The document discusses various security threats and countermeasures. It defines security as minimizing risk and removing dangers. It then covers common network security attacks like spoofing, sniffing, hijacking, trojans, DoS/DDoS attacks, and social engineering. For each threat, it provides examples, overview, and potential countermeasures to secure networks and information from unauthorized access. The conclusion emphasizes the importance of staying updated on security best practices to patch vulnerabilities.
2. OVERVIEW
What is SECURITY?
Why do we need SECURITY?
Who is VULNERABLE?
Common Security Attacks and countermeasures…
Spoofing {IP Spoofing}
Sniffing
Hijacking {man-in-middle attacks}
Trojans
DoS/DDoS Attacks
Social Engineering
3. WHAT IS SECURITY?
Dictionary.com says -:
Freedom from RISK or DANGER is SECURITY
RISK -: potential to create a LOSS is known as RISK…
DANGER -: a source of RISK is DANGER
If we correlate these two, it gives-:
“ a source which has the potential to create a LOSS”
Security is the criteria of minimizing the RISK and
removing the DANGER.
4. NETWORK SECURITY
Security management for NETWORKS is known as
Network Security…
What are NETWORKS???
network, is a collection of hardware components and
computers interconnected by communication channels
that allow sharing of resources and information…
To secure our resources and information from illegal,
unauthorized access, we need an efficient management
for networks which is often known as NETWORK
SECURITY…
5. NEED FOR NETWORK SECURITY
To ensure that -:
information on a network remains SECURED
information we passed should not be LOST
the information should not be DELAYED
hackers and crackers do not access your
information
7. HACKERS VS. CRACKERS
Hacker { white hats } are the programmers that
break the NETWORK SECURITY for fruitful
purposes like for identifying security holes,
tracking suspicious CRACKER’s…
whereas,,,,,
Cracker { black hats } are the programmers
that also break the NETWORK SECURITY
but for evil purposes like stealing account
details, login information's and infecting
different NETWORK’s…
8. WHO IS VULNERABLE?
Financial institutions and banks
Internet service providers
Pharmaceutical companies
Government and defense agencies
Contractors to various government agencies
Multinational corporations
Bottom line is-:
“ANYONE ON THE NETWORK IS
VULNEABLE”
9. COMMON SECURITY ATTACKS AND
COUNTERMEASURES
Spoofing {IP Spoofing}
Sniffing
Hijacking {man-in-middle attacks}
Trojans
DoS/DDoS Attacks
Social Engineering
10. OVERVIEW OF IP SPOOFING
First Attack-: 1980’s
Done By-: Robert Morris
Major Types-: Blind and Non-Blind Attacks
Victim-: Unsecured and Static IP Addresses
11. IP SPOOFING
Spoofing is the creation
of TCP/IP packets using
somebody else's IP
address. Routers use
the "destination IP"
address in order to
forward packets through
the Internet, but ignore
the "source IP" address.
That address is only used
by the destination
machine when it
responds back to the
source.
SSH > SECURE SHELL
12. SPOOFING COUNTERMEASURES
The countermeasure for spoofing is ingress
filtering. Routers that perform ingress filtering
check the IP address of incoming packets. If
the source address is not in the valid
range, then such packets will be discarded.
13. SNIFFING
Packet sniffing is the
interception of data
packets traversing a
network. A sniffer
program works at the
Ethernet layer in
combination with network
interface cards (NIC) to
capture all traffic traveling
to and from internet host
site. There are dozens of
freely available packet
sniffer programs on the
internet. The more
sophisticated ones allow
more active intrusion.
14. SNIFFING COUNTERMEASURES
Sniffing can be detected two ways:
Host-based : Software commands exist that can
be run on individual host machines to tell if the NIC
is running in promiscuous mode.
Network-based : Solutions tend to check for the
presence of running processes and log files, which
sniffer programs consume a lot of. However,
sophisticated intruders almost always hide their
tracks by disguising the process and cleaning up
the log files.
15. OVERVIEW OF SESSION HIJACKING
First Attack-: 2001
Major Victims-: Any one on the Network which has
cookies enabled…
Major Types-: Active and Passive Attacks
It’s the most DANGEROUS and MALLICIOUS
attack in today’s scenario of NETWORKING
16. SESSION HIJACKING {MAN-IN MIDDLE}
COUNTERMEASURES
This is a technique that
takes advantage of a
weakness in the TCP/IP
protocol. Hijacking occurs
when someone between
you and the person with
whom you are
communicating is actively
monitoring, capturing,
and controlling your
communication
transparently.
Next Page…
17. SESSION HIJACKING {MAN-IN MIDDLE}
Man-in-middle attacks
are like someone
assuming your identity
in order to read your
message. The person
on the other end might
believe it is
you, because the
attacker might be
actively replying as
you, to keep the
exchange going and
gain more information.
18. SESSION HIJACKING
{MAN-IN MIDDLE}
COUNTERMEASURES
Countermeasures to help prevent session hijacking
include:
Use encrypted session negotiation.
Use encrypted communication channels.
Stay informed of platform patches to fix
TCP/IP vulnerabilities, such as predictable
packet sequences.
19. OVERVIEW OF TROJAN’S
First Trojan-: 1975, Pervading Animal
Who Coded It-: John Walker
Major Victims-: Banking, Business etc…
Major Examples-: big wooden horse, JESUS etc…
Have The Potential To Destroy Any System except
UNIX one
20. TROJANS
These are programs that
look like ordinary software,
but actually perform
unintended or malicious
actions behind the scenes
when launched. Most
remote control spyware
programs are of this type.
The number of Trojan
techniques are only limited
by the attacker's
imagination. A Torjanizes file
will look, operate, and
appear to be the same size
as the compromised system
file.
21. TROJANS COUNTERMEASURES
The only protection is early use of a cryptographic
checksum or binary digital signature procedure.
22. OVERVIEW OF DOS/DDOS ATTACKS
First Attack-: 1974 in PLATO System Laboratory
Who Done It-: A System Admin of PLATO
Major Victims-: Yahoo! , Hotmail, Twitter etc…
Most Devastating DoS Attack-: “Ping of DEATH”
Have The Potential To Destroy Any Network EVEN
TODAY
23. DOS/DDOS {DENIAL OF SERVICE}
Denial of Service attack
on a network is designed
to bring the network to its
knees by flooding it with
useless traffic. Denial of
Service can result when
a system, such as a Web
server, has been flooded
with illegitimate requests,
thus making it impossible
to respond to real
requests or task. Yahoo!
and e-bay were both
victims of such attacks in
February 2000.
24. DOS/DDOS {DENIAL OF SERVICE}
There are three basic types
of attack….
Consumption of
computational resources,
such as band width, disk
space or CPU time.
Disruption of configuration
information, such as routing
information.
Disruption of physical
network components.
26. SOCIAL ENGINEERING
Social Engineering Involves…
Faked Email : The social engineer sends a message to
one or more users in a domain that "this is the system
administrator and your password must be reset to user
123 " for a temporary period of time. The hacker then
continuously monitors for the change and then exploits
the whole system.
Fictitious Competition : The social engineer
manipulates a group of users to participate in some fake
competition for a jackpot prize, with the ultimate purpose
of eventually extracting confidential information about
network and password security.
27. SOCIAL ENGINEERING
COUNTERMEASURES
There aren’t always solutions to all of these
problems
Humans will continue to be tricked into giving out
information they shouldn’t
Educating them may help a little here, but, depending on
how bad you want the information, there are a lot of bad
things you can do to get it.
So, the best that can be done is to implement a
wide variety of solutions and more closely monitor
who has access to what network resources and
information
NOTE: But, this solution is still not perfect
28. CONCLUSION
The Internet works only because we implicitly
trust one another
It is very easy to exploit this trust
The same holds true for software
Itis important to stay on top of the latest CERT
security advisories to know how to patch any
security holes
29. PRESENTED BY -:
The Terminator {Pushkar}
The Obedient {Nikhil}
Mrs. Cheerful (Niyati)
Mrs. Silence (Sonia)
Mr. X {Puneet}