SlideShare una empresa de Scribd logo

Computer Network, Internet, Computer Security and Cyber Ethics

Descargar como PPTX, PDF
S
Subas Paudel

This Presentation Covers Computer Network and Internet, E-mail, Cyber Law and ethics, Computer security and Computer Virus etc...

Educación
1 de 51
Submitted By:- Nitesh KumarYadav SubmittedTo:- Subash Paudel Sir Class :- 10 ‘B Computer Department Roll no:- 3 Laboratory Higher Secondary School Kirtipur
PRESENTATION ON: COMPUTER NETWORK AND INTERNET. Introduction: A computer network is simply two or more computers connected together so they exchange information. A small network can be as simple as two computers linked together by a single cable or it may be a group of several computers connected at a central networking device through wired or wireless medium. Computer Network Components: Server: Powerful components that provides services such as print service, file service, web service etc. to the other computers on the network. Client: Computer that uses the services that a server provides. The client is less powerful than server. Media: A physical connection between the devices on a network. The media may be wired or wireless. Network Adaptor: Network adaptor or network interface card (NIC) is a circuit board with the components necessary for sending and receiving data. It is plugged into one of the available slots on the PC and transmission cable is attached to the connector of the NIC. Resources: Anything available to a client on the network is considered as resource.
Advantages of Computer Network:  Network allows data transmission among far areas also within local areas.  Network allows users to share common set of data files and software stored in a system.  Network allows users to share common hardware resources such as printers, fax machines, modem, etc.  The cost of computing is reduced to each user as compared to the development maintain of each single computer system. Disadvantages of Computer Network:  If the network stops operating then it may not be possible to access various and software resources.  The efficiency of a network is very dependent on the skill of the system managed network may operate less efficiently than stand alone machines.  It is difficult to make system secured from hackers, novices or industrial  As traffic increases on the network, the performance degrades unless it is designed.
Client server Network 1) A central server is available to all 2) Users IDs, passwords, and access are controlled by the central 3) Backup facilities are centralized: and information held centrally are backed up regularly. 4) All users are reliant on the service provided by the server. If the central computer goes down, all the users affected. Peer-to-peer Network 1) Sharing facilities are distributed throughout the network. 2) Security is not centrally controlled. 3) Backup is the responsibility of individual computer users. 4) No reliance on a central computers.
Types Of Networks. 1) LAN (Local area network):  Owned by a single organization.  Diameter of not more than three kilometers. 2) WAN (Wide area network):  Owned by multiple organizations.  Covers a large geographical area. 3) MAN (Metropolitan area Network):  Based on the network architecture, the transmission speed can be higher for short distances.  A MAN, which can include one or more LANs as well as telecommunications equipment such as microwave and satellite relay stations, is smaller than a wide area network but generally operates at higher speed.
Network Topologies A network topology refers to the physical layout of the network in which all the devices are connected. This includes all the hardware that makes up the network. BusTopology: Bus topology uses a common backbone to connect all the network devices in a network network in a linear shape. A single cable called a bus with a terminator at each end functions as the shared the shared communication medium for all the devices attached with this cable with an interface connector. • Advantage: 1> Easy to connect a computer or peripheral to a linear bus. 2> Requires less cable cable length than a star topology. • Disadvantage: 1>Whole network shuts down if there is a break in the main cable. 2>Terminators Terminators are necessary at both ends of the backbone cable. RingTopology: A ring topology is a network topology or circuit arrangement in which each network network device is attached along the same single path to other devices, forming a path in the shape of a ring. • Advantage: 1> Performs better than a star topology under heavy network load. 2> Can create much create much larger network usingToken Ring. • Disadvantage: 1> Moves, adds and changes of devices can affect the network. 2> Much slower than slower than an Ethernet network under normal load.
Star Topology: In the computer networking world the most commonly used topology in LAN is the star topology. All the computers in the star topologies are connected to devices like hub, switch or router. • Advantage: 1> Easy to install and wire. 2> Easy to detect faults and to remove parts. • Disadvantage: 1> Requires more cable length than a bus topology. 2> If the hub or concentrator fails, nodes attached are disabled. Network Protocol A protocol is a set of rules that governs the communications between computers on a network. Standard networking Protocols  Transmission control protocol/Internet protocol (TCP/IP)  File transfer protocol (FTP)  Hypertext transfer protocol (HTTP)  Simple Mail transfer protocol (SMTP)
Transmission Medium It is a medium through which information usually moves from one network device to another. Guided Transmission Media: It uses a cabling system that guides the data signals along a specific path. • Twisted Pair Cable: 1> Unshielded twisted pair 2> Shielded twisted pair. • Fiber Optic Cable • Co-axial Cable Cable connectors: • Twisted pair cable: RJ-45 • Co-axial cable: BNC • Fiber optics cable: ST connector Unguided Transmission Media: It is a technology that provides the ability to communicate between two or more entities over distance without the use of wires or cables of any sorts. • Infrared Rays • X-rays • Bluetooth • Ultra-violet Rays
Networking Hardware 1) File servers: A file server stands at the heart of most networks. It is a very fast computer with a large amount of RAM and storage space, along with a fast network interface card. 2) Workstations: All of the user computers are connected to a network are called workstations. A typical workstation is a computer that is configured with a network interface card, software, and the appropriate cables. 3) Network Interface Card: The network interface card (NIC) provides the physical connection between the network and the computer workstation. 4) Hub: A hub is typically the least expensive, least intelligent, and least complicated central device than switch and router. Actually it broadcasts the signals to the entire connected doesn’t know the exact destination. 5) Switch: A switch is a device that channels incoming data from any of the multiple ports to the specific output port that will take the data towards its intended destination. 6) Routers: A router translates information from one network to another. Routers select the best path to route a message, based on the destination address and origin. 7) Bridges: A bridge is a device that allows you to segment a large network into two smaller, more efficient networks. 8) Gateways: A gateway is a network node that allows you to gain entrance into a network and vice versa. 9) Modem(Modulator-demodulator): Modem is a hardware that directly converts digital signal
Internet Introduction: The internet is a global collection of high powered computers that are connected to each other with network cables, internet lines, microwave dishes, Internet is the largest computer network that connects millions of computers around world. It connects several thousand computer networks all over the world. So, it is network of networks. The internet is an information superhighway and has logically the world into a cyber-village. History of the Internet: Internet started with the ARPANET in 1969 AD. ARPA is the acronym for Research Project Agency which is the branch of Department of Defense (DOD) of States of America. That was the first computer network in the world. Another factor rapid growth of this network was the inclusion of the TCP/IP (Transmission Control Protocol/Internet Protocol). It was the first protocol developed by ARPANET. ARPENET changed into Defense Advanced Research Project Agency (DARPANET). In the of 1980, the DOD stopped funding for ARPANET and another agency ‘ National Science Foundation ’ had joined the ARPANET. Services of the Internet: • Electronic Mail
• Video conference • Chatting • E-learning • Entertainment • Marketing and Advertising, etc. Some Common Internet Terminologies: Webpage: Web page is a document stored in an electronic form that contains information in specific or single topic (organization, government agency, personal etc.) text, graphics, sounds, animated pictures, hyperlinks etc. Website: A collection of interlinked web pages of an organization, government agency, University, Personal, company, etc. is known as website. Each website is identified by unique Internet Address known as Uniform Resource Locator (URL). Web server: A Web server is a computer that delivers web pages. The web sites are stored in web servers. To access the web pages of a web server, a client computer has HTTP. URL: URL stands for Uniform Resource Locator, the unique Internet address through which we can visit different websites. URLs are used to address and access individual
DNS: DNS stands for Domain Name System (or services or server), is an internet service used for converting domain name into IP Address on the on local networks using the TCP/IP. ISP: The Internet Service Provider (ISP) is company or organization that provides Internet facility to the users. The internet can be connected using Integrated Service Digital Network (ISDN), leased line, cable line and connection. Search Engine: Search engine is the website that allows the users to search information based on keyboard or combinations of keywords in different and topics. Web Browser: Web browser is a software or program that accesses web pages and displays them on the user’s computer from around the world. In terms, it is a software required for browsing and surfing web sites. Intranet and Extranet: Intranet is a privately maintained computer network control by company or an organization. Similarly, Extranet is also private that uses Internet Protocols, connectivity.
PRESENTATION ON COMPUTER SECURITY AND COMPUTERVIRUS Introduction: Computer security refers to the protection of the computer’s resources from accidental, intentional or natural disasters, including theft, physical damage, heat, power failure, illegal access, data piracy, virus infection, etc. Computer Security is the branch of computer technology known as information security as applied to computers and networks.The objective of the computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. It is further divided into two types: 1> Hardware security: Hardware security is the term used to describe the protection of the components of a computer system. In another word, the security given to the various hardware tools and equipment for the protection of computer hardware from the accidental or intentional harm is known as hardware security.
Some Hardware Security Measures are:  Dust free environment  Regular maintenance  Proper Power supply  Protection from thieves  Insurance  Protection from fire  Air condition room
2> Software security: Data and software or programs are very important and valuable things of any organizations or computer owners. The lost of these data or programs can cause serious problems to the owners. It is very costly and difficult these important data and some causes that is impossible to recover them. So, data software security is important for any organization as well as every computer securing data and programs from being lost or damaged due to accidental or harm is known as software security. Some software security measures are:  Protection from computer viruses  Password protection  Backup System  Scandisk, etc.
Computer Virus Introduction: A computer virus is a small executable program that spreads from one computer to another computer to another and interferes with computer operations. A virus programs contains instructions to initiate some sort of “event” that affects the infected computer. Each virus has a unique event associated with it. Virus is destructive program able to replicate itself.This means that the virus multiplies on a computer by making copies of it.This replication is intentional; it is part of the virus program. In most the cases, if a file that contains virus is executed or copied onto another computer, then that computer will also be “infected” by the same virus. A virus can be introduced to a computer system along with any software program. For internet user’s, this threat can come from downloading files or referencing email attachments. Symptoms of computer viruses:  Slows down the system performance  Program starts automatically without any instructions  Programs takes a long time to load suddenly  Frequently display unusual error messages or images  Computer stops responding or freezes frequently  The operating systems will not be loaded when you start your computer
 Programs disappear from the computer  Random files and icons appearing on your desktop or other places when you did not install such things  Files and icons which were on your system before have disappeared. Effects of viruses:  Renaming the files with different names.  Reduces memory or disk space of your computer  Deletes or changes the contents of our computer  Change the size of files and folders  Changes the extension of files  Disables the antivirus program for no reason  Stops the installation of new software programs  Crashes and restarts computer in every few seconds  Corrupts the system’s file
Different types of computer viruses: 1) Program or file Infector virus: Program or file infector virus affects programs or executable files having an extension .EXE, .BIN, .SYS, .COM, or .DRV. This virus may overwrite the file, or may only replace parts of the file that it infects. 2) Boot sector virus: Boot sector virus affects the boot sector or Master boot records (MBR) of a floppy or hard disk. 3) Multipartite virus: Multipartite virus affects the application programs and boot sector of a disk. It has combined features of both boot sector and file infectors viruses. 4) Stealth virus: Stealth virus is one of the most dangerous types of virus which try to trick anti-virus software by intercepting its requests to the operating system. 5) Polymorphic virus: Polymorphic virus is a type of destructive program that can change its appearance with every infection. It is also known as the encrypted virus. 6) Macro virus: Macro virus infects files that are created using word processing or spreadsheet programs which contain macros. 7) Script virus: Script virus infects programs written in high level scripting languages like Visual Basic script and JavaScript. This script virus changes the scripting codes in HTML and makes the document inaccessible and take longer time to load 8) Trojan Horse: A Trojan Horse is a harmful program that displays as a useful software and
Spreading of computer virus:  Virus spread by the use of pirated software  Viruses spread by sharing of portable disks among the computers  Viruses spread by downloading files or programs from unsecure web sites  Virus spread by exchanging of infected data or files over network Antivirus Software: Antivirus software is a program that can detect, prevent and clean up may attempt to infect your computer system. It scans downloaded files as well as the entire system in order to detect the presence of an infection. There are a number of good antivirus choose from including Norton Antivirus, McAfee, AVG, Avira, Kaspersky, Avast, NOD 32, etc. Virus Prevention:  Use Antivirus Software  Don’t open attachments from unknown emails  Download software only from reputable and well known sites  Don’t use USB flash drive without scanning  Clear temporary Internet files and Cache regularly.
PRESENTATION ON CYBER LAW AND COMPUTER ETHICS Introduction: The law that controls the legal issues in the Internet orWWW for digital data processing and transaction is called cyber law. It is a term that summarizes the legal issues related to use of communicative, transactional, and distributive aspects of networked information devices and technologies. Cyber law is important because it touches almost all aspect of transactions and activities on the cyberspace. It controls cyber crimes and misuse of computer. Virtual space created by world-wide computer network, Internet and telecommunication is called cyber space. Cyberspace was used in 1984 by authorWilliam Gibson in his scientific novel ‘Neuromancher’. It is controlled and managed by system of law and regulation called cyber law.
The major laws include in cyber laws are: 1) Electronic and Digital Signature law 2) Cyber crime law 3) Data protection and privacy law 4) Tele-communication law 5) Intellectual property right law Cyber Crime: The criminal or illegal activities involving the information technology with the help of computers is known as cyber crime. It includes traditional crimes conducted the internet. Some of the criminal activities are: o Fraud achieved by the manipulation of computer records o Accessing others data or information illegally o Copying and disturbing software illegally o Intellectual Property theft, including software piracy o E-mail bombing, sending large number of mails o Making and digitally disturbing child pornography
The effects of computer crime are:  Security problems  Physical theft of computers and other devices  Very less privacy  Destroying Data  Computer virus easily attack software and programs Cyber Law In Nepal: The main purpose of the formulating cyber law is to legalize the transaction through electronic media, to control and stop the various types of electronic a person or institution that does cyber crime. It also helps the IT sector to create a suitable for conducting and promoting IT business in a country. Cyber law of Nepal was passed in Nepal Bhadra 2061 BS (15 Sep 2004). The cyber law of Nepal is also known as Electronic Transaction Signature Act- 2061. The provision of cyber law of Nepal are listed below: • Provision of legal status to digital signatures, electronic record for introducing e-banking, e- commerce, etc • Provision of network services • Provision for the license regarding the IT customers and their duties and responsibilities • Provision for a legal framework to facilitate and safeguard electronic transactions in the medium.
Computer Ethics: Ethics deals with placing a “value” on acts according to whether they are “good” or “bad”. Every society has its rules about acts are ethical or not. These rules have been established as a result of society and are often written into laws. When Computers first began to be society at large, the absence of ethical standards about their use and caused some problems. Some important commandments of computer ethics are mentioned below:  Do not use a computer to harm other people  Do not use a computer to publish fake information  Do not search the file or record of other people  Do not destroy or delete the records of other people  Do not use a computer to harm other people  Do not interfere with other people’s computer work  Do not snoop around in other people’s file
Some common Terms: 1) Digital Signature: Digital Signature is a security mechanism system in the cyberspace for digital data transformation by attaching a code on the document of electronic records. 2) Encryption: The method of making the data or message unreadable by unauthorized people while transferring Internet is called Encryption. 3) Decryption: The method of converting encrypted data back into its original form make understandable to the receiver is as decryption.
Internet has grown very fast and security has lagged behind. Legions of hackers have emerged as impedance to entering the hackers club is low. It is hard to trace the perpetrator of cyber attacks since the real identities are camouflaged It is very hard to track down people because of the ubiquity of the network. Large scale failures of internet can have a catastrophic impact on the economy which relies heavily on electronic transactions Crisis
 In 1988 a "worm program" written by a college student shut down about 10 percent of computers connected to the Internet. This was the beginning of the era of cyber attacks.  Today we have about 10,000 incidents of cyber attacks which are reported and the number grows. Computer Crime – The Beginning
 A 16-year-old music student called Richard Pryce, better known by the hacker alias Datastream Cowboy, is arrested and charged with breaking into hundreds of computers including those at the Griffiths Air Force base, Nasa and the Korean Atomic Research Institute. His online mentor, "Kuji", is never found.  Also this year, a group directed by Russian hackers broke into the computers of Citibank and transferred more than $10 million from customers' accounts. Eventually, Citibank recovered all but $400,000 of the pilfered money. Computer Crime - 1994
 In February, Kevin Mitnick is arrested for a second time. He is charged with stealing 20,000 credit card numbers. He eventually spends four years in jail and on his release his parole conditions demand that he avoid contact with computers and mobile phones.  On November 15, Christopher Pile becomes the first person to be jailed for writing and distributing a computer virus. Mr Pile, who called himself the Black Baron, was sentenced to 18 months in jail.  The US General Accounting Office reveals that US Defense Department computers sustained 250,000 attacks in 1995. Computer Crime - 1995
 In March, the Melissa virus goes on the rampage and wreaks havoc with computers worldwide. After a short investigation, the FBI tracks down and arrests the writer of the virus, a 29-year-old New Jersey computer programmer, David L Smith.  More than 90 percent of large corporations and government agencies were the victims of computer security breaches in 1999 Computer Crime - 1999
 In February, some of the most popular websites in the world such as Amazon and Yahoo are almost overwhelmed by being flooded with bogus requests for data.  In May, the ILOVEYOU virus is unleashed and clogs computers worldwide. Over the coming months, variants of the virus are released that manage to catch out companies that didn't do enough to protect themselves.  In October, Microsoft admits that its corporate network has been hacked and source code for future Windows products has been seen. Computer Crime - 2000
 Some of the sites which have been compromised  U.S. Department of Commerce  NASA  CIA  Greenpeace  Motorola  UNICEF  Church of Christ …  Some sites which have been rendered ineffective  Yahoo  Microsoft  Amazon … Why Security?
 Because they can  A large fraction of hacker attacks have been pranks  Financial Gain  Espionage  Venting anger at a company or organization  Terrorism Why do Hackers Attack?
 Active Attacks  Denial of Service  Breaking into a site  Intelligence Gathering  Resource Usage  Deception  Passive Attacks  Sniffing  Passwords  Network Traffic  Sensitive Information  Information Gathering Types of Hacker Attack
 Over the Internet  Over LAN  Locally  Offline  Theft  Deception Modes of Hacker Attack
Definition: An attacker alters his identity so that some one thinks he is some one else  Email, User ID, IP Address, …  Attacker exploits trust relation between user and networked machines to gain access to machines Types of Spoofing: 1. IP Spoofing: 2. Email Spoofing 3. Web Spoofing Spoofing
Definition: Attacker uses IP address of another computer to acquire information or gain access IP Spoofing – Flying-Blind Attack Replies sent back to 10.10.20.30 Spoofed Address 10.10.20.30 Attacker 10.10.50.50 John 10.10.5.5 From Address: 10.10.20.30 To Address: 10.10.5.5 • Attacker changes his own IP address to spoofed address • Attacker can send messages to a machine masquerading as spoofed machine • Attacker can not receive messages from that machine
Definition: Attacker spoofs the address of another machine and inserts itself between the attacked machine and the spoofed machine to intercept replies IP Spoofing – Source Routing Replies sent back to 10.10.20.30 Spoofed Address 10.10.20.30 Attacker 10.10.50.50 John 10.10.5.5 From Address: 10.10.20.30 To Address: 10.10.5.5 • The path a packet may change can vary over time • To ensure that he stays in the loop the attacker uses source routing to ensure that the packet passes through certain nodes on the network Attacker intercepts packets as they go to 10.10.20.30
Definition: Attacker sends messages masquerading as some one else What can be the repercussions? Types of Email Spoofing: 1. Create an account with similar email address – Sanjaygoel@yahoo.com: A message from this account can perplex the students 2. Modify a mail client – Attacker can put in any return address he wants to in the mail he sends 3. Telnet to port 25 – Most mail servers use port 25 for SMTP. Attacker logs on to this port and composes a message for the user. Email Spoofing
 Basic  Attacker registers a web address matching an entity e.g. votebush.com, geproducts.com, gesucks.com  Man-in-the-Middle Attack  Attacker acts as a proxy between the web server and the client  Attacker has to compromise the router or a node through which the relevant traffic flows  URL Rewriting  Attacker redirects web traffic to another site that is controlled by the attacker  Attacker writes his own web site address before the legitimate link  Tracking State  When a user logs on to a site a persistent authentication is maintained  This authentication can be stolen for masquerading as the user Web Spoofing
 Web Site maintains authentication so that the user does not have to authenticate repeatedly  Three types of tracking methods are used: 1. Cookies: Line of text with ID on the users cookie file – Attacker can read the ID from users cookie file 2. URL Session Tracking: An id is appended to all the links in the website web pages. – Attacker can guess or read this id and masquerade as user 3. Hidden Form Elements – ID is hidden in form elements which are not visible to user – Hacker can modify these to masquerade as another user Web Spoofing – Tracking State
Definition: Process of taking over an existing active session Modus Operandi: 1. User makes a connection to the server by authenticating using his user ID and password. 2. After the users authenticate, they have access to the server as long as the session lasts. 3. Hacker takes the user offline by denial of service 4. Hacker gains access to the user by impersonating the user Session Hijacking
 Attacker can  monitor the session  periodically inject commands into session  launch passive and active attacks from the session Session Hijacking Bob telnets to Server Bob authenticates to Server Bob Attacker Server Die! Hi! I am Bob
 Attackers exploit sequence numbers to hijack sessions  Sequence numbers are 32-bit counters used to:  tell receiving machines the correct order of packets  Tell sender which packets are received and which are lost  Receiver and Sender have their own sequence numbers  When two parties communicate the following are needed:  IP addresses  Port Numbers  Sequence Number  IP addresses and port numbers are easily available so once the attacker gets the server to accept his guesses sequence number he can hijack the session. Session Hijacking – How Does it Work?
Definition: Attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the system so that no one else can use it. Types: 1. Crashing the system or network – Send the victim data or packets which will cause system to crash or reboot. 2. Exhausting the resources by flooding the system or network with information – Since all resources are exhausted others are denied access to the resources 3. Distributed DOS attacks are coordinated denial of service attacks involving several people and/or machines to launch attacks Denial of Service (DOS) Attack
Types: 1. Ping of Death 2. SSPing 3. Land 4. Smurf 5. SYN Flood 6. CPU Hog 7. Win Nuke 8. RPC Locator 9. Jolt2 10. Bubonic 11. Microsoft Incomplete TCP/IP Packet Vulnerability 12. HP Openview Node Manager SNMP DOS Vulneability 13. Netscreen Firewall DOS Vulnerability 14. Checkpoint Firewall DOS Vulnerability Denial of Service (DOS) Attack
 This attack takes advantage of the way in which information is stored by computer programs  An attacker tries to store more information on the stack than the size of the buffer How does it work? Buffer Overflow Attacks • Buffer 2 Local Variable 2 Buffer 1 Local Variable 1 Return Pointer Function Call Arguments • Fill Direction Bottom of Memory Top of Memory Normal Stack • Buffer 2 Local Variable 2 Machine Code: execve(/bin/sh) New Pointer to Exec Code Function Call Arguments • Fill Direction Bottom of Memory Top of Memory Smashed Stack Return Pointer Overwritten Buffer 1 Space Overwritten
 Programs which do not do not have a rigorous memory check in the code are vulnerable to this attack  Simple weaknesses can be exploited  If memory allocated for name is 50 characters, someone can break the system by sending a fictitious name of more than 50 characters  Can be used for espionage, denial of service or compromising the integrity of the data Examples  NetMeeting Buffer Overflow  Outlook Buffer Overflow  AOL Instant Messenger Buffer Overflow  SQL Server 2000 Extended Stored Procedure Buffer Overflow Buffer Overflow Attacks
 A hacker can exploit a weak passwords & uncontrolled network modems easily  Steps  Hacker gets the phone number of a company  Hacker runs war dialer program  If original number is 555-5532 he runs all numbers in the 555-55xx range  When modem answers he records the phone number of modem  Hacker now needs a user id and password to enter company network  Companies often have default accounts e.g. temp, anonymous with no password  Often the root account uses company name as the password  For strong passwords password cracking techniques exist Password Attacks
 Password hashed and stored  Salt added to randomize password & stored on system  Password attacks launched to crack encrypted password Password Security Hash Function Hashed Password Salt Compare Password Client Password Server Stored Password Hashed Password Allow/Deny Access
 Find a valid user ID  Create a list of possible passwords  Rank the passwords from high probability to low  Type in each password  If the system allows you in – success !  If not, try again, being careful not to exceed password lockout (the number of times you can guess a wrong password before the system shuts down and won’t let you try any more) Password Attacks - Process
 Dictionary Attack  Hacker tries all words in dictionary to crack password  70% of the people use dictionary words as passwords  Brute Force Attack  Try all permutations of the letters & symbols in the alphabet  Hybrid Attack  Words from dictionary and their variations used in attack  Social Engineering  People write passwords in different places  People disclose passwords naively to others  Shoulder Surfing  Hackers slyly watch over peoples shoulders to steal passwords  Dumpster Diving  People dump their trash papers in garbage which may contain information to crack passwords Password Attacks - Types

Recomendados

Computer network
Computer networkComputer network
Computer networkMallikarjuna G D
 
Computer network
Computer networkComputer network
Computer networkNainaKhan28
 
Introduction to computer network 4th edition
Introduction to computer network 4th editionIntroduction to computer network 4th edition
Introduction to computer network 4th editionEnsign Handoko
 
Networking basics
Networking basicsNetworking basics
Networking basicsVadiraj Jahagirdar
 
Introduction to computer network
Introduction to computer networkIntroduction to computer network
Introduction to computer networkK. A. M Lutfullah
 
Computer networking
Computer networkingComputer networking
Computer networkingAbdul Rehman
 
Computer networks--network
Computer networks--networkComputer networks--network
Computer networks--networkVinnu Vinod Kvk
 
viddu Network
viddu Network viddu Network
viddu Networkmostreturnvidu
 

Recomendados

Computer network
Computer networkComputer network
Computer networkMallikarjuna G D
 
Computer network
Computer networkComputer network
Computer networkNainaKhan28
 
Introduction to computer network 4th edition
Introduction to computer network 4th editionIntroduction to computer network 4th edition
Introduction to computer network 4th editionEnsign Handoko
 
Networking basics
Networking basicsNetworking basics
Networking basicsVadiraj Jahagirdar
 
Introduction to computer network
Introduction to computer networkIntroduction to computer network
Introduction to computer networkK. A. M Lutfullah
 
Computer networking
Computer networkingComputer networking
Computer networkingAbdul Rehman
 
Computer networks--network
Computer networks--networkComputer networks--network
Computer networks--networkVinnu Vinod Kvk
 
viddu Network
viddu Network viddu Network
viddu Networkmostreturnvidu
 
Computer network
Computer networkComputer network
Computer networkSimran Kaur
 
Computer networks7
Computer networks7Computer networks7
Computer networks7Ali Raza
 
Computer network
Computer networkComputer network
Computer networkBharat Patel
 
Intro of computer_network
Intro of computer_networkIntro of computer_network
Intro of computer_networkAnand Bohara
 
2 computer network - basic concepts
2 computer network - basic concepts2 computer network - basic concepts
2 computer network - basic conceptsMayank Jain
 
Ch01
Ch01Ch01
Ch01Mahesh Kumar Attri
 
Introduction to computer networks
Introduction to computer networksIntroduction to computer networks
Introduction to computer networksNicholas Riungu
 
Computer networks--network
Computer networks--networkComputer networks--network
Computer networks--networkAntenh Mekonen
 
Computer Networks | Unit-1 | GTU | 4th Semester
Computer Networks | Unit-1 | GTU | 4th Semester Computer Networks | Unit-1 | GTU | 4th Semester
Computer Networks | Unit-1 | GTU | 4th Semester Prof. Maulik Trivedi
 
Basic Concepts of Computer Network
Basic Concepts of Computer NetworkBasic Concepts of Computer Network
Basic Concepts of Computer NetworkSazzad Hossain
 
Computer Network | BBA First Semester
Computer Network | BBA First SemesterComputer Network | BBA First Semester
Computer Network | BBA First SemesterHem Pokhrel
 
Introduction to Computer Network
Introduction to Computer NetworkIntroduction to Computer Network
Introduction to Computer NetworkAdetula Bunmi
 
Computer network updated
Computer network updatedComputer network updated
Computer network updatedKing Abidi
 
Computer Network Complete Introduction
Computer Network Complete IntroductionComputer Network Complete Introduction
Computer Network Complete IntroductionAhmar Hashmi
 
Computer Networking
Computer NetworkingComputer Networking
Computer Networkingruledbyrobotics2080
 
Introduction to networking by vikas jagtap
Introduction to networking by vikas jagtap Introduction to networking by vikas jagtap
Introduction to networking by vikas jagtapVikas Jagtap
 
Computer Networks basics and OSI
Computer Networks basics and OSIComputer Networks basics and OSI
Computer Networks basics and OSICS_GDRCST
 
Computer Network
Computer NetworkComputer Network
Computer NetworkImtiAz Karim
 
Computer network
Computer networkComputer network
Computer networkABHINANDAN Lalit
 
Computer Networks workshop
Computer Networks workshopComputer Networks workshop
Computer Networks workshopAbdullah El-Deeb
 
Cyber Ethics
Cyber EthicsCyber Ethics
Cyber EthicsErdo Deshiant Garnaby
 
Internet Psychology, Cyber-ethics, and Citizenship in the Emerging Digital Mi...
Internet Psychology, Cyber-ethics, and Citizenship in the Emerging Digital Mi...Internet Psychology, Cyber-ethics, and Citizenship in the Emerging Digital Mi...
Internet Psychology, Cyber-ethics, and Citizenship in the Emerging Digital Mi...David B. Whittier, Ed D
 

Más contenido relacionado

La actualidad más candente

Computer network
Computer networkComputer network
Computer networkSimran Kaur
 
Computer networks7
Computer networks7Computer networks7
Computer networks7Ali Raza
 
Intro of computer_network
Intro of computer_networkIntro of computer_network
Intro of computer_networkAnand Bohara
 
2 computer network - basic concepts
2 computer network - basic concepts2 computer network - basic concepts
2 computer network - basic conceptsMayank Jain
 
Introduction to computer networks
Introduction to computer networksIntroduction to computer networks
Introduction to computer networksNicholas Riungu
 
Computer networks--network
Computer networks--networkComputer networks--network
Computer networks--networkAntenh Mekonen
 
Computer Networks | Unit-1 | GTU | 4th Semester
Computer Networks | Unit-1 | GTU | 4th Semester Computer Networks | Unit-1 | GTU | 4th Semester
Computer Networks | Unit-1 | GTU | 4th Semester Prof. Maulik Trivedi
 
Basic Concepts of Computer Network
Basic Concepts of Computer NetworkBasic Concepts of Computer Network
Basic Concepts of Computer NetworkSazzad Hossain
 
Computer Network | BBA First Semester
Computer Network | BBA First SemesterComputer Network | BBA First Semester
Computer Network | BBA First SemesterHem Pokhrel
 
Introduction to Computer Network
Introduction to Computer NetworkIntroduction to Computer Network
Introduction to Computer NetworkAdetula Bunmi
 
Computer network updated
Computer network updatedComputer network updated
Computer network updatedKing Abidi
 
Computer Network Complete Introduction
Computer Network Complete IntroductionComputer Network Complete Introduction
Computer Network Complete IntroductionAhmar Hashmi
 
Introduction to networking by vikas jagtap
Introduction to networking by vikas jagtap Introduction to networking by vikas jagtap
Introduction to networking by vikas jagtapVikas Jagtap
 
Computer Networks basics and OSI
Computer Networks basics and OSIComputer Networks basics and OSI
Computer Networks basics and OSICS_GDRCST
 
Computer Networks workshop
Computer Networks workshopComputer Networks workshop
Computer Networks workshopAbdullah El-Deeb
 

La actualidad más candente (20)

Computer network
Computer networkComputer network
Computer network
 
Computer networks7
Computer networks7Computer networks7
Computer networks7
 
Computer network
Computer networkComputer network
Computer network
 
Intro of computer_network
Intro of computer_networkIntro of computer_network
Intro of computer_network
 
2 computer network - basic concepts
2 computer network - basic concepts2 computer network - basic concepts
2 computer network - basic concepts
 
Ch01
Ch01Ch01
Ch01
 
Introduction to computer networks
Introduction to computer networksIntroduction to computer networks
Introduction to computer networks
 
Computer networks--network
Computer networks--networkComputer networks--network
Computer networks--network
 
Computer Networks | Unit-1 | GTU | 4th Semester
Computer Networks | Unit-1 | GTU | 4th Semester Computer Networks | Unit-1 | GTU | 4th Semester
Computer Networks | Unit-1 | GTU | 4th Semester
 
Basic Concepts of Computer Network
Basic Concepts of Computer NetworkBasic Concepts of Computer Network
Basic Concepts of Computer Network
 
Computer Network | BBA First Semester
Computer Network | BBA First SemesterComputer Network | BBA First Semester
Computer Network | BBA First Semester
 
Introduction to Computer Network
Introduction to Computer NetworkIntroduction to Computer Network
Introduction to Computer Network
 
Computer network updated
Computer network updatedComputer network updated
Computer network updated
 
Computer Network Complete Introduction
Computer Network Complete IntroductionComputer Network Complete Introduction
Computer Network Complete Introduction
 
Computer Networking
Computer NetworkingComputer Networking
Computer Networking
 
Introduction to networking by vikas jagtap
Introduction to networking by vikas jagtap Introduction to networking by vikas jagtap
Introduction to networking by vikas jagtap
 
Computer Networks basics and OSI
Computer Networks basics and OSIComputer Networks basics and OSI
Computer Networks basics and OSI
 
Computer Network
Computer NetworkComputer Network
Computer Network
 
Computer network
Computer networkComputer network
Computer network
 
Computer Networks workshop
Computer Networks workshopComputer Networks workshop
Computer Networks workshop
 

Destacado

Internet Psychology, Cyber-ethics, and Citizenship in the Emerging Digital Mi...
Internet Psychology, Cyber-ethics, and Citizenship in the Emerging Digital Mi...Internet Psychology, Cyber-ethics, and Citizenship in the Emerging Digital Mi...
Internet Psychology, Cyber-ethics, and Citizenship in the Emerging Digital Mi...David B. Whittier, Ed D
 
Cross site scripting (xss)
Cross site scripting (xss)Cross site scripting (xss)
Cross site scripting (xss)Manish Kumar
 
Unit 70 IG /JE1 – INDUSTRY ANALYSIS AND DESIGN BRIEF
Unit 70 IG /JE1 – INDUSTRY ANALYSIS AND DESIGN BRIEFUnit 70 IG /JE1 – INDUSTRY ANALYSIS AND DESIGN BRIEF
Unit 70 IG /JE1 – INDUSTRY ANALYSIS AND DESIGN BRIEFrafiqfps
 
Network management (HND in Networking)
Network management (HND in Networking)Network management (HND in Networking)
Network management (HND in Networking)L.Naresh Naresh
 
Individual Project
Individual ProjectIndividual Project
Individual Projectudara65
 
Towards Cyber-Physical System technologies over Apache VCL
Towards Cyber-Physical System technologies over Apache VCLTowards Cyber-Physical System technologies over Apache VCL
Towards Cyber-Physical System technologies over Apache VCLImre Kocsis
 
Situation Awareness in Cyber-Physical Systems using Indoor Localization and S...
Situation Awareness in Cyber-Physical Systems using Indoor Localization and S...Situation Awareness in Cyber-Physical Systems using Indoor Localization and S...
Situation Awareness in Cyber-Physical Systems using Indoor Localization and S...Pratik Desai, PhD
 
Computer Network
Computer NetworkComputer Network
Computer NetworkCma Mohd
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentationBijay Bhandari
 
Introduction to computer network
Introduction to computer networkIntroduction to computer network
Introduction to computer networkAshita Agrawal
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.pptAeman Khan
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 

Destacado (18)

Cyber Ethics
Cyber EthicsCyber Ethics
Cyber Ethics
 
Internet Psychology, Cyber-ethics, and Citizenship in the Emerging Digital Mi...
Internet Psychology, Cyber-ethics, and Citizenship in the Emerging Digital Mi...Internet Psychology, Cyber-ethics, and Citizenship in the Emerging Digital Mi...
Internet Psychology, Cyber-ethics, and Citizenship in the Emerging Digital Mi...
 
Cross site scripting (xss)
Cross site scripting (xss)Cross site scripting (xss)
Cross site scripting (xss)
 
Unit 70 IG /JE1 – INDUSTRY ANALYSIS AND DESIGN BRIEF
Unit 70 IG /JE1 – INDUSTRY ANALYSIS AND DESIGN BRIEFUnit 70 IG /JE1 – INDUSTRY ANALYSIS AND DESIGN BRIEF
Unit 70 IG /JE1 – INDUSTRY ANALYSIS AND DESIGN BRIEF
 
Network management (HND in Networking)
Network management (HND in Networking)Network management (HND in Networking)
Network management (HND in Networking)
 
HND Computing
HND ComputingHND Computing
HND Computing
 
Individual Project
Individual ProjectIndividual Project
Individual Project
 
Towards Cyber-Physical System technologies over Apache VCL
Towards Cyber-Physical System technologies over Apache VCLTowards Cyber-Physical System technologies over Apache VCL
Towards Cyber-Physical System technologies over Apache VCL
 
Cyber ethics
Cyber ethicsCyber ethics
Cyber ethics
 
Situation Awareness in Cyber-Physical Systems using Indoor Localization and S...
Situation Awareness in Cyber-Physical Systems using Indoor Localization and S...Situation Awareness in Cyber-Physical Systems using Indoor Localization and S...
Situation Awareness in Cyber-Physical Systems using Indoor Localization and S...
 
Cyber Ethics
Cyber EthicsCyber Ethics
Cyber Ethics
 
Computer Network
Computer NetworkComputer Network
Computer Network
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
 
Introduction to computer network
Introduction to computer networkIntroduction to computer network
Introduction to computer network
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.ppt
 
Cyber-crime PPT
Cyber-crime PPTCyber-crime PPT
Cyber-crime PPT
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 

Similar a Computer Network, Internet, Computer Security and Cyber Ethics

Computer network
Computer networkComputer network
Computer networkMd Saylab
 
Computer Network Second Edition
Computer Network Second EditionComputer Network Second Edition
Computer Network Second EditionMd Saylab
 
Computer networking class 12
Computer networking class 12Computer networking class 12
Computer networking class 12LakshyaT
 
Computer Networking_XII_CS_CBSE_OFKVS.ppt
Computer Networking_XII_CS_CBSE_OFKVS.pptComputer Networking_XII_CS_CBSE_OFKVS.ppt
Computer Networking_XII_CS_CBSE_OFKVS.pptmv9499596
 
presentation_internet.pptx
presentation_internet.pptxpresentation_internet.pptx
presentation_internet.pptxbantisworld
 
Computer network & communication answer
Computer network & communication answerComputer network & communication answer
Computer network & communication answersmkengkilili2011
 
10 New Web Application and Security.pptx
10 New Web Application and Security.pptx10 New Web Application and Security.pptx
10 New Web Application and Security.pptxAkshayIngole17
 
Class viii ch-1 networking concepts
Class viii ch-1 networking conceptsClass viii ch-1 networking concepts
Class viii ch-1 networking conceptsjessandy
 
Networking Fundamentals
Networking FundamentalsNetworking Fundamentals
Networking FundamentalsManjit Chavda
 
Chapter 10 Basic Networking.pdf
Chapter 10 Basic Networking.pdfChapter 10 Basic Networking.pdf
Chapter 10 Basic Networking.pdfNiloyHasan12
 
Computer application-chapter four lecture note. pptx
Computer application-chapter four lecture note. pptxComputer application-chapter four lecture note. pptx
Computer application-chapter four lecture note. pptxgadisaAdamu
 
Computer Networking
Computer NetworkingComputer Networking
Computer NetworkingAlisha Jain
 

Similar a Computer Network, Internet, Computer Security and Cyber Ethics (20)

Note1
Note1Note1
Note1
 
Computer Networks
Computer NetworksComputer Networks
Computer Networks
 
Computer network
Computer networkComputer network
Computer network
 
Computer Network Second Edition
Computer Network Second EditionComputer Network Second Edition
Computer Network Second Edition
 
Computer networking class 12
Computer networking class 12Computer networking class 12
Computer networking class 12
 
Note 1
Note 1Note 1
Note 1
 
Computer Networking_XII_CS_CBSE_OFKVS.ppt
Computer Networking_XII_CS_CBSE_OFKVS.pptComputer Networking_XII_CS_CBSE_OFKVS.ppt
Computer Networking_XII_CS_CBSE_OFKVS.ppt
 
presentation_internet.pptx
presentation_internet.pptxpresentation_internet.pptx
presentation_internet.pptx
 
Computer network & communication answer
Computer network & communication answerComputer network & communication answer
Computer network & communication answer
 
10 New Web Application and Security.pptx
10 New Web Application and Security.pptx10 New Web Application and Security.pptx
10 New Web Application and Security.pptx
 
Class viii ch-1 networking concepts
Class viii ch-1 networking conceptsClass viii ch-1 networking concepts
Class viii ch-1 networking concepts
 
Networking Fundamentals
Networking FundamentalsNetworking Fundamentals
Networking Fundamentals
 
final NEtworking.pptx
final NEtworking.pptxfinal NEtworking.pptx
final NEtworking.pptx
 
Chapter 10 Basic Networking.pdf
Chapter 10 Basic Networking.pdfChapter 10 Basic Networking.pdf
Chapter 10 Basic Networking.pdf
 
COMPUTER NETWORKS
COMPUTER NETWORKSCOMPUTER NETWORKS
COMPUTER NETWORKS
 
Lesson 1 introduction
Lesson 1 introductionLesson 1 introduction
Lesson 1 introduction
 
Computer application-chapter four lecture note. pptx
Computer application-chapter four lecture note. pptxComputer application-chapter four lecture note. pptx
Computer application-chapter four lecture note. pptx
 
Computer network
Computer networkComputer network
Computer network
 
Computer Networking
Computer NetworkingComputer Networking
Computer Networking
 
ch01.ppt
ch01.pptch01.ppt
ch01.ppt
 

Último

Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfErwinPantujan2
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Seán Kennedy
 
Millenials and Fillennials (Ethical Challenge and Responses).pptx
Millenials and Fillennials (Ethical Challenge and Responses).pptxMillenials and Fillennials (Ethical Challenge and Responses).pptx
Millenials and Fillennials (Ethical Challenge and Responses).pptxJanEmmanBrigoli
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Projectjordimapav
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxiammrhaywood
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataBabyAnnMotar
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxAshokKarra1
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxVanesaIglesias10
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
Dust Of Snow By Robert Frost Class-X English CBSE
Dust Of Snow By Robert Frost Class-X English CBSEDust Of Snow By Robert Frost Class-X English CBSE
Dust Of Snow By Robert Frost Class-X English CBSEaurabinda banchhor
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 

Último (20)

INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptxINCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
 
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptxFINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
 
Millenials and Fillennials (Ethical Challenge and Responses).pptx
Millenials and Fillennials (Ethical Challenge and Responses).pptxMillenials and Fillennials (Ethical Challenge and Responses).pptx
Millenials and Fillennials (Ethical Challenge and Responses).pptx
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Project
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped data
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptx
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptx
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
Dust Of Snow By Robert Frost Class-X English CBSE
Dust Of Snow By Robert Frost Class-X English CBSEDust Of Snow By Robert Frost Class-X English CBSE
Dust Of Snow By Robert Frost Class-X English CBSE
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 

Computer Network, Internet, Computer Security and Cyber Ethics

  • 1. Submitted By:- Nitesh KumarYadav SubmittedTo:- Subash Paudel Sir Class :- 10 ‘B Computer Department Roll no:- 3 Laboratory Higher Secondary School Kirtipur
  • 2. PRESENTATION ON: COMPUTER NETWORK AND INTERNET. Introduction: A computer network is simply two or more computers connected together so they exchange information. A small network can be as simple as two computers linked together by a single cable or it may be a group of several computers connected at a central networking device through wired or wireless medium. Computer Network Components: Server: Powerful components that provides services such as print service, file service, web service etc. to the other computers on the network. Client: Computer that uses the services that a server provides. The client is less powerful than server. Media: A physical connection between the devices on a network. The media may be wired or wireless. Network Adaptor: Network adaptor or network interface card (NIC) is a circuit board with the components necessary for sending and receiving data. It is plugged into one of the available slots on the PC and transmission cable is attached to the connector of the NIC. Resources: Anything available to a client on the network is considered as resource.
  • 3. Advantages of Computer Network:  Network allows data transmission among far areas also within local areas.  Network allows users to share common set of data files and software stored in a system.  Network allows users to share common hardware resources such as printers, fax machines, modem, etc.  The cost of computing is reduced to each user as compared to the development maintain of each single computer system. Disadvantages of Computer Network:  If the network stops operating then it may not be possible to access various and software resources.  The efficiency of a network is very dependent on the skill of the system managed network may operate less efficiently than stand alone machines.  It is difficult to make system secured from hackers, novices or industrial  As traffic increases on the network, the performance degrades unless it is designed.
  • 4. Client server Network 1) A central server is available to all 2) Users IDs, passwords, and access are controlled by the central 3) Backup facilities are centralized: and information held centrally are backed up regularly. 4) All users are reliant on the service provided by the server. If the central computer goes down, all the users affected. Peer-to-peer Network 1) Sharing facilities are distributed throughout the network. 2) Security is not centrally controlled. 3) Backup is the responsibility of individual computer users. 4) No reliance on a central computers.
  • 5. Types Of Networks. 1) LAN (Local area network):  Owned by a single organization.  Diameter of not more than three kilometers. 2) WAN (Wide area network):  Owned by multiple organizations.  Covers a large geographical area. 3) MAN (Metropolitan area Network):  Based on the network architecture, the transmission speed can be higher for short distances.  A MAN, which can include one or more LANs as well as telecommunications equipment such as microwave and satellite relay stations, is smaller than a wide area network but generally operates at higher speed.
  • 6. Network Topologies A network topology refers to the physical layout of the network in which all the devices are connected. This includes all the hardware that makes up the network. BusTopology: Bus topology uses a common backbone to connect all the network devices in a network network in a linear shape. A single cable called a bus with a terminator at each end functions as the shared the shared communication medium for all the devices attached with this cable with an interface connector. • Advantage: 1> Easy to connect a computer or peripheral to a linear bus. 2> Requires less cable cable length than a star topology. • Disadvantage: 1>Whole network shuts down if there is a break in the main cable. 2>Terminators Terminators are necessary at both ends of the backbone cable. RingTopology: A ring topology is a network topology or circuit arrangement in which each network network device is attached along the same single path to other devices, forming a path in the shape of a ring. • Advantage: 1> Performs better than a star topology under heavy network load. 2> Can create much create much larger network usingToken Ring. • Disadvantage: 1> Moves, adds and changes of devices can affect the network. 2> Much slower than slower than an Ethernet network under normal load.
  • 7. Star Topology: In the computer networking world the most commonly used topology in LAN is the star topology. All the computers in the star topologies are connected to devices like hub, switch or router. • Advantage: 1> Easy to install and wire. 2> Easy to detect faults and to remove parts. • Disadvantage: 1> Requires more cable length than a bus topology. 2> If the hub or concentrator fails, nodes attached are disabled. Network Protocol A protocol is a set of rules that governs the communications between computers on a network. Standard networking Protocols  Transmission control protocol/Internet protocol (TCP/IP)  File transfer protocol (FTP)  Hypertext transfer protocol (HTTP)  Simple Mail transfer protocol (SMTP)
  • 8. Transmission Medium It is a medium through which information usually moves from one network device to another. Guided Transmission Media: It uses a cabling system that guides the data signals along a specific path. • Twisted Pair Cable: 1> Unshielded twisted pair 2> Shielded twisted pair. • Fiber Optic Cable • Co-axial Cable Cable connectors: • Twisted pair cable: RJ-45 • Co-axial cable: BNC • Fiber optics cable: ST connector Unguided Transmission Media: It is a technology that provides the ability to communicate between two or more entities over distance without the use of wires or cables of any sorts. • Infrared Rays • X-rays • Bluetooth • Ultra-violet Rays
  • 9. Networking Hardware 1) File servers: A file server stands at the heart of most networks. It is a very fast computer with a large amount of RAM and storage space, along with a fast network interface card. 2) Workstations: All of the user computers are connected to a network are called workstations. A typical workstation is a computer that is configured with a network interface card, software, and the appropriate cables. 3) Network Interface Card: The network interface card (NIC) provides the physical connection between the network and the computer workstation. 4) Hub: A hub is typically the least expensive, least intelligent, and least complicated central device than switch and router. Actually it broadcasts the signals to the entire connected doesn’t know the exact destination. 5) Switch: A switch is a device that channels incoming data from any of the multiple ports to the specific output port that will take the data towards its intended destination. 6) Routers: A router translates information from one network to another. Routers select the best path to route a message, based on the destination address and origin. 7) Bridges: A bridge is a device that allows you to segment a large network into two smaller, more efficient networks. 8) Gateways: A gateway is a network node that allows you to gain entrance into a network and vice versa. 9) Modem(Modulator-demodulator): Modem is a hardware that directly converts digital signal
  • 10. Internet Introduction: The internet is a global collection of high powered computers that are connected to each other with network cables, internet lines, microwave dishes, Internet is the largest computer network that connects millions of computers around world. It connects several thousand computer networks all over the world. So, it is network of networks. The internet is an information superhighway and has logically the world into a cyber-village. History of the Internet: Internet started with the ARPANET in 1969 AD. ARPA is the acronym for Research Project Agency which is the branch of Department of Defense (DOD) of States of America. That was the first computer network in the world. Another factor rapid growth of this network was the inclusion of the TCP/IP (Transmission Control Protocol/Internet Protocol). It was the first protocol developed by ARPANET. ARPENET changed into Defense Advanced Research Project Agency (DARPANET). In the of 1980, the DOD stopped funding for ARPANET and another agency ‘ National Science Foundation ’ had joined the ARPANET. Services of the Internet: • Electronic Mail
  • 11. • Video conference • Chatting • E-learning • Entertainment • Marketing and Advertising, etc. Some Common Internet Terminologies: Webpage: Web page is a document stored in an electronic form that contains information in specific or single topic (organization, government agency, personal etc.) text, graphics, sounds, animated pictures, hyperlinks etc. Website: A collection of interlinked web pages of an organization, government agency, University, Personal, company, etc. is known as website. Each website is identified by unique Internet Address known as Uniform Resource Locator (URL). Web server: A Web server is a computer that delivers web pages. The web sites are stored in web servers. To access the web pages of a web server, a client computer has HTTP. URL: URL stands for Uniform Resource Locator, the unique Internet address through which we can visit different websites. URLs are used to address and access individual
  • 12. DNS: DNS stands for Domain Name System (or services or server), is an internet service used for converting domain name into IP Address on the on local networks using the TCP/IP. ISP: The Internet Service Provider (ISP) is company or organization that provides Internet facility to the users. The internet can be connected using Integrated Service Digital Network (ISDN), leased line, cable line and connection. Search Engine: Search engine is the website that allows the users to search information based on keyboard or combinations of keywords in different and topics. Web Browser: Web browser is a software or program that accesses web pages and displays them on the user’s computer from around the world. In terms, it is a software required for browsing and surfing web sites. Intranet and Extranet: Intranet is a privately maintained computer network control by company or an organization. Similarly, Extranet is also private that uses Internet Protocols, connectivity.
  • 13. PRESENTATION ON COMPUTER SECURITY AND COMPUTERVIRUS Introduction: Computer security refers to the protection of the computer’s resources from accidental, intentional or natural disasters, including theft, physical damage, heat, power failure, illegal access, data piracy, virus infection, etc. Computer Security is the branch of computer technology known as information security as applied to computers and networks.The objective of the computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. It is further divided into two types: 1> Hardware security: Hardware security is the term used to describe the protection of the components of a computer system. In another word, the security given to the various hardware tools and equipment for the protection of computer hardware from the accidental or intentional harm is known as hardware security.
  • 14. Some Hardware Security Measures are:  Dust free environment  Regular maintenance  Proper Power supply  Protection from thieves  Insurance  Protection from fire  Air condition room
  • 15. 2> Software security: Data and software or programs are very important and valuable things of any organizations or computer owners. The lost of these data or programs can cause serious problems to the owners. It is very costly and difficult these important data and some causes that is impossible to recover them. So, data software security is important for any organization as well as every computer securing data and programs from being lost or damaged due to accidental or harm is known as software security. Some software security measures are:  Protection from computer viruses  Password protection  Backup System  Scandisk, etc.
  • 16. Computer Virus Introduction: A computer virus is a small executable program that spreads from one computer to another computer to another and interferes with computer operations. A virus programs contains instructions to initiate some sort of “event” that affects the infected computer. Each virus has a unique event associated with it. Virus is destructive program able to replicate itself.This means that the virus multiplies on a computer by making copies of it.This replication is intentional; it is part of the virus program. In most the cases, if a file that contains virus is executed or copied onto another computer, then that computer will also be “infected” by the same virus. A virus can be introduced to a computer system along with any software program. For internet user’s, this threat can come from downloading files or referencing email attachments. Symptoms of computer viruses:  Slows down the system performance  Program starts automatically without any instructions  Programs takes a long time to load suddenly  Frequently display unusual error messages or images  Computer stops responding or freezes frequently  The operating systems will not be loaded when you start your computer
  • 17.  Programs disappear from the computer  Random files and icons appearing on your desktop or other places when you did not install such things  Files and icons which were on your system before have disappeared. Effects of viruses:  Renaming the files with different names.  Reduces memory or disk space of your computer  Deletes or changes the contents of our computer  Change the size of files and folders  Changes the extension of files  Disables the antivirus program for no reason  Stops the installation of new software programs  Crashes and restarts computer in every few seconds  Corrupts the system’s file
  • 18. Different types of computer viruses: 1) Program or file Infector virus: Program or file infector virus affects programs or executable files having an extension .EXE, .BIN, .SYS, .COM, or .DRV. This virus may overwrite the file, or may only replace parts of the file that it infects. 2) Boot sector virus: Boot sector virus affects the boot sector or Master boot records (MBR) of a floppy or hard disk. 3) Multipartite virus: Multipartite virus affects the application programs and boot sector of a disk. It has combined features of both boot sector and file infectors viruses. 4) Stealth virus: Stealth virus is one of the most dangerous types of virus which try to trick anti-virus software by intercepting its requests to the operating system. 5) Polymorphic virus: Polymorphic virus is a type of destructive program that can change its appearance with every infection. It is also known as the encrypted virus. 6) Macro virus: Macro virus infects files that are created using word processing or spreadsheet programs which contain macros. 7) Script virus: Script virus infects programs written in high level scripting languages like Visual Basic script and JavaScript. This script virus changes the scripting codes in HTML and makes the document inaccessible and take longer time to load 8) Trojan Horse: A Trojan Horse is a harmful program that displays as a useful software and
  • 19. Spreading of computer virus:  Virus spread by the use of pirated software  Viruses spread by sharing of portable disks among the computers  Viruses spread by downloading files or programs from unsecure web sites  Virus spread by exchanging of infected data or files over network Antivirus Software: Antivirus software is a program that can detect, prevent and clean up may attempt to infect your computer system. It scans downloaded files as well as the entire system in order to detect the presence of an infection. There are a number of good antivirus choose from including Norton Antivirus, McAfee, AVG, Avira, Kaspersky, Avast, NOD 32, etc. Virus Prevention:  Use Antivirus Software  Don’t open attachments from unknown emails  Download software only from reputable and well known sites  Don’t use USB flash drive without scanning  Clear temporary Internet files and Cache regularly.
  • 20. PRESENTATION ON CYBER LAW AND COMPUTER ETHICS Introduction: The law that controls the legal issues in the Internet orWWW for digital data processing and transaction is called cyber law. It is a term that summarizes the legal issues related to use of communicative, transactional, and distributive aspects of networked information devices and technologies. Cyber law is important because it touches almost all aspect of transactions and activities on the cyberspace. It controls cyber crimes and misuse of computer. Virtual space created by world-wide computer network, Internet and telecommunication is called cyber space. Cyberspace was used in 1984 by authorWilliam Gibson in his scientific novel ‘Neuromancher’. It is controlled and managed by system of law and regulation called cyber law.
  • 21. The major laws include in cyber laws are: 1) Electronic and Digital Signature law 2) Cyber crime law 3) Data protection and privacy law 4) Tele-communication law 5) Intellectual property right law Cyber Crime: The criminal or illegal activities involving the information technology with the help of computers is known as cyber crime. It includes traditional crimes conducted the internet. Some of the criminal activities are: o Fraud achieved by the manipulation of computer records o Accessing others data or information illegally o Copying and disturbing software illegally o Intellectual Property theft, including software piracy o E-mail bombing, sending large number of mails o Making and digitally disturbing child pornography
  • 22. The effects of computer crime are:  Security problems  Physical theft of computers and other devices  Very less privacy  Destroying Data  Computer virus easily attack software and programs Cyber Law In Nepal: The main purpose of the formulating cyber law is to legalize the transaction through electronic media, to control and stop the various types of electronic a person or institution that does cyber crime. It also helps the IT sector to create a suitable for conducting and promoting IT business in a country. Cyber law of Nepal was passed in Nepal Bhadra 2061 BS (15 Sep 2004). The cyber law of Nepal is also known as Electronic Transaction Signature Act- 2061. The provision of cyber law of Nepal are listed below: • Provision of legal status to digital signatures, electronic record for introducing e-banking, e- commerce, etc • Provision of network services • Provision for the license regarding the IT customers and their duties and responsibilities • Provision for a legal framework to facilitate and safeguard electronic transactions in the medium.
  • 23. Computer Ethics: Ethics deals with placing a “value” on acts according to whether they are “good” or “bad”. Every society has its rules about acts are ethical or not. These rules have been established as a result of society and are often written into laws. When Computers first began to be society at large, the absence of ethical standards about their use and caused some problems. Some important commandments of computer ethics are mentioned below:  Do not use a computer to harm other people  Do not use a computer to publish fake information  Do not search the file or record of other people  Do not destroy or delete the records of other people  Do not use a computer to harm other people  Do not interfere with other people’s computer work  Do not snoop around in other people’s file
  • 24. Some common Terms: 1) Digital Signature: Digital Signature is a security mechanism system in the cyberspace for digital data transformation by attaching a code on the document of electronic records. 2) Encryption: The method of making the data or message unreadable by unauthorized people while transferring Internet is called Encryption. 3) Decryption: The method of converting encrypted data back into its original form make understandable to the receiver is as decryption.
  • 25. Internet has grown very fast and security has lagged behind. Legions of hackers have emerged as impedance to entering the hackers club is low. It is hard to trace the perpetrator of cyber attacks since the real identities are camouflaged It is very hard to track down people because of the ubiquity of the network. Large scale failures of internet can have a catastrophic impact on the economy which relies heavily on electronic transactions Crisis
  • 26.  In 1988 a "worm program" written by a college student shut down about 10 percent of computers connected to the Internet. This was the beginning of the era of cyber attacks.  Today we have about 10,000 incidents of cyber attacks which are reported and the number grows. Computer Crime – The Beginning
  • 27.  A 16-year-old music student called Richard Pryce, better known by the hacker alias Datastream Cowboy, is arrested and charged with breaking into hundreds of computers including those at the Griffiths Air Force base, Nasa and the Korean Atomic Research Institute. His online mentor, "Kuji", is never found.  Also this year, a group directed by Russian hackers broke into the computers of Citibank and transferred more than $10 million from customers' accounts. Eventually, Citibank recovered all but $400,000 of the pilfered money. Computer Crime - 1994
  • 28.  In February, Kevin Mitnick is arrested for a second time. He is charged with stealing 20,000 credit card numbers. He eventually spends four years in jail and on his release his parole conditions demand that he avoid contact with computers and mobile phones.  On November 15, Christopher Pile becomes the first person to be jailed for writing and distributing a computer virus. Mr Pile, who called himself the Black Baron, was sentenced to 18 months in jail.  The US General Accounting Office reveals that US Defense Department computers sustained 250,000 attacks in 1995. Computer Crime - 1995
  • 29.  In March, the Melissa virus goes on the rampage and wreaks havoc with computers worldwide. After a short investigation, the FBI tracks down and arrests the writer of the virus, a 29-year-old New Jersey computer programmer, David L Smith.  More than 90 percent of large corporations and government agencies were the victims of computer security breaches in 1999 Computer Crime - 1999
  • 30.  In February, some of the most popular websites in the world such as Amazon and Yahoo are almost overwhelmed by being flooded with bogus requests for data.  In May, the ILOVEYOU virus is unleashed and clogs computers worldwide. Over the coming months, variants of the virus are released that manage to catch out companies that didn't do enough to protect themselves.  In October, Microsoft admits that its corporate network has been hacked and source code for future Windows products has been seen. Computer Crime - 2000
  • 31.  Some of the sites which have been compromised  U.S. Department of Commerce  NASA  CIA  Greenpeace  Motorola  UNICEF  Church of Christ …  Some sites which have been rendered ineffective  Yahoo  Microsoft  Amazon … Why Security?
  • 32.  Because they can  A large fraction of hacker attacks have been pranks  Financial Gain  Espionage  Venting anger at a company or organization  Terrorism Why do Hackers Attack?
  • 33.  Active Attacks  Denial of Service  Breaking into a site  Intelligence Gathering  Resource Usage  Deception  Passive Attacks  Sniffing  Passwords  Network Traffic  Sensitive Information  Information Gathering Types of Hacker Attack
  • 34.  Over the Internet  Over LAN  Locally  Offline  Theft  Deception Modes of Hacker Attack
  • 35. Definition: An attacker alters his identity so that some one thinks he is some one else  Email, User ID, IP Address, …  Attacker exploits trust relation between user and networked machines to gain access to machines Types of Spoofing: 1. IP Spoofing: 2. Email Spoofing 3. Web Spoofing Spoofing
  • 36. Definition: Attacker uses IP address of another computer to acquire information or gain access IP Spoofing – Flying-Blind Attack Replies sent back to 10.10.20.30 Spoofed Address 10.10.20.30 Attacker 10.10.50.50 John 10.10.5.5 From Address: 10.10.20.30 To Address: 10.10.5.5 • Attacker changes his own IP address to spoofed address • Attacker can send messages to a machine masquerading as spoofed machine • Attacker can not receive messages from that machine
  • 37. Definition: Attacker spoofs the address of another machine and inserts itself between the attacked machine and the spoofed machine to intercept replies IP Spoofing – Source Routing Replies sent back to 10.10.20.30 Spoofed Address 10.10.20.30 Attacker 10.10.50.50 John 10.10.5.5 From Address: 10.10.20.30 To Address: 10.10.5.5 • The path a packet may change can vary over time • To ensure that he stays in the loop the attacker uses source routing to ensure that the packet passes through certain nodes on the network Attacker intercepts packets as they go to 10.10.20.30
  • 38. Definition: Attacker sends messages masquerading as some one else What can be the repercussions? Types of Email Spoofing: 1. Create an account with similar email address – Sanjaygoel@yahoo.com: A message from this account can perplex the students 2. Modify a mail client – Attacker can put in any return address he wants to in the mail he sends 3. Telnet to port 25 – Most mail servers use port 25 for SMTP. Attacker logs on to this port and composes a message for the user. Email Spoofing
  • 39.  Basic  Attacker registers a web address matching an entity e.g. votebush.com, geproducts.com, gesucks.com  Man-in-the-Middle Attack  Attacker acts as a proxy between the web server and the client  Attacker has to compromise the router or a node through which the relevant traffic flows  URL Rewriting  Attacker redirects web traffic to another site that is controlled by the attacker  Attacker writes his own web site address before the legitimate link  Tracking State  When a user logs on to a site a persistent authentication is maintained  This authentication can be stolen for masquerading as the user Web Spoofing
  • 40.  Web Site maintains authentication so that the user does not have to authenticate repeatedly  Three types of tracking methods are used: 1. Cookies: Line of text with ID on the users cookie file – Attacker can read the ID from users cookie file 2. URL Session Tracking: An id is appended to all the links in the website web pages. – Attacker can guess or read this id and masquerade as user 3. Hidden Form Elements – ID is hidden in form elements which are not visible to user – Hacker can modify these to masquerade as another user Web Spoofing – Tracking State
  • 41. Definition: Process of taking over an existing active session Modus Operandi: 1. User makes a connection to the server by authenticating using his user ID and password. 2. After the users authenticate, they have access to the server as long as the session lasts. 3. Hacker takes the user offline by denial of service 4. Hacker gains access to the user by impersonating the user Session Hijacking
  • 42.  Attacker can  monitor the session  periodically inject commands into session  launch passive and active attacks from the session Session Hijacking Bob telnets to Server Bob authenticates to Server Bob Attacker Server Die! Hi! I am Bob
  • 43.  Attackers exploit sequence numbers to hijack sessions  Sequence numbers are 32-bit counters used to:  tell receiving machines the correct order of packets  Tell sender which packets are received and which are lost  Receiver and Sender have their own sequence numbers  When two parties communicate the following are needed:  IP addresses  Port Numbers  Sequence Number  IP addresses and port numbers are easily available so once the attacker gets the server to accept his guesses sequence number he can hijack the session. Session Hijacking – How Does it Work?
  • 44. Definition: Attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the system so that no one else can use it. Types: 1. Crashing the system or network – Send the victim data or packets which will cause system to crash or reboot. 2. Exhausting the resources by flooding the system or network with information – Since all resources are exhausted others are denied access to the resources 3. Distributed DOS attacks are coordinated denial of service attacks involving several people and/or machines to launch attacks Denial of Service (DOS) Attack
  • 45. Types: 1. Ping of Death 2. SSPing 3. Land 4. Smurf 5. SYN Flood 6. CPU Hog 7. Win Nuke 8. RPC Locator 9. Jolt2 10. Bubonic 11. Microsoft Incomplete TCP/IP Packet Vulnerability 12. HP Openview Node Manager SNMP DOS Vulneability 13. Netscreen Firewall DOS Vulnerability 14. Checkpoint Firewall DOS Vulnerability Denial of Service (DOS) Attack
  • 46.  This attack takes advantage of the way in which information is stored by computer programs  An attacker tries to store more information on the stack than the size of the buffer How does it work? Buffer Overflow Attacks • Buffer 2 Local Variable 2 Buffer 1 Local Variable 1 Return Pointer Function Call Arguments • Fill Direction Bottom of Memory Top of Memory Normal Stack • Buffer 2 Local Variable 2 Machine Code: execve(/bin/sh) New Pointer to Exec Code Function Call Arguments • Fill Direction Bottom of Memory Top of Memory Smashed Stack Return Pointer Overwritten Buffer 1 Space Overwritten
  • 47.  Programs which do not do not have a rigorous memory check in the code are vulnerable to this attack  Simple weaknesses can be exploited  If memory allocated for name is 50 characters, someone can break the system by sending a fictitious name of more than 50 characters  Can be used for espionage, denial of service or compromising the integrity of the data Examples  NetMeeting Buffer Overflow  Outlook Buffer Overflow  AOL Instant Messenger Buffer Overflow  SQL Server 2000 Extended Stored Procedure Buffer Overflow Buffer Overflow Attacks
  • 48.  A hacker can exploit a weak passwords & uncontrolled network modems easily  Steps  Hacker gets the phone number of a company  Hacker runs war dialer program  If original number is 555-5532 he runs all numbers in the 555-55xx range  When modem answers he records the phone number of modem  Hacker now needs a user id and password to enter company network  Companies often have default accounts e.g. temp, anonymous with no password  Often the root account uses company name as the password  For strong passwords password cracking techniques exist Password Attacks
  • 49.  Password hashed and stored  Salt added to randomize password & stored on system  Password attacks launched to crack encrypted password Password Security Hash Function Hashed Password Salt Compare Password Client Password Server Stored Password Hashed Password Allow/Deny Access
  • 50.  Find a valid user ID  Create a list of possible passwords  Rank the passwords from high probability to low  Type in each password  If the system allows you in – success !  If not, try again, being careful not to exceed password lockout (the number of times you can guess a wrong password before the system shuts down and won’t let you try any more) Password Attacks - Process
  • 51.  Dictionary Attack  Hacker tries all words in dictionary to crack password  70% of the people use dictionary words as passwords  Brute Force Attack  Try all permutations of the letters & symbols in the alphabet  Hybrid Attack  Words from dictionary and their variations used in attack  Social Engineering  People write passwords in different places  People disclose passwords naively to others  Shoulder Surfing  Hackers slyly watch over peoples shoulders to steal passwords  Dumpster Diving  People dump their trash papers in garbage which may contain information to crack passwords Password Attacks - Types