TEFO STUDERUS HACKING 4 FUN & PROFIT
|
|
|
- Corey O’Neal’
- 10 years ago
- Views:
Transcription
1 TEFO STUDERUS HACKING 4 FUN & PROFIT Ivan Bütler Compass Security AG, Switzerland [email protected] Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel Fax [email protected]
2 Ist die Dame reich? Scheinheirat??? Slide 2
3 Ivan Bütler, CEO Compass Security E1 blog.csnc.ch Twitter.com/ibuetler Xing LinkedIn ~ibuetler ~ibuetler Slide 3
4 Ethical Hacker / Penetration Tester Gründer & CEO Compass Security AG University of Applied Science Rapperswil University of Applied Science Lucerne University of St.Gallen BlackHat Las Vegas 2008 SmartCard (In) Security IT Underground Warsaw 2009 Advanced Web Hacking Swiss IT Leadership Forum Nice 2009 Cyber Underground Gründer der Swiss Cyber Storm Konferenz Vorstandsmitglied von Information Security Society Switzerland (ISSS) Vorstandsmitglied von Cyber Tycoons Anti-Warfare Foundation Slide 4
5 Agenda Credit Card Fraud / Handel von illegalen Gütern Gezielte Attacken Mobile Security Nationale Cyber Defense Strategie Security Community Slide 5
6 Direkte Attacken Angriffe auf Server im Internet (Webseiten etc.) BLOCKED PASSED BLOCKED Slide 6
7 SQL Einleitung Protokoll HTTPS RMI SQL Slide 7
8 SQL Injection Angriff Protokoll HTTPS + SQL Hacker Code RMI SQL Slide 8
9 Demo 1: SQL Injection Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel Fax [email protected]
10 Wie bereichert man sich? (1) Anonymer Handel von illegalen Gütern Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel Fax [email protected]
11 Show: Video 1: Cyber Market Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel Fax [email protected]
12 Handel von illegalen Gütern Dumps Carders Carding WU WMZ WU LR CVVs Drops Rippers Stolen Credit Cards Provider of Dumps Using Dumps Western Union Web Money Western Union Liberty Reserve Card Verification Value R ing Location CVV verification service Slide 12
13 Zahlen über Liberty Reserve? Payment with Liberty Reserve Slide 13
14 Liberty Reserve? -> Internet Währung (anonym) Slide 14
15 Liberty Reserve als Internet Währung Verkäufer/Käufer brauchen ein LR Konto Das LR Konto bekommt man durch ein (anonym) Anonym Anonym Slide 15
16 LR Wechselstuben Richtiges Geld wird in LR gewechselt Dazu braucht es sogenannte Exchanger Banken (Russland) Es gibt mehr als 100 Exchanger Banken Trust Slide 16
17 Wie bereichert man sich? (2) Anonymer Handel von illegalen Gütern Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel Fax [email protected]
18 Trennung Hacking von Bereicherung Hacking Financial Benefit Slide 18
19 Agenda Credit Card Fraud / Handel von illegalen Gütern Gezielte Attacken Mobile Security Nationale Cyber Defense Strategie Security Community Slide 19
20 Gezielte Angriffe Umgehung der Perimeter Sicherheit PASSED Slide 20
21 USB Stick Attack Covert Channel Attacke Auslieferung über USB-Stick Start via Auto-Start Angreifer kontrolliert das *Opfer* aus der Ferne Company Network Internet Slide 21
22 Demo 2: Gezielte Attacken Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel Fax [email protected]
23 Direkte Verbindungen nach Aussen Einfache Inside-Out Attacke Corporate LAN Internet Direkte Channels ACK tunnel TCP tunnel (pop, telnet, ssh) UDP tunnel (syslog, snmp) ICMP tunnel IPSEC, PPTP Slide 23
24 Proxifizierte Verbindungen nach Aussen Erweiterte Inside-Out Attacken LAN Proxy Corporate LAN Internet Proxified Channels Socks SSL tunnel HTTP/S tunnel (payload of http = tunnel) HTTP/S proxy CONNECT method tunnel DNS tunnel FTP tunnel Mail tunnel DMZ Proxy Slide 24
25 Spearphishing Malicious Mail Microsoft Office Word Document Slide 25
26 Hardware Bot Client Slide 26
27 PlugBot Konzept Slide 27
28 APT (Advanced Persistent Threat) Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel Fax [email protected]
29 Advanced Persistent Threat Command & Control Communication (DNS Tunneling) Client DNS Server POLL POLL POLL Command File Commands Execute commands Slide 29
30 Statistik: Exploits vor Patch verfügbar Advisory is published Patch 54 days Exploit 6 days Slide 30
31 Advanced Persistent Threat Today Erst-Infektion (keine local admin rechte) Ausbau der Privilegen auf Local Admin C&C Slide 31
32 Advanced Persistent Threat Agent Agent Zombie Host Zombie Host C&C Server Agent Zombie Host Zombie Host Slide 32
33 Agenda Credit Card Fraud / Handel von illegalen Gütern Targeted Attacks Mobile Security National Cyber Defense Strategy Security Community Slide 33
34 Attacks & Interfaces Slide 34
35 Slide 35
36 Demo 3: SMS Spoofing Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel Fax [email protected]
37 SMS-ID-Spoofing Slide 37
38 Agenda Credit Card Fraud / Handel von illegalen Gütern Targeted Attacks Mobile Security Nationale Cyber Defense Strategie Security Community Slide 38
39 National Cyber Defense Strategy Schweiz Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel Fax [email protected]
40 Nationale Cyber Defense Strategie Abschätzen von Technologien und Trends ANTIZIPATION PRÄVENTION Installation Firewalls, Anti-Virus, IDS/IPS, Penetration Testing Anti-Hacking Tools REAKTION Verfahren und Prozesse, Kompetenzen, Kommunikation Slide 40
41 Wir brauchen Cyber Spezialisten! Österreich sucht mit der Cyber Security Austria die besten Talente zwischen 14 und 22 Jahren. Slide 41
42 Risiken kennen und Verantwortung übernehmen! Slide 42
43 Ivan Bütler, Compass Security AG Fragen?! Slide 43
Inside-Out Attacks. [email protected]. Security Event April 28, 2004 Page 1. Responses to the following questions
Inside-Out Attacks [email protected] Security Event April 28, 2004 Page 1 Goals of this presentation Responses to the following questions What are inside-out attacks Who will use this technique? How
Inside-Out Attacks. [email protected]. Covert Channel Attacks Inside-out Attacks Seite 1 GLÄRNISCHSTRASSE 7 POSTFACH 1671 CH-8640 RAPPERSWIL
Inside-Out Attacks [email protected] Covert Channel Attacks Inside-out Attacks Seite 1 Goals of this presentation! Responses to the following questions! What are inside-out attacks! Who will use this
APT Detection using Splunk
APT Detection using Splunk Wir starten mit Schütteln Swiss Cyber Storm -> 22. Oktober 2014, KKL Luzern Former US Secret Service Agent, Robert Rodriguez Microsoft Research, Elia Florio www.swisscyberstorm.com
Bypassing Firewall. @ PISA AGM Theme Seminar 2005. Presented by Ricky Lou Zecure Lab Limited
Bypassing Firewall @ PISA AGM Theme Seminar 2005 Presented by Ricky Lou Zecure Lab Limited Firewall Piercing (Inside-Out Attacks) Disclaimer We hereby disclaim all responsibility for the following hacks.
Smart Card APDU Analysis
Smart Card APDU Analysis Black Hat Briefings 2008 Las Vegas Ivan "e1" Buetler [email protected] Compass Security AG - Switzerland Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil
Security Evaluation CLX.Sentinel
Security Evaluation CLX.Sentinel October 15th, 2009 Walter Sprenger [email protected] Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel.+41 55-214 41 60 Fax+41 55-214 41
Hacking for Fun and Profit
Hacking for Fun and Profit W3Lc0me to Th3 Fu1ur How to break stuff How to trade How to hide Help! Page 1 Knowing the enemy Page 2 E1 - Who am I ^ Ivan Bütler, Uznach, 31.12.1970 ^ Speaker at Blackhat 2008
Cyber Essentials. Test Specification
Cyber Essentials Test Specification Contents Scope of the Audit...2 Assumptions...3 Success Criteria...3 External systems...4 Required tests...4 Test Details...4 Internal systems...7 Tester pre-requisites...8
Reverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006
Reverse Shells Enable Attackers To Operate From Your Network Richard Hammer August 2006 Reverse Shells? Why should you care about reverse shells? How do reverse shells work? How do reverse shells get installed
Overview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms
Overview Common Internet Threats Tom Chothia Computer Security, Lecture 19 Phishing Sites Trojans, Worms, Viruses, Drive-bydownloads Net Fast Flux Domain Flux Infiltration of a Net Underground economy.
Moderne Sicherheit. Fokussiert auf Business Continuity, Mobilität & Application Control. Marc Mathys Country Manager Switzerland
Moderne Sicherheit Fokussiert auf Business Continuity, Mobilität & Application Control Marc Mathys Country Manager Switzerland Network Security History in a Nutshell 1990s The Internet is bad if we do
Evading Infrastructure Security Mohamed Bedewi Penetration Testing Consultant
Evading Infrastructure Security Mohamed Bedewi Penetration Testing Consultant What infrastructure security really means? Infrastructure Security is Making sure that your system services are always running
Networking: EC Council Network Security Administrator NSA
coursemonster.com/uk Networking: EC Council Network Security Administrator NSA View training dates» Overview The EC-Council's NSA certification looks at network security from a defensive view. The NSA
Networking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
Hacking-Lab Remote Security Lab 15. April 2010
Compass Security AG Glärnischstrasse 7 CH-8640 Rapperswil T +41 55 214 41 60 F +41 55 214 41 61 www.csnc.ch Hacking-Lab Remote Security Lab 15. April 2010 Name des Dokumentes: EN_Hacking_Lab_V5.0.doc Version:
Proxies. Chapter 4. Network & Security Gildas Avoine
Proxies Chapter 4 Network & Security Gildas Avoine SUMMARY OF CHAPTER 4 Generalities Forward Proxies Reverse Proxies Open Proxies Conclusion GENERALITIES Generalities Forward Proxies Reverse Proxies Open
Who Moved My Firewall. Clinton Thomson Derivco (PTY) Ltd
Who Moved My Firewall Clinton Thomson Derivco (PTY) Ltd 1 Agenda Introduction to Derivco (Pty) Ltd Efficacy of Firewalls Firewall Roles Threat Landscape De-perimeterisation Q & A 2 Derivco as a company
IBM Security. Alle Risiken im Blick und bessere Compliance Kumulierte und intelligente Security Alerts mit QRadar Security Intelligence
IBM Security Alle Risiken im Blick und bessere Compliance Kumulierte und intelligente Security Alerts mit QRadar Security Intelligence Peter Kurfürst Vertrieb IBM Security Lösungen Enterprise-Kunden Baden-Württemberg
General Network Security
4 CHAPTER FOUR General Network Security Objectives This chapter covers the following Cisco-specific objectives for the Identify security threats to a network and describe general methods to mitigate those
INFORMATION SECURITY TRAINING CATALOG (2015)
INFORMATICS AND INFORMATION SECURITY RESEARCH CENTER CYBER SECURITY INSTITUTE INFORMATION SECURITY TRAINING CATALOG (2015) Revision 3.0 2015 TÜBİTAK BİLGEM SGE Siber Güvenlik Enstitüsü P.K. 74, Gebze,
APT Advanced Persistent Threat Time to rethink?
APT Advanced Persistent Threat Time to rethink? 23 November 2012 Gergely Tóth Senior Manager, Security & Privacy Agenda APT examples How to get inside? Remote control Once we are inside Conclusion 2 APT
Network Security Fundamentals
APNIC elearning: Network Security Fundamentals 27 November 2013 04:30 pm Brisbane Time (GMT+10) Introduction Presenter Sheryl Hermoso Training Officer [email protected] Specialties: Network Security IPv6
APNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10)
APNIC elearning: Network Security Fundamentals 20 March 2013 10:30 pm Brisbane Time (GMT+10) Introduction Presenter/s Nurul Islam Roman Senior Training Specialist [email protected] Specialties: Routing &
Citrix NetScaler Best Practices. Claudio Mascaro Senior Systems Engineer BCD-Sintrag AG
Citrix NetScaler Best Practices Claudio Mascaro Senior Systems Engineer BCD-Sintrag AG Agenda Deployment Initial Konfiguration Load Balancing NS Wizards, Unified GW, AAA Feature SSL 2 FTP SQL NetScaler
Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1
Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls CS426 Fall 2010/Lecture 36 1 Announcements There will be a quiz on Wed There will be a guest lecture on Friday, by Prof. Chris Clifton
Workshop Designed & Powered by TCIL IT, Chandigarh
Two Days Interactive workshop on Cyber Security and Ethical Hacking Total (16 HOURS) Workshop Designed & Powered by TCIL IT, Chandigarh Speaker:- Mr Rahul Tyagi - ETHICAL HACKER Workshop Contents Cyber
Firewall Firewall August, 2003
Firewall August, 2003 1 Firewall and Access Control This product also serves as an Internet firewall, not only does it provide a natural firewall function (Network Address Translation, NAT), but it also
Windows Attack - Gain Enterprise Admin Privileges in 5 Minutes
Windows Attack - Gain Enterprise Admin Privileges in 5 Minutes Compass Security AG, Daniel Stirnimann Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel +41 55-214 41 60 Fax +41
Reducing Application Vulnerabilities by Security Engineering
Reducing Application Vulnerabilities by Security Engineering - Subash Newton Manager Projects (Non Functional Testing, PT CoE Group) 2008, Cognizant Technology Solutions. All Rights Reserved. The information
Course Content: Session 1. Ethics & Hacking
Course Content: Session 1 Ethics & Hacking Hacking history : How it all begin Why is security needed? What is ethical hacking? Ethical Hacker Vs Malicious hacker Types of Hackers Building an approach for
Virtual Server and DDNS. Virtual Server and DDNS. For BIPAC 741/743GE
Virtual Server and DDNS For BIPAC 741/743GE August, 2003 1 Port Number In TCP/IP and UDP networks, a port is a 16-bit number, used by the host-to-host protocol to identify to which application program
Guidelines for Website Security and Security Counter Measures for e-e Governance Project
and Security Counter Measures for e-e Governance Project Mr. Lalthlamuana PIO, DoICT Background (1/8) Nature of Cyber Space Proliferation of Information Technology Rapid Growth in Internet Increasing Online
Spyware. Michael Glenn Technology Management [email protected]. 2004 Qwest Communications International Inc.
Spyware Michael Glenn Technology Management [email protected] Agenda Security Fundamentals Current Issues Spyware Definitions Overlaps of Threats Best Practices What Service Providers are Doing References
Detailed Description about course module wise:
Detailed Description about course module wise: Module 1: Basics of Networking and Major Protocols 1.1 Networks and its Types. 1.2 Network Topologies 1.3 Major Protocols and their Functions 1.4 OSI Reference
If you know the enemy and know yourself, you need not fear the result of a hundred battles.
Rui Pereira,B.Sc.(Hons),CIPS ISP/ITCP,CISSP,CISA,CWNA/CWSP,CPTE/CPTC Principal Consultant, WaveFront Consulting Group [email protected] 1 (604) 961-0701 If you know the enemy and know yourself, you
shortcut Tap into learning NOW! Visit www.informit.com/shortcuts for a complete list of Short Cuts. Your Short Cut to Knowledge
shortcut Your Short Cut to Knowledge The following is an excerpt from a Short Cut published by one of the Pearson Education imprints. Short Cuts are short, concise, PDF documents designed specifically
Vulnerability Assessment and Penetration Testing
Vulnerability Assessment and Penetration Testing Module 1: Vulnerability Assessment & Penetration Testing: Introduction 1.1 Brief Introduction of Linux 1.2 About Vulnerability Assessment and Penetration
Session Hijacking Exploiting TCP, UDP and HTTP Sessions
Session Hijacking Exploiting TCP, UDP and HTTP Sessions Shray Kapoor [email protected] Preface With the emerging fields in e-commerce, financial and identity information are at a higher risk of being
Securizarea Calculatoarelor și a Rețelelor 13. Implementarea tehnologiei firewall CBAC pentru protejarea rețelei
Platformă de e-learning și curriculă e-content pentru învățământul superior tehnic Securizarea Calculatoarelor și a Rețelelor 13. Implementarea tehnologiei firewall CBAC pentru protejarea rețelei Firewall
Botnets: The Advanced Malware Threat in Kenya's Cyberspace
Botnets: The Advanced Malware Threat in Kenya's Cyberspace AfricaHackon 28 th February 2014 Who we Are! Paula Musuva-Kigen Research Associate Director, Centre for Informatics Research and Innovation (CIRI)
Firewall VPN Router. Quick Installation Guide M73-APO09-380
Firewall VPN Router Quick Installation Guide M73-APO09-380 Firewall VPN Router Overview The Firewall VPN Router provides three 10/100Mbit Ethernet network interface ports which are the Internal/LAN, External/WAN,
UTT Technologies offers an effective solution to protect the network against 80 percent of internal attacks:
HiPER 840 4-WAN Broadband Gateway/Router Overview HiPER 840 4-WAN Broadband Gateway/Router is a purpose-built solution designed for small-sized Internet cafés, broadband communities and schools which require
BotNets- Cyber Torrirism
BotNets- Cyber Torrirism Battling the threats of internet Assoc. Prof. Dr. Sureswaran Ramadass National Advanced IPv6 Center - Director Why Talk About Botnets? Because Bot Statistics Suggest Assimilation
CS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
Firewalls. Ahmad Almulhem March 10, 2012
Firewalls Ahmad Almulhem March 10, 2012 1 Outline Firewalls The Need for Firewalls Firewall Characteristics Types of Firewalls Firewall Basing Firewall Configurations Firewall Policies and Anomalies 2
Learn Ethical Hacking, Become a Pentester
Learn Ethical Hacking, Become a Pentester Course Syllabus & Certification Program DOCUMENT CLASSIFICATION: PUBLIC Copyrighted Material No part of this publication, in whole or in part, may be reproduced,
Classification of Firewalls and Proxies
Classification of Firewalls and Proxies By Dhiraj Bhagchandka Advisor: Mohamed G. Gouda ([email protected]) Department of Computer Sciences The University of Texas at Austin Computer Science Research
Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100
Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Course Description: Introduction to Cybersecurity is designed to provide students the basic concepts and terminology
Quarterly Report: Symantec Intelligence Quarterly
Symantec Intelligence Quarterly: Best Practices and Methodologies Quarterly Report: Symantec Intelligence Quarterly Symantec Intelligence Quarterly: Best Practices and Methodologies Contents Symantec
CYBER SECURITY: A REPORT FROM THE TRENCHES 2015 AGC NATIONAL & CHAPTER LEADERSHIP CONFERENCE [email protected]
CYBER SECURITY: A REPORT FROM THE TRENCHES 2015 AGC NATIONAL & CHAPTER LEADERSHIP CONFERENCE SECURITY IS A PROCESS, NOT A STATE CARVE SYSTEMS LLC [email protected] How did I get here? (short
Secure Network Access System (SNAS) Indigenous Next Generation Network Security Solutions
Secure Network Access System (SNAS) Indigenous Next Generation Network Security Solutions Gigi Joseph, Computer Division,BARC. [email protected] Intranet Security Components Network Admission Control (NAC)
Introduction to Computer Security Benoit Donnet Academic Year 2015-2016
Introduction to Computer Security Benoit Donnet Academic Year 2015-2016 1 Agenda Networking Chapter 1: Firewalls Chapter 2: Proxy Chapter 3: Intrusion Detection System Chapter 4: Network Attacks Chapter
Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks [email protected]
Web Application Security Radovan Gibala Senior Field Systems Engineer F5 Networks [email protected] Security s Gaping Hole 64% of the 10 million security incidents tracked targeted port 80. Information Week
AnyWeb AG / ITSM Practice Circle 23.01.2007 / Christof Madöry www.anyweb.ch
AnyWeb AG / ITSM Practice Circle 23.01.2007 / Christof Madöry www.anyweb.ch Cisco Works Neue Version LMS 2.6 und wie weiter CiscoWorks LAN Management Solution (LMS) AnyWeb AG / ITSM Practice Circle 23.01.2007
Cyber Essentials PLUS. Common Test Specification
Cyber Essentials PLUS Common Test Specification Page 1 Version Control Version Date Description Released by 1.0 07/08/14 Initial Common Test Specification release SR Smith 1.1 19/08/14 Updated Scope SR
Hands-on Hacking Unlimited
About Zone-H Attacks techniques (%) File Inclusion Shares misconfiguration SQL Injection DNS attack through social engineering Web Server external module intrusion Attack against the administrator/user
PowerShell for Penetration Testers
Training: PowerShell for Penetration Testers Dates of the training: March 14-15,2016 in Heidelberg, Germany Book Now using the code: TR16HMTRAINING and save an additional 10% of the current valid rate!
Effective Methods to Detect Current Security Threats
terreactive AG. Swiss Cyber Storm 2015. Effective Methods to Detect Current Security Threats Taking your IT security to the next level, you have to consider a paradigm shift. In the past companies mostly
E-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Second Edition. Copyright 2007 Pearson Education, Inc.
Copyright 2007 Pearson Education, Inc. Slide 5-1 E-commerce business. technology. society. Second Edition Kenneth C. Laudon Carol Guercio Traver Copyright 2007 Pearson Education, Inc. Slide 5-2 Chapter
How I Learned to Stop Worrying and Love Compliance Ron Gula, CEO Tenable Network Security
How I Learned to Stop Worrying and Love Compliance Ron Gula, CEO Tenable Network Security PART 1 - COMPLIANCE STANDARDS PART 2 SECURITY IMPACT THEMES BUILD A MODEL THEMES MONITOR FOR FAILURE THEMES DEMONSTRATE
Microsoft Systems Architecture 2.0 (MSA 2.0) Security Review An analysis by Foundstone, Inc.
Microsoft Systems Architecture 2.0 (MSA 2.0) Security Review An analysis by Foundstone, Inc. Foundstone Labs October, 2003 Table of Contents Table of Contents...2 Introduction...3 Scope and Approach...3
COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM
COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM Course Description This is the Information Security Training program. The Training provides you Penetration Testing in the various field of cyber world.
Chapter 4: Security of the architecture, and lower layer security (network security) 1
Chapter 4: Security of the architecture, and lower layer security (network security) 1 Outline Security of the architecture Access control Lower layer security Data link layer VPN access Wireless access
Mingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway
Mingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway All transparent deployment Full HTTPS site defense Prevention of OWASP top 10 Website Acceleration
ITEC441- IS Security. Chapter 15 Performing a Penetration Test
1 ITEC441- IS Security Chapter 15 Performing a Penetration Test The PenTest A penetration test (pentest) simulates methods that intruders use to gain unauthorized access to an organization s network and
AnyWeb AG 2008 www.anyweb.ch
HP SiteScope (End-to-End Monitoring, System Availability) Christof Madöry AnyWeb AG ITSM Practice Circle September 2008 Agenda Management Technology Agentless monitoring SiteScope in HP BTO SiteScope look
Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison
CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation
IoT & INFOSEC: A REPORT FROM THE TRENCHES - AGC IT Conference- July 2015 [email protected]
IoT & INFOSEC: A REPORT FROM THE TRENCHES - AGC IT Conference- July 2015 SECURITY IS A PROCESS, NOT A STATE CARVE SYSTEMS LLC [email protected] Carve s Roots (tl;dr)
I N S T A L L A T I O N M A N U A L
I N S T A L L A T I O N M A N U A L 2015 Fastnet SA, St-Sulpice, Switzerland. All rights reserved. Reproduction in whole or in part in any form of this manual without written permission of Fastnet SA is
Exam Questions SY0-401
Exam Questions SY0-401 CompTIA Security+ Certification http://www.2passeasy.com/dumps/sy0-401/ 1. A company has implemented PPTP as a VPN solution. Which of the following ports would need to be opened
Today s Topics. Protect - Detect - Respond A Security-First Strategy. HCCA Compliance Institute April 27, 2009. Concepts.
Protect - Detect - Respond A Security-First Strategy HCCA Compliance Institute April 27, 2009 1 Today s Topics Concepts Case Study Sound Security Strategy 2 1 Security = Culture!! Security is a BUSINESS
How To Get A Computer With A Cell Phone And A Computer (For Free)
Remote Access & Security Technology Overview Medizinische Technik Erlangen Markus Feeß Netze / Sicherheit SGK 2 1 John and the broken leg - Part I Archiv A? B C 2 WAN Technologies GSM Global System for
Information Security Threat Trends
Talk @ Microsoft Security Day Sep 2005 Information Security Threat Trends Mr. S.C. Leung 梁 兆 昌 Senior Consultant 高 級 顧 問 CISSP CISA CBCP M@PISA Email: [email protected] 香 港 電 腦 保 安 事 故 協 調 中 心 Introducing
Effective Methods to Detect Current Security Threats
terreactive AG. Swiss Cyber Storm 2015. Effective Methods to Detect Current Security Threats Enrico Petrov Director Managed Security Services terreactive October 21 st, 2015 terreactive Background. About
Swiss Cyber Storm II Case: NFS Hacking
Swiss Cyber Storm II Case: NFS Hacking Axel Neumann Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel +41 55-214 41 60 Fax +41 55-214 41 61 [email protected]
Protection against DDoS and WEB attacks. Michael Soukonnik Radware Ltd [email protected]
Protection against DDoS and WEB attacks Michael Soukonnik Radware Ltd [email protected] Landscape Ponemon Research 2012: Cyber security threats Cyber security threats according to risk mitigation priority
quick documentation Die Parameter der Installation sind in diesem Artikel zu finden:
quick documentation TO: FROM: SUBJECT: [email protected] ASTARO FIREWALL SCAN MIT NESSUS AUS BACKTRACK 5 R1 DATE: 24.11.2011 Inhalt Dieses Dokument beschreibt einen Nessus Scan einer Astaro
Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.
Securing Modern Substations With an Open Standard Network Security Solution Kevin Leech Schweitzer Engineering Laboratories, Inc. Copyright SEL 2009 What Makes a Cyberattack Unique? While the resources
INFORMATION SECURITY TRAINING CATALOG (2016)
INFORMATICS AND INFORMATION SECURITY RESEARCH CENTER CYBER SECURITY INSTITUTE INFORMATION SECURITY TRAINING CATALOG (2016) Revision 4.0 2015 TÜBİTAK BİLGEM SGE Siber Güvenlik Enstitüsü P.K. 74, Gebze,
When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.
Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.
A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.
A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
Ed Ferrara, MSIA, CISSP [email protected]. Fox School of Business
MIS 5208 Week 4 Cybersecurity & Fraud Ed Ferrara, MSIA, CISSP [email protected] Hacking Source: www.youtube.com Computer Crime A cyber breach is any event that intentionally or unintentionally causes
A43. Modern Hacking Techniques and IP Security. By Shawn Mullen. Las Vegas, NV IBM TRAINING. IBM Corporation 2006
IBM TRAINING A43 Modern Hacking Techniques and IP Security By Shawn Mullen Las Vegas, NV 2005 CSI/FBI US Computer Crime and Computer Security Survey 9 out of 10 experienced computer security incident in
CRYPTUS DIPLOMA IN IT SECURITY
CRYPTUS DIPLOMA IN IT SECURITY 6 MONTHS OF TRAINING ON ETHICAL HACKING & INFORMATION SECURITY COURSE NAME: CRYPTUS 6 MONTHS DIPLOMA IN IT SECURITY Course Description This is the Ethical hacking & Information
NETASQ MIGRATING FROM V8 TO V9
UTM Firewall version 9 NETASQ MIGRATING FROM V8 TO V9 Document version: 1.1 Reference: naentno_migration-v8-to-v9 INTRODUCTION 3 Upgrading on a production site... 3 Compatibility... 3 Requirements... 4
NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus
NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus CSCI - 440 Network Security and Perimeter Protection 3-0-3 CATALOG DESCRIPTION This
Internet Security Firewalls
Overview Internet Security Firewalls Ozalp Babaoglu! Exo-structures " Firewalls " Virtual Private Networks! Cryptography-based technologies " IPSec " Secure Socket Layer ALMA MATER STUDIORUM UNIVERSITA
Cryptography and network security
Cryptography and network security Firewalls slide 1 Firewalls Idea: separate local network from the Internet Trusted hosts and networks Firewall Intranet Router DMZ Demilitarized Zone: publicly accessible
Network Security. Computer Security & Forensics. Security in Compu5ng, Chapter 7. l Network Defences. l Firewalls. l Demilitarised Zones
Network Security Security in Compu5ng, Chapter 7 Topics l Network AAacks l Reconnaissance l AAacks l Spoofing l Web Site Vulnerabili5es l Denial of Service l Network Defences l Firewalls l Demilitarised