HE WAR AGAINST BEING AN INTERMEDIARY FOR ANOTHER ATTACK



Similar documents
Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

By:XÇzA A TÅÅtÜ ]A `t{åééw

Network Incident Report

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

COB 302 Management Information System (Lesson 8)

Information Technology Cyber Security Policy

Top tips for improved network security

United Tribes Technical College Acceptable Use Policies for United Tribes Computer System

Countermeasures against Bots

Threat Events: Software Attacks (cont.)

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

ViPNet ThinClient 3.3. Quick Start

NETWORK AND INTERNET SECURITY POLICY STATEMENT

OCR LEVEL 3 CAMBRIDGE TECHNICAL

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

STAR TELEPHONE MEMBERSHIP CORPORATION ACCEPTABLE USE POLICY FOR BROADBAND INTERNET SERVICES

Section 12 MUST BE COMPLETED BY: 4/22

Firewall and UTM Solutions Guide

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

Skoot Secure File Transfer

Windows Client/Server Local Area Network (LAN) System Security Lab 2 Time allocation 3 hours

Network Security Policy

CYBERTRON NETWORK SOLUTIONS

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

Bendigo and Adelaide Bank Ltd Security Incident Response Procedure

A Systems Engineering Approach to Developing Cyber Security Professionals

Secure Network Access System (SNAS) Indigenous Next Generation Network Security Solutions

LuminonCore Virtual Desktop Infrastructure (VDI) Products

Interacting with Users

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

Using a Firewall General Configuration Guide

visionapp Remote Desktop 2010 (vrd 2010)

Codes of Connection for Devices Connected to Newcastle University ICT Network

Detailed Description about course module wise:

E-BUSINESS THREATS AND SOLUTIONS

GLOSSARY OF TECHNICAL TERMS

Voice Over IP (VoIP) Denial of Service (DoS)

DDoS Attacks: The Latest Threat to Availability. Dr. Bill Highleyman Managing Editor Availability Digest

'Namgis First Nation. 1.0 Overview. 2.0 Purpose. 3.0 Scope. 4.0 Policy

Secure Remote Control Security Features for Enterprise Remote Access and Control

GLOSSARY OF TECHNICAL TERMS

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

Sample Employee Network and Internet Usage and Monitoring Policy

Own your LAN with Arp Poison Routing

9. Information Assurance and Security, Protecting Information Resources. Janeela Maraj. Tutorial 9 21/11/2014 INFO 1500

Certified Ethical Hacker (CEH)

The Key to Secure Online Financial Transactions

F-Secure Anti-Virus for Mac 2015

Network and Host-based Vulnerability Assessment

INFORMATION SECURITY INCIDENT MANAGEMENT PROCESS

WEB SECURITY. Oriana Kondakciu Software Engineering 4C03 Project

PLEASE READ THIS AGREEMENT CAREFULLY, AS IT CONTAINS IMPORTANT INFORMATION REGARDING YOUR LEGAL RIGHTS AND REMEDIES.

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Quick Start Guide to Logging in to Online Banking

Security from the Ground Up eblvd uses a hybrid-asp model designed expressly to ensure robust, secure operation.

Student Halls Network. Connection Guide

STOWE COMMUNICATIONS ACCEPTABLE USE POLICY FOR BUSINESS SERVICES HIGH SPEED INTERNET

GlobalSign Malware Monitoring

Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness

Network Security: Introduction

F-Secure Anti-Virus for Mac. User's Guide

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them

Certified Ethical Hacker Exam Version Comparison. Version Comparison

The All-in-One Support Solution. Easy & Secure. Secure Advisor

Advancement in Virtualization Based Intrusion Detection System in Cloud Environment

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

Database Security Guideline. Version 2.0 February 1, 2009 Database Security Consortium Security Guideline WG

When you listen to the news, you hear about many different forms of computer infection(s). The most common are:

ICANWK406A Install, configure and test network security

Network Monitoring and Forensics

NETWORK SECURITY ASPECTS & VULNERABILITIES

System Security Policy Management: Advanced Audit Tasks

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

Firewalls and Software Updates

Cyber Security: Beginners Guide to Firewalls

Stable and Secure Network Infrastructure Benchmarks

GoToMyPC. Remote Access Technologies: A Comparison of GoToMyPC and Microsoft Windows XP Remote Desktop

region16.net Acceptable Use Policy ( AUP )

Odessa College Use of Computer Resources Policy Policy Date: November 2010

Transcription:

HE WAR AGAINST BEING AN INTERMEDIARY FOR ANOTHER ATTACK Prepared By: Raghda Zahran, Msc. NYIT-Jordan campus. Supervised By: Dr. Lo ai Tawalbeh. November 2006 Page 1 of 8

THE WAR AGAINST BEING AN INTERMEDIARY FOR ANOTHER ATTACK Raghda Zahran, Msc. NYIT ABSTRACT Objective: To determine methods and measures needed to be taken to face the massive attack within networks Design: Systematic review of cases, latest advances in the hacking field Data sources: Important Security websites searched for published cases & measures taken. Results: Compromising other systems and using them as a dummy tool to conduct an illegal act has given the distributed systems another meaning; the cruel intentions behind the act of taking over other computers within the same network or over the internet highlights the need to take all security measures that would stand out in such war. Conclusion: There is a little evidence to date that could support LANs or WANs to stand out in the illegitimate control, but latest security measures should be implemented Intrusion Tools The range of tools, from the least intrusive to the most, are used to : 1. Scan 2. Spy 3. Insert data 4. Manipulate data 5. Cause a computer to launch an attack on another computer. Intrusion techniques Some techniques used to compromise other computers: Probing computers and systems by 'pinging' or sending out messages that identify computers that are online, and then scanning these computers for open portals Infringing (violating)security by using password sniffer programs, password cracking programs, or keyboard logging programs to reveal passwords and other information; creating backdoors once an open portal is found and then using software to keep it open and to make it accessible to other computers over a network or the internet; Inserting code into computers such as spyware programs, which report activity on the target computer; malware is used to execute malicious code such as worms (self-replicating pieces of code that transmit themselves once released without requiring any further human intervention) or viruses (self-replicating pieces of code that are disguised as, or attached to, November 2006 Page 2 of 8

another application and that become activated when a person tries to open what typically appears to be an email attachment); Remotely controlling other computers to affect internal data or operations: 'Trojan horses' are a form of code that once activated on a target computer, enable that computer to be commandeered to perform a pre-determined operation or to be actively controlled to perform operations in real time; Remotely controlling a computer to affect other computers, such as in a distributed denial of service DDOS attack where literally thousands of remotely controlled computers (bot armies) are made to bombard another computer or service causing it to be overloaded and degrade or fail. Intercepting wireless data transmissions. What Is Hacking All of the above is known as hacking:1 It is breaking into computer systems, frequently with intentions to alter or modify existing settings. Sometimes malicious in nature, these break-ins may cause damage or disruption to computer systems or networks. People with malevolent intent are often referred to as "crackers"--as in "cracking" into computers. "Unauthorized access" entails approaching, trespassing within, communicating with, storing data in, retrieving data from, or otherwise intercepting and changing computer resources without consent. These laws relate to either or both, or any other actions that interfere with computers, systems, programs or networks. Targets: Hacking targets all sectors for different motives Profit Non-Profit Interesting targets includes and not limited to: 1. Electric companies & power grid 2. Commerce Department & E-Commerce websites 3. Online Brokerage Firms 4. Voice over IP (VOIP) 5. Home users for cash 6. National computers and information: Police, Social Security & Passports Dpts. 7. Military 8. Healthcare Sector 9. Financial services firms: Credit unions, banks, Insurance companies, Exchange firms etc. 10. Telecommunication 11. R&D labs 12. Domain Registers 13. Instant messengers 14. Web Advertisers 15. Certain Demographic Web Sites November 2006 Page 3 of 8

Being an intermediary is almost like acting as a thin client 2 or dump terminal: A thin client is a computer (client) in client-server architecture networks which depends on onother computer & without a hard disk drive, whereas a fat client includes a disk drive HARDWARE CONTROL; KVM switch: Keyboard, Video, Mouse 3 CONVENTIONAL KVM By pressing buttons on the KVM witch, one can change control from one computer to the next. November 2006 Page 4 of 8

IP - KVM The latest in kvm switch technology is the ability to control servers located in distant locations through use of the IP communication. With ip kvm you can control a server or computer from the other side of the world as if you were standing right in front of it! Utilizing the latest in technology your administrator can even configure CMOS and BIOS settings of a server in New York while sitting in a café in Paris!! The largest suppliers of KVM technology worldwide are Avocent, Black Box and Raritan 4 Security Measures: Since the IP protocol is considered insecure, many kvm manufacturers have added robust and feature rich security abilities to their products. November 2006 Page 5 of 8

KVM Alternatives; Remote control software is software used in remote administration to allow use of computers or other hardware at a separate location. A typical use is to control a server or desktop computer from another desktop computer. idea of remote desktop software is to enable you to operate your home computer as if you were seated in front of it, from a remote, internet-enabled computer. The remote control software consists of two separate computer programs "host version" that is installed on the computer to be controlled "remote version" that is installed on the controlling computer The controlling computer displays a copy of the image received from the controlled computer's display screen. The copy is updated on a timed interval Sample of Software used to remotely control other computers: TRADE NAME LAN INTERNET Platform Anyplace Control 5 Windows PC VNC (Virtual cross-platform Network Computing)6 7 PCs. 8 1-20 Windows PC Remote Desktop Control 9 Windows PC Symantec pcanywhere 10 Linux and Mac OS X Apple Remote Desktop 11 Macintosh computers Sample of trade software used for controlling other computers Software has different attributes but all share two important senses for discussion: CONNECTIVITY: requires intranet connection for LAN control & internet Connection for control over the internet. MISUSE Other attributes are: 1. Created for hacking purposes 2. Created for administrating and legal purposes but are exploited and used for cruel reasons 3. Published for free over the net 4. Require purchase 5. Requires installation / setup applications on both parties 6. Don t require installation / setup on both sides. 7. Requires a third party such as providing company s website (Web access) to administer the access and in this case sniffing is used 8. Control is solely conducted by the hacking side. November 2006 Page 6 of 8

Preference measurements for the hacking side would be 1. Simplicity 2. High speed and performance. 3. Low network load, using an optimized data compression algorithms. 4. Strong security and high safety. Challenge-response authentication protocol and a RC4- like encryption algorithm make the program usage absolutely safe. 5. Multiple and simultaneous connections. With this feature, the network controller can efficiently control different remote PCs simultaneously. Moreover, two or more administrators can control one remote computer at the same time. 6. Spontaneous interface. 7. Ability to work on multiple platforms. Security Measures: Using latest, most updated tool software that would detect any unusual event. Avoid opening any suspicious email PC Zone Alarm Review the event log If you feel that your computer is being hosted as a slave check for any suspicious services and immediately stop it Keep a continues physical backup and clear your machine from any crucial and valuable data. Force a confidential network check up procedure. Connect to only trusted secure sites Avoid downloading any software from the net directly 1 http://www.ncsl.org/programs/lis/cip/hacklaw.htm 2 http://www.webopedia.com/term/t/thin_client.html 3 www.kvm-switch-review.com/ 4 http://en.wikipedia.org/wiki/kvm_switch 5 http://www.anyplace-control.com/ 6 http://www.realvnc.com/ 7 http://www.wikihow.com/control-another-pc-remotely 8 https://www.gotomypc.com/en_us/entry.tmpl?_sid=149477441%3a1f8055980c3c791&action=rgoto&_sf=2 9 http://www.remote-desktop-control.com/ 10 http://www.symantec.com/home_homeoffice/products/overview.jsp?pcid=pf&pvid=pca12 November 2006 Page 7 of 8

11 http://www.apple.com/remotedesktop/ Class Demo Remote Anything http://www.twd-industries.com November 2006 Page 8 of 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information