SlideShare a Scribd company logo

Ehical Hacking: Unit no. 1 Information and Network Security

Download as PPTX, PDF
P
prachi67

T.Y.B.Sc. (Computer Science) Ethical Hacking Unit 1 Introduction to information security Types of malware

1 of 51
Download to read offline
NETWORK SECURITY By Asst. Prof. Prachi Mishal
NETWORK SECURITY Network security is any activity designed to protect the usability and integrity(unity) of network and data. It includes both hardware and software technologies.
In network security, three common terms are used as: 1. Vulnerabilities 2. Threats 3. Attacks
VULNERABILITIES A vulnerability is a weakness that allows an attacker to reduce a system information assurance.
Primary vulnerabilities in network 1. Technology vulnerabilities 2. Configuration vulnerabilities 3. Security policy vulnerabilities
Technology vulnerabilities Computer and network technologies have intrinsic(built-in) security weakness.  TCP/IP protocol vulnerabilities (HTTP, FTP are inherently unsecure)  Operating system vulnerabilities (Windows, Linux have security problems)  Network equipment vulnerabilities (routers, switches have security weaknesses)
Configuration vulnerabilities Network administrator need to correctly configure their computing and network devices to compensate.  Unsecured user accounts (information transmitted insecurely across network)  System account with easily guessed passwords  Unsecured default settings within products  Misconfigured internet services (untrusted sites on dynamic webpages)  Misconfigured network equipment (misconfiguration itself cause security problem)
Security policyvulnerabilities The network can pose security risk if users do not follow the security policies.  Lack of written security policy (policies in booklet)  Politics (political battles makes it difficult to implement security policies)  Lack of continuity (easily cracked or default password allows unauthorized access)  Logical access control. Not applied (imperfect monitoring allows unauthorized access)  Disaster recovery plan nonexistent (lack of disaster recovery plan allows panic (a sudden fear) when someone attacks the enterprise.)
THREATS The people eager, willing and qualified to take advantage of each security vulnerability, and they continually search for new exploits and weaknesses.
Classes of threats There are four main classes of threats: 1. Structured threats 2. Unstructured threats 3. External threats 4. Internal threats
1. Structured threats Implemented by a technically skilled person who is trying to gain access to your network. 2. Unstructured threats Created by an inexperienced / non-technical person who is trying to gain access to your network. 3. Internal threats Occurs when someone from inside your network creates a security threat to your network. 4. External threats Occurs when someone from outside your network creates a security threat to your network.
Common terms  Hacker A hacker is a person intensely interested in requiring secrets and recondite workings of any computer operating system. Hackers are most often programmers.  Crackers Crackers can easily be identified because their actions are malicious.
 Phreaker A phreaker is an individual who manipulates the phone network to cause it to perform a function that is normally not allowed. A common goal of phreaking is breaking into the phone network.  Spammer An individual who sends large number of unsolicited e-mail messages. Spammers often use viruses to take control of home computers to use these computers to send out their bulk messages.
 Phisher A phisher uses e-mail or other means in an attempt to trick others into providing sensitive information, such as credit card no or password etc.  White hat Individuals who use their abilities to find vulnerabilities in systems or networks and then report these vulnerabilities to the owners of the system so that they can be fixed.  Black hat Individuals who use their knowledge of computer to break into system that they are not authorized to use.
ATTACKS The threats use a variety of tools, scripts and programs to launch attacks against networks and network devices.
Classes of attack 1. Reconnaissance 2. Access 3. Denial of service (DOS) 4. Worms, viruses and Trojan Horses
Reconnaissance Reconnaissance is a primary step of computer attack. It involve unauthorized discovery of targeted system to gather information about vulnerabilities. The hacker surveys a network and collects data for a future attack.
Reconnaissance attacks can consist of the following: 1. Ping sweeps (tells the attacker, Which IP addresses are alive?) 2. Port scans (art of scanning to determine what network services or ports are activeon the live IP addresses) 3. Internet information queries (queries the ports to determine the application and operating system of targeted host and determines the possible vulnerability exists that can be exploited?) 4. Packet sniffers (to capture data being transmitted on a network)
Eavesdropping Eavesdropping is listening into a conversation. (spying, prying or snooping). Network snooping and packet sniffing are common terms for eavesdropping. A common method for eavesdropping on communication is to capture protocol packets.
Types of eavesdropping: 1.information gathering Intruder identifies sensitive information i.e credit card number 2.Information theft Intruder steals data through unauthorized access Tools used to perform eavesdropping: 1. Network or protocol analyzers 2. Packet capturing utilities on networked computers
Access An access attack is just what it sounds like: an attempt to access another user account or network device through improper means.
The attack surface of a software environment is the sum of the different points (for "attack vectors") where an unauthorized user (the "attacker") can try to enter data to or extract data from an environment. Keeping the attack surface as small as possible is a basic security measure. There are over 100 attack vectors and breach methods that hackers can use. However, some are more common than others. Here are some of the most common attack vectors: Attack Surface: Compromised credentials Phishing Weak and stolen passwords Trust relationships Malicious insiders Zero-day vulnerabilities Misconfiguration Brute force attack Missing or poor encryption Distributed Denial of Service (DDoS) Ransomware
Understanding an attack surface Due to the increase in the countless potential vulnerable points each enterprise has, there has been increasing advantage for hackers and attackers as they only need to find one vulnerable point to succeed in their attack. There are three steps towards understanding and visualizing an attack surface: Step 1: Visualize. Visualizing the system of an enterprise is the first step, by mapping out all the devices, paths and networks. Step 2: Find indicators of exposures. The second step is to correspond each indicator of a vulnerability being potentially exposed to the visualized map in the last step. IOEs include "missing security controls in systems and software". Step 3: Find indicators of compromise. This is an indicator that an attack has already succeeded.
Surface reduction • One approach to improving information security is to reduce the attack surface of a system or software. • The basic strategies of attack surface reduction include the following: reduce the amount of code running, reduce entry points available to untrusted users, and eliminate services requested by relatively few users. • By having less code available to unauthorized actors, there will tend to be fewer failures. By turning off unnecessary functionality, there are fewer security risks. • Although attack surface reduction helps prevent security failures, it does not mitigate the amount of damage an attacker could inflict once a vulnerability is found.
Security-Functionality-Ease of Use Triangle
Access attack can consist of the following: 1.Password attack 2.Trust exploitation 3.Port redirection 4.Man-in-the-Middle attack 5.Social engineering 6.Phishing
Password attacks can be implemented using brute-force attack (repeated attempts to identify users password). Methods for computing passwords: 1.Dictionary cracking 2.Brute-force computation Password attacks
Trust exploitation refers to an attack in which an individual take advantage of a trust relationship within a network. Trust exploitation
Port redirection A type of trust exploitation attack that uses a compromised host to pass traffic through a firewall that would otherwise be dropped.
Man-in-the-Middle attack A man-in-the-Middle attack requires that the hacker have access to network packets that come across a network.
Social engineering The easiest hack (social engineering) involves no computer skill at all. Social engineering is the art of manipulating people so they give up confidential information.
Phishing Phishing is a type of social engineering attack that involves using e-mail or other types of messages in an attempt to trick others into providing sensitive information.
Denial of service (DoS) DoS attacks are often implemented by a hacker as a means of denying a service that is normally available to a user or organization. DoS attacks involve either crashing the system or slowing it down to the point that it is unusable.
Distributed DoS attack DDoS uses attack methods similar to standard DoS attack but operates on a much large scale.
Ehical Hacking: Unit no. 1 Information and Network Security
Malicious code Worms, viruses and Trojan Horses Malicious code is the kind of harmful computer code designed to create system vulnerabilities leading to back doors and other potential damages to files and computing systems. It's a type of threat that may not be blocked by antivirus software on its own
The amount and variety of malicious programs out there is enough to make your head spin. This blog post will break down the common types of malicious programs and provide a brief description of each. What is Malware? Malware is short for malicious software, meaning software that can be used to compromise computer functions, steal data, bypass access controls, or otherwise cause harm to the host computer. Malware is a broad term that refers to a variety of malicious programs.
Adware Adware (short for advertising-supported software) is a type of malware that automatically delivers advertisements. Common examples of adware include pop-up ads on websites and advertisements that are displayed by software. Often times software and applications offer “free” versions that come bundled with adware. Most adware is sponsored or authored by advertisers and serves as a revenue generating tool. While some adware is solely designed to deliver advertisements, it is not uncommon for adware to come bundled with spyware (see below) that is capable of tracking user activity and stealing information. Due to the added capabilities of spyware, adware/spyware bundles are significantly more dangerous than adware on its own.
Bots are software programs created to automatically perform specific operations. While some bots are created for relatively harmless purposes (video gaming, internet auctions, online contests, etc), it is becoming increasingly common to see bots being used maliciously. Bots can be used in botnets (collections of computers to be controlled by third parties) for DDoS attacks, as spambots that render advertisements on websites, as web spiders that scrape server data, and for distributing malware disguised as popular search items on download sites. Websites can guard against bots with CAPTCHA tests that verify users as human. Bot
Bug In the context of software, a bug is a flaw produces an undesired outcome. These flaws are usually the result of human error and typically exist in the source code or compilers of a program. Minor bugs only slightly affect a program’s behavior and as a result can go for long periods of time before being discovered. More significant bugs can cause crashing or freezing. Security bugs are the most severe type of bugs and can allow attackers to bypass user authentication, override access privileges, or steal data. Bugs can be prevented with developer education, quality control, and code analysis tools.
Ransomware is a form of malware that essentially holds a computer system captive while demanding a ransom. The malware restricts user access to the computer either by encrypting files on the hard drive or locking down the system and displaying messages that are intended to force the user to pay the malware creator to remove the restrictions and regain access to their computer. Ransomware typically spreads like a normal computer worm (see below) ending up on a computer via a downloaded file or through some other vulnerability in a network service. Ransomware
A rootkit is a type of malicious software designed to remotely access or control a computer without being detected by users or security programs. Once a rootkit has been installed it is possible for the malicious party behind the rootkit to remotely execute iles, access/steal information, modify system configurations, alter software (especially any security software that could detect the rootkit), install concealed malware, or control the computer as part of a botnet. Rootkit prevention, detection, and removal can be difficult due to their stealthy operation. Because a rootkit continually hides its presence, typical security products are not effective in detecting and removing rootkits. As a result, rootkit detection relies on manual methods such as monitoring computer behavior for irregular activity, signature scanning, and storage dump analysis. Organizations and users can protect themselves from rootkits by regularly patching vulnerabilities in software, applications, and operating systems, updating virus definitions, avoiding suspicious downloads, and performing static analysis scans. rootkit
Spyware is a type of malware that functions by spying on user activity without their knowledge. These spying capabilities can include activity monitoring, collecting keystrokes, data harvesting (account information, logins, financial data), and more. Spyware often has additional capabilities as well, ranging from modifying security settings of software or browsers to interfering with network connections. Spyware spreads by exploiting software vulnerabilities, bundling itself with legitimate software, or in Trojans. Spyware
A Trojan horse, commonly known as a “Trojan,” is a type of malware that disguises itself as a normal file or program to trick users into downloading and installing malware. A Trojan can give a malicious party remote access to an infected computer. Once an attacker has access to an infected computer, it is possible for the attacker to steal data (logins, financial data, even electronic money), install more malware, modify files, monitor user activity (screen watching, keylogging, etc), use the computer in botnets, and anonymize internet activity by the attacker. Trojan horse
A virus is a form of malware that is capable of copying itself and spreading to other computers. Viruses often spread to other computers by attaching themselves to various programs and executing code when a user launches one of those infected programs. Viruses can also spread through script files, documents, and cross-site scripting vulnerabilities in web apps. Viruses can be used to steal information, harm host computers and networks, create botnets, steal money, render advertisements, and more. virus
Computer worms are among the most common types of malware. They spread over computer networks by exploiting operating system vulnerabilities. Worms typically cause harm to their host networks by consuming bandwidth and overloading web servers. Computer worms can also contain “payloads” that damage host computers. Payloads are pieces of code written to perform actions on affected computers beyond simply spreading the worm. Payloads are commonly designed to steal data, delete files, or create botnets. Computer worms can be classified as a type of computer virus, but there are several characteristics that distinguish computer worms from regular viruses. A major difference is that computer worms have the ability to self-replicate and spread independently while viruses rely on human activity to spread (running a program, opening a file, etc). Worms often spread by sending mass emails with infected attachments to users’ contacts. worms
Malware Symptoms While these types of malware differ greatly in how they spread and infect computers, they all can produce similar symptoms. Computers that are infected with malware can exhibit any of the following symptoms: • Increased CPU usage • Slow computer or web browser speeds • Problems connecting to networks • Freezing or crashing • Modified or deleted files • Appearance of strange files, programs, or desktop icons • Programs running, turning off, or reconfiguring themselves (malware will often reconfigure or turn off antivirus and firewall programs) • Strange computer behavior • Emails/messages being sent automatically and without user’s knowledge (a friend receives a strange email from you that you did not send)
Malware Prevention and Removal There are several general best practices that organizations and individual users should follow to prevent malware infections. Some malware cases require special prevention and treatment methods, but following these recommendations will greatly increase a user’s protection from a wide range of malware:  Install and run anti-malware and firewall software. When selecting software, choose a program that offers tools for detecting, quarantining, and removing multiple types of malware. At the minimum, anti-malware software should protect against viruses, spyware, adware, Trojans, and worms. The combination of anti-malware software and a firewall will ensure that all incoming and existing data gets scanned for malware and that malware can be safely removed once detected.  Keep software and operating systems up to date with current vulnerability patches. These patches are often released to patch bugs or other security flaws that could be exploited by attackers.  Be vigilant when downloading files, programs, attachments, etc. Downloads that seem strange or are from an unfamiliar source often contain malware.
Ehical Hacking: Unit no. 1 Information and Network Security
Security Vulnerability Types Computer security vulnerabilities can be divided into numerous types based on different criteria— such as where the vulnerability exists, what caused it, or how it could be used. Some broad categories of these vulnerability types include: 1. Network Vulnerabilities. These are issues with a network’s hardware or software that expose it to possible intrusion by an outside party. Examples include insecure Wi-Fi access points and poorly-configured firewalls. 2. Operating System Vulnerabilities. These are vulnerabilities within a particular operating system that hackers may exploit to gain access to an asset the OS is installed on—or to cause damage. Examples include default superuser accounts that may exist in some OS installs and hidden backdoor programs. 3. Human Vulnerabilities. The weakest link in many cybersecurity architectures is the human element. User errors can easily expose sensitive data, create exploitable access points for attackers, or disrupt systems. 4. Process Vulnerabilities. Some vulnerabilities can be created by specific process controls (or a lack thereof). One example would be the use of weak passwords (which may also fall under human vulnerabilities).
Ehical Hacking: Unit no. 1 Information and Network Security

Recommended

Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer Attacks
Sam Bowne
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hacking
Cmano Kar
 
Slideshare is
Slideshare isSlideshare is
Slideshare is
Ashu Pandita Kaul
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
chakrekevin
 
Network and web security
Network and web securityNetwork and web security
Network and web security
Nitesh Saitwal
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Viraj Kansara
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network Attacks
Savvius, Inc
 
Cehv6 module 01 introduction to ethical hacking
Cehv6 module 01 introduction to ethical hackingCehv6 module 01 introduction to ethical hacking
Cehv6 module 01 introduction to ethical hacking
anonymousrider
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
Arifa Ali
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Rishabha Garg
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and cracking
Harshil Barot
 
why security is needed
why security is neededwhy security is needed
why security is needed
sourov_das
 
Computer security
Computer securityComputer security
Computer security
sruthiKrishnaG
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Vasile
 
Computer security and
Computer security andComputer security and
Computer security and
Rana Usman Sattar
 
Network security chapter 1,2
Network security chapter 1,2Network security chapter 1,2
Network security chapter 1,2
Education
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threads
srivijaymanickam
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measures
Dnyaneshwar Beedkar
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacy
Ardit Meti
 
Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006
Umang Patel
 
Internet security
Internet securityInternet security
Internet security
محمد عدنان أبو ورد
 
Computer security 7.pptx
Computer security 7.pptxComputer security 7.pptx
Computer security 7.pptx
Khappiyo
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Aditya Vikram Singhania
 
Hacking
HackingHacking
Hacking
LutfulM
 
Module 5 (system hacking)
Module 5 (system hacking)Module 5 (system hacking)
Module 5 (system hacking)
Wail Hassan
 
Ethical Hacking A high-level information security study on protecting a comp...
Ethical Hacking A high-level information security study on protecting a comp...Ethical Hacking A high-level information security study on protecting a comp...
Ethical Hacking A high-level information security study on protecting a comp...
Quinnipiac University
 
Module 3 (scanning)
Module 3 (scanning)Module 3 (scanning)
Module 3 (scanning)
Wail Hassan
 
Types of Cyber-Attacks
Types of Cyber-AttacksTypes of Cyber-Attacks
Types of Cyber-Attacks
techexpert2345
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
aashish2cool4u
 

More Related Content

What's hot (20)

Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
Arifa Ali
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Rishabha Garg
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and cracking
Harshil Barot
 
why security is needed
why security is neededwhy security is needed
why security is needed
sourov_das
 
Computer security
Computer securityComputer security
Computer security
sruthiKrishnaG
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Vasile
 
Computer security and
Computer security andComputer security and
Computer security and
Rana Usman Sattar
 
Network security chapter 1,2
Network security chapter 1,2Network security chapter 1,2
Network security chapter 1,2
Education
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threads
srivijaymanickam
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measures
Dnyaneshwar Beedkar
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacy
Ardit Meti
 
Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006
Umang Patel
 
Internet security
Internet securityInternet security
Internet security
محمد عدنان أبو ورد
 
Computer security 7.pptx
Computer security 7.pptxComputer security 7.pptx
Computer security 7.pptx
Khappiyo
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Aditya Vikram Singhania
 
Hacking
HackingHacking
Hacking
LutfulM
 
Module 5 (system hacking)
Module 5 (system hacking)Module 5 (system hacking)
Module 5 (system hacking)
Wail Hassan
 
Ethical Hacking A high-level information security study on protecting a comp...
Ethical Hacking A high-level information security study on protecting a comp...Ethical Hacking A high-level information security study on protecting a comp...
Ethical Hacking A high-level information security study on protecting a comp...
Quinnipiac University
 
Module 3 (scanning)
Module 3 (scanning)Module 3 (scanning)
Module 3 (scanning)
Wail Hassan
 
Types of Cyber-Attacks
Types of Cyber-AttacksTypes of Cyber-Attacks
Types of Cyber-Attacks
techexpert2345
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
Arifa Ali
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Rishabha Garg
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and cracking
Harshil Barot
 
why security is needed
why security is neededwhy security is needed
why security is needed
sourov_das
 
Computer security
Computer securityComputer security
Computer security
sruthiKrishnaG
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Vasile
 
Computer security and
Computer security andComputer security and
Computer security and
Rana Usman Sattar
 
Network security chapter 1,2
Network security chapter 1,2Network security chapter 1,2
Network security chapter 1,2
Education
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threads
srivijaymanickam
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measures
Dnyaneshwar Beedkar
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacy
Ardit Meti
 
Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006
Umang Patel
 
Internet security
Internet securityInternet security
Internet security
محمد عدنان أبو ورد
 
Computer security 7.pptx
Computer security 7.pptxComputer security 7.pptx
Computer security 7.pptx
Khappiyo
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Aditya Vikram Singhania
 
Hacking
HackingHacking
Hacking
LutfulM
 
Module 5 (system hacking)
Module 5 (system hacking)Module 5 (system hacking)
Module 5 (system hacking)
Wail Hassan
 
Ethical Hacking A high-level information security study on protecting a comp...
Ethical Hacking A high-level information security study on protecting a comp...Ethical Hacking A high-level information security study on protecting a comp...
Ethical Hacking A high-level information security study on protecting a comp...
Quinnipiac University
 
Module 3 (scanning)
Module 3 (scanning)Module 3 (scanning)
Module 3 (scanning)
Wail Hassan
 
Types of Cyber-Attacks
Types of Cyber-AttacksTypes of Cyber-Attacks
Types of Cyber-Attacks
techexpert2345
 

Similar to Ehical Hacking: Unit no. 1 Information and Network Security (20)

Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
aashish2cool4u
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
Computer Security
Computer SecurityComputer Security
Computer Security
Vaibhavi Patel
 
Computer Security
Computer SecurityComputer Security
Computer Security
Vaibhavi Patel
 
Basics of System Security and Tools
Basics of System Security and ToolsBasics of System Security and Tools
Basics of System Security and Tools
Karan Bhandari
 
Network security
Network securityNetwork security
Network security
nafisarayhana1
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Prabhat kumar Suman
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks Shelly
Adeel Khurram
 
Network Security
Network SecurityNetwork Security
Network Security
Puneet Abichandani
 
Computer security system Unit1.pptx
Computer security system Unit1.pptxComputer security system Unit1.pptx
Computer security system Unit1.pptx
VIRAJDEY1
 
System Security
System SecuritySystem Security
System Security
Reddhi Basu
 
A CASE STUDY ON VARIOUS NETWORK SECURITY TOOLS
A CASE STUDY ON VARIOUS NETWORK SECURITY TOOLSA CASE STUDY ON VARIOUS NETWORK SECURITY TOOLS
A CASE STUDY ON VARIOUS NETWORK SECURITY TOOLS
Katie Robinson
 
cybersecurity
cybersecuritycybersecurity
cybersecurity
maha797959
 
Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0
Adebisi Tolulope
 
Ethical hacking ppt
Ethical hacking pptEthical hacking ppt
Ethical hacking ppt
Nitesh Dubey
 
Cyber.pptx
Cyber.pptxCyber.pptx
Cyber.pptx
MahalakshmiShetty3
 
1 ijaems sept-2015-3-different attacks in the network a review
1 ijaems sept-2015-3-different attacks in the network a review1 ijaems sept-2015-3-different attacks in the network a review
1 ijaems sept-2015-3-different attacks in the network a review
INFOGAIN PUBLICATION
 
Ne Course Part Two
Ne Course Part TwoNe Course Part Two
Ne Course Part Two
backdoor
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
aashish2cool4u
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
Computer Security
Computer SecurityComputer Security
Computer Security
Vaibhavi Patel
 
Computer Security
Computer SecurityComputer Security
Computer Security
Vaibhavi Patel
 
Basics of System Security and Tools
Basics of System Security and ToolsBasics of System Security and Tools
Basics of System Security and Tools
Karan Bhandari
 
Network security
Network securityNetwork security
Network security
nafisarayhana1
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Prabhat kumar Suman
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks Shelly
Adeel Khurram
 
Network Security
Network SecurityNetwork Security
Network Security
Puneet Abichandani
 
Computer security system Unit1.pptx
Computer security system Unit1.pptxComputer security system Unit1.pptx
Computer security system Unit1.pptx
VIRAJDEY1
 
System Security
System SecuritySystem Security
System Security
Reddhi Basu
 
A CASE STUDY ON VARIOUS NETWORK SECURITY TOOLS
A CASE STUDY ON VARIOUS NETWORK SECURITY TOOLSA CASE STUDY ON VARIOUS NETWORK SECURITY TOOLS
A CASE STUDY ON VARIOUS NETWORK SECURITY TOOLS
Katie Robinson
 
cybersecurity
cybersecuritycybersecurity
cybersecurity
maha797959
 
Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0
Adebisi Tolulope
 
Ethical hacking ppt
Ethical hacking pptEthical hacking ppt
Ethical hacking ppt
Nitesh Dubey
 
Cyber.pptx
Cyber.pptxCyber.pptx
Cyber.pptx
MahalakshmiShetty3
 
1 ijaems sept-2015-3-different attacks in the network a review
1 ijaems sept-2015-3-different attacks in the network a review1 ijaems sept-2015-3-different attacks in the network a review
1 ijaems sept-2015-3-different attacks in the network a review
INFOGAIN PUBLICATION
 
Ne Course Part Two
Ne Course Part TwoNe Course Part Two
Ne Course Part Two
backdoor
 

Recently uploaded (20)

To study Digestive system of insect.pptx
To study Digestive system of insect.pptxTo study Digestive system of insect.pptx
To study Digestive system of insect.pptx
Arshad Shaikh
 
Geography Sem II Unit 1C Correlation of Geography with other school subjects
Geography Sem II Unit 1C Correlation of Geography with other school subjectsGeography Sem II Unit 1C Correlation of Geography with other school subjects
Geography Sem II Unit 1C Correlation of Geography with other school subjects
ProfDrShaikhImran
 
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
larencebapu132
 
Phoenix – A Collaborative Renewal of Children’s and Young People’s Services C...
Phoenix – A Collaborative Renewal of Children’s and Young People’s Services C...Phoenix – A Collaborative Renewal of Children’s and Young People’s Services C...
Phoenix – A Collaborative Renewal of Children’s and Young People’s Services C...
Library Association of Ireland
 
Metamorphosis: Life's Transformative Journey
Metamorphosis: Life's Transformative JourneyMetamorphosis: Life's Transformative Journey
Metamorphosis: Life's Transformative Journey
Arshad Shaikh
 
How to Manage Opening & Closing Controls in Odoo 17 POS
How to Manage Opening & Closing Controls in Odoo 17 POSHow to Manage Opening & Closing Controls in Odoo 17 POS
How to Manage Opening & Closing Controls in Odoo 17 POS
Celine George
 
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - WorksheetCBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
Sritoma Majumder
 
Marie Boran Special Collections Librarian Hardiman Library, University of Gal...
Marie Boran Special Collections Librarian Hardiman Library, University of Gal...Marie Boran Special Collections Librarian Hardiman Library, University of Gal...
Marie Boran Special Collections Librarian Hardiman Library, University of Gal...
Library Association of Ireland
 
How to Customize Your Financial Reports & Tax Reports With Odoo 17 Accounting
How to Customize Your Financial Reports & Tax Reports With Odoo 17 AccountingHow to Customize Your Financial Reports & Tax Reports With Odoo 17 Accounting
How to Customize Your Financial Reports & Tax Reports With Odoo 17 Accounting
Celine George
 
SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -
Colégio Santa Teresinha
 
GDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptxGDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptx
azeenhodekar
 
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptxSCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
Ronisha Das
 
New Microsoft PowerPoint Presentation.pptx
New Microsoft PowerPoint Presentation.pptxNew Microsoft PowerPoint Presentation.pptx
New Microsoft PowerPoint Presentation.pptx
milanasargsyan5
 
LDMMIA Reiki Master Spring 2025 Mini Updates
LDMMIA Reiki Master Spring 2025 Mini UpdatesLDMMIA Reiki Master Spring 2025 Mini Updates
LDMMIA Reiki Master Spring 2025 Mini Updates
LDM Mia eStudios
 
apa-style-referencing-visual-guide-2025.pdf
apa-style-referencing-visual-guide-2025.pdfapa-style-referencing-visual-guide-2025.pdf
apa-style-referencing-visual-guide-2025.pdf
Ishika Ghosh
 
Odoo Inventory Rules and Routes v17 - Odoo Slides
Odoo Inventory Rules and Routes v17 - Odoo SlidesOdoo Inventory Rules and Routes v17 - Odoo Slides
Odoo Inventory Rules and Routes v17 - Odoo Slides
Celine George
 
How to manage Multiple Warehouses for multiple floors in odoo point of sale
How to manage Multiple Warehouses for multiple floors in odoo point of saleHow to manage Multiple Warehouses for multiple floors in odoo point of sale
How to manage Multiple Warehouses for multiple floors in odoo point of sale
Celine George
 
Social Problem-Unemployment .pptx notes for Physiotherapy Students
Social Problem-Unemployment .pptx notes for Physiotherapy StudentsSocial Problem-Unemployment .pptx notes for Physiotherapy Students
Social Problem-Unemployment .pptx notes for Physiotherapy Students
DrNidhiAgarwal
 
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptxYSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
Yale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
Understanding P–N Junction Semiconductors: A Beginner’s Guide
Understanding P–N Junction Semiconductors: A Beginner’s GuideUnderstanding P–N Junction Semiconductors: A Beginner’s Guide
Understanding P–N Junction Semiconductors: A Beginner’s Guide
GS Virdi
 
To study Digestive system of insect.pptx
To study Digestive system of insect.pptxTo study Digestive system of insect.pptx
To study Digestive system of insect.pptx
Arshad Shaikh
 
Geography Sem II Unit 1C Correlation of Geography with other school subjects
Geography Sem II Unit 1C Correlation of Geography with other school subjectsGeography Sem II Unit 1C Correlation of Geography with other school subjects
Geography Sem II Unit 1C Correlation of Geography with other school subjects
ProfDrShaikhImran
 
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
World war-1(Causes & impacts at a glance) PPT by Simanchala Sarab(BABed,sem-4...
larencebapu132
 
Phoenix – A Collaborative Renewal of Children’s and Young People’s Services C...
Phoenix – A Collaborative Renewal of Children’s and Young People’s Services C...Phoenix – A Collaborative Renewal of Children’s and Young People’s Services C...
Phoenix – A Collaborative Renewal of Children’s and Young People’s Services C...
Library Association of Ireland
 
Metamorphosis: Life's Transformative Journey
Metamorphosis: Life's Transformative JourneyMetamorphosis: Life's Transformative Journey
Metamorphosis: Life's Transformative Journey
Arshad Shaikh
 
How to Manage Opening & Closing Controls in Odoo 17 POS
How to Manage Opening & Closing Controls in Odoo 17 POSHow to Manage Opening & Closing Controls in Odoo 17 POS
How to Manage Opening & Closing Controls in Odoo 17 POS
Celine George
 
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - WorksheetCBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
Sritoma Majumder
 
Marie Boran Special Collections Librarian Hardiman Library, University of Gal...
Marie Boran Special Collections Librarian Hardiman Library, University of Gal...Marie Boran Special Collections Librarian Hardiman Library, University of Gal...
Marie Boran Special Collections Librarian Hardiman Library, University of Gal...
Library Association of Ireland
 
How to Customize Your Financial Reports & Tax Reports With Odoo 17 Accounting
How to Customize Your Financial Reports & Tax Reports With Odoo 17 AccountingHow to Customize Your Financial Reports & Tax Reports With Odoo 17 Accounting
How to Customize Your Financial Reports & Tax Reports With Odoo 17 Accounting
Celine George
 
SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -
Colégio Santa Teresinha
 
GDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptxGDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptx
azeenhodekar
 
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptxSCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
Ronisha Das
 
New Microsoft PowerPoint Presentation.pptx
New Microsoft PowerPoint Presentation.pptxNew Microsoft PowerPoint Presentation.pptx
New Microsoft PowerPoint Presentation.pptx
milanasargsyan5
 
LDMMIA Reiki Master Spring 2025 Mini Updates
LDMMIA Reiki Master Spring 2025 Mini UpdatesLDMMIA Reiki Master Spring 2025 Mini Updates
LDMMIA Reiki Master Spring 2025 Mini Updates
LDM Mia eStudios
 
apa-style-referencing-visual-guide-2025.pdf
apa-style-referencing-visual-guide-2025.pdfapa-style-referencing-visual-guide-2025.pdf
apa-style-referencing-visual-guide-2025.pdf
Ishika Ghosh
 
Odoo Inventory Rules and Routes v17 - Odoo Slides
Odoo Inventory Rules and Routes v17 - Odoo SlidesOdoo Inventory Rules and Routes v17 - Odoo Slides
Odoo Inventory Rules and Routes v17 - Odoo Slides
Celine George
 
How to manage Multiple Warehouses for multiple floors in odoo point of sale
How to manage Multiple Warehouses for multiple floors in odoo point of saleHow to manage Multiple Warehouses for multiple floors in odoo point of sale
How to manage Multiple Warehouses for multiple floors in odoo point of sale
Celine George
 
Social Problem-Unemployment .pptx notes for Physiotherapy Students
Social Problem-Unemployment .pptx notes for Physiotherapy StudentsSocial Problem-Unemployment .pptx notes for Physiotherapy Students
Social Problem-Unemployment .pptx notes for Physiotherapy Students
DrNidhiAgarwal
 
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptxYSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
YSPH VMOC Special Report - Measles Outbreak Southwest US 4-30-2025.pptx
Yale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
Understanding P–N Junction Semiconductors: A Beginner’s Guide
Understanding P–N Junction Semiconductors: A Beginner’s GuideUnderstanding P–N Junction Semiconductors: A Beginner’s Guide
Understanding P–N Junction Semiconductors: A Beginner’s Guide
GS Virdi
 

Ehical Hacking: Unit no. 1 Information and Network Security

  • 2. NETWORK SECURITY Network security is any activity designed to protect the usability and integrity(unity) of network and data. It includes both hardware and software technologies.
  • 3. In network security, three common terms are used as: 1. Vulnerabilities 2. Threats 3. Attacks
  • 4. VULNERABILITIES A vulnerability is a weakness that allows an attacker to reduce a system information assurance.
  • 5. Primary vulnerabilities in network 1. Technology vulnerabilities 2. Configuration vulnerabilities 3. Security policy vulnerabilities
  • 6. Technology vulnerabilities Computer and network technologies have intrinsic(built-in) security weakness.  TCP/IP protocol vulnerabilities (HTTP, FTP are inherently unsecure)  Operating system vulnerabilities (Windows, Linux have security problems)  Network equipment vulnerabilities (routers, switches have security weaknesses)
  • 7. Configuration vulnerabilities Network administrator need to correctly configure their computing and network devices to compensate.  Unsecured user accounts (information transmitted insecurely across network)  System account with easily guessed passwords  Unsecured default settings within products  Misconfigured internet services (untrusted sites on dynamic webpages)  Misconfigured network equipment (misconfiguration itself cause security problem)
  • 8. Security policyvulnerabilities The network can pose security risk if users do not follow the security policies.  Lack of written security policy (policies in booklet)  Politics (political battles makes it difficult to implement security policies)  Lack of continuity (easily cracked or default password allows unauthorized access)  Logical access control. Not applied (imperfect monitoring allows unauthorized access)  Disaster recovery plan nonexistent (lack of disaster recovery plan allows panic (a sudden fear) when someone attacks the enterprise.)
  • 9. THREATS The people eager, willing and qualified to take advantage of each security vulnerability, and they continually search for new exploits and weaknesses.
  • 10. Classes of threats There are four main classes of threats: 1. Structured threats 2. Unstructured threats 3. External threats 4. Internal threats
  • 11. 1. Structured threats Implemented by a technically skilled person who is trying to gain access to your network. 2. Unstructured threats Created by an inexperienced / non-technical person who is trying to gain access to your network. 3. Internal threats Occurs when someone from inside your network creates a security threat to your network. 4. External threats Occurs when someone from outside your network creates a security threat to your network.
  • 12. Common terms  Hacker A hacker is a person intensely interested in requiring secrets and recondite workings of any computer operating system. Hackers are most often programmers.  Crackers Crackers can easily be identified because their actions are malicious.
  • 13.  Phreaker A phreaker is an individual who manipulates the phone network to cause it to perform a function that is normally not allowed. A common goal of phreaking is breaking into the phone network.  Spammer An individual who sends large number of unsolicited e-mail messages. Spammers often use viruses to take control of home computers to use these computers to send out their bulk messages.
  • 14.  Phisher A phisher uses e-mail or other means in an attempt to trick others into providing sensitive information, such as credit card no or password etc.  White hat Individuals who use their abilities to find vulnerabilities in systems or networks and then report these vulnerabilities to the owners of the system so that they can be fixed.  Black hat Individuals who use their knowledge of computer to break into system that they are not authorized to use.
  • 15. ATTACKS The threats use a variety of tools, scripts and programs to launch attacks against networks and network devices.
  • 16. Classes of attack 1. Reconnaissance 2. Access 3. Denial of service (DOS) 4. Worms, viruses and Trojan Horses
  • 17. Reconnaissance Reconnaissance is a primary step of computer attack. It involve unauthorized discovery of targeted system to gather information about vulnerabilities. The hacker surveys a network and collects data for a future attack.
  • 18. Reconnaissance attacks can consist of the following: 1. Ping sweeps (tells the attacker, Which IP addresses are alive?) 2. Port scans (art of scanning to determine what network services or ports are activeon the live IP addresses) 3. Internet information queries (queries the ports to determine the application and operating system of targeted host and determines the possible vulnerability exists that can be exploited?) 4. Packet sniffers (to capture data being transmitted on a network)
  • 19. Eavesdropping Eavesdropping is listening into a conversation. (spying, prying or snooping). Network snooping and packet sniffing are common terms for eavesdropping. A common method for eavesdropping on communication is to capture protocol packets.
  • 20. Types of eavesdropping: 1.information gathering Intruder identifies sensitive information i.e credit card number 2.Information theft Intruder steals data through unauthorized access Tools used to perform eavesdropping: 1. Network or protocol analyzers 2. Packet capturing utilities on networked computers
  • 21. Access An access attack is just what it sounds like: an attempt to access another user account or network device through improper means.
  • 22. The attack surface of a software environment is the sum of the different points (for "attack vectors") where an unauthorized user (the "attacker") can try to enter data to or extract data from an environment. Keeping the attack surface as small as possible is a basic security measure. There are over 100 attack vectors and breach methods that hackers can use. However, some are more common than others. Here are some of the most common attack vectors: Attack Surface: Compromised credentials Phishing Weak and stolen passwords Trust relationships Malicious insiders Zero-day vulnerabilities Misconfiguration Brute force attack Missing or poor encryption Distributed Denial of Service (DDoS) Ransomware
  • 23. Understanding an attack surface Due to the increase in the countless potential vulnerable points each enterprise has, there has been increasing advantage for hackers and attackers as they only need to find one vulnerable point to succeed in their attack. There are three steps towards understanding and visualizing an attack surface: Step 1: Visualize. Visualizing the system of an enterprise is the first step, by mapping out all the devices, paths and networks. Step 2: Find indicators of exposures. The second step is to correspond each indicator of a vulnerability being potentially exposed to the visualized map in the last step. IOEs include "missing security controls in systems and software". Step 3: Find indicators of compromise. This is an indicator that an attack has already succeeded.
  • 24. Surface reduction • One approach to improving information security is to reduce the attack surface of a system or software. • The basic strategies of attack surface reduction include the following: reduce the amount of code running, reduce entry points available to untrusted users, and eliminate services requested by relatively few users. • By having less code available to unauthorized actors, there will tend to be fewer failures. By turning off unnecessary functionality, there are fewer security risks. • Although attack surface reduction helps prevent security failures, it does not mitigate the amount of damage an attacker could inflict once a vulnerability is found.
  • 26. Access attack can consist of the following: 1.Password attack 2.Trust exploitation 3.Port redirection 4.Man-in-the-Middle attack 5.Social engineering 6.Phishing
  • 27. Password attacks can be implemented using brute-force attack (repeated attempts to identify users password). Methods for computing passwords: 1.Dictionary cracking 2.Brute-force computation Password attacks
  • 28. Trust exploitation refers to an attack in which an individual take advantage of a trust relationship within a network. Trust exploitation
  • 29. Port redirection A type of trust exploitation attack that uses a compromised host to pass traffic through a firewall that would otherwise be dropped.
  • 30. Man-in-the-Middle attack A man-in-the-Middle attack requires that the hacker have access to network packets that come across a network.
  • 31. Social engineering The easiest hack (social engineering) involves no computer skill at all. Social engineering is the art of manipulating people so they give up confidential information.
  • 32. Phishing Phishing is a type of social engineering attack that involves using e-mail or other types of messages in an attempt to trick others into providing sensitive information.
  • 33. Denial of service (DoS) DoS attacks are often implemented by a hacker as a means of denying a service that is normally available to a user or organization. DoS attacks involve either crashing the system or slowing it down to the point that it is unusable.
  • 34. Distributed DoS attack DDoS uses attack methods similar to standard DoS attack but operates on a much large scale.
  • 36. Malicious code Worms, viruses and Trojan Horses Malicious code is the kind of harmful computer code designed to create system vulnerabilities leading to back doors and other potential damages to files and computing systems. It's a type of threat that may not be blocked by antivirus software on its own
  • 37. The amount and variety of malicious programs out there is enough to make your head spin. This blog post will break down the common types of malicious programs and provide a brief description of each. What is Malware? Malware is short for malicious software, meaning software that can be used to compromise computer functions, steal data, bypass access controls, or otherwise cause harm to the host computer. Malware is a broad term that refers to a variety of malicious programs.
  • 38. Adware Adware (short for advertising-supported software) is a type of malware that automatically delivers advertisements. Common examples of adware include pop-up ads on websites and advertisements that are displayed by software. Often times software and applications offer “free” versions that come bundled with adware. Most adware is sponsored or authored by advertisers and serves as a revenue generating tool. While some adware is solely designed to deliver advertisements, it is not uncommon for adware to come bundled with spyware (see below) that is capable of tracking user activity and stealing information. Due to the added capabilities of spyware, adware/spyware bundles are significantly more dangerous than adware on its own.
  • 39. Bots are software programs created to automatically perform specific operations. While some bots are created for relatively harmless purposes (video gaming, internet auctions, online contests, etc), it is becoming increasingly common to see bots being used maliciously. Bots can be used in botnets (collections of computers to be controlled by third parties) for DDoS attacks, as spambots that render advertisements on websites, as web spiders that scrape server data, and for distributing malware disguised as popular search items on download sites. Websites can guard against bots with CAPTCHA tests that verify users as human. Bot
  • 40. Bug In the context of software, a bug is a flaw produces an undesired outcome. These flaws are usually the result of human error and typically exist in the source code or compilers of a program. Minor bugs only slightly affect a program’s behavior and as a result can go for long periods of time before being discovered. More significant bugs can cause crashing or freezing. Security bugs are the most severe type of bugs and can allow attackers to bypass user authentication, override access privileges, or steal data. Bugs can be prevented with developer education, quality control, and code analysis tools.
  • 41. Ransomware is a form of malware that essentially holds a computer system captive while demanding a ransom. The malware restricts user access to the computer either by encrypting files on the hard drive or locking down the system and displaying messages that are intended to force the user to pay the malware creator to remove the restrictions and regain access to their computer. Ransomware typically spreads like a normal computer worm (see below) ending up on a computer via a downloaded file or through some other vulnerability in a network service. Ransomware
  • 42. A rootkit is a type of malicious software designed to remotely access or control a computer without being detected by users or security programs. Once a rootkit has been installed it is possible for the malicious party behind the rootkit to remotely execute iles, access/steal information, modify system configurations, alter software (especially any security software that could detect the rootkit), install concealed malware, or control the computer as part of a botnet. Rootkit prevention, detection, and removal can be difficult due to their stealthy operation. Because a rootkit continually hides its presence, typical security products are not effective in detecting and removing rootkits. As a result, rootkit detection relies on manual methods such as monitoring computer behavior for irregular activity, signature scanning, and storage dump analysis. Organizations and users can protect themselves from rootkits by regularly patching vulnerabilities in software, applications, and operating systems, updating virus definitions, avoiding suspicious downloads, and performing static analysis scans. rootkit
  • 43. Spyware is a type of malware that functions by spying on user activity without their knowledge. These spying capabilities can include activity monitoring, collecting keystrokes, data harvesting (account information, logins, financial data), and more. Spyware often has additional capabilities as well, ranging from modifying security settings of software or browsers to interfering with network connections. Spyware spreads by exploiting software vulnerabilities, bundling itself with legitimate software, or in Trojans. Spyware
  • 44. A Trojan horse, commonly known as a “Trojan,” is a type of malware that disguises itself as a normal file or program to trick users into downloading and installing malware. A Trojan can give a malicious party remote access to an infected computer. Once an attacker has access to an infected computer, it is possible for the attacker to steal data (logins, financial data, even electronic money), install more malware, modify files, monitor user activity (screen watching, keylogging, etc), use the computer in botnets, and anonymize internet activity by the attacker. Trojan horse
  • 45. A virus is a form of malware that is capable of copying itself and spreading to other computers. Viruses often spread to other computers by attaching themselves to various programs and executing code when a user launches one of those infected programs. Viruses can also spread through script files, documents, and cross-site scripting vulnerabilities in web apps. Viruses can be used to steal information, harm host computers and networks, create botnets, steal money, render advertisements, and more. virus
  • 46. Computer worms are among the most common types of malware. They spread over computer networks by exploiting operating system vulnerabilities. Worms typically cause harm to their host networks by consuming bandwidth and overloading web servers. Computer worms can also contain “payloads” that damage host computers. Payloads are pieces of code written to perform actions on affected computers beyond simply spreading the worm. Payloads are commonly designed to steal data, delete files, or create botnets. Computer worms can be classified as a type of computer virus, but there are several characteristics that distinguish computer worms from regular viruses. A major difference is that computer worms have the ability to self-replicate and spread independently while viruses rely on human activity to spread (running a program, opening a file, etc). Worms often spread by sending mass emails with infected attachments to users’ contacts. worms
  • 47. Malware Symptoms While these types of malware differ greatly in how they spread and infect computers, they all can produce similar symptoms. Computers that are infected with malware can exhibit any of the following symptoms: • Increased CPU usage • Slow computer or web browser speeds • Problems connecting to networks • Freezing or crashing • Modified or deleted files • Appearance of strange files, programs, or desktop icons • Programs running, turning off, or reconfiguring themselves (malware will often reconfigure or turn off antivirus and firewall programs) • Strange computer behavior • Emails/messages being sent automatically and without user’s knowledge (a friend receives a strange email from you that you did not send)
  • 48. Malware Prevention and Removal There are several general best practices that organizations and individual users should follow to prevent malware infections. Some malware cases require special prevention and treatment methods, but following these recommendations will greatly increase a user’s protection from a wide range of malware:  Install and run anti-malware and firewall software. When selecting software, choose a program that offers tools for detecting, quarantining, and removing multiple types of malware. At the minimum, anti-malware software should protect against viruses, spyware, adware, Trojans, and worms. The combination of anti-malware software and a firewall will ensure that all incoming and existing data gets scanned for malware and that malware can be safely removed once detected.  Keep software and operating systems up to date with current vulnerability patches. These patches are often released to patch bugs or other security flaws that could be exploited by attackers.  Be vigilant when downloading files, programs, attachments, etc. Downloads that seem strange or are from an unfamiliar source often contain malware.
  • 50. Security Vulnerability Types Computer security vulnerabilities can be divided into numerous types based on different criteria— such as where the vulnerability exists, what caused it, or how it could be used. Some broad categories of these vulnerability types include: 1. Network Vulnerabilities. These are issues with a network’s hardware or software that expose it to possible intrusion by an outside party. Examples include insecure Wi-Fi access points and poorly-configured firewalls. 2. Operating System Vulnerabilities. These are vulnerabilities within a particular operating system that hackers may exploit to gain access to an asset the OS is installed on—or to cause damage. Examples include default superuser accounts that may exist in some OS installs and hidden backdoor programs. 3. Human Vulnerabilities. The weakest link in many cybersecurity architectures is the human element. User errors can easily expose sensitive data, create exploitable access points for attackers, or disrupt systems. 4. Process Vulnerabilities. Some vulnerabilities can be created by specific process controls (or a lack thereof). One example would be the use of weak passwords (which may also fall under human vulnerabilities).