Cyber Security & Network Attack

ANALOG GROUP

Cyber Security

• The electronic medium in which online communication takes place.

• Cyber space is virtual space in computer media.

• Security is the degree of protection against danger, damage, loss, and criminal activity.

ANALOG GROUP

Element Of Security

• Confidentiality: Disclosure of information only to authorized entities

• Integrity: Prevention of unauthorized changes to data

• Authenticity: Confidence that a message was sent by a certain party and not an imposter

• Availability: Guarantee of access to resources

ANALOG GROUP

The Security , Functionality & Ease of Use Triangle

Security

Functionality

Ease of Use

Moving Ball

ANALOG GROUP

What Does A malicious Hacker Do?

Foot printing 1

Scanning

gaining accessmaintaining access

Clearing Track2

3

4

5

ANALOG GROUP

Network

ANALOG GROUP

Network Attack• Eavesdropping• Snooping• Interception• Modification Attacks• Repudiation Attacks Sniffing• Port Scanning• TCP Syn. or TCP ACK Attack• TCP Sequence number attack• TCP Hijacking• ICMP Attacks• Smurf Attacks• ICMP Tunelling

Denial-of-service (DoS) Attacks• Distributed denial-of-service (DDoS) Attacks• Back door Attacks• Spoofing Attacks• Man-in-the-Middle Attacks• Replay Attacks• Password Guessing Attacks

ANALOG GROUP

Eavesdropping

--get MAC Address

-- get IP Address

-- get Base Station Address

-- sniff clear text passwords and keys

-- crack wep keys-- crack password

-- get SSIDs

ANALOG GROUP

Snooping

Same as Eavesdropping

But it will work all time not limited during transmission .

Ex. Keyloger

ANALOG GROUP

Port Scanning

1) On computer and telecommunication devices, a port (noun) is generally a specific place for being physically connected to some other device, usually with a socket and plug of some kind.

2) In programming, a port (noun) is a "logical connection place" and specifically, using the Internet's protocol, TCP/IP, the way a client program specifies a particular server program on a computer in a network.

ANALOG GROUP

Dos & Ddos Attack

Denial of Service is an attack through which a person can make a system unusable, or slow it down for legitimate users,by overloading its resources.

ANALOG GROUP

MITM attack : man in the middle attack

As the name indicates, a man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently ANALOG GROUP

Back door Attacks

This can have two different meanings, the original term back door referred to troubleshooting and developer hooks into systems. During the development of a complicated operating system or application, programmers add back doors or maintenance hooks. These back doors allow them to examine operations inside the code while the program is running. The second type of back door refers to gaining access to a network and inserting a program or utility that creates an entrance for an attacker. The program may allow a certain user to log in without a password or gain administrative privileges. A number of tools exist to create a back door attack such as, Back Orifice (Which has been updated to work with windows server 2003 as well as erlier versions), Subseven,NetBus, and NetDevil. There are many more. Fortunately, most anti-virus software will recognize these attacks. ANALOG GROUP

SQL Injection

• SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution

• The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed

ANALOG GROUP

How To Protect?

Install a Hardware Firewall/Router

Secure Your WiFi

Install a Web Filter/Proxy

Install a Spam Filter

Install and Maintain Antivirus Software

Install Desktop Firewall Software

Install Antispyware Software

Install Encryption/Secure Deletion SoftwareInstall and Use a Backup System

ANALOG GROUP

First protect your computer.

1: Protect computer by password.

2: use administrator & guest account to login.

3: Apply group policy.

4: Use a up to date antivirus

ANALOG GROUP

Now Network Security. 1. Install a Hardware Firewall/Router

The hardware firewall/router is at the core of your system security. It is on the “front lines” when it comes to protecting your systems. It’s main security purpose is to let you get out to the Internet while keeping the Internet out of your computers.

A hardware firewall uses packet filtering to examine the header of a packet to determine its source and destination. This information is compared to a set of predefined or user-created rules that determine whether the packet is to be forwarded or dropped.

ANALOG GROUP

Secure Your WiFi

1: Use preferred encryption methods in this order: WPA2, WPA (been cracked), WEP (been cracked). Only use WPA and WEP if you have no other choice

2: Change your SSID to something obscure

3: Don’t broadcast your SSID

4: Use MAC address authentication

5: Turn off your WiFi when not in use

6: Disable DHCP on entire network

ANALOG GROUP

Web Filter/Proxy

In computer networks, a proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to its filtering rules. For example, it may filter traffic by IP address or protocol. If the request is validated by the filter, the proxy provides the resource by connecting to the relevant server and requesting the service on behalf of the client. A proxy server may optionally alter the client's request or the server's response, and sometimes it may serve the request without contacting the specified server. In this case, it 'caches' responses from the remote server, and returns subsequent requests for the same content directly.

ANALOG GROUP

AntivirusBit Defender Antivirus 2011Norton Antivirus 2011F-Secure Antivirus 2011ESET NOD32 Antivirus 4Kasper sky Antivirus 2011Trend Micro Titanium SecurityPanda Antivirus 2011AVG Antivirus 2011G Data Antivirus 2011Zone Alarm Antivirus 2011Vipre Antivirus 2011McAfee Antivirus Plus 2011CA Antivirus 2011Avanquest SystemS uite 11 ProfessionalAvira Antivir Premium 2011Sophos Endpoint Security 2011Comodo Antivirus 2011PC Tools Spyware Doctor with Antivirus 2011Quick Heal Antivirus 2011Microsoft Security Essentials 2011

ANALOG GROUP

INDIA in cyber security

Cyber law of India is weak and so is cyber security of India. In fact, cyber security of India is in poor state. We have no cyber security strategy of India and this is resulting in a weak and vulnerable cyber security of India. India is facing serious cyber threats and its cyberspace is not at all secure. Cyber terrorism against India is now a well known fact and cyber espionage against India is even admitted by Indian government. Even defence forces of India need to upgrade their cyber security capabilities. We also have negligible cyber forensics capabilities in India and cyber skills development in India is the need of the hour.

ANALOG GROUP

Cyber terrorism in India, cyber crimes and cyber attacks against India are increasing because we have no national security policy of India. Further, we also have no national security an ICT policy of India. Obviously national cyber security in India is not upto the mark in the absence of networks security in India.

National Security Policy of India is urgently required and Cyber Security Policy of India must be an essential part of the same, says Praveen Dalal, managing partner of New Delhi based Law Firm Perry4Law and leading techno legal expert of India. Increasing Cyber Security Readiness with Adaptive Threat Management is need of the hour, suggests Dalal. Further, Measurement of ICT Resilience and Robustness on regular basis is also required, suggests Dalal.

ANALOG GROUP

Where are you?

ANALOG GROUP

Any Problem?

ANALOG GROUP

PRESENTED BY

SHASHI SHNAKER SINGH

COMPUTER SCIENCE & ENGINEERING

ANAND ENGINEERING COLLEGE,AGRA

ANALOG GROUP