1 / 12

Hacking and Network Defense

Hacking and Network Defense. Introduction. With the media attention covering security breaches at even the most tightly controlled organization, it is more important than ever to learn about hackers. Hacker Profile.

bo-reeves
Download Presentation

Hacking and Network Defense

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Hacking and Network Defense

  2. Introduction • With the media attention covering security breaches at even the most tightly controlled organization, it is more important than ever to learn about hackers.

  3. Hacker Profile • “Hacker” can be ranged from the computer programmer you work with who hacks in the evening , to a high school student who plays on the computer after he/she gets out of school, to almost anyone in between. • Why? • Enjoy the game of discovering the vulnerabilities • Criminal intent • Revenge

  4. Enterprise Risks • Disruption of Services • Damaged Reputation • Exposure of Confidential information • Corruption of Data • Liability

  5. Anatomy of an Attack • Profiling • Gathering information about target • Scanning • Identify what systems are active • Enumerating • Determining valid user account and shares

  6. Anatomy of an Attack • Enumerating (Cont.) • How? • Social Engineering • Observation • Eavesdropping • Exploiting • Gain unlawful entry to a system

  7. Different Kind of Exploits • Buffer Overflows • Result of poor programming • Privilege Escalation • Unsecured lower privilege account • Brute Force Attacks • Password guessing game • Unexpected Input • Username: jdoe; rm –rf /

  8. Different Kind of Exploits • Defacements • Surprise on Web sites • Denial of Service (DoS) • A fleet attack • Launch Pad Attacks • A victim attacked by other victim

  9. The Hackers Toolkit • Web Scanner • Port Scanner • Password Crackers • Password Grinders • War Dialers • Program Password Recovery • Credit Card Number Generators • Vulnerability Scanners • Packet Sniffers • Net BIOS Auditing Tools • Virus, Trojans, Worms

  10. Defending Against the Hack • Keep patched up to date • Shut down unnecessary services/ports • Change default passwords • Control physical access to system • Curtail unexpected input

  11. Defending Against the Hack • Perform backups the test them • Educate people about social engineering • Encrypt and password-protect sensitive data • Implement security hardware and software • Develop a written security policy for the company

  12. More Hacking • Hacker tools • http://www.insecure.org/tools.html • Wireless Networks • Wireless LAN Analyzers • Viruses and Worms • http://www.nai.com • Terrorism • Security Advisory • http://www.microsoft.com/security

More Related