2. WHAT IS NETWORK SECURITY?
• Security is much larger than just packets, firewalls,
and hackers. Security includes:
– Policies and procedures
– Liabilities and laws
– Human behavior patterns
– Corporate security programs and implementation
– Technical aspects- firewalls, intrusion detection systems,
proxies, encryption, antivirus software, hacks, cracks, and
attacks
• Understanding hacking tools and how attacks are
carried out is only one piece of the puzzle.
2
3. ATTACKS
THERE ARE MANY TYPES OF ATTACKS
• SPOOFING ATTACK
• TELNET BASED ATTACK
• DOS (Daniel of service) ATTACK
• PING OF DEATH
• DISTRIBUTED DOS ATTACK
• MAILBOMBS
4. NEED FOR SECURITY
SOME EXELLENT SOFTWARE CAN PROVIDE
YOU BEST SECURITY
LIKE
• TROJAN
• FIREWALL
5. TROJAN
WINDOWS TROJANS ARE SMALL ASPECT OF
WINDOWS SECURUTY
TROJAN IS UNOTHORIZED PROGRAM
CONTAINED WITHIN A LEGIMATE PROGRAM
THIS PROGRAM PERFORMS FUNCTION
UNKNOWN BY USER
6. FIREWALL
FIREWALL IS ANY DEVICE USED TO PREVENT
OUTSIDERS FROM GAINING ACCESS TO YOUR
NETWORK
TYPES OF FIREWALLS
• PACKET FILTER
• APPLICATION PROXY
• PACKET INSPECTION
7. Common Steps for Attackers
Reconnaissance
– Intelligent work of obtaining information either
actively or passively
– Examples:
• Passively: Sniffing Traffic, eavesdropping
• Actively: Obtaining data from American Registry for
Internet Numbers (ARIN), whois databases, web sites,
social engineering
7
8. Common Steps for Attackers
• Scanning
– Identifying systems that are running and services
that are active on them
– Examples: Ping sweeps and port scans
8
9. Common Steps for Attackers
• Gaining Access
– Exploiting identified vulnerabilities to gain
unauthorized access
– Examples: Exploiting a buffer overflow or brute
forcing a password and logging onto a system
9
10. Common Steps for Attackers
• Maintaining Access
– Uploading malicious software to ensure re-entry is
possible
– Example: Installing a backdoor on a system
10
11. Common Steps for Attackers
• Covering Tracks
– Carrying out activities to hide one’s malicious
activities
– Example: Deleting or modifying data in a system
and its application logs
11