Hacking. The Edge Pieces. Ken Gottry May Ken Gottry
|
|
- Hope Wood
- 8 years ago
- Views:
Transcription
1 Hacking The Edge Pieces Ken Gottry May2002
2 Objective - Edge Pieces When you start a jigsaw puzzle, you pick out the edge pieces, the ones with the flat sides. You can do this without knowing what the picture puzzle will eventually look like. This presentation is intended to give you the edge pieces of your first hacking jigsaw puzzle Once you have the edge pieces, when you obtain subsequent knowledge about an aspect of hacking you ll know how it fits into the big picture Since this brief presentation attempts to discuss hacking from A-Z, it obviously can t go into too much technical detail in any one area 2
3 Agenda Introduction Locate a host to compromise (port scan) Compromise a host (buffer overflow) Return later (backdoor) Cover your tracks (rootkit) You re in now what? Play Launch a distributed attack Closing the barn door (vulnerability scanner) Leaving the barn door ajar (honeypot) Forensics Appendix - links 3
4 Introduction
5 Be careful, be considerate Never, ever play around with hacking on someone else s system without their explicit agreement on your production system on your development system unless you have a full backup Your cable modem connects you to many other cable users. You may be tempted to experiment with your newfound hacking knowledge on their systems. DON T!!! Your cable modem connects many other cable modem users to you. They may not be as considerate as you and they may try to hack your system. Make sure your FIREWALL is up-to-date 5
6 A safe computer vs In 1985, an IBM publication about personal computers declared: the only safe computer is one with no wires attached to it, whose power is turned off, and which is locked in a vault In 2002, these safeguards don t work because we have Wireless LANs Remote power-on PC-Anywhere So, is there any such thing as a safe computer? A study showed that if you install Red Hat Linux 6.3 using the default configuration and attach the computer to the Internet, your computer will be compromised within 72 hours 6
7 Locate a host to compromise
8 Locating a host to compromise Hard Way The following slides explain how to search for the IP address of one or many hosts to probe and then how to scan for vulnerable ports on those hosts Easy Way Download nmap from and click OK on a GUI - or - Check hacker bulletin boards where lists of already compromised hosts are posted 8
9 Searching a subnet Subnets are a way of organizing computers by IP address Subnet x contains computers with IP addresses in the range of to The following code snippet can be used to locate active computers on a subnet for n = 1 to 254 ping n Finding subnets is easy. Using your cable modem IP address (e.g ) as a starting point, you can assume subnets x, x, x, and so on up to x. This code snippet can find other TimeWarner cable users (do N-O-T try this) for x = 1 to 254 for y = 1 to 254 ping x.y 9
10 Port scanning Once you have located a computer on the subnet, try to connect to each port on the computer to see if a service is running. Wellknown ports are Other interesting services use ports above for port=1 to 1024 telnet IP port Some common ports to check for 21 ftp 23 telnet 25 smtp (mail) 80 http (web server) 137, 139 NetBIOS Sometimes the response from the server indicates the software and version, which makes it easier to attack # telnet somehost 25 Trying Connected to somehost. Escape character is '^]'. 220 somehost.gottry.com ESMTP Sendmail Sun/9.3.8; 10
11 Vulnerability Lists Several organizations, like CVE, SANS and CERT, distribute vulnerability lists that describe exposures within certain versions of specific software { } Win - Winamp ID3v2 tag minibrowser overflow { } Win - RealSecure IDS DHCP packet DoS { } Win - Snapgear Lite+ Firewall multiple DoS vulnerabilities { } Win - Macromedia flash plugin parameter overflow { } Win - 4D Webserver authentication information overflow { } Win - AIM AddExternalApp buffer overflow { } Win - 3Cdaemon FTP service overflow DoS Once a hacker knows what ports are open on a computer and what version of what software is listening on the ports, he or she can use the vulnerability lists to his or her advantage 11
12 Compromise a host
13 Compromising a host Hard Way The following slides explain what a buffer overflow is, how it is identified, how an exploit is created and how the exploit is used to compromise a host Easy Way Check web sites for source code. Download, compile, run. 13
14 What is a buffer overflow A buffer overflow occurs when something very large is placed in an area far too small for it to fit. void func(void) { int i; char buffer[256]; //* only room for 256 } for(i=0;i<350;i++) //* stuff 350 NOP instructions into the buffer buffer[i]=x90; buffer[i]= x8bxecx83xecx64 x32x33xc0x50x2fxffxd5 //* evil code return; The local variables (i and buffer) are stored on the stack along with the address of the function that called func. This is how the return statement knows how to get back to the caller. If assembled code instructions are placed in buffer, then they overwrite the RET address. This causes the return statement to branch to our code. STACK Local variables ESP i buffer EBP old value of EBP RET address 14
15 How is a buffer overflow identified Source code is readily available. Read it and find flaws - or - Use a disassembler like SoftICE and step through the code 15
16 How is a buffer overflow exploit created Once a programmer has found a buffer overflow situation, then it is necessary to create a buffer of hex characters that represent assembled code instructions The programmer then creates a C program that executes the target program, overflows the buffer by inserting the hex code to be executed char shell[] = /* 0 */ "xebx45" /* jmp springboard */ /* 2 */ "x9axffxffxffxffx07xff" /* lcall 0x7,0x0 */ /* 9 */ "xc3" /* ret */ /* start: */ /* 10 */ "x5e" /* popl %esi */ /* 11 */ "x31xc0" /* xor %eax,%eax */ /* 13 */ "x89x46xb7" /* movl %eax,-0x49(%esi)*/ /* 16 */ "x88x46xbc" /* movb %al,-0x44(%esi) */ /* execve: */ /* 19 */ "x31xc0" /* xor %eax,%eax */ /* 21 */ "x50" /* pushl %eax */ /* 22 */ "x56" /* pushl %esi */ /* 23 */ "x8bx1e" /* movl (%esi),%ebx */ /* 29 */ "x83xc7x10" /* addl $0x10,%edi */ and so on 16
17 How is a buffer overflow exploit used You have to find a version of the exploit that matches the version of the software and OS that you are attacking. This is required to get the exact offset of the buffer. As mentioned earlier, the port scanning and vulnerability scanning tools easily identify which software (including version) is listening on every port. You can search the Internet looking for the C source code of the matching exploit Then you compile the exploit C program on your computer and run it, pointed at the target computer 17
18 Leave a backdoor open
19 Backdoor From the inside A malicious user can run bindshell which will become a daemon process listening on port Other hackers can enter through this backdoor by telnet somehost At the prompt, the hacker can type any command that will be passed to a command shell and executed. From the outside A buffer overflow exploit often causes inetd to listen on a special port (often 31337) Other hackers can enter through this backdoor by telnet somehost
20 Example of a backdoor exploit The sadmindex.c program exploits a buffer overflow in the sadmin daemon on Solaris 2.6 sadmindex -h target.xxx.com -s 0xefff9596 -c echo stream tcp nowait root /bin/sh sh -i > /tmp/.gotcha; \ /usr/sbin/inetd -s /tmp/.gotcha This creates an inetd config file (/tmp/.gotcha) on the target host and launches the inet daemon on the target host to listen on port When the target host receives an incoming connection on port (e.g. via telnet target 31337), the inet daemon launches /bin/sh -i as defined in the config file 20
21 Cover your tracks
22 Rootkits A rootkit contains modified versions of standard Unix utilities ls netstat ps lsof The rootkit version of netstat will not show any process listening on port The rootkit version of ps will not show certain processes even though they are executing The rootkit version of ls will not list certain files even though they exist The rootkit version of lsof will not list certain files even though they are being used by running processes 22
23 Log cleansing The utmp and wtmp files stored login history. The log cleansing edits these binary files to remove any trace that the hacker logged in Create filenames with imbedded unprintable characters mkdir..^h. The ^H is the backspace character. This hacker directory will appear as.. which is the standard name of any parent directory 23
24 You re in now what?
25 Play You can acquire numerous login ID s on a server You can brag to your friends You can post the hostname and port number on a hacker bulletin board You can use free disk space You can send spam 25
26 Distributed Attacks Trinoo - distributed denial of service (Ddos) Compromised hosts (red) can be instructed by a master (blue) to simultaneously attack a target host (yellow) The identity of the master is not known by the target Master Slave Target Slave Internet Slave Slave Slave 26
27 Closing the Barn Door
28 Nessus - Vulnerability Scanner Scan a host or series of hosts looking for vulnerabilities Sample output Information found on port ftp (21/tcp) The FTP service allows anonymous logins. If you do not want to share data with anyone you do not know, then you should deactivate the anonymous account, since it can only cause troubles. Under most Unix system, doing : echo ftp >> /etc/ftpusers will correct this. Information found on port smtp (25/tcp) The remote SMTP server seems to allow remote users to send mail anonymously by providing a too long argument to the HELO command (more than 1024 chars). This problem may allow bad guys to send hate mail, or threatening mail using your server and keep their anonymity. Solution : If you are using sendmail, upgrade to version 8.9.x. If you do not run sendmail, contact your vendor. CVE: CAN
29 Leaving the Barn Door Ajar
30 Honeynet Project HoneyPot - a security resource whose only value lies in being probed, attacked, and compromised The seemingly unprotected computer network is intended to attract hackers. By watching what the hackers do and how they do it, we can learn how to thwart future attacks Legal issues Privacy Entrapment Liability 30
31 Forsenics
32 Crime Scene Investigation I ve been hacked -- now what? Discoverability Spoliation - Intentional alteration or destruction of a document Evidence Privacy 32
33 Appendix - links
34 Links SANS Institute Carnegie Mellon - Software Engineering Institute Mitre - Common Vulnerabilities and Exposures cve.mitre.org Hacker Tools Port scanner Vulnerability scanner Sniffer for Windows windump.polito.it 34
35 Attached files Solaris sadmind exploit code Solaris sadmind remote buffer overflow vulnerability.htm Solaris xlock exploit code Solaris Xlock Heap Overflow Vulnerability.htm Sun article about how hackers do what they do HowHackersDoIt_SunBluePrint_ pdf Analysis of a trinoo DDoS attack trinoo.analysis.txt 35
My FreeScan Vulnerabilities Report
Page 1 of 6 My FreeScan Vulnerabilities Report Print Help For 66.40.6.179 on Feb 07, 008 Thank you for trying FreeScan. Below you'll find the complete results of your scan, including whether or not the
More informationHost Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)
Host Hardening (March 21, 2011) Abdou Illia Spring 2011 CERT Report on systems vulnerabilities Source: CERT Report @ http://www.kb.cert.org/vuls/bymetric 2 OS Vulnerability test Source: http://www.omninerd.com/articles/2006_operating_system_vulnerabilit
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationRunning a Default Vulnerability Scan SAINTcorporation.com
SAINT Running a Default Vulnerability Scan A Step-by-Step Guide www.saintcorporation.com Examine. Expose. Exploit. Install SAINT Welcome to SAINT! Congratulations on a smart choice by selecting SAINT s
More informationA Whirlwind Introduction to Honeypots
A Whirlwind Introduction to Honeypots Marcus J. Ranum What is a honeypot? A security resource thats value lies in being attacked, probed, or compromised A honeypot is more a state
More informationSecurity: Attack and Defense
Security: Attack and Defense Aaron Hertz Carnegie Mellon University Outline! Breaking into hosts! DOS Attacks! Firewalls and other tools 15-441 Computer Networks Spring 2003 Breaking Into Hosts! Guessing
More information1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained
home Network Vulnerabilities Detail Report Grouped by Vulnerability Report Generated by: Symantec NetRecon 3.5 Licensed to: X Serial Number: 0182037567 Machine Scanned from: ZEUS (192.168.1.100) Scan Date:
More informationEECS 354 Network Security. Introduction
EECS 354 Network Security Introduction Why Learn To Hack Understanding how to break into computer systems allows you to better defend them Learn how to think like an attacker Defense then becomes second-nature
More informationNetwork and Host-based Vulnerability Assessment
Network and Host-based Vulnerability Assessment A guide for information systems and network security professionals 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free:
More informationUnix Security Technologies. Pete Markowsky <peterm[at] ccs.neu.edu>
Unix Security Technologies Pete Markowsky What is this about? The goal of this CPU/SWS are: Introduce you to classic vulnerabilities Get you to understand security advisories Make
More informationRunning a Default Vulnerability Scan
Running a Default Vulnerability Scan A Step-by-Step Guide www.saintcorporation.com Examine. Expose. Exploit. Welcome to SAINT! Congratulations on a smart choice by selecting SAINT s integrated vulnerability
More informationIDS and Penetration Testing Lab ISA656 (Attacker)
IDS and Penetration Testing Lab ISA656 (Attacker) Ethics Statement Network Security Student Certification and Agreement I,, hereby certify that I read the following: University Policy Number 1301: Responsible
More informationFirewalls. Chapter 3
Firewalls Chapter 3 1 Border Firewall Passed Packet (Ingress) Passed Packet (Egress) Attack Packet Hardened Client PC Internet (Not Trusted) Hardened Server Dropped Packet (Ingress) Log File Internet Border
More informationPassive Vulnerability Detection
Page 1 of 5 Passive Vulnerability Detection "Techniques to passively find network security vulnerabilities" Ron Gula rgula@securitywizards.com September 9, 1999 Copyright 1999 Network Security Wizards
More informationCSE331: Introduction to Networks and Security. Lecture 32 Fall 2004
CSE331: Introduction to Networks and Security Lecture 32 Fall 2004 Hackers / Intruders External attacks Typical hacker Exploits carried out remotely Does not have an account on the remote machine Insider
More informationVPNSCAN: Extending the Audit and Compliance Perimeter. Rob VandenBrink rvandenbrink@metafore.ca
VPNSCAN: Extending the Audit and Compliance Perimeter Rob VandenBrink rvandenbrink@metafore.ca Business Issue Most clients have a remote access or other governing policy that has one or more common restrictions
More informationA Decision Maker s Guide to Securing an IT Infrastructure
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose
More informationChapter 11 Phase 5: Covering Tracks and Hiding
Chapter 11 Phase 5: Covering Tracks and Hiding Attrition Web Site Contains an archive of Web vandalism attacks http://www.attrition.org/mirror/attrition Most attackers, however, wish to keep low profile
More informationWeb Application Vulnerability Testing with Nessus
The OWASP Foundation http://www.owasp.org Web Application Vulnerability Testing with Nessus Rïk A. Jones, CISSP rikjones@computer.org Rïk A. Jones Web developer since 1995 (16+ years) Involved with information
More informationPenetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, 2011. Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat.
1 Penetration Testing NTS330 Unit 1 Penetration V1.0 February 20, 2011 Juan Ortega Juan Ortega, juaorteg@uat.edu 1 Juan Ortega, juaorteg@uat.edu 2 Document Properties Title Version V1.0 Author Pen-testers
More informationCOURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM
COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM Course Description This is the Information Security Training program. The Training provides you Penetration Testing in the various field of cyber world.
More informationA43. Modern Hacking Techniques and IP Security. By Shawn Mullen. Las Vegas, NV IBM TRAINING. IBM Corporation 2006
IBM TRAINING A43 Modern Hacking Techniques and IP Security By Shawn Mullen Las Vegas, NV 2005 CSI/FBI US Computer Crime and Computer Security Survey 9 out of 10 experienced computer security incident in
More informationInternet Security [1] VU 184.216. Engin Kirda engin@infosys.tuwien.ac.at
Internet Security [1] VU 184.216 Engin Kirda engin@infosys.tuwien.ac.at Christopher Kruegel chris@auto.tuwien.ac.at Administration Challenge 2 deadline is tomorrow 177 correct solutions Challenge 4 will
More informationCRYPTUS DIPLOMA IN IT SECURITY
CRYPTUS DIPLOMA IN IT SECURITY 6 MONTHS OF TRAINING ON ETHICAL HACKING & INFORMATION SECURITY COURSE NAME: CRYPTUS 6 MONTHS DIPLOMA IN IT SECURITY Course Description This is the Ethical hacking & Information
More informationN-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work
N-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work How Firewalls Work By: Jeff Tyson If you have been using the internet for any length of time, and especially if
More informationSecure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Operations and Denial of Service Secure Software Programming 2 Overview
More informationHervey Allen. Network Startup Resource Center. PacNOG 6: Nadi, Fiji. Security Overview
Hervey Allen Network Startup Resource Center PacNOG 6: Nadi, Fiji Security Overview Security: A Massive Topic Security Viewpoints - Server - Client - Network Securing each overlaps the other Server Client
More informationNetwork Forensics: Log Analysis
Network Forensics: Analysis Richard Baskerville Agenda P Terms & -based Tracing P Application Layer Analysis P Lower Layer Analysis Georgia State University 1 2 Two Important Terms PPromiscuous Mode
More informationPort Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology
Port Scanning and Vulnerability Assessment ECE4893 Internetwork Security Georgia Institute of Technology Agenda Reconnaissance Scanning Network Mapping OS detection Vulnerability assessment Reconnaissance
More informationPenetration Testing Report Client: Business Solutions June 15 th 2015
Penetration Testing Report Client: Business Solutions June 15 th 2015 Acumen Innovations 80 S.W 8 th St Suite 2000 Miami, FL 33130 United States of America Tel: 1-888-995-7803 Email: info@acumen-innovations.com
More informationDDos. Distributed Denial of Service Attacks. by Mark Schuchter
DDos Distributed Denial of Service Attacks by Mark Schuchter Overview Introduction Why? Timeline How? Typical attack (UNIX) Typical attack (Windows) Introduction limited and consumable resources (memory,
More informationSchool of Information Science (IS 2935 Introduction to Computer Security, 2003)
Student Name : School of Information Science (IS 2935 Introduction to Computer Security, 2003) Firewall Configuration Part I: Objective The goal of this lab is to allow students to exploit an active attack
More informationMake a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.
CMSC 355 Lab 3 : Penetration Testing Tools Due: September 31, 2010 In the previous lab, we used some basic system administration tools to figure out which programs where running on a system and which files
More informationInstalling and Configuring Nessus by Nitesh Dhanjani
Unless you've been living under a rock for the past few years, it is quite evident that software vulnerabilities are being found and announced quicker than ever before. Every time a security advisory goes
More informationCannot send Autosupport e-mail, error message: Unknown User
Cannot send Autosupport e-mail, error message: Unknown User Symptoms Unable to send Autosupport e-mails and the following error message is reported: asup.smtp.fail http://now.netapp.com/eservice/ems?emsaction=details&eventid=200573&software=ontap&em
More informationTHE ROLE OF IDS & ADS IN NETWORK SECURITY
THE ROLE OF IDS & ADS IN NETWORK SECURITY The Role of IDS & ADS in Network Security When it comes to security, most networks today are like an egg: hard on the outside, gooey in the middle. Once a hacker
More informationStop that Big Hack Attack Protecting Your Network from Hackers. www.lauraknapp.com
Stop that Big Hack Attack Protecting Your Network from Hackers Laura Jeanne Knapp Technical Evangelist 1-919-224-2205 laura@lauraknapp.com www.lauraknapp.com NetSec_ 010 Agenda Components of security threats
More informationHands-On Ethical Hacking and Network Defense Second Edition Chapter 8 Desktop and Server OS Vulnerabilities
Objectives After reading this chapter and completing the exercises, you will be able to: Describe vulnerabilities of Windows and Linux operating systems Identify specific vulnerabilities and explain ways
More informationSecurity Testing in Critical Systems
Security Testing in Critical Systems An Ethical Hacker s View Peter Wood Chief Executive Officer First Base Technologies Who is Peter Wood? Worked in computers & electronics since 1969 Founded First Base
More informationFirewalls. Ingress Filtering. Ingress Filtering. Network Security. Firewalls. Access lists Ingress filtering. Egress filtering NAT
Network Security s Access lists Ingress filtering s Egress filtering NAT 2 Drivers of Performance RequirementsTraffic Volume and Complexity of Static IP Packet Filter Corporate Network The Complexity of
More informationANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details
Sub: Supply, Installation, setup and testing of Tenable Network Security Nessus vulnerability scanner professional version 6 or latest for scanning the LAN, VLAN, VPN and IPs with 3 years License/Subscription
More informationIntroduction to Nessus by Harry Anderson last updated October 28, 2003
1/12 Infocus < http://www.securityfocus.com/infocus/1741 > Introduction to Nessus by Harry Anderson last updated October 28, 2003 1.0 Introduction Nessus is a great tool designed to automate the testing
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities Learning Objectives Name the common categories of vulnerabilities Discuss common system
More informationFear Not What Security Can Do to Your Firm; Instead, Imagine What Your Firm Can Do When Secured!
Fear Not What Security Can Do to Your Firm; Instead, Imagine What Your Firm Can Do When Secured! Presented by: Kristen Zarcadoolas, Jim Soenksen, and Ed Sale PART 2: plan, act, repeat (from the look, plan,
More informationRapid Vulnerability Assessment Report
White Paper Rapid Vulnerability Assessment Report Table of Contents Executive Summary... Page 1 Characteristics of the Associated Business Corporation Network... Page 2 Recommendations for Improving Security...
More information8 Steps For Network Security Protection
8 Steps For Network Security Protection 8 Steps For Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because of their
More informationGetting Started in Red Hat Linux An Overview of Red Hat Linux p. 3 Introducing Red Hat Linux p. 4 What Is Linux? p. 5 Linux's Roots in UNIX p.
Preface p. ix Getting Started in Red Hat Linux An Overview of Red Hat Linux p. 3 Introducing Red Hat Linux p. 4 What Is Linux? p. 5 Linux's Roots in UNIX p. 6 Common Linux Features p. 8 Primary Advantages
More informationFirewalls and Intrusion Detection
Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall
More informationHow To Set Up An Ip Firewall On Linux With Iptables (For Ubuntu) And Iptable (For Windows)
Security principles Firewalls and NAT These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/) Host vs Network
More informationNetwork Incident Report
To submit copies of this form via facsimile, please FAX to 202-406-9233. Network Incident Report United States Secret Service Financial Crimes Division Electronic Crimes Branch Telephone: 202-406-5850
More informationHoneyBOT User Guide A Windows based honeypot solution
HoneyBOT User Guide A Windows based honeypot solution Visit our website at http://www.atomicsoftwaresolutions.com/ Table of Contents What is a Honeypot?...2 How HoneyBOT Works...2 Secure the HoneyBOT Computer...3
More informationNetwork Security In Linux: Scanning and Hacking
Network Security In Linux: Scanning and Hacking Review Lex A lexical analyzer that tokenizes an input text. Yacc A parser that parses and acts based on defined grammar rules involving tokens. How to compile
More informationSY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.
system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped
More informationCSE331: Introduction to Networks and Security. Lecture 17 Fall 2006
CSE331: Introduction to Networks and Security Lecture 17 Fall 2006 Announcements Project 2 is due next Weds. Homework 2 has been assigned: It's due on Monday, November 6th. CSE331 Fall 2004 2 Summary:
More informationChapter 4 Managing Your Network
Chapter 4 Managing Your Network This chapter describes how to perform network management tasks with your ADSL2+ Modem Wireless Router. Backing Up, Restoring, or Erasing Your Settings The configuration
More informationWeb Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability
Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability WWW Based upon HTTP and HTML Runs in TCP s application layer Runs on top of the Internet Used to exchange
More informationCyberspace Security Issues and Challenges
Cyberspace Security Issues and Challenges Manu Malek, Ph.D. Department of Computer Science Stevens Institute of Technology mmalek@stevens.edu MSU Seminar, 10/06/03 M. Malek 1 Outline Security status Security
More information1 Scope of Assessment
CIT 380 Project Network Security Assessment Due: April 30, 2014 This project is a security assessment of a small group of systems. In this assessment, students will apply security tools and resources learned
More informationAndreas Dittrich, Philipp Reinecke Testing of Network and System Security. example.
Testing of Network and System Security 1 Testing of Network and System Security Introduction The term security when applied to computer networks conveys a plethora of meanings, ranging from network security
More informationCertified Ethical Hacker (CEH)
Certified Ethical Hacker (CEH) Course Number: CEH Length: 5 Day(s) Certification Exam This course will help you prepare for the following exams: Exam 312 50: Certified Ethical Hacker Course Overview The
More informationSecurity Considerations White Paper for Cisco Smart Storage 1
Security Considerations White Paper for Cisco Smart Storage An open network is like a bank s vault with windows Bill Thomson Network-Attached Storage (NAS) is a relatively simple and inexpensive way to
More informationIBM Managed Security Services Vulnerability Scanning:
IBM Managed Security Services August 2005 IBM Managed Security Services Vulnerability Scanning: Understanding the methodology and risks Jerry Neely Network Security Analyst, IBM Global Services Page 2
More informationBlended Security Assessments
Blended Security Assessments Combining Active, Passive and Host Assessment Techniques October 12, 2009 (Revision 9) Renaud Deraison Director of Research Ron Gula Chief Technology Officer Table of Contents
More information6WRUP:DWFK. Policies for Dedicated IIS Web Servers Group. V2.1 policy module to restrict ALL network access
OKENA 71 Second Ave., 3 rd Floor Waltham, MA 02451 Phone 781 209 3200 Fax 781 209 3199 6WRUP:DWFK Policies for Dedicated IIS Web Servers Group The policies shipped with StormWatch address both application-specific
More informationIntroduction to UNIX and SFTP
Introduction to UNIX and SFTP Introduction to UNIX 1. What is it? 2. Philosophy and issues 3. Using UNIX 4. Files & folder structure 1. What is UNIX? UNIX is an Operating System (OS) All computers require
More informationDenial Of Service. Types of attacks
Denial Of Service The goal of a denial of service attack is to deny legitimate users access to a particular resource. An incident is considered an attack if a malicious user intentionally disrupts service
More informationComputer Networks & Computer Security
Computer Networks & Computer Security Software Engineering 4C03 Project Report Hackers: Detection and Prevention Prof.: Dr. Kartik Krishnan Due Date: March 29 th, 2004 Modified: April 7 th, 2004 Std Name:
More informationThe Evolution of Information Security at Wayne State University
The Evolution of Information Security at Wayne State University Nathan W. Labadie ab0781@wayne.edu Sr. Systems Security Specialist Wayne State University A Bit of Background Covers mid-2000 to present.
More informationCourse Title: Penetration Testing: Security Analysis
Course Title: Penetration Testing: Security Analysis Page 1 of 9 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics in advanced
More informationIntroduction. -- some basic concepts and terminology -- examples for attacks on protocols -- main network security services
Introduction -- some basic concepts and terminology -- examples for attacks on protocols -- main network security services (c) Levente Buttyán (buttyan@crysys.hu) Attack, threat, and vulnerability security
More informationFirewalls and Software Updates
Firewalls and Software Updates License This work by Z. Cliffe Schreuders at Leeds Metropolitan University is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. Contents General
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Technical and Operational Requirements for Approved Scanning Vendors (ASVs) Version 1.1 Release: September 2006 Table of Contents Introduction...1-1 Naming
More informationPort Scanning. Objectives. Introduction: Port Scanning. 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap.
Port Scanning Objectives 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap. Introduction: All machines connected to a LAN or connected to Internet via a modem
More informationCertified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison
CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation
More information1.0 Basic Principles of TCP/IP Network Communications
Section 1 Basic Principles of TCP/IP Network Communications Section 2 Introduction to Doors NetXtreme Section 3 Common Connection Issues Section 4 Common Causes Section 5 Tools Section 6 Contact Keri Systems
More information8 Steps for Network Security Protection
8 Steps for Network Security Protection cognoscape.com 8 Steps for Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because
More informationLooking for Trouble: ICMP and IP Statistics to Watch
Looking for Trouble: ICMP and IP Statistics to Watch Laura Chappell, Senior Protocol Analyst Protocol Analysis Institute [lchappell@packet-level.com] www.packet-level.com www.podbooks.com HTCIA Member,
More informationVULNERABILITY ASSESSMENT WHITEPAPER INTRODUCTION, IMPLEMENTATION AND TECHNOLOGY DISCUSSION
VULNERABILITY ASSESSMENT WHITEPAPER INTRODUCTION, IMPLEMENTATION AND TECHNOLOGY DISCUSSION copyright 2003 securitymetrics Security Vulnerabilities of Computers & Servers Security Risks Change Daily New
More informationAvira Update Manager User Manual
Avira Update Manager User Manual Table of contents Table of contents 1. Product information........................................... 4 1.1 Functionality................................................................
More informationMcAfee.com Personal Firewall
McAfee.com Personal Firewall 1 Table of Contents Table of Contents...2 Installing Personal Firewall...3 Configuring Personal Firewall and Completing the Installation...3 Configuring Personal Firewall...
More informationMedical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00
Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak Capture Link Server V1.00 Version 1.0 Eastman Kodak Company, Health Imaging Group Page 1 Table of Contents
More informationFundamentals of UNIX Lab 16.2.6 Networking Commands (Estimated time: 45 min.)
Fundamentals of UNIX Lab 16.2.6 Networking Commands (Estimated time: 45 min.) Objectives: Develop an understanding of UNIX and TCP/IP networking commands Ping another TCP/IP host Use traceroute to check
More informationNetwork Security and Firewall 1
Department/program: Networking Course Code: CPT 224 Contact Hours: 96 Subject/Course WEB Access & Network Security: Theoretical: 2 Hours/week Year Two Semester: Two Prerequisite: NET304 Practical: 4 Hours/week
More informationAdjusting Prevention Policy Options Based on Prevention Events. Version 1.0 July 2006
Adjusting Prevention Policy Options Based on Prevention Events Version 1.0 July 2006 Table of Contents 1. WHO SHOULD READ THIS DOCUMENT... 4 2. WHERE TO GET MORE INFORMATION... 4 3. VERIFYING THE OPERATION
More informationHONEYD (OPEN SOURCE HONEYPOT SOFTWARE)
HONEYD (OPEN SOURCE HONEYPOT SOFTWARE) Author: Avinash Singh Avinash Singh is a Technical Evangelist currently worksing at Appin Technology Lab, Noida. Educational Qualification: B.Tech from Punjab Technical
More informationBasic Network Configuration
Basic Network Configuration 2 Table of Contents Basic Network Configuration... 25 LAN (local area network) vs WAN (wide area network)... 25 Local Area Network... 25 Wide Area Network... 26 Accessing the
More informationNessus. A short review of the Nessus computer network vulnerability analysing tool. Authors: Henrik Andersson Johannes Gumbel Martin Andersson
Nessus A short review of the Nessus computer network vulnerability analysing tool Authors: Henrik Andersson Johannes Gumbel Martin Andersson Introduction What is a security scanner? A security scanner
More informationSecurity Event Management. February 7, 2007 (Revision 5)
Security Event Management February 7, 2007 (Revision 5) Table of Contents TABLE OF CONTENTS... 2 INTRODUCTION... 3 CRITICAL EVENT DETECTION... 3 LOG ANALYSIS, REPORTING AND STORAGE... 7 LOWER TOTAL COST
More informationHands-on Hacking Unlimited
About Zone-H Attacks techniques (%) File Inclusion Shares misconfiguration SQL Injection DNS attack through social engineering Web Server external module intrusion Attack against the administrator/user
More informationNetwork Defense Tools
Network Defense Tools Prepared by Vanjara Ravikant Thakkarbhai Engineering College, Godhra-Tuwa +91-94291-77234 www.cebirds.in, www.facebook.com/cebirds ravikantvanjara@gmail.com What is Firewall? A firewall
More informationComputer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)
Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2) Course number: CFED Length: 5 days Certification Exam This course will help you prepare for the following exams: CCE --
More informationHackers: Detection and Prevention
Computer Networks & Computer Security SE 4C03 Project Report Hackers: Detection and Prevention Due Date: March 29 th, 2005 Modified: March 28 th, 2005 Student Name: Arnold Sebastian Professor: Dr. Kartik
More informationStrategies to Protect Against Distributed Denial of Service (DD
Strategies to Protect Against Distributed Denial of Service (DD Table of Contents Strategies to Protect Against Distributed Denial of Service (DDoS) Attacks...1 Introduction...1 Understanding the Basics
More informationSecurity Advice for Instances in the HP Cloud
Security Advice for Instances in the HP Cloud Introduction: HPCS protects the infrastructure and management services offered to customers including instance provisioning. An instance refers to a virtual
More informationWindows Client/Server Local Area Network (LAN) System Security Lab 2 Time allocation 3 hours
Windows Client/Server Local Area Network (LAN) System Security Lab 2 Time allocation 3 hours Introduction The following lab allows the trainee to obtain a more in depth knowledge of network security and
More informationIntrusion Detection Systems (IDS)
Intrusion Detection Systems (IDS) What are They and How do They Work? By Wayne T Work Security Gauntlet Consulting 56 Applewood Lane Naugatuck, CT 06770 203.217.5004 Page 1 6/12/2003 1. Introduction Intrusion
More informationInformation Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100
Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Course Description: Introduction to Cybersecurity is designed to provide students the basic concepts and terminology
More informationClient logo placeholder XXX REPORT. Page 1 of 37
Client logo placeholder XXX REPORT Page 1 of 37 Report Details Title Xxx Penetration Testing Report Version V1.0 Author Tester(s) Approved by Client Classification Confidential Recipient Name Title Company
More information10 Application and Network Security and security testing. IT Governance CEN 667
10 Application and Network Security and security testing IT Governance CEN 667 1 Project proposal (week 4) Goal of the projects are to find applicable measurement and metric methods to improve processes:
More information