Vinod Kumar Technology Evangelist www.extremeexperts.com http://blogs.sqlxml.org/vinodkumar Agenda Problem Statement Security for Enterprise Security Defaults - Vulnerabilities Configurations
More informationLearn Ethical Hacking, Become a Pentester
Learn Ethical Hacking, Become a Pentester Course Syllabus & Certification Program DOCUMENT CLASSIFICATION: PUBLIC Copyrighted Material No part of this publication, in whole or in part, may be reproduced,
More informationNETWORK SECURITY ASPECTS & VULNERABILITIES
NETWORK SECURITY ASPECTS & VULNERABILITIES Luis Sousa Cardoso FIINA President Brdo pri Kranju, 19. in 20. maj 2003 1 Background Importance of Network Explosive growth of computers and network - To protect
More informationBeyond the Noise: More Complex Issues with Incident Response
Beyond the Noise: More Complex Issues with Incident Response IFIP WG Meeting, June 30, 2006 David Dittrich Center for Information Assurance and Cybersecurity/ The Information School University of Washington
More informationBotNets- Cyber Torrirism
BotNets- Cyber Torrirism Battling the threats of internet Assoc. Prof. Dr. Sureswaran Ramadass National Advanced IPv6 Center - Director Why Talk About Botnets? Because Bot Statistics Suggest Assimilation
More informationFIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.
1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationWeb Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability
Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability WWW Based upon HTTP and HTML Runs in TCP s application layer Runs on top of the Internet Used to exchange
More informationEffective Defense in Depth Strategies
Honeywell.com 2014 Honeywell Users Group Asia Pacific Effective Defense in Depth Strategies for Industrial Systems 1 Document control number Honeywell Proprietary Honeywell.com Chee Ban, Ngai About the
More informationNetwork Security and the Small Business
Network Security and the Small Business Why network security is important for a small business Many small businesses think that they are less likely targets for security attacks as compared to large enterprises,
More informationFirewall and UTM Solutions Guide
Firewall and UTM Solutions Guide Telephone: 0845 230 2940 e-mail: info@lsasystems.com Web: www.lsasystems.com Why do I need a Firewall? You re not the Government, Microsoft or the BBC, so why would hackers
More informationCompTIA Security+ (Exam SY0-410)
CompTIA Security+ (Exam SY0-410) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate
More informationDeltaV System Cyber-Security
January 2013 Page 1 This paper describes the system philosophy and guidelines for keeping your DeltaV System secure from Cyber attacks. www.deltav.com January 2013 Page 2 Table of Contents Introduction...
More informationRisk Assessment and Cloud Strategy Development: Getting it Right this Time!
Risk Assessment and Cloud Strategy Development: Getting it Right this Time! Barbara Endicott-Popovsky, PhD University of Washington Center of Information Assurance and Cybersecurity Kirsten Ferguson-Boucher
More informationINSIDE. Securing Network-Attached Storage Protecting NAS from viruses, intrusions, and blended threats
Symantec Enterprise Security WHITE PAPER Securing Network-Attached Storage Protecting NAS from viruses, intrusions, and blended threats INSIDE Executive Summary Challenges to securing NAS An effective
More informationensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster
Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)
More informationE-BUSINESS THREATS AND SOLUTIONS
E-BUSINESS THREATS AND SOLUTIONS E-BUSINESS THREATS AND SOLUTIONS E-business has forever revolutionized the way business is done. Retail has now a long way from the days of physical transactions that were
More informationWeb App Security Audit Services
locuz.com Professional Services Web App Security Audit Services The unsecured world today Today, over 80% of attacks against a company s network come at the Application Layer not the Network or System
More informationEvolving Optical Transport Network Security
Evolving Optical Transport Network Security May 15, 2012 Prepared by: John Kimmins Executive Director 732-699-6188 jkimmins@appcomsci.com Copyright 2012 All Rights reserved 1 Outline Overview of Optical
More informationWho is Watching You? Video Conferencing Security
Who is Watching You? Video Conferencing Security Navid Jam Member of Technical Staff March 1, 2007 SAND# 2007-1115C Computer and Network Security Security Systems and Technology Video Conference and Collaborative
More informationCOB 302 Management Information System (Lesson 8)
COB 302 Management Information System (Lesson 8) Dr. Stanley Wong Macau University of Science and Technology Chapter 13 Security and Ethical Challenges 安 全 與 倫 理 挑 戰 Remarks: Some of the contents in this
More informationJoint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session One Information Security and Challenges
Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session One Information Security and Challenges Agenda Overview of Information Security Management Information
More informationDeploying Firewalls Throughout Your Organization
Deploying Firewalls Throughout Your Organization Avoiding break-ins requires firewall filtering at multiple external and internal network perimeters. Firewalls have long provided the first line of defense
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationNetwork Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting
Network Security: 30 Questions Every Manager Should Ask Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting Network Security: 30 Questions Every Manager/Executive Must Answer in Order
More informationA43. Modern Hacking Techniques and IP Security. By Shawn Mullen. Las Vegas, NV IBM TRAINING. IBM Corporation 2006
IBM TRAINING A43 Modern Hacking Techniques and IP Security By Shawn Mullen Las Vegas, NV 2005 CSI/FBI US Computer Crime and Computer Security Survey 9 out of 10 experienced computer security incident in
More informationAn Introduction to Network Vulnerability Testing
CONTENTS Introduction 3 Penetration Testing Overview 4 Step 1: Defining the Scope 4 Step 2: Performing the Penetration Test 5 Step 3: Reporting and Delivering Results 6 VeriSign SecureTEST 7 Common Vulnerability
More informationSecurity Testing in Critical Systems
Security Testing in Critical Systems An Ethical Hacker s View Peter Wood Chief Executive Officer First Base Technologies Who is Peter Wood? Worked in computers & electronics since 1969 Founded First Base
More informationSECURITY TERMS: Advisory Backdoor - Blended Threat Blind Worm Bootstrapped Worm Bot Coordinated Scanning
SECURITY TERMS: Advisory - A formal notice to the public on the nature of security vulnerability. When security researchers discover vulnerabilities in software, they usually notify the affected vendor
More informationWEB APPLICATION SECURITY
WEB APPLICATION SECURITY Governance and Risk Management YOUR LAST LINE OF DEFENSE Aug 06 2009 ANSES RAH RAH Anthony Lim MBA CISSP CSSLP FCITIL Director, Security, Asia Pacific Rational Software Prolog
More informationPTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access
The Best First for Beginners who want to become Penetration Testers PTSv2 in pills: Self-paced, online, flexible access 900+ interactive slides and 3 hours of video material Interactive and guided learning
More informationPenetration Testing. How Government Can Achieve Better Outcomes. Delivered by Murray Goldschmidt, Chief Operating Officer
Penetration Testing How Government Can Achieve Better Outcomes Delivered by Murray Goldschmidt, Chief Operating Officer Cyber Security for Government Conference, 25&26 October 2011, Sydney Compliance,
More informationIDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow
IDS 4.0 Roadshow Module 1- IDS Technology Overview Agenda Network Security Network Security Policy Management Protocols The Security Wheel IDS Terminology IDS Technology HIDS and NIDS IDS Communication
More informationBest Practices for DeltaV Cyber- Security
January 2013 Page 1 Best Practices for DeltaV Cyber- Security This document describes best practices will help you maintain a cyber-secure DeltaV digital automation system. www.deltav.com January 2013
More informationCYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS. Massimo Petrini (*), Emiliano Casale TERNA S.p.A.
21, rue d Artois, F-75008 PARIS D2-102 CIGRE 2012 http : //www.cigre.org CYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS Massimo Petrini (*), Emiliano Casale
More informationReview of Industry Trends & Forecasts
Review of Industry Trends & Forecasts!" # $% & ' ( ) "" (!% How many squares to you see? Answer? *+, -*./ *.0 #*12 Answer? *+, -*./ *.03 #*12 How many squares to you see? /4/5+.4.5/ 14152 +4+5+, Changing
More informationInformation Security By Bhupendra Ratha, Lecturer School of Library & Information Science D.A.V.V., Indore E-mail:bhu261@gmail.com Outline of Information Security Introduction Impact of information Need
More informationVenue. Dates. Certified Ethical Hacker (CEH) boot camp. Inovatec College. Nairobi Kenya (exact hotel name to be confirmed
Venue Nairobi Kenya (exact hotel name to be confirmed before course) Dates March 31, 2014 April 4, 2014 Inovatec College Certified Ethical Hacker (CEH) boot camp The Certified Ethical Hacker (CEH) Certification
More informationCyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services
Cyber Risk Mitigation via Security Monitoring Enhanced by Managed Services Focus: Up to But Not Including Corporate and 3 rd Party Networks Level 4 Corporate and 3 rd Party/Vendor/Contractor/Maintenance
More informationThis chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How
This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How Network Security Is Breached Network Security Policy
More informationLoophole+ with Ethical Hacking and Penetration Testing
Loophole+ with Ethical Hacking and Penetration Testing Duration Lecture and Demonstration: 15 Hours Security Challenge: 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once said,
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More informationWhat is Really Needed to Secure the Internet of Things?
What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices
More informationHow To Test A Control System With A Network Security Tool Like Nesus
Using the Nessus Vulnerability Scanner on Control Systems By Dale Peterson All too often we hear stories about the IT Department or some consultant running a vulnerability scan that takes down a key control
More informationNEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT
Appendix A to 11-02-P1-NJOIT NJ OFFICE OF INFORMATION TECHNOLOGY P.O. Box 212 www.nj.gov/it/ps/ 300 Riverview Plaza Trenton, NJ 08625-0212 NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT The Intent
More informationCNA NetProtect Essential SM. 1. Do you implement virus controls and filtering on all systems? Background:
1. Do you implement virus controls and filtering on all systems? Anti-Virus anti-virus software packages look for patterns in files or memory that indicate the possible presence of a known virus. Anti-virus
More information8/27/2015. Brad Schuette IT Manager City of Punta Gorda bschuette@pgorda.us (941) 575-3354. Don t Wait Another Day
Brad Schuette IT Manager City of Punta Gorda bschuette@pgorda.us (941) 575-3354 2015 FRWA Annual Conference Don t Wait Another Day 1 SCADA Subsystems Management Physical Connectivity Configuration Mgmt.
More informationComparison of Firewall, Intrusion Prevention and Antivirus Technologies
White Paper Comparison of Firewall, Intrusion Prevention and Antivirus Technologies How each protects the network Juan Pablo Pereira Technical Marketing Manager Juniper Networks, Inc. 1194 North Mathilda
More information