Computer Network, Internet, Computer Security and Cyber Ethics
1. Submitted By:- Nitesh KumarYadav SubmittedTo:- Subash Paudel Sir
Class :- 10 ‘B Computer Department
Roll no:- 3
Laboratory Higher Secondary School Kirtipur
2. PRESENTATION ON:
COMPUTER NETWORK AND INTERNET.
Introduction:
A computer network is simply two or more computers connected together so they
exchange information. A small network can be as simple as two computers linked together
by a single cable or it may be a group of several computers connected at a central
networking device through wired or wireless medium.
Computer Network Components:
Server: Powerful components that provides services such as print service, file service, web
service etc. to the other computers on the network.
Client: Computer that uses the services that a server provides. The client is less powerful
than server.
Media: A physical connection between the devices on a network. The media may be wired
or wireless.
Network Adaptor: Network adaptor or network interface card (NIC) is a circuit board with
the components necessary for sending and receiving data. It is plugged into one of the
available slots on the PC and transmission cable is attached to the connector of the NIC.
Resources: Anything available to a client on the network is considered as resource.
3. Advantages of Computer Network:
Network allows data transmission among far areas also within local areas.
Network allows users to share common set of data files and software stored in a
system.
Network allows users to share common hardware resources such as printers, fax
machines, modem, etc.
The cost of computing is reduced to each user as compared to the development
maintain of each single computer system.
Disadvantages of Computer Network:
If the network stops operating then it may not be possible to access various
and software resources.
The efficiency of a network is very dependent on the skill of the system
managed network may operate less efficiently than stand alone machines.
It is difficult to make system secured from hackers, novices or industrial
As traffic increases on the network, the performance degrades unless it is
designed.
4. Client server Network
1) A central server is available to all
2) Users IDs, passwords, and access
are controlled by the central
3) Backup facilities are centralized:
and information held centrally are
backed up regularly.
4) All users are reliant on the service
provided by the server. If the central
computer goes down, all the users
affected.
Peer-to-peer Network
1) Sharing facilities are distributed
throughout the network.
2) Security is not centrally controlled.
3) Backup is the responsibility of
individual computer users.
4) No reliance on a central computers.
5. Types Of Networks.
1) LAN (Local area network):
Owned by a single organization.
Diameter of not more than three kilometers.
2) WAN (Wide area network):
Owned by multiple organizations.
Covers a large geographical area.
3) MAN (Metropolitan area Network):
Based on the network architecture, the transmission speed can be higher for short
distances.
A MAN, which can include one or more LANs as well as telecommunications
equipment such as microwave and satellite relay stations, is smaller than
a wide area network but generally operates at higher speed.
6. Network Topologies
A network topology refers to the physical layout of the network in which all the devices are connected.
This includes all the hardware that makes up the network.
BusTopology: Bus topology uses a common backbone to connect all the network devices in a network
network in a linear shape. A single cable called a bus with a terminator at each end functions as the
shared the shared communication medium for all the devices attached with this cable with an interface
connector.
• Advantage: 1> Easy to connect a computer or peripheral to a linear bus. 2> Requires less cable
cable length than a star topology.
• Disadvantage: 1>Whole network shuts down if there is a break in the main cable. 2>Terminators
Terminators are necessary at both ends of the backbone cable.
RingTopology: A ring topology is a network topology or circuit arrangement in which each network
network device is attached along the same single path to other devices, forming a path in the shape of a
ring.
• Advantage: 1> Performs better than a star topology under heavy network load. 2> Can create much
create much larger network usingToken Ring.
• Disadvantage: 1> Moves, adds and changes of devices can affect the network. 2> Much slower than
slower than an Ethernet network under normal load.
7. Star Topology: In the computer networking world the most commonly used topology
in LAN is the star topology. All the computers in the star topologies are connected to
devices like hub, switch or router.
• Advantage: 1> Easy to install and wire. 2> Easy to detect faults and to remove
parts.
• Disadvantage: 1> Requires more cable length than a bus topology. 2> If the hub or
concentrator fails, nodes attached are disabled.
Network Protocol
A protocol is a set of rules that governs the communications between computers on a
network.
Standard networking Protocols
Transmission control protocol/Internet protocol (TCP/IP)
File transfer protocol (FTP)
Hypertext transfer protocol (HTTP)
Simple Mail transfer protocol (SMTP)
8. Transmission Medium
It is a medium through which information usually moves from one network device to another.
Guided Transmission Media: It uses a cabling system that guides the data signals along a
specific path.
• Twisted Pair Cable: 1> Unshielded twisted pair 2> Shielded twisted pair.
• Fiber Optic Cable
• Co-axial Cable
Cable connectors:
• Twisted pair cable: RJ-45
• Co-axial cable: BNC
• Fiber optics cable: ST connector
Unguided Transmission Media: It is a technology that provides the ability to communicate
between two or more entities over distance without the use of wires or cables of any sorts.
• Infrared Rays
• X-rays
• Bluetooth
• Ultra-violet Rays
9. Networking Hardware
1) File servers: A file server stands at the heart of most networks. It is a very fast computer
with a large amount of RAM and storage space, along with a fast network interface card.
2) Workstations: All of the user computers are connected to a network are called workstations.
A typical workstation is a computer that is configured with a network interface card,
software, and the appropriate cables.
3) Network Interface Card: The network interface card (NIC) provides the physical connection
between the network and the computer workstation.
4) Hub: A hub is typically the least expensive, least intelligent, and least complicated central
device than switch and router. Actually it broadcasts the signals to the entire connected
doesn’t know the exact destination.
5) Switch: A switch is a device that channels incoming data from any of the multiple ports to
the specific output port that will take the data towards its intended destination.
6) Routers: A router translates information from one network to another. Routers select the
best path to route a message, based on the destination address and origin.
7) Bridges: A bridge is a device that allows you to segment a large network into two smaller,
more efficient networks.
8) Gateways: A gateway is a network node that allows you to gain entrance into a network and
vice versa.
9) Modem(Modulator-demodulator): Modem is a hardware that directly converts digital signal
10. Internet
Introduction:
The internet is a global collection of high powered computers that are
connected to each other with network cables, internet lines, microwave dishes,
Internet is the largest computer network that connects millions of computers around
world. It connects several thousand computer networks all over the world. So, it is
network of networks. The internet is an information superhighway and has logically
the world into a cyber-village.
History of the Internet:
Internet started with the ARPANET in 1969 AD. ARPA is the acronym for
Research Project Agency which is the branch of Department of Defense (DOD) of
States of America. That was the first computer network in the world. Another factor
rapid growth of this network was the inclusion of the TCP/IP (Transmission Control
Protocol/Internet Protocol). It was the first protocol developed by ARPANET.
ARPENET changed into Defense Advanced Research Project Agency (DARPANET). In the
of 1980, the DOD stopped funding for ARPANET and another agency ‘ National Science
Foundation ’ had joined the ARPANET.
Services of the Internet:
• Electronic Mail
11. • Video conference
• Chatting
• E-learning
• Entertainment
• Marketing and Advertising, etc.
Some Common Internet Terminologies:
Webpage: Web page is a document stored in an electronic form that contains
information in specific or single topic (organization, government agency, personal etc.)
text, graphics, sounds, animated pictures, hyperlinks etc.
Website: A collection of interlinked web pages of an organization, government agency,
University, Personal, company, etc. is known as website. Each website is identified by
unique Internet Address known as Uniform Resource Locator (URL).
Web server: A Web server is a computer that delivers web pages. The web sites are
stored in web servers. To access the web pages of a web server, a client computer has
HTTP.
URL: URL stands for Uniform Resource Locator, the unique Internet address through
which we can visit different websites. URLs are used to address and access individual
12. DNS: DNS stands for Domain Name System (or services or server), is an
internet service used for converting domain name into IP Address on the
on local networks using the TCP/IP.
ISP: The Internet Service Provider (ISP) is company or organization that
provides Internet facility to the users. The internet can be connected using
Integrated Service Digital Network (ISDN), leased line, cable line and
connection.
Search Engine: Search engine is the website that allows the users to search
information based on keyboard or combinations of keywords in different
and topics.
Web Browser: Web browser is a software or program that accesses web
pages and displays them on the user’s computer from around the world. In
terms, it is a software required for browsing and surfing web sites.
Intranet and Extranet: Intranet is a privately maintained computer network
control by company or an organization. Similarly, Extranet is also private
that uses Internet Protocols, connectivity.
13. PRESENTATION ON COMPUTER
SECURITY AND
COMPUTERVIRUS
Introduction:
Computer security refers to the protection of the computer’s resources from accidental,
intentional or natural disasters, including theft, physical damage, heat, power failure,
illegal access, data piracy, virus infection, etc. Computer Security is the branch of
computer technology known as information security as applied to computers and
networks.The objective of the computer security includes protection of information and
property from theft, corruption, or natural disaster, while allowing the information and
property to remain accessible and productive to its intended users.
It is further divided into two types:
1> Hardware security: Hardware security is the term used to describe the protection of
the components of a computer system. In another word, the security given to the
various hardware tools and equipment for the protection of computer hardware from
the accidental or intentional harm is known as hardware security.
14. Some Hardware Security Measures are:
Dust free environment
Regular maintenance
Proper Power supply
Protection from thieves
Insurance
Protection from fire
Air condition room
15. 2> Software security: Data and software or programs are very important and
valuable things of any organizations or computer owners. The lost of these data or
programs can cause serious problems to the owners. It is very costly and difficult
these important data and some causes that is impossible to recover them. So, data
software security is important for any organization as well as every computer
securing data and programs from being lost or damaged due to accidental or
harm is known as software security.
Some software security measures are:
Protection from computer viruses
Password protection
Backup System
Scandisk, etc.
16. Computer Virus
Introduction:
A computer virus is a small executable program that spreads from one computer to another
computer to another and interferes with computer operations. A virus programs contains
instructions to initiate some sort of “event” that affects the infected computer. Each virus has a
unique event associated with it.
Virus is destructive program able to replicate itself.This means
that the virus multiplies on a computer by making copies of it.This replication is intentional; it is part
of the virus program. In most the cases, if a file that contains virus is executed or copied onto
another computer, then that computer will also be “infected” by the same virus. A virus can be
introduced to a computer system along with any software program. For internet user’s, this threat
can come from downloading files or referencing email attachments.
Symptoms of computer viruses:
Slows down the system performance
Program starts automatically without any instructions
Programs takes a long time to load suddenly
Frequently display unusual error messages or images
Computer stops responding or freezes frequently
The operating systems will not be loaded when you start your computer
17. Programs disappear from the computer
Random files and icons appearing on your desktop or other places when you did not
install such things
Files and icons which were on your system before have disappeared.
Effects of viruses:
Renaming the files with different names.
Reduces memory or disk space of your computer
Deletes or changes the contents of our computer
Change the size of files and folders
Changes the extension of files
Disables the antivirus program for no reason
Stops the installation of new software programs
Crashes and restarts computer in every few seconds
Corrupts the system’s file
18. Different types of computer viruses:
1) Program or file Infector virus: Program or file infector virus affects programs or
executable files having an extension .EXE, .BIN, .SYS, .COM, or .DRV. This virus may
overwrite the file, or may only replace parts of the file that it infects.
2) Boot sector virus: Boot sector virus affects the boot sector or Master boot records (MBR)
of a floppy or hard disk.
3) Multipartite virus: Multipartite virus affects the application programs and boot sector of a
disk. It has combined features of both boot sector and file infectors viruses.
4) Stealth virus: Stealth virus is one of the most dangerous types of virus which try to trick
anti-virus software by intercepting its requests to the operating system.
5) Polymorphic virus: Polymorphic virus is a type of destructive program that can change its
appearance with every infection. It is also known as the encrypted virus.
6) Macro virus: Macro virus infects files that are created using word processing or
spreadsheet programs which contain macros.
7) Script virus: Script virus infects programs written in high level scripting languages like
Visual Basic script and JavaScript. This script virus changes the scripting codes in HTML
and makes the document inaccessible and take longer time to load
8) Trojan Horse: A Trojan Horse is a harmful program that displays as a useful software and
19. Spreading of computer virus:
Virus spread by the use of pirated software
Viruses spread by sharing of portable disks among the computers
Viruses spread by downloading files or programs from unsecure web sites
Virus spread by exchanging of infected data or files over network
Antivirus Software:
Antivirus software is a program that can detect, prevent and clean up
may attempt to infect your computer system. It scans downloaded files as well as the entire
system in order to detect the presence of an infection. There are a number of good antivirus
choose from including Norton Antivirus, McAfee, AVG, Avira, Kaspersky, Avast, NOD 32, etc.
Virus Prevention:
Use Antivirus Software
Don’t open attachments from unknown emails
Download software only from reputable and well known sites
Don’t use USB flash drive without scanning
Clear temporary Internet files and Cache regularly.
20. PRESENTATION ON CYBER
LAW AND
COMPUTER ETHICS
Introduction:
The law that controls the legal issues in the Internet orWWW for digital data
processing and transaction is called cyber law. It is a term that summarizes the legal issues
related to use of communicative, transactional, and distributive aspects of networked
information devices and technologies. Cyber law is important because it touches almost all
aspect of transactions and activities on the cyberspace. It controls cyber crimes and misuse of
computer.
Virtual space created by world-wide computer network, Internet and telecommunication
is called cyber space. Cyberspace was used in 1984 by authorWilliam Gibson in his scientific
novel ‘Neuromancher’. It is controlled and managed by system of law and regulation called
cyber law.
21. The major laws include in cyber laws are:
1) Electronic and Digital Signature law
2) Cyber crime law
3) Data protection and privacy law
4) Tele-communication law
5) Intellectual property right law
Cyber Crime: The criminal or illegal activities involving the information technology with
the help of computers is known as cyber crime. It includes traditional crimes conducted
the internet. Some of the criminal activities are:
o Fraud achieved by the manipulation of computer records
o Accessing others data or information illegally
o Copying and disturbing software illegally
o Intellectual Property theft, including software piracy
o E-mail bombing, sending large number of mails
o Making and digitally disturbing child pornography
22. The effects of computer crime are:
Security problems
Physical theft of computers and other devices
Very less privacy
Destroying Data
Computer virus easily attack software and programs
Cyber Law In Nepal:
The main purpose of the formulating cyber law is to legalize the
transaction through electronic media, to control and stop the various types of electronic
a person or institution that does cyber crime. It also helps the IT sector to create a suitable
for conducting and promoting IT business in a country. Cyber law of Nepal was passed in Nepal
Bhadra 2061 BS (15 Sep 2004). The cyber law of Nepal is also known as Electronic Transaction
Signature Act- 2061. The provision of cyber law of Nepal are listed below:
• Provision of legal status to digital signatures, electronic record for introducing e-banking, e-
commerce, etc
• Provision of network services
• Provision for the license regarding the IT customers and their duties and responsibilities
• Provision for a legal framework to facilitate and safeguard electronic transactions in the
medium.
23. Computer Ethics:
Ethics deals with placing a “value” on acts according to
whether they are “good” or “bad”. Every society has its rules about
acts are ethical or not. These rules have been established as a result of
society and are often written into laws. When Computers first began to be
society at large, the absence of ethical standards about their use and
caused some problems.
Some important commandments of computer ethics are mentioned below:
Do not use a computer to harm other people
Do not use a computer to publish fake information
Do not search the file or record of other people
Do not destroy or delete the records of other people
Do not use a computer to harm other people
Do not interfere with other people’s computer work
Do not snoop around in other people’s file
24. Some common Terms:
1) Digital Signature: Digital Signature is a security mechanism
system in the cyberspace for digital data transformation by
attaching a code on the document of electronic records.
2) Encryption: The method of making the data or message
unreadable by unauthorized people while transferring
Internet is called Encryption.
3) Decryption: The method of converting encrypted data back
into its original form make understandable to the receiver is
as decryption.
25. Internet has grown very fast and security has lagged
behind.
Legions of hackers have emerged as impedance to
entering the hackers club is low.
It is hard to trace the perpetrator of cyber attacks since
the real identities are camouflaged
It is very hard to track down people because of the
ubiquity of the network.
Large scale failures of internet can have a catastrophic
impact on the economy which relies heavily on
electronic transactions
Crisis
26. In 1988 a "worm program" written by a
college student shut down about 10 percent
of computers connected to the Internet.
This was the beginning of the era of cyber
attacks.
Today we have about 10,000 incidents of
cyber attacks which are reported and the
number grows.
Computer Crime – The Beginning
27. A 16-year-old music student called Richard Pryce,
better known by the hacker alias Datastream
Cowboy, is arrested and charged with breaking into
hundreds of computers including those at the
Griffiths Air Force base, Nasa and the Korean Atomic
Research Institute. His online mentor, "Kuji", is
never found.
Also this year, a group directed by Russian hackers
broke into the computers of Citibank and
transferred more than $10 million from customers'
accounts. Eventually, Citibank recovered all but
$400,000 of the pilfered money.
Computer Crime - 1994
28. In February, Kevin Mitnick is arrested for a second
time. He is charged with stealing 20,000 credit card
numbers. He eventually spends four years in jail
and on his release his parole conditions demand
that he avoid contact with computers and mobile
phones.
On November 15, Christopher Pile becomes the first
person to be jailed for writing and distributing a
computer virus. Mr Pile, who called himself the
Black Baron, was sentenced to 18 months in jail.
The US General Accounting Office reveals that US
Defense Department computers sustained 250,000
attacks in 1995.
Computer Crime - 1995
29. In March, the Melissa virus goes on the rampage
and wreaks havoc with computers worldwide. After
a short investigation, the FBI tracks down and
arrests the writer of the virus, a 29-year-old New
Jersey computer programmer, David L Smith.
More than 90 percent of large corporations and
government agencies were the victims of computer
security breaches in 1999
Computer Crime - 1999
30. In February, some of the most popular websites in
the world such as Amazon and Yahoo are almost
overwhelmed by being flooded with bogus requests
for data.
In May, the ILOVEYOU virus is unleashed and clogs
computers worldwide. Over the coming months,
variants of the virus are released that manage to
catch out companies that didn't do enough to
protect themselves.
In October, Microsoft admits that its corporate
network has been hacked and source code for future
Windows products has been seen.
Computer Crime - 2000
31. Some of the sites which have been compromised
U.S. Department of Commerce
NASA
CIA
Greenpeace
Motorola
UNICEF
Church of Christ …
Some sites which have been rendered ineffective
Yahoo
Microsoft
Amazon …
Why Security?
32. Because they can
A large fraction of hacker attacks have been pranks
Financial Gain
Espionage
Venting anger at a company or organization
Terrorism
Why do Hackers Attack?
33. Active Attacks
Denial of Service
Breaking into a site
Intelligence Gathering
Resource Usage
Deception
Passive Attacks
Sniffing
Passwords
Network Traffic
Sensitive Information
Information Gathering
Types of Hacker Attack
34. Over the Internet
Over LAN
Locally
Offline
Theft
Deception
Modes of Hacker Attack
35. Definition:
An attacker alters his identity so that some one thinks he
is some one else
Email, User ID, IP Address, …
Attacker exploits trust relation between user and
networked machines to gain access to machines
Types of Spoofing:
1. IP Spoofing:
2. Email Spoofing
3. Web Spoofing
Spoofing
36. Definition:
Attacker uses IP address of another computer to acquire
information or gain access
IP Spoofing – Flying-Blind
Attack
Replies sent back to 10.10.20.30
Spoofed Address
10.10.20.30
Attacker
10.10.50.50
John
10.10.5.5
From Address: 10.10.20.30
To Address: 10.10.5.5
• Attacker changes his own IP address
to spoofed address
• Attacker can send messages to a
machine masquerading as spoofed
machine
• Attacker can not receive messages
from that machine
37. Definition:
Attacker spoofs the address of another machine and inserts
itself between the attacked machine and the spoofed machine
to intercept replies
IP Spoofing – Source Routing
Replies sent back
to 10.10.20.30
Spoofed Address
10.10.20.30
Attacker
10.10.50.50
John
10.10.5.5
From Address: 10.10.20.30
To Address: 10.10.5.5
• The path a packet may change can vary over time
• To ensure that he stays in the loop the attacker uses source routing
to ensure that the packet passes through certain nodes on the
network
Attacker intercepts packets
as they go to 10.10.20.30
38. Definition:
Attacker sends messages masquerading as some one else
What can be the repercussions?
Types of Email Spoofing:
1. Create an account with similar email address
– Sanjaygoel@yahoo.com: A message from this account can perplex
the students
2. Modify a mail client
– Attacker can put in any return address he wants to in the mail he
sends
3. Telnet to port 25
– Most mail servers use port 25 for SMTP. Attacker logs on to this
port and composes a message for the user.
Email Spoofing
39. Basic
Attacker registers a web address matching an entity e.g.
votebush.com, geproducts.com, gesucks.com
Man-in-the-Middle Attack
Attacker acts as a proxy between the web server and the client
Attacker has to compromise the router or a node through which the
relevant traffic flows
URL Rewriting
Attacker redirects web traffic to another site that is controlled by
the attacker
Attacker writes his own web site address before the legitimate link
Tracking State
When a user logs on to a site a persistent authentication is
maintained
This authentication can be stolen for masquerading as the user
Web Spoofing
40. Web Site maintains authentication so that the
user does not have to authenticate repeatedly
Three types of tracking methods are used:
1. Cookies: Line of text with ID on the users cookie file
– Attacker can read the ID from users cookie file
2. URL Session Tracking: An id is appended to all the links
in the website web pages.
– Attacker can guess or read this id and masquerade as user
3. Hidden Form Elements
– ID is hidden in form elements which are not visible to user
– Hacker can modify these to masquerade as another user
Web Spoofing – Tracking
State
41. Definition:
Process of taking over an existing active session
Modus Operandi:
1. User makes a connection to the server by
authenticating using his user ID and password.
2. After the users authenticate, they have access to the
server as long as the session lasts.
3. Hacker takes the user offline by denial of service
4. Hacker gains access to the user by impersonating the
user
Session Hijacking
42. Attacker can
monitor the session
periodically inject commands into session
launch passive and active attacks from the session
Session Hijacking
Bob telnets to Server
Bob authenticates to Server
Bob
Attacker
Server
Die! Hi! I am Bob
43. Attackers exploit sequence numbers to hijack sessions
Sequence numbers are 32-bit counters used to:
tell receiving machines the correct order of packets
Tell sender which packets are received and which are lost
Receiver and Sender have their own sequence numbers
When two parties communicate the following are needed:
IP addresses
Port Numbers
Sequence Number
IP addresses and port numbers are easily available so once
the attacker gets the server to accept his guesses
sequence number he can hijack the session.
Session Hijacking – How Does it
Work?
44. Definition:
Attack through which a person can render a system unusable or
significantly slow down the system for legitimate users by
overloading the system so that no one else can use it.
Types:
1. Crashing the system or network
– Send the victim data or packets which will cause system to crash or
reboot.
2. Exhausting the resources by flooding the system or network with
information
– Since all resources are exhausted others are denied access to the
resources
3. Distributed DOS attacks are coordinated denial of service attacks
involving several people and/or machines to launch attacks
Denial of Service (DOS)
Attack
45. Types:
1. Ping of Death
2. SSPing
3. Land
4. Smurf
5. SYN Flood
6. CPU Hog
7. Win Nuke
8. RPC Locator
9. Jolt2
10. Bubonic
11. Microsoft Incomplete TCP/IP Packet Vulnerability
12. HP Openview Node Manager SNMP DOS Vulneability
13. Netscreen Firewall DOS Vulnerability
14. Checkpoint Firewall DOS Vulnerability
Denial of Service (DOS)
Attack
46. This attack takes advantage of the way in which information is stored by computer programs
An attacker tries to store more information on the stack than the size of the buffer
How does it work?
Buffer Overflow Attacks
•
Buffer 2
Local Variable 2
Buffer 1
Local Variable 1
Return Pointer
Function Call
Arguments
•
Fill
Direction
Bottom of
Memory
Top of
Memory
Normal Stack
•
Buffer 2
Local Variable 2
Machine Code:
execve(/bin/sh)
New Pointer to
Exec Code
Function Call
Arguments
•
Fill
Direction
Bottom of
Memory
Top of
Memory
Smashed Stack
Return Pointer Overwritten
Buffer 1 Space Overwritten
47. Programs which do not do not have a rigorous memory check in
the code are vulnerable to this attack
Simple weaknesses can be exploited
If memory allocated for name is 50 characters, someone can break
the system by sending a fictitious name of more than 50 characters
Can be used for espionage, denial of service or compromising
the integrity of the data
Examples
NetMeeting Buffer Overflow
Outlook Buffer Overflow
AOL Instant Messenger Buffer Overflow
SQL Server 2000 Extended Stored Procedure Buffer Overflow
Buffer Overflow Attacks
48. A hacker can exploit a weak passwords &
uncontrolled network modems easily
Steps
Hacker gets the phone number of a company
Hacker runs war dialer program
If original number is 555-5532 he runs all numbers in the 555-55xx
range
When modem answers he records the phone number of modem
Hacker now needs a user id and password to enter
company network
Companies often have default accounts e.g. temp, anonymous with
no password
Often the root account uses company name as the password
For strong passwords password cracking techniques exist
Password Attacks
49. Password hashed and stored
Salt added to randomize password & stored on system
Password attacks launched to crack encrypted
password
Password Security
Hash
Function
Hashed
Password
Salt
Compare
Password
Client
Password
Server
Stored Password
Hashed
Password
Allow/Deny Access
50. Find a valid user ID
Create a list of possible passwords
Rank the passwords from high probability to low
Type in each password
If the system allows you in – success !
If not, try again, being careful not to exceed
password lockout (the number of times you can
guess a wrong password before the system shuts
down and won’t let you try any more)
Password Attacks - Process
51. Dictionary Attack
Hacker tries all words in dictionary to crack password
70% of the people use dictionary words as passwords
Brute Force Attack
Try all permutations of the letters & symbols in the alphabet
Hybrid Attack
Words from dictionary and their variations used in attack
Social Engineering
People write passwords in different places
People disclose passwords naively to others
Shoulder Surfing
Hackers slyly watch over peoples shoulders to steal passwords
Dumpster Diving
People dump their trash papers in garbage which may contain
information to crack passwords
Password Attacks - Types