Upload
hcl-technologies
View
931
Download
3
Embed Size (px)
DESCRIPTION
any problem contact [email protected]
Citation preview
Cyber Security & Network Attack
ANALOG GROUP
Cyber Security
• The electronic medium in which online communication takes place.
• Cyber space is virtual space in computer media.
• Security is the degree of protection against danger, damage, loss, and criminal activity.
ANALOG GROUP
Element Of Security
• Confidentiality: Disclosure of information only to authorized entities
• Integrity: Prevention of unauthorized changes to data
• Authenticity: Confidence that a message was sent by a certain party and not an imposter
• Availability: Guarantee of access to resources
ANALOG GROUP
The Security , Functionality & Ease of Use Triangle
Security
Functionality
Ease of Use
Moving Ball
ANALOG GROUP
What Does A malicious Hacker Do?
Foot printing 1
Scanning
gaining accessmaintaining access
Clearing Track2
3
4
5
ANALOG GROUP
Network
ANALOG GROUP
Network Attack• Eavesdropping• Snooping• Interception• Modification Attacks• Repudiation Attacks Sniffing• Port Scanning• TCP Syn. or TCP ACK Attack• TCP Sequence number attack• TCP Hijacking• ICMP Attacks• Smurf Attacks• ICMP Tunelling
Denial-of-service (DoS) Attacks• Distributed denial-of-service (DDoS) Attacks• Back door Attacks• Spoofing Attacks• Man-in-the-Middle Attacks• Replay Attacks• Password Guessing Attacks
ANALOG GROUP
Eavesdropping
--get MAC Address
-- get IP Address
-- get Base Station Address
-- sniff clear text passwords and keys
-- crack wep keys-- crack password
-- get SSIDs
ANALOG GROUP
Snooping
Same as Eavesdropping
But it will work all time not limited during transmission .
Ex. Keyloger
ANALOG GROUP
Port Scanning
1) On computer and telecommunication devices, a port (noun) is generally a specific place for being physically connected to some other device, usually with a socket and plug of some kind.
2) In programming, a port (noun) is a "logical connection place" and specifically, using the Internet's protocol, TCP/IP, the way a client program specifies a particular server program on a computer in a network.
ANALOG GROUP
Dos & Ddos Attack
Denial of Service is an attack through which a person can make a system unusable, or slow it down for legitimate users,by overloading its resources.
ANALOG GROUP
MITM attack : man in the middle attack
As the name indicates, a man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently ANALOG GROUP
Back door Attacks
This can have two different meanings, the original term back door referred to troubleshooting and developer hooks into systems. During the development of a complicated operating system or application, programmers add back doors or maintenance hooks. These back doors allow them to examine operations inside the code while the program is running. The second type of back door refers to gaining access to a network and inserting a program or utility that creates an entrance for an attacker. The program may allow a certain user to log in without a password or gain administrative privileges. A number of tools exist to create a back door attack such as, Back Orifice (Which has been updated to work with windows server 2003 as well as erlier versions), Subseven,NetBus, and NetDevil. There are many more. Fortunately, most anti-virus software will recognize these attacks. ANALOG GROUP
SQL Injection
• SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution
• The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed
ANALOG GROUP
How To Protect?
Install a Hardware Firewall/Router
Secure Your WiFi
Install a Web Filter/Proxy
Install a Spam Filter
Install and Maintain Antivirus Software
Install Desktop Firewall Software
Install Antispyware Software
Install Encryption/Secure Deletion SoftwareInstall and Use a Backup System
ANALOG GROUP
First protect your computer.
1: Protect computer by password.
2: use administrator & guest account to login.
3: Apply group policy.
4: Use a up to date antivirus
ANALOG GROUP
Now Network Security. 1. Install a Hardware Firewall/Router
The hardware firewall/router is at the core of your system security. It is on the “front lines” when it comes to protecting your systems. It’s main security purpose is to let you get out to the Internet while keeping the Internet out of your computers.
A hardware firewall uses packet filtering to examine the header of a packet to determine its source and destination. This information is compared to a set of predefined or user-created rules that determine whether the packet is to be forwarded or dropped.
ANALOG GROUP
Secure Your WiFi
1: Use preferred encryption methods in this order: WPA2, WPA (been cracked), WEP (been cracked). Only use WPA and WEP if you have no other choice
2: Change your SSID to something obscure
3: Don’t broadcast your SSID
4: Use MAC address authentication
5: Turn off your WiFi when not in use
6: Disable DHCP on entire network
ANALOG GROUP
Web Filter/Proxy
In computer networks, a proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to its filtering rules. For example, it may filter traffic by IP address or protocol. If the request is validated by the filter, the proxy provides the resource by connecting to the relevant server and requesting the service on behalf of the client. A proxy server may optionally alter the client's request or the server's response, and sometimes it may serve the request without contacting the specified server. In this case, it 'caches' responses from the remote server, and returns subsequent requests for the same content directly.
ANALOG GROUP
AntivirusBit Defender Antivirus 2011Norton Antivirus 2011F-Secure Antivirus 2011ESET NOD32 Antivirus 4Kasper sky Antivirus 2011Trend Micro Titanium SecurityPanda Antivirus 2011AVG Antivirus 2011G Data Antivirus 2011Zone Alarm Antivirus 2011Vipre Antivirus 2011McAfee Antivirus Plus 2011CA Antivirus 2011Avanquest SystemS uite 11 ProfessionalAvira Antivir Premium 2011Sophos Endpoint Security 2011Comodo Antivirus 2011PC Tools Spyware Doctor with Antivirus 2011Quick Heal Antivirus 2011Microsoft Security Essentials 2011
ANALOG GROUP
INDIA in cyber security
Cyber law of India is weak and so is cyber security of India. In fact, cyber security of India is in poor state. We have no cyber security strategy of India and this is resulting in a weak and vulnerable cyber security of India. India is facing serious cyber threats and its cyberspace is not at all secure. Cyber terrorism against India is now a well known fact and cyber espionage against India is even admitted by Indian government. Even defence forces of India need to upgrade their cyber security capabilities. We also have negligible cyber forensics capabilities in India and cyber skills development in India is the need of the hour.
ANALOG GROUP
Cyber terrorism in India, cyber crimes and cyber attacks against India are increasing because we have no national security policy of India. Further, we also have no national security an ICT policy of India. Obviously national cyber security in India is not upto the mark in the absence of networks security in India.
National Security Policy of India is urgently required and Cyber Security Policy of India must be an essential part of the same, says Praveen Dalal, managing partner of New Delhi based Law Firm Perry4Law and leading techno legal expert of India. Increasing Cyber Security Readiness with Adaptive Threat Management is need of the hour, suggests Dalal. Further, Measurement of ICT Resilience and Robustness on regular basis is also required, suggests Dalal.
ANALOG GROUP
Where are you?
ANALOG GROUP
Any Problem?
ANALOG GROUP
PRESENTED BY
SHASHI SHNAKER SINGH
COMPUTER SCIENCE & ENGINEERING
ANAND ENGINEERING COLLEGE,AGRA
ANALOG GROUP