Embed Size (px)
Citation preview
LOGIC BOMB
SPOOFING ATTACK
PHISHING ATTACK
BY: Noraini AbdullahAccess Control & Perimeter Protect ion
What is Logic Bomb
is a hidden code in software / program that execute itself when pre-defined conditions are met
Also known as a TIME BOMBS as it execute on certain days
Activated when specified conditions are met:
presence / absence of some file
Particular date / time
Particular user
When trigger typically damage system
modify/ deleting file or disk, halt machine and wipe everything off the computer.
Example of a time bomb is the infamous ‘Friday the 13th’ virus.
Logic Bombs ProtectionDo not download pirated software – Logic bombs can by distributed by exploits that promote
software piracy
Do not click on suspicious web links –clicking on an unsafe link may direct you to an infected
website that may host the logic bomb malware
Apply patches to other software installed on your computer like such as:
Microsoft Office software
adobe products
Example of Logic Bomb
SPOOFING ATTACK
A spoofing attack is when a malicious party
impersonates (menyamar) another device or user on a
network in order to launch attacks against network hosts,
steal data, spread malware or bypass access controls.
TYPE OF SPOOFING ATTACKS
IP address spoofing
ARP Spoofing Attacks
DNS Server Spoofing Attacks
Web spoofing
-E-mail spoofing
-Non technical spoofing
IP ADDRESS SPOOFING / IP SPOOFING
Creation of Internet Protocol (IP) packets with a forged source IP addressPurpose to conceal the sender identity or impersonating another computing system
ARP Spoofing Attacks
Attacker sends falsified ARP(Address Resolution Protocol) messages over a local area network that linking of an attacker’s MAC address with the IP address of a legitimate computer or server on the network.
Once the attacker’s MAC ( Media Access Control )address is connected to an authentic IP address the attacker will begin receiving any data that is intended for that IP address.
ARP spoofing can enable malicious parties to intercept, modify, or even stop data in-transit.
ARP spoofing attacks can only occur on local area networks that utilize the Address Resolution Protocol.
Domain Name Server (DNS)Spoofing Attacks
A system that associates domain names with IP addresses.
Devices that connect to the internet or other private networks rely on the DNS for resolving URLs, email addresses and other human-readable domain names into their corresponding IP addresses.
Malicious party modifies the DNS server in order to reroute a specific domain name to a different IP address.
In many cases, the new IP address will be for a server that is actually controlled by the attacker and contains files infected with malware.
DNS server spoofing attacks are often used to spread computer worms and viruses.
Web spoofing Attacker observe and modify all web pages sent to the victim's
machine, and observe all information entered into forms by the victim. even when the browser's show "secure connection" . The user sees no indication that anything is wrong.
After browser has been fooled, the spoofed web server can send fake web pages or prompt victim to provide personal information such as login Id, password, or even credit card or bank account numbers.
E-mail spoofing
Email spoofing may occur in different forms, but all have a similar target/result:
is the forgery of an e-mail header
user receives email that appears to have originated from one source but it was actually sent from another source.
Purpose to cover up an attempt to trick the user into going to the wrong site and releasing sensitive information (such as passwords).
Non Technical Spoofing non-computer based
techniques commonly referred to as social engineering.
Attacker calling someone on the phone saying that he is a certain person.
Purpose to obtain vital information such as ic no. account no., credit card no.etc.
PHISHING
Phishing is a type of deception(penipuan) designed to steal your valuable personal data, such as credit card numbers, passwords, account data, or other information.
HISTORY OF PHISHING
Phishing in 1995Target: American on line usersPurpose: getting account passwords for free timeThreat level: lowTechniques: Similar names ( www.ao1.com for www.aol.com ), social engineering
Phishing in 2001Target: Ebayers and major banksPurpose: getting credit card numbers, accountsThreat level: mediumTechniques: Same in 1995, keylogger
Phishing in 2007Target: Paypal, banks, ebayPurpose: bank accountsThreat level: highTechniques: browser vulnerabilities, link obfuscation (Keliruan)
Another Example
