Assessing Network Security
|
|
- Joseph Thomas
- 8 years ago
- Views:
Transcription
1 Microsoft Assessing Network Security Kevin Lam David LeBlanc Ben Smith
2 Acknowledgments Foreword Introduction xxi xxiii xxvii Parti 1 Introduction to Performing Security Assessments 3 Role of Security Assessments in Network Security 4 Why Does Network Security Fail? 5 Human Factors 6 Policy Factors 7 Misconfiguration 9 Poor Assumptions 11 Ignorance 12 Failure to Stay Up-to-Date 13 Types of Security Assessments 13 Vulnerability Scanning 14 Penetration Testing 16 IT Security Auditing 17 Frequently Asked Questions 18 2 Key Principles of Security 21 Making Security Easy 21 Keeping Services Running 22 Allowing the Right Users Access to the Right Information 22 Defending Every Layer as if It Were the Last Layer of Defense 22 Keeping a Record of Attempts to Access Information 23 Compartmentalizing and Isolating Resources 24 Avoiding the Mistakes Everyone Else Makes 25 Controlling the Cost of Meeting Security Objectives 26
3 viii Table of Contents Risk Management 27 Learning to Manage Risk 27 Risk Management Strategies 30 Immutable Laws 31 Frequently Asked Questions' 35 Using Vulnerability Scanning to Assess Network Security 37 Setting a Scope for the Project 38 Defining the Target 38 Defining the Target Scope 43 Defining Types of Vulnerabilities 44 Determining Goals 45 Choosing a Technology 46 Tools and Managed vs. Unmanaged Targets 47 Checklist for Evaluating Tools 49 Creating a Process for Scanning for Vulnerabilities 51 Detecting Vulnerabilities 51 Assigning Risk Levels to Vulnerabilities 53 Identifying Vulnerabilities That Have not Been Remediated 53 Determining Improvement in Network Security Over Time 53 Creating a Process for Analyzing the Results 54 Frequently Asked Questions 54 Conducting a Penetration Test 57 What the Attacker Is Thinking About 58 Notoriety, Acceptance, and Ego 59 Financial Gain 59 Challenge 61 Activism 62 Revenge 62 Espionage 62 Information Warfare 63 Defining the Penetration Test Engagement 64 Setting the Goals 64 Setting the Scope 69 Performing the Penetration Test 69 Locating Areas of Weakness in Network or Application Defenses 70
4 Table of Contents ix 6 Determining How Vulnerabilities Were Compromised Locating Assets that Could be Accessed, Altered, or Destroyed Determining Whether the Attack Was Detected Identifying the Attack Footprint Making Recommendations Frequently Asked Questions Performing IT Security Audits Components of an IT Security Audit Policy Processes and Procedures Operations Preliminary Decisions Legal Considerations Regulatory Considerations Operational Considerations Organizational Considerations Planning and Performing the Audit Building Your Audit Framework Setting the Scope and Timeline Obtaining Legal and Management Approval Completing the Audit Analyzing and Reporting the Results Frequently Asked Questions Reporting Your Findings Guidelines for Reporting Your Findings Concise and Professional Technically Accurate Objective Measurable Framework for Reporting Your Findings Define the Vulnerability Document Mitigation Plans Identify Where Changes Should Occur Assign Responsibility for Implementing Approved Recommendations Frequently Asked Questions
5 x Table of Contents 7 Building and Maintaining Your Security Assessment Skills 99 Building Core Skills 99 Improving Network, Operating System, and Application Skills 99 Developing Programming Skills 101 Practicing Security Assessments 103 Staying Up-to-Date Finding a Course 106 Choosing a Conference 110 Internet-Based Resources 111 Internet Mailing Lists 111 Security Bulletins 112 Security Websites 112 Frequently Asked Questions 114 Part ii Penetration Testing for Nonintrusive Attacks 8 Information Reconnaissance 117 Understanding Information Reconnaissance 118 Registrar Information 120 Determining Your Registrar Information 120 Countermeasures 122 IP Network Block Assignment 122 Determining Your Organization's IP Network Block Assignment 123 Countermeasures 125 Web Pages 125 Reviewing Web Server Content 126 Countermeasures 129 Search Engines 129 Reviewing Your Website with Search Engines 129 Countermeasures 132 Public Discussion Forums 133 Taking a Snapshot of Your Organization's Exposure 133 Countermeasures 134 Frequently Asked Questions 135
6 Table of Contents xi 9 Host Discovery Using DNS and NetBIOS 137 Using DNS 137 Common Record Types 138 Examining a Zone Transfer 146 Using NetBIOS 148 Using LDAP 151 Frequently Asked Questions Network and Host Discovery 153 Network Sweeping Techniques 154 ICMP Sweeps 156 UDP Sweeps 158 TCP Sweeps 158 Broadcast Sweeps 159 Countermeasures 160 Network Topology Discovery 162 Trace Routing 163 Firewalking 164 Countermeasures 165 Frequently Asked Questions Port Scanning 167 TCP Connect Scans 168 Custom TCP Scans 171 SYN Scans 172 FIN Scans 172 SYN/ACK and ACK Scans 173 XMAS Scans. 173 Null Scans 173 Idle Scans 173 UDP Scans 174 FTP Bounce Scans 176 Port Scanning Tips and Tricks 176 Fragmentation and Port Scans 177 Port Scanning Countermeasures 178 Frequently Asked Questions 178
7 xii Table of Contents 12 Obtaining Information from a Host 179 Fingerprinting 179 IP and ICMP Fingerprinting 180 TCP Fingerprinting 182 Countermeasures 183 Application Fingerprinting 183 Countermeasures 184 What's On That Port? 184 Interrogating a Host 186 Countermeasures 192 Frequently Asked Questions War Dialing, War Driving, and Bluetooth Attacks 195 Modem Detection War Dialing 195 Anatomy of a War Dialing Attack 199 Countermeasures 202 Wireless LAN Detection War Driving 204 MAC Address Filtering 204 Disabling a Service Set ID Broadcasting 205 Wired Equivalent Privacy 207 Anatomy of a War Driving Attack 211 Countermeasures 213 Bluetooth Attacks 215 Device Detection 217 Data Theft 218 Services Theft 218 Network Sniffing 219 Frequently Asked Questions 219 part III Penetratioi Testing for Intrusiwe Mtacks 14 Automated Vulnerability Detection 223 Scanning Techniques 224 Banner Grabbing and Fingerprinting 225 Exploiting the Vulnerability 226
8 Table of Contents xiii Inference Testing 227 Replaying Network Sniffs 227 Patch Detection 228 Selecting a Scanner 228 Vulnerability Checks 229 Scanner Speed # 230 Reliability and Scalability 230 Check Accuracy 231 Update Frequency 232 Reporting Features 233 Scanning Approaches 234 Host-Based Scanners 234 Network-Based Scanners 235 Dangers of Using Automated Scanners 235 Tips for Using Scanners Safely 237 Frequently Asked Questions Password Attacks 239 Where to Find Passwords 239 Brute Force Attacks 240 Online Password Testing 241 Offline Password Testing 244 Offline Password Attack Strategies 245 Countermeasures 247 Password Disclosure Attacks 249 File System Passwords 249 Encrypted Passwords 250 Sniffing for Passwords 250 Keystroke Loggers 251 Countermeasures 251 Frequently Asked Questions Denial of Service Attacks 255 Flooding Attacks 256 Testing Flooding Attacks 260 Countermeasures 260
9 xiv Table of Contents Resource Starvation Attacks 261 CPU Starvation Attacks 261 Memory Starvation Attacks 262 Disk Storage Consumption Attacks 262 Disruption of Service 265 Frequently Asked Questions Application Attacks ' 269 Buffer Overruns 270 Stack Overruns 271 Heap Overruns 273 Format String Bugs 275 Countermeasures 277 Integer Overflows 277 Countermeasures 279 Finding Buffer Overruns 279 Frequently Asked Questions Database Attacks 281 Database Server Detection 282 Detecting Database Servers on Your Network 282 Countermeasures 286 Missing Product Patches 287 Detecting Missing Patches 288 Countermeasures 290 Unauthorized Access 291 Detecting the Potential for Unauthorized Access 291 Countermeasures 292 Weak Passwords 293 Detecting Weak Passwords 293 Countermeasures 294 Network Sniffing 295 Detecting Network Sniffing Threats 295 Countermeasures 295 SQL Injection 296
10 Table of Contents xv Detecting SQL Injection Vectors 297 Countermeasures 298 Frequently Asked Questions Network Sniffing 301 Understanding Network Sniffing 301 Debunking Network Sniffing Myths 303 Myth #1: An Attacker Can Remotely Sniff Networks 304 Myth #2: Switches Are Immune to Network Sniffing Attacks 306 Detecting Network Sniffing Threats 308 Manual Detection. 309 Reviewing Network Architecture 310 Monitoring DNS Queries 310 Measuring Latency 310 Using False MAC Addresses and ICMP Packets 311 Using Trap Accounts 311 Using Non-Broadcast ARP Packets 312 Using Automated Detection Tools 312 Detecting Microsoft Network Monitor Installations 312 Countermeasures 313 Frequently Asked Questions Spoofing 319 IP Spoofing 320 Countermeasures 322 Spoofing 323 Countermeasures 324 DNS Spoofing 325 Attacking the Client 326 Attacking the DNS Server 327 Attacking Server Update Zones 328 Attacking Through the Name Registry 329 Countermeasures 329 Frequently Asked Questions Session Hijacking 333 Understanding Session Hijacking 333 Network-Level Session Hijacking 335
11 xvi Table of Contents Hijacking a TCP Session 336 Hijacking a UDP Session 338 Determining Your Susceptibility to Threats 339 Countermeasures 339 Tricks and Techniques 340 Host-Level Session Hijacking 345 User Session Hijacking 346 Server Port Hijacking 346 Application-Level Hijacking 351 Detecting Attacks 352 Countermeasures 353 Frequently Asked Questions How Attackers Avoid Detection 355 Log Flooding 356 Logging Mechanisms 358 Detection Mechanisms 358 Fragmentation 361 Canonicalization 365 Decoys 366 How Attackers Avoid Detection Post-Intrusion 367 Using Rootkits 368 Hiding Data 369 Tampering with Log Files 375 Frequently Asked Questions Attackers Using Non-Network Methods to Gain Access 379 Gaining Physical Access to Information Resources 379 Physical Intrusion 380 Remote Surveillance 383 Targeted Equipment Theft 386 Dumpsters and Recycling Bins 388 Lease Returns, Auctions, and Equipment Resales 388 Using Social Engineering 390 Bribery 391 Assuming a Position of Authority 391
12 Table of Contents xvii Forgery 393 Flattery 393 Frequently Asked Questions 395 part iv Secpritf Issessmert Case Studies 24 Web Threats 399 Client-Level Threats 400 Cross-Site Scripting Attacks 400 Unpatched Web Browser Attacks 405 Server-Level Threats 406 Repudiation 407 Information Disclosure 409 Elevation of Privileges 413 Denial of Service 425 Service-Level Threats 425 Unauthorized Access 426 Network Sniffing 426 Tampering 427 Information Disclosure 427 Frequently Asked Questions Threats 431 Client-Level Threats 432 Attaching Malicious Files 432 Exploiting Unpatched Clients 438 Embedding Malicious Content 439 Exploiting User Trust 439 Server-Level Threats 443 Attaching Malicious Files 444 Spoofing 445 > Exploiting Unpatched Servers 448 Spam 448 i. Why You Should Be Concerned About Spam 448 '- Tricks and Techniques 449 t What Is Being Done About Spam 453
13 xviii Table of Contents Frequently Asked Questions Domain Controller Threats 457 Partv Password Attacks 457 Countermeasures 458 Elevation of Privilege 462 Exploiting Nonessential Services 463 Exploiting Nonessential Accounts 466 Exploiting Unpatched Domain Controllers 467 Attacking Privileged Domain Accounts and Groups 468 Denial of Service 472 Countermeasures 472 Physical Security Threats 472 Countermeasures 473 Frequently Asked Questions Extranet and VPN Threats 477 Fundamentals of Secure Network Design 479 Dual-Homed Host 479 Screened Host 481 Screened Subnets 482 Split Screened Subnets 483 Penetration Testing an Extranet 483 A Sample Extranet Penetration Test 485 Gathering Information 485 Getting Your Foot in the Door 486 Exploring the Internal Network 487 Expanding Your Influence 490 Frequently Asked Questions 494 Appendixes A Checklists 497 Penetration Test Checklists 497 Chapter 8: Information Reconnaissance 497 Chapter 9: Host Discovery Using DNS and NetBIOS 497 Chapter 10: Network and Host Discovery 498
14 Table of Contents xix Chapter 11: Port Scanning 498 Chapter 12: Obtaining Information from a Host 499 Chapter 13: War Dialing, War Driving, and Bluetooth Attacks 500 Chapter 14: Automated Vulnerability Detection 501 Chapter 15: Password Attacks 501 Chapter 16: Denial of Service Attacks 502 Chapter 17: Application Attacks 502 Chapter 18: Database Attacks 502 Chapter 19: Network Sniffing 503 Chapter 20: Spoofing 503 Chapter 21: Session Hijacking 503 Chapter 22: How Attackers Avoid Detection 504 Chapter 23: Attackers Using Non-Network Methods to Gain Access 504 Chapter 24: Web Threats 504 Chapter 25: Threats 505 Chapter 26: Domain Controller Threats 505 Chapter 27: Extranet and VPN Threats 505 Countermeasures Checklists 506 Chapter 8: Information Reconnaissance 506 Chapter 9: Host Discovery Using DNS and NetBIOS 506 Chapter 10: Network and Host Discovery 507 Chapter 11: Port Scanning 507 Chapter 12: Obtaining Information from a Host 507 Chapter 13: War Dialing, War Driving, and Bluetooth Attacks 508 Chapter 15: Password Attacks 508 Chapter 16: Denial of Service Attacks 509 Chapter 17: Application Attacks 509 Chapter 18: Database Attacks 509 Chapter 19: Network Sniffing 510 Chapter 20: Spoofing 510 Chapter 21: Session Hijacking 510 Chapter 22: How Attackers Avoid Detection 511
15 xx Table of Contents Chapter 23: Attackers Using Non-Network Methods to Gain Access 511 Chapter 24: Web Threats 511 Chapter 25: Threats 512 Chapter 26: Domain Controller Threats 512 Chapter 27: Extranet and VPN Threats 513 B References 515 Chapter 1: Introduction to Performing Security Assessments 515 Chapter 2: Key Principles of Security 515 Chapter 3: Using Vulnerability Scanning to Assess Network Security 515 Chapter 4: Conducting a Penetration Test 516 Chapter 5: Performing IT Security Audits 516 Chapter 6: Reporting Your Findings 516 Chapter 7: Building and Maintaining Your Security Assessment Skills 516 Chapter 8: Information Reconnaisance 517 Chapter 9: Host Discovery Using DNS and NetBIOS 517 Chapter 10: Network and Host Discovery 518 Chapter 11: Port Scanning 518 Chapter 12: Obtaining Information from a Host 518 Chapter 13: War Dialing, War Driving, and Bluetooth Attacks 518 Chapter 14: Automated Vulnerability Detection 519 Chapter 15: Password Attacks 519 Chapter 16: Denial of Service Attacks 519 Chapter 17: Application Attacks 520 Chapter 18: Database Attacks 520 Chapter 19: Network Sniffing 522 Chapter 20: Spoofing 523 Chapter 21: Session Hijacking 523 Chapter 22: How Attackers Avoid Detection 523 Chapter 23: Attackers Using Non-Network Methods to Gain Access 524 Chapter 24: Web Threats 524 Chapter 25: Threats 524 Chapter 26: Domain Controller Threats 525 Chapter 27: Extranet and VPN Threats 526 Index 529 What rln unn think rrf thte fromfe"?* Microsoft is interested in hearing your feedback about this publication so we can *W\W J WM_WMWe W* w«* JSK-J _,.* continually improve our books and learning resources for you. To participate in a brief <Ps*f irww* IB' IJHaiFTBSB"JP3M5 online survey, please visit:
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationBuild Your Own Security Lab
Build Your Own Security Lab A Field Guide for Network Testing Michael Gregg WILEY Wiley Publishing, Inc. Contents Acknowledgments Introduction XXI xxiii Chapter 1 Hardware and Gear Why Build a Lab? Hackers
More informationLearn Ethical Hacking, Become a Pentester
Learn Ethical Hacking, Become a Pentester Course Syllabus & Certification Program DOCUMENT CLASSIFICATION: PUBLIC Copyrighted Material No part of this publication, in whole or in part, may be reproduced,
More informationArchitecture Overview
Architecture Overview Design Fundamentals The networks discussed in this paper have some common design fundamentals, including segmentation into modules, which enables network traffic to be isolated and
More informationNetwork Attacks and Defenses
Network Attacks and Defenses Tuesday, November 25, 2008 Sources: Skoudis, CounterHack; S&M Chapter 5 (including many images) CS342 Computer Security Department of Computer Science Wellesley College Networks
More informationCEH Version8 Course Outline
CEH Version8 Course Outline Module 01: Introduction to Ethical Hacking Information Security Overview Information Security Threats and Attack Vectors Hacking Concepts Hacking Phases Types of Attacks Information
More informationCYBERTRON NETWORK SOLUTIONS
CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified
More informationPresented By: Holes in the Fence. Agenda. IPCCTV Attack. DDos Attack. Why Network Security is Important
Presented By: Holes in the Fence Dave Engebretson, Contributing Technology writer, SDM Magazine Industry Instructor in Fiber and Networking Prevention of Security System breaches of networked Edge Devices
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationCertified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison
CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation
More informationPort Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology
Port Scanning and Vulnerability Assessment ECE4893 Internetwork Security Georgia Institute of Technology Agenda Reconnaissance Scanning Network Mapping OS detection Vulnerability assessment Reconnaissance
More informationProfessional Penetration Testing Techniques and Vulnerability Assessment ...
Course Introduction Today Hackers are everywhere, if your corporate system connects to internet that means your system might be facing with hacker. This five days course Professional Vulnerability Assessment
More informationComputer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON
Introduction to Computer Security International Edition Michael T. Goodrich Department of Computer Science University of California, Irvine Roberto Tamassia Department of Computer Science Brown University
More informationEthical Hacking Course Layout
Ethical Hacking Course Layout Introduction to Ethical Hacking o What is Information Security? o Problems faced by the Corporate World o Why Corporate needs Information Security? Who is a Hacker? o Type
More informationSession Hijacking Exploiting TCP, UDP and HTTP Sessions
Session Hijacking Exploiting TCP, UDP and HTTP Sessions Shray Kapoor shray.kapoor@gmail.com Preface With the emerging fields in e-commerce, financial and identity information are at a higher risk of being
More informationSecure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Operations and Denial of Service Secure Software Programming 2 Overview
More informationSecurity Awareness For Server Administrators. State of Illinois Central Management Services Security and Compliance Solutions
Security Awareness For Server Administrators State of Illinois Central Management Services Security and Compliance Solutions Purpose and Scope To present a best practice approach to securing your servers
More informationhttps://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting
https://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting Chapter 1 1. Introducing Penetration Testing 1.1 What is penetration testing 1.2 Different types of test 1.2.1 External Tests
More informationContents. vii. Preface. P ART I THE HONEYNET 1 Chapter 1 The Beginning 3. Chapter 2 Honeypots 17. xix
Honeynet2_bookTOC.fm Page vii Monday, May 3, 2004 12:00 PM Contents Preface Foreword xix xxvii P ART I THE HONEYNET 1 Chapter 1 The Beginning 3 The Honeynet Project 3 The Information Security Environment
More informationContents Introduction xxvi Chapter 1: Understanding the Threats: E-mail Viruses, Trojans, Mail Bombers, Worms, and Illicit Servers
Contents Introduction xxvi Chapter 1: Understanding the Threats: E-mail Viruses, Trojans, Mail Bombers, Worms, and Illicit Servers 1 Introduction 2 Essential Concepts 3 Servers, Services, and Clients 3
More informationNetwork Security Audit. Vulnerability Assessment (VA)
Network Security Audit Vulnerability Assessment (VA) Introduction Vulnerability Assessment is the systematic examination of an information system (IS) or product to determine the adequacy of security measures.
More informationWeb App Security Audit Services
locuz.com Professional Services Web App Security Audit Services The unsecured world today Today, over 80% of attacks against a company s network come at the Application Layer not the Network or System
More informationA Systems Engineering Approach to Developing Cyber Security Professionals
A Systems Engineering Approach to Developing Cyber Security Professionals D r. J e r r y H i l l Approved for Public Release; Distribution Unlimited. 13-3793 2013 The MITRE Corporation. All rights reserved.
More informationCourse Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)
Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses
More informationVulnerability Assessment and Penetration Testing
Vulnerability Assessment and Penetration Testing Module 1: Vulnerability Assessment & Penetration Testing: Introduction 1.1 Brief Introduction of Linux 1.2 About Vulnerability Assessment and Penetration
More information1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained
home Network Vulnerabilities Detail Report Grouped by Vulnerability Report Generated by: Symantec NetRecon 3.5 Licensed to: X Serial Number: 0182037567 Machine Scanned from: ZEUS (192.168.1.100) Scan Date:
More informationCONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker
ALL ElNis ONE CEH Certified Ethical Hacker EXAM GUIDE Matt Walker Mc Grain/ New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto McGraw-Hill
More informationCertified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led
Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led Course Description This class will immerse the student into an interactive environment where they will
More information20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7
20-CS-6053-00X Network Security Spring, 2014 An Introduction To Network Security Week 1 January 7 Attacks Criminal: fraud, scams, destruction; IP, ID, brand theft Privacy: surveillance, databases, traffic
More informationITEC441- IS Security. Chapter 15 Performing a Penetration Test
1 ITEC441- IS Security Chapter 15 Performing a Penetration Test The PenTest A penetration test (pentest) simulates methods that intruders use to gain unauthorized access to an organization s network and
More informationFRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months
FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months MODULE: INTRODUCTION TO INFORMATION SECURITY INFORMATION SECURITY ESSENTIAL TERMINOLOGIES SECURITY
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationFirewalls. Firewalls. Idea: separate local network from the Internet 2/24/15. Intranet DMZ. Trusted hosts and networks. Firewall.
Firewalls 1 Firewalls Idea: separate local network from the Internet Trusted hosts and networks Firewall Intranet Router DMZ Demilitarized Zone: publicly accessible servers and networks 2 1 Castle and
More informationEthical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours
Ethical Hacking and Information Security Duration Detailed Module Foundation of Information Security Lecture with Hands On Session: 90 Hours Elements of Information Security Introduction As technology
More informationlocuz.com Professional Services Security Audit Services
locuz.com Professional Services Security Audit Services Today s Security Landscape Today, over 80% of attacks against a company s network come at the Application Layer not the Network or System layer.
More informationJoseph Migga Kizza. A Guide to Computer Network Security. 4) Springer
Joseph Migga Kizza A Guide to Computer Network Security 4) Springer Contents Part I Understanding Computer Network Security 1 Computer Network Fundamentals 1.1 Introduction 1.2 Computer Network Models
More informationNetwork Security: A Practical Approach. Jan L. Harrington
Network Security: A Practical Approach Jan L. Harrington ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann is an imprint of
More informationSY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.
system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped
More informationPayment Card Industry (PCI) Executive Report. Pukka Software
Payment Card Industry (PCI) Executive Report For Pukka Software Primary Contact: Brian Ghidinelli none Los Gatos, California United States of America 415.462.5603 Payment Card Industry (PCI) Executive
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities Learning Objectives Name the common categories of vulnerabilities Discuss common system
More information[CEH]: Ethical Hacking and Countermeasures
[CEH]: Ethical Hacking and Countermeasures Length Audience(s) Delivery Method : 5 days : This course will significantly benefit security officers, auditors, security professionals, site administrators,
More informationPenetration Testing. Presented by
Penetration Testing Presented by Roadmap Introduction to Pen Testing Types of Pen Testing Approach and Methodology Side Effects Demonstration Questions Introduction and Fundamentals Penetration Testing
More informationNetwork Security Fundamentals
APNIC elearning: Network Security Fundamentals 27 November 2013 04:30 pm Brisbane Time (GMT+10) Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security IPv6
More informationCYBER ATTACKS EXPLAINED: PACKET CRAFTING
CYBER ATTACKS EXPLAINED: PACKET CRAFTING Protect your FOSS-based IT infrastructure from packet crafting by learning more about it. In the previous articles in this series, we explored common infrastructure
More informationSecuring E-Commerce. Agenda. The Security Problem IC Security: Key Elements Designing and Implementing. 3203 1346_06_2000_c1_sec3
Securing E-Commerce 1 Agenda The Security Problem IC Security: Key Elements Designing and Implementing 2 The Security Dilemma Internet Business Value Internet Access Corporate Intranet Internet Presence
More informationFISMA / NIST 800-53 REVISION 3 COMPLIANCE
Mandated by the Federal Information Security Management Act (FISMA) of 2002, the National Institute of Standards and Technology (NIST) created special publication 800-53 to provide guidelines on security
More informationSecurity Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis?
Security Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis? This paper presents a scenario in which an attacker attempts to hack into the internal network
More informationVulnerability Assessment and Penetration Testing. CC Faculty ALTTC, Ghaziabad
Vulnerability Assessment and Penetration Testing CC Faculty ALTTC, Ghaziabad Need Vulnerabilities Vulnerabilities are transpiring in different platforms and applications regularly. Information Security
More informationAPNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10)
APNIC elearning: Network Security Fundamentals 20 March 2013 10:30 pm Brisbane Time (GMT+10) Introduction Presenter/s Nurul Islam Roman Senior Training Specialist nurul@apnic.net Specialties: Routing &
More informationINTRUSION DETECTION SYSTEM (IDS) by Kilausuria Abdullah (GCIH) Cyberspace Security Lab, MIMOS Berhad
INTRUSION DETECTION SYSTEM (IDS) by Kilausuria Abdullah (GCIH) Cyberspace Security Lab, MIMOS Berhad OUTLINE Security incident Attack scenario Intrusion detection system Issues and challenges Conclusion
More informationEC Council Certified Ethical Hacker V8
Course Code: ECCEH8 Vendor: Cyber Course Overview Duration: 5 RRP: 2,445 EC Council Certified Ethical Hacker V8 Overview This class will immerse the delegates into an interactive environment where they
More informationNetwork Concepts. IT 4823 Information Security Concepts and Administration. The Network Environment. Resilience. Network Topology. Transmission Media
IT 4823 Information Security Concepts and Administration March 17 Network Threats Notice: This session is being recorded. Happy 50 th, Vanguard II March 17, 1958 R.I.P. John Backus March 17, 2007 Copyright
More informationThreat Modelling for Web Application Deployment. Ivan Ristic ivanr@webkreator.com (Thinking Stone)
Threat Modelling for Web Application Deployment Ivan Ristic ivanr@webkreator.com (Thinking Stone) Talk Overview 1. Introducing Threat Modelling 2. Real-world Example 3. Questions Who Am I? Developer /
More informationAn Introduction to Network Vulnerability Testing
CONTENTS Introduction 3 Penetration Testing Overview 4 Step 1: Defining the Scope 4 Step 2: Performing the Penetration Test 5 Step 3: Reporting and Delivering Results 6 VeriSign SecureTEST 7 Common Vulnerability
More informationMalicious Network Traffic Analysis
Malicious Network Traffic Analysis Uncover system intrusions by identifying malicious network activity. There are a tremendous amount of network based attacks to be aware of on the internet today and the
More informationHow To Classify A Dnet Attack
Analysis of Computer Network Attacks Nenad Stojanovski 1, Marjan Gusev 2 1 Bul. AVNOJ 88-1/6, 1000 Skopje, Macedonia Nenad.stojanovski@gmail.com 2 Faculty of Natural Sciences and Mathematics, Ss. Cyril
More informationNetwork and Host-based Vulnerability Assessment
Network and Host-based Vulnerability Assessment A guide for information systems and network security professionals 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free:
More informationBendigo and Adelaide Bank Ltd Security Incident Response Procedure
Bendigo and Adelaide Bank Ltd Security Incident Response Procedure Table of Contents 1 Introduction...1 2 Incident Definition...2 3 Incident Classification...2 4 How to Respond to a Security Incident...4
More informationNetwork Scanning. What is a Network scanner? Why are scanners needed? How do scanners do? Which scanner does the market provide?
Network Scanning What is a Network scanner? Why are scanners needed? How do scanners do? Which scanner does the market provide? Where will our research go? Page : 1 Function - attacker view What hosts
More informationCryptography and network security
Cryptography and network security Firewalls slide 1 Firewalls Idea: separate local network from the Internet Trusted hosts and networks Firewall Intranet Router DMZ Demilitarized Zone: publicly accessible
More informationMicrosoft Systems Architecture 2.0 (MSA 2.0) Security Review An analysis by Foundstone, Inc.
Microsoft Systems Architecture 2.0 (MSA 2.0) Security Review An analysis by Foundstone, Inc. Foundstone Labs October, 2003 Table of Contents Table of Contents...2 Introduction...3 Scope and Approach...3
More informationDetailed Description about course module wise:
Detailed Description about course module wise: Module 1: Basics of Networking and Major Protocols 1.1 Networks and its Types. 1.2 Network Topologies 1.3 Major Protocols and their Functions 1.4 OSI Reference
More informationAnnex B - Content Management System (CMS) Qualifying Procedure
Page 1 DEPARTMENT OF Version: 1.5 Effective: December 18, 2014 Annex B - Content Management System (CMS) Qualifying Procedure This document is an annex to the Government Web Hosting Service (GWHS) Memorandum
More informationUnderstanding Security Testing
Understanding Security Testing Choosing between vulnerability assessments and penetration testing need not be confusing or onerous. Arian Eigen Heald, M.A., Ms.IA., CNE, CISA, CISSP I. Introduction Many
More informationRunning a Default Vulnerability Scan
Running a Default Vulnerability Scan A Step-by-Step Guide www.saintcorporation.com Examine. Expose. Exploit. Welcome to SAINT! Congratulations on a smart choice by selecting SAINT s integrated vulnerability
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationGlobal Partner Management Notice
Global Partner Management Notice Subject: Critical Vulnerabilities Identified to Alert Payment System Participants of Data Compromise Trends Dated: May 4, 2009 Announcement: To support compliance with
More informationDenial of Service Attacks
2 Denial of Service Attacks : IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 13 August 2013 its335y13s2l06, Steve/Courses/2013/s2/its335/lectures/malicious.tex,
More informationNetwork Security Administrator
Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze
More informationNetwork Threats and Vulnerabilities. Ed Crowley
Network Threats and Vulnerabilities Ed Crowley Objectives At the end of this unit, you will be able to describe and explain: Network attack terms Major types of attacks including Denial of Service DoS
More informationChapter 8 Security Pt 2
Chapter 8 Security Pt 2 IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross,
More informationRunning a Default Vulnerability Scan SAINTcorporation.com
SAINT Running a Default Vulnerability Scan A Step-by-Step Guide www.saintcorporation.com Examine. Expose. Exploit. Install SAINT Welcome to SAINT! Congratulations on a smart choice by selecting SAINT s
More informationNSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs
Mandatory Knowledge Units 1.0 Core2Y 1.1 Basic Data Analysis The intent of this Knowledge Unit is to provide students with basic abilities to manipulate data into meaningful information. 1.1.1 Topics Summary
More informationINCIDENT RESPONSE CHECKLIST
INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged
More informationDescription: Course Details:
Course: Malicious Network Traffic Analysis Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: There are a tremendous amount of network based attacks to be aware of on the internet
More informationIntroduction p. 2. Introduction to Information Security p. 1. Introduction
Introduction p. xvii Introduction to Information Security p. 1 Introduction p. 2 What Is Information Security? p. 3 Critical Characteristics of Information p. 4 CNSS Security Model p. 5 Securing Components
More informationIntegrated Network Vulnerability Scanning & Penetration Testing SAINTcorporation.com
SAINT Integrated Network Vulnerability Scanning and Penetration Testing www.saintcorporation.com Introduction While network vulnerability scanning is an important tool in proactive network security, penetration
More informationMcAfee Certified Assessment Specialist Network
McAfee Certified Assessment Specialist Network Exam preparation guide Table of Contents Introduction 3 Becoming McAfee Certified 3 Exam Details 4 Recommended Exam Preparation 4 Exam Objectives 4 Sample
More informationSecurity Issues with Integrated Smart Buildings
Security Issues with Integrated Smart Buildings Jim Sinopoli, Managing Principal Smart Buildings, LLC The building automation industry is now at a point where we have legitimate and reasonable concern
More informationStructured Threats 21 External Threats 22 Internal Threats 22 Network Attacks 22 Reconnaissance Attacks 22 Access Attacks 23 Data Retrieval 23 System
xii Contents Structured Threats 21 External Threats 22 Internal Threats 22 Network Attacks 22 Reconnaissance Attacks 22 Access Attacks 23 Data Retrieval 23 System Access 24 Privilege Escalation 24 DoS
More informationNETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS
NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS Scope and Applicability: These Network and Certificate System Security Requirements (Requirements) apply to all publicly trusted Certification Authorities
More informationINFORMATION SECURITY TRAINING
INFORMATION SECURITY TRAINING Course Duration: 45 days Pre-Requisite: Basic Knowledge of Internet Course Content Course Fee: 15,000 ( Online Examination Fee, Books, Certification, Tools & Software's Included
More informationNetwork Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion
Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann
More informationINTRUSION DETECTION SYSTEMS and Network Security
INTRUSION DETECTION SYSTEMS and Network Security Intrusion Detection System IDS A layered network security approach starts with : A well secured system which starts with: Up-to-date application and OS
More informationCYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE
CYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE Due to the encouraging feedback this series of articles has received, we decided to explore yet another type of cyber intrusionthe Man In The Middle (MITM)
More informationWhat is Web Security? Motivation
brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web
More informationWhen a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.
Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.
More informationThe Trivial Cisco IP Phones Compromise
Security analysis of the implications of deploying Cisco Systems SIP-based IP Phones model 7960 Ofir Arkin Founder The Sys-Security Group ofir@sys-security.com http://www.sys-security.com September 2002
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall
More informationScanning Tools. Scan Types. Network sweeping - Basic technique used to determine which of a range of IP addresses map to live hosts.
Scanning Tools The goal of the scanning phase is to learn more information about the target environment and discover openings by interacting with that target environment. This paper will look at some of
More informationNetworking: EC Council Network Security Administrator NSA
coursemonster.com/uk Networking: EC Council Network Security Administrator NSA View training dates» Overview The EC-Council's NSA certification looks at network security from a defensive view. The NSA
More informationFirewalls. CEN 448 Security and Internet Protocols Chapter 20 Firewalls
CEN 448 Security and Internet Protocols Chapter 20 Firewalls Dr. Mostafa Hassan Dahshan Computer Engineering Department College of Computer and Information Sciences King Saud University mdahshan@ccis.ksu.edu.sa
More informationMcAfee SECURE Technical White Paper
Protect what you value. VERSION #1 093008 McAfee SECURE Technical White Paper Table of Contents Contnuous Security Auditing....................................................................... 2 Vulnerability
More informationREPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB
REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB Conducted: 29 th March 5 th April 2007 Prepared By: Pankaj Kohli (200607011) Chandan Kumar (200607003) Aamil Farooq (200505001) Network Audit Table of
More informationBy David G. Holmberg, Ph.D., Member ASHRAE
The following article was published in ASHRAE Journal, November 2003. Copyright 2003 American Society of Heating, Refrigerating and Air-Conditioning Engineers, Inc. It is presented for educational purposes
More informationCSE331: Introduction to Networks and Security. Lecture 32 Fall 2004
CSE331: Introduction to Networks and Security Lecture 32 Fall 2004 Hackers / Intruders External attacks Typical hacker Exploits carried out remotely Does not have an account on the remote machine Insider
More informationRapid Vulnerability Assessment Report
White Paper Rapid Vulnerability Assessment Report Table of Contents Executive Summary... Page 1 Characteristics of the Associated Business Corporation Network... Page 2 Recommendations for Improving Security...
More information2012 North Dakota Information Technology Security Audit Vulnerability Assessment and Penetration Testing Summary Report
2012 North Dakota Information Technology Security Audit Vulnerability Assessment and Penetration Testing Summary Report 28 September 2012 Submitted to: Donald Lafleur IS Audit Manager ND State Auditor
More informationCyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014
Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014 Introduction: Cyber attack is an unauthorized access to a computer
More informationSONDRA SCHNEIDER JOHN NUNES
TECHNOLOGY TRANSFER PRESENTS SONDRA SCHNEIDER JOHN NUNES CERTIFIED ETHICAL HACKER TM THE ONLY WAY TO STOP A HACKER IS TO THINK LIKE ONE MAY 21-25, 2007 VISCONTI PALACE HOTEL - VIA FEDERICO CESI, 37 ROME
More information