Lecture 19 Hacking WHAT IS NETWORK SECURITY Security
- Slides: 11
Lecture 19 Hacking
WHAT IS NETWORK SECURITY? • Security is much larger than just packets, firewalls, and hackers. Security includes: – – – Policies and procedures Liabilities and laws Human behavior patterns Corporate security programs and implementation Technical aspects- firewalls, intrusion detection systems, proxies, encryption, antivirus software, hacks, cracks, and attacks • Understanding hacking tools and how attacks are carried out is only one piece of the puzzle. 2
ATTACKS Ø THERE ARE MANY TYPES OF ATTACKS • SPOOFING ATTACK • TELNET BASED ATTACK • DOS (Daniel of service) ATTACK • PING OF DEATH • DISTRIBUTED DOS ATTACK • MAILBOMBS
NEED FOR SECURITY Ø SOME EXELLENT SOFTWARE CAN PROVIDE YOU BEST SECURITY Ø LIKE • TROJAN • FIREWALL
TROJAN Ø WINDOWS TROJANS ARE SMALL ASPECT OF WINDOWS SECURUTY Ø TROJAN IS UNOTHORIZED PROGRAM CONTAINED WITHIN A LEGIMATE PROGRAM Ø THIS PROGRAM PERFORMS FUNCTION UNKNOWN BY USER
FIREWALL Ø FIREWALL IS ANY DEVICE USED TO PREVENT OUTSIDERS FROM GAINING ACCESS TO YOUR NETWORK Ø TYPES OF FIREWALLS • PACKET FILTER • APPLICATION PROXY • PACKET INSPECTION
Common Steps for Attackers Ø Reconnaissance – Intelligent work of obtaining information either actively or passively – Examples: • Passively: Sniffing Traffic, eavesdropping • Actively: Obtaining data from American Registry for Internet Numbers (ARIN), whois databases, web sites, social engineering 7
Common Steps for Attackers • Scanning – Identifying systems that are running and services that are active on them – Examples: Ping sweeps and port scans 8
Common Steps for Attackers • Gaining Access – Exploiting identified vulnerabilities to gain unauthorized access – Examples: Exploiting a buffer overflow or brute forcing a password and logging onto a system 9
Common Steps for Attackers • Maintaining Access – Uploading malicious software to ensure re-entry is possible – Example: Installing a backdoor on a system 10
Common Steps for Attackers • Covering Tracks – Carrying out activities to hide one’s malicious activities – Example: Deleting or modifying data in a system and its application logs 11
- Ethical hacking: hacking web servers and web applications
- Ethical hacking and network defense
- 01:640:244 lecture notes - lecture 15: plat, idah, farad
- What is the osi security architecture?
- Security guide to network security fundamentals
- Wireless security in cryptography and network security
- Electronic mail security in network security
- Security guide to network security fundamentals
- Security guide to network security fundamentals
- Security security security
- Graph neural network lecture
- Telecommunication network management lecture notes