SlideShare una empresa de Scribd logo

Ehical Hacking: Unit no. 1 Information and Network Security

Descargar como PPTX, PDF
P
prachi67

T.Y.B.Sc. (Computer Science) Ethical Hacking Unit 1 Introduction to information security Types of malware

Educación
1 de 51
NETWORK SECURITY By Asst. Prof. Prachi Mishal
NETWORK SECURITY Network security is any activity designed to protect the usability and integrity(unity) of network and data. It includes both hardware and software technologies.
In network security, three common terms are used as: 1. Vulnerabilities 2. Threats 3. Attacks
VULNERABILITIES A vulnerability is a weakness that allows an attacker to reduce a system information assurance.
Primary vulnerabilities in network 1. Technology vulnerabilities 2. Configuration vulnerabilities 3. Security policy vulnerabilities
Technology vulnerabilities Computer and network technologies have intrinsic(built-in) security weakness.  TCP/IP protocol vulnerabilities (HTTP, FTP are inherently unsecure)  Operating system vulnerabilities (Windows, Linux have security problems)  Network equipment vulnerabilities (routers, switches have security weaknesses)
Configuration vulnerabilities Network administrator need to correctly configure their computing and network devices to compensate.  Unsecured user accounts (information transmitted insecurely across network)  System account with easily guessed passwords  Unsecured default settings within products  Misconfigured internet services (untrusted sites on dynamic webpages)  Misconfigured network equipment (misconfiguration itself cause security problem)
Security policyvulnerabilities The network can pose security risk if users do not follow the security policies.  Lack of written security policy (policies in booklet)  Politics (political battles makes it difficult to implement security policies)  Lack of continuity (easily cracked or default password allows unauthorized access)  Logical access control. Not applied (imperfect monitoring allows unauthorized access)  Disaster recovery plan nonexistent (lack of disaster recovery plan allows panic (a sudden fear) when someone attacks the enterprise.)
THREATS The people eager, willing and qualified to take advantage of each security vulnerability, and they continually search for new exploits and weaknesses.
Classes of threats There are four main classes of threats: 1. Structured threats 2. Unstructured threats 3. External threats 4. Internal threats
1. Structured threats Implemented by a technically skilled person who is trying to gain access to your network. 2. Unstructured threats Created by an inexperienced / non-technical person who is trying to gain access to your network. 3. Internal threats Occurs when someone from inside your network creates a security threat to your network. 4. External threats Occurs when someone from outside your network creates a security threat to your network.
Common terms  Hacker A hacker is a person intensely interested in requiring secrets and recondite workings of any computer operating system. Hackers are most often programmers.  Crackers Crackers can easily be identified because their actions are malicious.
 Phreaker A phreaker is an individual who manipulates the phone network to cause it to perform a function that is normally not allowed. A common goal of phreaking is breaking into the phone network.  Spammer An individual who sends large number of unsolicited e-mail messages. Spammers often use viruses to take control of home computers to use these computers to send out their bulk messages.
 Phisher A phisher uses e-mail or other means in an attempt to trick others into providing sensitive information, such as credit card no or password etc.  White hat Individuals who use their abilities to find vulnerabilities in systems or networks and then report these vulnerabilities to the owners of the system so that they can be fixed.  Black hat Individuals who use their knowledge of computer to break into system that they are not authorized to use.
ATTACKS The threats use a variety of tools, scripts and programs to launch attacks against networks and network devices.
Classes of attack 1. Reconnaissance 2. Access 3. Denial of service (DOS) 4. Worms, viruses and Trojan Horses
Reconnaissance Reconnaissance is a primary step of computer attack. It involve unauthorized discovery of targeted system to gather information about vulnerabilities. The hacker surveys a network and collects data for a future attack.
Reconnaissance attacks can consist of the following: 1. Ping sweeps (tells the attacker, Which IP addresses are alive?) 2. Port scans (art of scanning to determine what network services or ports are activeon the live IP addresses) 3. Internet information queries (queries the ports to determine the application and operating system of targeted host and determines the possible vulnerability exists that can be exploited?) 4. Packet sniffers (to capture data being transmitted on a network)
Eavesdropping Eavesdropping is listening into a conversation. (spying, prying or snooping). Network snooping and packet sniffing are common terms for eavesdropping. A common method for eavesdropping on communication is to capture protocol packets.
Types of eavesdropping: 1.information gathering Intruder identifies sensitive information i.e credit card number 2.Information theft Intruder steals data through unauthorized access Tools used to perform eavesdropping: 1. Network or protocol analyzers 2. Packet capturing utilities on networked computers
Access An access attack is just what it sounds like: an attempt to access another user account or network device through improper means.
The attack surface of a software environment is the sum of the different points (for "attack vectors") where an unauthorized user (the "attacker") can try to enter data to or extract data from an environment. Keeping the attack surface as small as possible is a basic security measure. There are over 100 attack vectors and breach methods that hackers can use. However, some are more common than others. Here are some of the most common attack vectors: Attack Surface: Compromised credentials Phishing Weak and stolen passwords Trust relationships Malicious insiders Zero-day vulnerabilities Misconfiguration Brute force attack Missing or poor encryption Distributed Denial of Service (DDoS) Ransomware
Understanding an attack surface Due to the increase in the countless potential vulnerable points each enterprise has, there has been increasing advantage for hackers and attackers as they only need to find one vulnerable point to succeed in their attack. There are three steps towards understanding and visualizing an attack surface: Step 1: Visualize. Visualizing the system of an enterprise is the first step, by mapping out all the devices, paths and networks. Step 2: Find indicators of exposures. The second step is to correspond each indicator of a vulnerability being potentially exposed to the visualized map in the last step. IOEs include "missing security controls in systems and software". Step 3: Find indicators of compromise. This is an indicator that an attack has already succeeded.
Surface reduction • One approach to improving information security is to reduce the attack surface of a system or software. • The basic strategies of attack surface reduction include the following: reduce the amount of code running, reduce entry points available to untrusted users, and eliminate services requested by relatively few users. • By having less code available to unauthorized actors, there will tend to be fewer failures. By turning off unnecessary functionality, there are fewer security risks. • Although attack surface reduction helps prevent security failures, it does not mitigate the amount of damage an attacker could inflict once a vulnerability is found.
Security-Functionality-Ease of Use Triangle
Access attack can consist of the following: 1.Password attack 2.Trust exploitation 3.Port redirection 4.Man-in-the-Middle attack 5.Social engineering 6.Phishing
Password attacks can be implemented using brute-force attack (repeated attempts to identify users password). Methods for computing passwords: 1.Dictionary cracking 2.Brute-force computation Password attacks
Trust exploitation refers to an attack in which an individual take advantage of a trust relationship within a network. Trust exploitation
Port redirection A type of trust exploitation attack that uses a compromised host to pass traffic through a firewall that would otherwise be dropped.
Man-in-the-Middle attack A man-in-the-Middle attack requires that the hacker have access to network packets that come across a network.
Social engineering The easiest hack (social engineering) involves no computer skill at all. Social engineering is the art of manipulating people so they give up confidential information.
Phishing Phishing is a type of social engineering attack that involves using e-mail or other types of messages in an attempt to trick others into providing sensitive information.
Denial of service (DoS) DoS attacks are often implemented by a hacker as a means of denying a service that is normally available to a user or organization. DoS attacks involve either crashing the system or slowing it down to the point that it is unusable.
Distributed DoS attack DDoS uses attack methods similar to standard DoS attack but operates on a much large scale.
Malicious code Worms, viruses and Trojan Horses Malicious code is the kind of harmful computer code designed to create system vulnerabilities leading to back doors and other potential damages to files and computing systems. It's a type of threat that may not be blocked by antivirus software on its own
The amount and variety of malicious programs out there is enough to make your head spin. This blog post will break down the common types of malicious programs and provide a brief description of each. What is Malware? Malware is short for malicious software, meaning software that can be used to compromise computer functions, steal data, bypass access controls, or otherwise cause harm to the host computer. Malware is a broad term that refers to a variety of malicious programs.
Adware Adware (short for advertising-supported software) is a type of malware that automatically delivers advertisements. Common examples of adware include pop-up ads on websites and advertisements that are displayed by software. Often times software and applications offer “free” versions that come bundled with adware. Most adware is sponsored or authored by advertisers and serves as a revenue generating tool. While some adware is solely designed to deliver advertisements, it is not uncommon for adware to come bundled with spyware (see below) that is capable of tracking user activity and stealing information. Due to the added capabilities of spyware, adware/spyware bundles are significantly more dangerous than adware on its own.
Bots are software programs created to automatically perform specific operations. While some bots are created for relatively harmless purposes (video gaming, internet auctions, online contests, etc), it is becoming increasingly common to see bots being used maliciously. Bots can be used in botnets (collections of computers to be controlled by third parties) for DDoS attacks, as spambots that render advertisements on websites, as web spiders that scrape server data, and for distributing malware disguised as popular search items on download sites. Websites can guard against bots with CAPTCHA tests that verify users as human. Bot
Bug In the context of software, a bug is a flaw produces an undesired outcome. These flaws are usually the result of human error and typically exist in the source code or compilers of a program. Minor bugs only slightly affect a program’s behavior and as a result can go for long periods of time before being discovered. More significant bugs can cause crashing or freezing. Security bugs are the most severe type of bugs and can allow attackers to bypass user authentication, override access privileges, or steal data. Bugs can be prevented with developer education, quality control, and code analysis tools.
Ransomware is a form of malware that essentially holds a computer system captive while demanding a ransom. The malware restricts user access to the computer either by encrypting files on the hard drive or locking down the system and displaying messages that are intended to force the user to pay the malware creator to remove the restrictions and regain access to their computer. Ransomware typically spreads like a normal computer worm (see below) ending up on a computer via a downloaded file or through some other vulnerability in a network service. Ransomware
A rootkit is a type of malicious software designed to remotely access or control a computer without being detected by users or security programs. Once a rootkit has been installed it is possible for the malicious party behind the rootkit to remotely execute iles, access/steal information, modify system configurations, alter software (especially any security software that could detect the rootkit), install concealed malware, or control the computer as part of a botnet. Rootkit prevention, detection, and removal can be difficult due to their stealthy operation. Because a rootkit continually hides its presence, typical security products are not effective in detecting and removing rootkits. As a result, rootkit detection relies on manual methods such as monitoring computer behavior for irregular activity, signature scanning, and storage dump analysis. Organizations and users can protect themselves from rootkits by regularly patching vulnerabilities in software, applications, and operating systems, updating virus definitions, avoiding suspicious downloads, and performing static analysis scans. rootkit
Spyware is a type of malware that functions by spying on user activity without their knowledge. These spying capabilities can include activity monitoring, collecting keystrokes, data harvesting (account information, logins, financial data), and more. Spyware often has additional capabilities as well, ranging from modifying security settings of software or browsers to interfering with network connections. Spyware spreads by exploiting software vulnerabilities, bundling itself with legitimate software, or in Trojans. Spyware
A Trojan horse, commonly known as a “Trojan,” is a type of malware that disguises itself as a normal file or program to trick users into downloading and installing malware. A Trojan can give a malicious party remote access to an infected computer. Once an attacker has access to an infected computer, it is possible for the attacker to steal data (logins, financial data, even electronic money), install more malware, modify files, monitor user activity (screen watching, keylogging, etc), use the computer in botnets, and anonymize internet activity by the attacker. Trojan horse
A virus is a form of malware that is capable of copying itself and spreading to other computers. Viruses often spread to other computers by attaching themselves to various programs and executing code when a user launches one of those infected programs. Viruses can also spread through script files, documents, and cross-site scripting vulnerabilities in web apps. Viruses can be used to steal information, harm host computers and networks, create botnets, steal money, render advertisements, and more. virus
Computer worms are among the most common types of malware. They spread over computer networks by exploiting operating system vulnerabilities. Worms typically cause harm to their host networks by consuming bandwidth and overloading web servers. Computer worms can also contain “payloads” that damage host computers. Payloads are pieces of code written to perform actions on affected computers beyond simply spreading the worm. Payloads are commonly designed to steal data, delete files, or create botnets. Computer worms can be classified as a type of computer virus, but there are several characteristics that distinguish computer worms from regular viruses. A major difference is that computer worms have the ability to self-replicate and spread independently while viruses rely on human activity to spread (running a program, opening a file, etc). Worms often spread by sending mass emails with infected attachments to users’ contacts. worms
Malware Symptoms While these types of malware differ greatly in how they spread and infect computers, they all can produce similar symptoms. Computers that are infected with malware can exhibit any of the following symptoms: • Increased CPU usage • Slow computer or web browser speeds • Problems connecting to networks • Freezing or crashing • Modified or deleted files • Appearance of strange files, programs, or desktop icons • Programs running, turning off, or reconfiguring themselves (malware will often reconfigure or turn off antivirus and firewall programs) • Strange computer behavior • Emails/messages being sent automatically and without user’s knowledge (a friend receives a strange email from you that you did not send)
Malware Prevention and Removal There are several general best practices that organizations and individual users should follow to prevent malware infections. Some malware cases require special prevention and treatment methods, but following these recommendations will greatly increase a user’s protection from a wide range of malware:  Install and run anti-malware and firewall software. When selecting software, choose a program that offers tools for detecting, quarantining, and removing multiple types of malware. At the minimum, anti-malware software should protect against viruses, spyware, adware, Trojans, and worms. The combination of anti-malware software and a firewall will ensure that all incoming and existing data gets scanned for malware and that malware can be safely removed once detected.  Keep software and operating systems up to date with current vulnerability patches. These patches are often released to patch bugs or other security flaws that could be exploited by attackers.  Be vigilant when downloading files, programs, attachments, etc. Downloads that seem strange or are from an unfamiliar source often contain malware.
Security Vulnerability Types Computer security vulnerabilities can be divided into numerous types based on different criteria— such as where the vulnerability exists, what caused it, or how it could be used. Some broad categories of these vulnerability types include: 1. Network Vulnerabilities. These are issues with a network’s hardware or software that expose it to possible intrusion by an outside party. Examples include insecure Wi-Fi access points and poorly-configured firewalls. 2. Operating System Vulnerabilities. These are vulnerabilities within a particular operating system that hackers may exploit to gain access to an asset the OS is installed on—or to cause damage. Examples include default superuser accounts that may exist in some OS installs and hidden backdoor programs. 3. Human Vulnerabilities. The weakest link in many cybersecurity architectures is the human element. User errors can easily expose sensitive data, create exploitable access points for attackers, or disrupt systems. 4. Process Vulnerabilities. Some vulnerabilities can be created by specific process controls (or a lack thereof). One example would be the use of weak passwords (which may also fall under human vulnerabilities).
Ehical Hacking: Unit no. 1 Information and Network Security

Recomendados

Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksSam Bowne
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hackingCmano Kar
 
Slideshare is
Slideshare isSlideshare is
Slideshare isAshu Pandita Kaul
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hackingchakrekevin
 
Network and web security
Network and web securityNetwork and web security
Network and web securityNitesh Saitwal
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingViraj Kansara
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
 
Cehv6 module 01 introduction to ethical hacking
Cehv6 module 01 introduction to ethical hackingCehv6 module 01 introduction to ethical hacking
Cehv6 module 01 introduction to ethical hackinganonymousrider
 

Recomendados

Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksSam Bowne
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hackingCmano Kar
 
Slideshare is
Slideshare isSlideshare is
Slideshare isAshu Pandita Kaul
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hackingchakrekevin
 
Network and web security
Network and web securityNetwork and web security
Network and web securityNitesh Saitwal
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingViraj Kansara
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
 
Cehv6 module 01 introduction to ethical hacking
Cehv6 module 01 introduction to ethical hackingCehv6 module 01 introduction to ethical hacking
Cehv6 module 01 introduction to ethical hackinganonymousrider
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpointArifa Ali
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingRishabha Garg
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and crackingHarshil Barot
 
why security is needed
why security is neededwhy security is needed
why security is neededsourov_das
 
Computer security
Computer securityComputer security
Computer securitysruthiKrishnaG
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 
Computer security and
Computer security andComputer security and
Computer security andRana Usman Sattar
 
Network security chapter 1,2
Network security chapter 1,2Network security chapter 1,2
Network security chapter 1,2Education
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threadssrivijaymanickam
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measuresDnyaneshwar Beedkar
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacyArdit Meti
 
Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Umang Patel
 
Internet security
Internet securityInternet security
Internet securityمحمد عدنان أبو ورد
 
Computer security 7.pptx
Computer security 7.pptxComputer security 7.pptx
Computer security 7.pptxKhappiyo
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingAditya Vikram Singhania
 
Hacking
HackingHacking
HackingLutfulM
 
Module 5 (system hacking)
Module 5 (system hacking)Module 5 (system hacking)
Module 5 (system hacking)Wail Hassan
 
Ethical Hacking A high-level information security study on protecting a comp...
Ethical Hacking A high-level information security study on protecting a comp...Ethical Hacking A high-level information security study on protecting a comp...
Ethical Hacking A high-level information security study on protecting a comp...Quinnipiac University
 
Module 3 (scanning)
Module 3 (scanning)Module 3 (scanning)
Module 3 (scanning)Wail Hassan
 
Types of Cyber-Attacks
Types of Cyber-AttacksTypes of Cyber-Attacks
Types of Cyber-Attackstechexpert2345
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hackingaashish2cool4u
 

Más contenido relacionado

La actualidad más candente

Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpointArifa Ali
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and crackingHarshil Barot
 
why security is needed
why security is neededwhy security is needed
why security is neededsourov_das
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 
Network security chapter 1,2
Network security chapter 1,2Network security chapter 1,2
Network security chapter 1,2Education
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threadssrivijaymanickam
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measuresDnyaneshwar Beedkar
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacyArdit Meti
 
Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Umang Patel
 
Computer security 7.pptx
Computer security 7.pptxComputer security 7.pptx
Computer security 7.pptxKhappiyo
 
Module 5 (system hacking)
Module 5 (system hacking)Module 5 (system hacking)
Module 5 (system hacking)Wail Hassan
 
Ethical Hacking A high-level information security study on protecting a comp...
Ethical Hacking A high-level information security study on protecting a comp...Ethical Hacking A high-level information security study on protecting a comp...
Ethical Hacking A high-level information security study on protecting a comp...Quinnipiac University
 
Module 3 (scanning)
Module 3 (scanning)Module 3 (scanning)
Module 3 (scanning)Wail Hassan
 
Types of Cyber-Attacks
Types of Cyber-AttacksTypes of Cyber-Attacks
Types of Cyber-Attackstechexpert2345
 

La actualidad más candente (20)

Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and cracking
 
why security is needed
why security is neededwhy security is needed
why security is needed
 
Computer security
Computer securityComputer security
Computer security
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
 
Computer security and
Computer security andComputer security and
Computer security and
 
Network security chapter 1,2
Network security chapter 1,2Network security chapter 1,2
Network security chapter 1,2
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threads
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measures
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacy
 
Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006
 
Internet security
Internet securityInternet security
Internet security
 
Computer security 7.pptx
Computer security 7.pptxComputer security 7.pptx
Computer security 7.pptx
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Hacking
HackingHacking
Hacking
 
Module 5 (system hacking)
Module 5 (system hacking)Module 5 (system hacking)
Module 5 (system hacking)
 
Ethical Hacking A high-level information security study on protecting a comp...
Ethical Hacking A high-level information security study on protecting a comp...Ethical Hacking A high-level information security study on protecting a comp...
Ethical Hacking A high-level information security study on protecting a comp...
 
Module 3 (scanning)
Module 3 (scanning)Module 3 (scanning)
Module 3 (scanning)
 
Types of Cyber-Attacks
Types of Cyber-AttacksTypes of Cyber-Attacks
Types of Cyber-Attacks
 

Similar a Ehical Hacking: Unit no. 1 Information and Network Security

Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanannewbie2019
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanannewbie2019
 
Basics of System Security and Tools
Basics of System Security and ToolsBasics of System Security and Tools
Basics of System Security and ToolsKaran Bhandari
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks ShellyAdeel Khurram
 
Computer security system Unit1.pptx
Computer security system Unit1.pptxComputer security system Unit1.pptx
Computer security system Unit1.pptxVIRAJDEY1
 
A CASE STUDY ON VARIOUS NETWORK SECURITY TOOLS
A CASE STUDY ON VARIOUS NETWORK SECURITY TOOLSA CASE STUDY ON VARIOUS NETWORK SECURITY TOOLS
A CASE STUDY ON VARIOUS NETWORK SECURITY TOOLSKatie Robinson
 
Ethical hacking ppt
Ethical hacking pptEthical hacking ppt
Ethical hacking pptNitesh Dubey
 
1 ijaems sept-2015-3-different attacks in the network a review
1 ijaems sept-2015-3-different attacks in the network a review1 ijaems sept-2015-3-different attacks in the network a review
1 ijaems sept-2015-3-different attacks in the network a reviewINFOGAIN PUBLICATION
 
Ne Course Part Two
Ne Course Part TwoNe Course Part Two
Ne Course Part Twobackdoor
 

Similar a Ehical Hacking: Unit no. 1 Information and Network Security (20)

Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Basics of System Security and Tools
Basics of System Security and ToolsBasics of System Security and Tools
Basics of System Security and Tools
 
Network security
Network securityNetwork security
Network security
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Computer Security risks Shelly
Computer Security risks ShellyComputer Security risks Shelly
Computer Security risks Shelly
 
Network Security
Network SecurityNetwork Security
Network Security
 
Computer security system Unit1.pptx
Computer security system Unit1.pptxComputer security system Unit1.pptx
Computer security system Unit1.pptx
 
System Security
System SecuritySystem Security
System Security
 
A CASE STUDY ON VARIOUS NETWORK SECURITY TOOLS
A CASE STUDY ON VARIOUS NETWORK SECURITY TOOLSA CASE STUDY ON VARIOUS NETWORK SECURITY TOOLS
A CASE STUDY ON VARIOUS NETWORK SECURITY TOOLS
 
cybersecurity
cybersecuritycybersecurity
cybersecurity
 
Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0
 
Ethical hacking ppt
Ethical hacking pptEthical hacking ppt
Ethical hacking ppt
 
Cyber.pptx
Cyber.pptxCyber.pptx
Cyber.pptx
 
1 ijaems sept-2015-3-different attacks in the network a review
1 ijaems sept-2015-3-different attacks in the network a review1 ijaems sept-2015-3-different attacks in the network a review
1 ijaems sept-2015-3-different attacks in the network a review
 
Ne Course Part Two
Ne Course Part TwoNe Course Part Two
Ne Course Part Two
 

Último

The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxheathfieldcps1
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPoojaSen20
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfPoh-Sun Goh
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxnegromaestrong
 
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesEnergy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesShubhangi Sonawane
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
Role Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxRole Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxNikitaBankoti2
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 

Último (20)

Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesEnergy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Role Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxRole Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptx
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 

Ehical Hacking: Unit no. 1 Information and Network Security

  • 2. NETWORK SECURITY Network security is any activity designed to protect the usability and integrity(unity) of network and data. It includes both hardware and software technologies.
  • 3. In network security, three common terms are used as: 1. Vulnerabilities 2. Threats 3. Attacks
  • 4. VULNERABILITIES A vulnerability is a weakness that allows an attacker to reduce a system information assurance.
  • 5. Primary vulnerabilities in network 1. Technology vulnerabilities 2. Configuration vulnerabilities 3. Security policy vulnerabilities
  • 6. Technology vulnerabilities Computer and network technologies have intrinsic(built-in) security weakness.  TCP/IP protocol vulnerabilities (HTTP, FTP are inherently unsecure)  Operating system vulnerabilities (Windows, Linux have security problems)  Network equipment vulnerabilities (routers, switches have security weaknesses)
  • 7. Configuration vulnerabilities Network administrator need to correctly configure their computing and network devices to compensate.  Unsecured user accounts (information transmitted insecurely across network)  System account with easily guessed passwords  Unsecured default settings within products  Misconfigured internet services (untrusted sites on dynamic webpages)  Misconfigured network equipment (misconfiguration itself cause security problem)
  • 8. Security policyvulnerabilities The network can pose security risk if users do not follow the security policies.  Lack of written security policy (policies in booklet)  Politics (political battles makes it difficult to implement security policies)  Lack of continuity (easily cracked or default password allows unauthorized access)  Logical access control. Not applied (imperfect monitoring allows unauthorized access)  Disaster recovery plan nonexistent (lack of disaster recovery plan allows panic (a sudden fear) when someone attacks the enterprise.)
  • 9. THREATS The people eager, willing and qualified to take advantage of each security vulnerability, and they continually search for new exploits and weaknesses.
  • 10. Classes of threats There are four main classes of threats: 1. Structured threats 2. Unstructured threats 3. External threats 4. Internal threats
  • 11. 1. Structured threats Implemented by a technically skilled person who is trying to gain access to your network. 2. Unstructured threats Created by an inexperienced / non-technical person who is trying to gain access to your network. 3. Internal threats Occurs when someone from inside your network creates a security threat to your network. 4. External threats Occurs when someone from outside your network creates a security threat to your network.
  • 12. Common terms  Hacker A hacker is a person intensely interested in requiring secrets and recondite workings of any computer operating system. Hackers are most often programmers.  Crackers Crackers can easily be identified because their actions are malicious.
  • 13.  Phreaker A phreaker is an individual who manipulates the phone network to cause it to perform a function that is normally not allowed. A common goal of phreaking is breaking into the phone network.  Spammer An individual who sends large number of unsolicited e-mail messages. Spammers often use viruses to take control of home computers to use these computers to send out their bulk messages.
  • 14.  Phisher A phisher uses e-mail or other means in an attempt to trick others into providing sensitive information, such as credit card no or password etc.  White hat Individuals who use their abilities to find vulnerabilities in systems or networks and then report these vulnerabilities to the owners of the system so that they can be fixed.  Black hat Individuals who use their knowledge of computer to break into system that they are not authorized to use.
  • 15. ATTACKS The threats use a variety of tools, scripts and programs to launch attacks against networks and network devices.
  • 16. Classes of attack 1. Reconnaissance 2. Access 3. Denial of service (DOS) 4. Worms, viruses and Trojan Horses
  • 17. Reconnaissance Reconnaissance is a primary step of computer attack. It involve unauthorized discovery of targeted system to gather information about vulnerabilities. The hacker surveys a network and collects data for a future attack.
  • 18. Reconnaissance attacks can consist of the following: 1. Ping sweeps (tells the attacker, Which IP addresses are alive?) 2. Port scans (art of scanning to determine what network services or ports are activeon the live IP addresses) 3. Internet information queries (queries the ports to determine the application and operating system of targeted host and determines the possible vulnerability exists that can be exploited?) 4. Packet sniffers (to capture data being transmitted on a network)
  • 19. Eavesdropping Eavesdropping is listening into a conversation. (spying, prying or snooping). Network snooping and packet sniffing are common terms for eavesdropping. A common method for eavesdropping on communication is to capture protocol packets.
  • 20. Types of eavesdropping: 1.information gathering Intruder identifies sensitive information i.e credit card number 2.Information theft Intruder steals data through unauthorized access Tools used to perform eavesdropping: 1. Network or protocol analyzers 2. Packet capturing utilities on networked computers
  • 21. Access An access attack is just what it sounds like: an attempt to access another user account or network device through improper means.
  • 22. The attack surface of a software environment is the sum of the different points (for "attack vectors") where an unauthorized user (the "attacker") can try to enter data to or extract data from an environment. Keeping the attack surface as small as possible is a basic security measure. There are over 100 attack vectors and breach methods that hackers can use. However, some are more common than others. Here are some of the most common attack vectors: Attack Surface: Compromised credentials Phishing Weak and stolen passwords Trust relationships Malicious insiders Zero-day vulnerabilities Misconfiguration Brute force attack Missing or poor encryption Distributed Denial of Service (DDoS) Ransomware
  • 23. Understanding an attack surface Due to the increase in the countless potential vulnerable points each enterprise has, there has been increasing advantage for hackers and attackers as they only need to find one vulnerable point to succeed in their attack. There are three steps towards understanding and visualizing an attack surface: Step 1: Visualize. Visualizing the system of an enterprise is the first step, by mapping out all the devices, paths and networks. Step 2: Find indicators of exposures. The second step is to correspond each indicator of a vulnerability being potentially exposed to the visualized map in the last step. IOEs include "missing security controls in systems and software". Step 3: Find indicators of compromise. This is an indicator that an attack has already succeeded.
  • 24. Surface reduction • One approach to improving information security is to reduce the attack surface of a system or software. • The basic strategies of attack surface reduction include the following: reduce the amount of code running, reduce entry points available to untrusted users, and eliminate services requested by relatively few users. • By having less code available to unauthorized actors, there will tend to be fewer failures. By turning off unnecessary functionality, there are fewer security risks. • Although attack surface reduction helps prevent security failures, it does not mitigate the amount of damage an attacker could inflict once a vulnerability is found.
  • 26. Access attack can consist of the following: 1.Password attack 2.Trust exploitation 3.Port redirection 4.Man-in-the-Middle attack 5.Social engineering 6.Phishing
  • 27. Password attacks can be implemented using brute-force attack (repeated attempts to identify users password). Methods for computing passwords: 1.Dictionary cracking 2.Brute-force computation Password attacks
  • 28. Trust exploitation refers to an attack in which an individual take advantage of a trust relationship within a network. Trust exploitation
  • 29. Port redirection A type of trust exploitation attack that uses a compromised host to pass traffic through a firewall that would otherwise be dropped.
  • 30. Man-in-the-Middle attack A man-in-the-Middle attack requires that the hacker have access to network packets that come across a network.
  • 31. Social engineering The easiest hack (social engineering) involves no computer skill at all. Social engineering is the art of manipulating people so they give up confidential information.
  • 32. Phishing Phishing is a type of social engineering attack that involves using e-mail or other types of messages in an attempt to trick others into providing sensitive information.
  • 33. Denial of service (DoS) DoS attacks are often implemented by a hacker as a means of denying a service that is normally available to a user or organization. DoS attacks involve either crashing the system or slowing it down to the point that it is unusable.
  • 34. Distributed DoS attack DDoS uses attack methods similar to standard DoS attack but operates on a much large scale.
  • 35.
  • 36. Malicious code Worms, viruses and Trojan Horses Malicious code is the kind of harmful computer code designed to create system vulnerabilities leading to back doors and other potential damages to files and computing systems. It's a type of threat that may not be blocked by antivirus software on its own
  • 37. The amount and variety of malicious programs out there is enough to make your head spin. This blog post will break down the common types of malicious programs and provide a brief description of each. What is Malware? Malware is short for malicious software, meaning software that can be used to compromise computer functions, steal data, bypass access controls, or otherwise cause harm to the host computer. Malware is a broad term that refers to a variety of malicious programs.
  • 38. Adware Adware (short for advertising-supported software) is a type of malware that automatically delivers advertisements. Common examples of adware include pop-up ads on websites and advertisements that are displayed by software. Often times software and applications offer “free” versions that come bundled with adware. Most adware is sponsored or authored by advertisers and serves as a revenue generating tool. While some adware is solely designed to deliver advertisements, it is not uncommon for adware to come bundled with spyware (see below) that is capable of tracking user activity and stealing information. Due to the added capabilities of spyware, adware/spyware bundles are significantly more dangerous than adware on its own.
  • 39. Bots are software programs created to automatically perform specific operations. While some bots are created for relatively harmless purposes (video gaming, internet auctions, online contests, etc), it is becoming increasingly common to see bots being used maliciously. Bots can be used in botnets (collections of computers to be controlled by third parties) for DDoS attacks, as spambots that render advertisements on websites, as web spiders that scrape server data, and for distributing malware disguised as popular search items on download sites. Websites can guard against bots with CAPTCHA tests that verify users as human. Bot
  • 40. Bug In the context of software, a bug is a flaw produces an undesired outcome. These flaws are usually the result of human error and typically exist in the source code or compilers of a program. Minor bugs only slightly affect a program’s behavior and as a result can go for long periods of time before being discovered. More significant bugs can cause crashing or freezing. Security bugs are the most severe type of bugs and can allow attackers to bypass user authentication, override access privileges, or steal data. Bugs can be prevented with developer education, quality control, and code analysis tools.
  • 41. Ransomware is a form of malware that essentially holds a computer system captive while demanding a ransom. The malware restricts user access to the computer either by encrypting files on the hard drive or locking down the system and displaying messages that are intended to force the user to pay the malware creator to remove the restrictions and regain access to their computer. Ransomware typically spreads like a normal computer worm (see below) ending up on a computer via a downloaded file or through some other vulnerability in a network service. Ransomware
  • 42. A rootkit is a type of malicious software designed to remotely access or control a computer without being detected by users or security programs. Once a rootkit has been installed it is possible for the malicious party behind the rootkit to remotely execute iles, access/steal information, modify system configurations, alter software (especially any security software that could detect the rootkit), install concealed malware, or control the computer as part of a botnet. Rootkit prevention, detection, and removal can be difficult due to their stealthy operation. Because a rootkit continually hides its presence, typical security products are not effective in detecting and removing rootkits. As a result, rootkit detection relies on manual methods such as monitoring computer behavior for irregular activity, signature scanning, and storage dump analysis. Organizations and users can protect themselves from rootkits by regularly patching vulnerabilities in software, applications, and operating systems, updating virus definitions, avoiding suspicious downloads, and performing static analysis scans. rootkit
  • 43. Spyware is a type of malware that functions by spying on user activity without their knowledge. These spying capabilities can include activity monitoring, collecting keystrokes, data harvesting (account information, logins, financial data), and more. Spyware often has additional capabilities as well, ranging from modifying security settings of software or browsers to interfering with network connections. Spyware spreads by exploiting software vulnerabilities, bundling itself with legitimate software, or in Trojans. Spyware
  • 44. A Trojan horse, commonly known as a “Trojan,” is a type of malware that disguises itself as a normal file or program to trick users into downloading and installing malware. A Trojan can give a malicious party remote access to an infected computer. Once an attacker has access to an infected computer, it is possible for the attacker to steal data (logins, financial data, even electronic money), install more malware, modify files, monitor user activity (screen watching, keylogging, etc), use the computer in botnets, and anonymize internet activity by the attacker. Trojan horse
  • 45. A virus is a form of malware that is capable of copying itself and spreading to other computers. Viruses often spread to other computers by attaching themselves to various programs and executing code when a user launches one of those infected programs. Viruses can also spread through script files, documents, and cross-site scripting vulnerabilities in web apps. Viruses can be used to steal information, harm host computers and networks, create botnets, steal money, render advertisements, and more. virus
  • 46. Computer worms are among the most common types of malware. They spread over computer networks by exploiting operating system vulnerabilities. Worms typically cause harm to their host networks by consuming bandwidth and overloading web servers. Computer worms can also contain “payloads” that damage host computers. Payloads are pieces of code written to perform actions on affected computers beyond simply spreading the worm. Payloads are commonly designed to steal data, delete files, or create botnets. Computer worms can be classified as a type of computer virus, but there are several characteristics that distinguish computer worms from regular viruses. A major difference is that computer worms have the ability to self-replicate and spread independently while viruses rely on human activity to spread (running a program, opening a file, etc). Worms often spread by sending mass emails with infected attachments to users’ contacts. worms
  • 47. Malware Symptoms While these types of malware differ greatly in how they spread and infect computers, they all can produce similar symptoms. Computers that are infected with malware can exhibit any of the following symptoms: • Increased CPU usage • Slow computer or web browser speeds • Problems connecting to networks • Freezing or crashing • Modified or deleted files • Appearance of strange files, programs, or desktop icons • Programs running, turning off, or reconfiguring themselves (malware will often reconfigure or turn off antivirus and firewall programs) • Strange computer behavior • Emails/messages being sent automatically and without user’s knowledge (a friend receives a strange email from you that you did not send)
  • 48. Malware Prevention and Removal There are several general best practices that organizations and individual users should follow to prevent malware infections. Some malware cases require special prevention and treatment methods, but following these recommendations will greatly increase a user’s protection from a wide range of malware:  Install and run anti-malware and firewall software. When selecting software, choose a program that offers tools for detecting, quarantining, and removing multiple types of malware. At the minimum, anti-malware software should protect against viruses, spyware, adware, Trojans, and worms. The combination of anti-malware software and a firewall will ensure that all incoming and existing data gets scanned for malware and that malware can be safely removed once detected.  Keep software and operating systems up to date with current vulnerability patches. These patches are often released to patch bugs or other security flaws that could be exploited by attackers.  Be vigilant when downloading files, programs, attachments, etc. Downloads that seem strange or are from an unfamiliar source often contain malware.
  • 49.
  • 50. Security Vulnerability Types Computer security vulnerabilities can be divided into numerous types based on different criteria— such as where the vulnerability exists, what caused it, or how it could be used. Some broad categories of these vulnerability types include: 1. Network Vulnerabilities. These are issues with a network’s hardware or software that expose it to possible intrusion by an outside party. Examples include insecure Wi-Fi access points and poorly-configured firewalls. 2. Operating System Vulnerabilities. These are vulnerabilities within a particular operating system that hackers may exploit to gain access to an asset the OS is installed on—or to cause damage. Examples include default superuser accounts that may exist in some OS installs and hidden backdoor programs. 3. Human Vulnerabilities. The weakest link in many cybersecurity architectures is the human element. User errors can easily expose sensitive data, create exploitable access points for attackers, or disrupt systems. 4. Process Vulnerabilities. Some vulnerabilities can be created by specific process controls (or a lack thereof). One example would be the use of weak passwords (which may also fall under human vulnerabilities).