Ethical hacking
Se está descargando tu SlideShare.
×
Eche un vistazo a continuación
Más Contenido Relacionado
Similares a pdfcoffee.com_modul-1-intro-to-network-security-pdf-free.pdf (20)
Más reciente (20)
pdfcoffee.com_modul-1-intro-to-network-security-pdf-free.pdf
- 1. Network Security PENS-ITS Intro to Network Security Network Security
- 2. Network Security PENS-ITS Network Security In Action Client Configuration DNS Network Services FTP/Telnet SMTP/POP Web Server IP & Port Scanning Web Server Exploit Email Exploit DoS Attack Trojan Attack Sniffing Traffic KeyStroke Logging Password Cracking MITM Attack Hardening Host AntiVirus Applications Using Firewall Using GPG/PGP Using SSH Using Certificate Using IPSec System Log Analysis Intrusion Detection System HoneyPot Spyware Detection and Removal Backup and Restore Finding Hidden Data
- 3. Network Security PENS-ITS Why Secure a Network? External attacker A network security design protects assets from threats and vulnerabilities in an organized manner To design security, analyze risks to your assets and create responses Corporate Assets Internal attacker Incorrect permissions Virus
- 4. Network Security PENS-ITS Computer Security Principles • Confidentiality – Protecting information from exposure and disclosure • Integrity – Decrease possible problems caused by corruption of data • Availability – Make information always available
- 5. Network Security PENS-ITS Exploits (1) • What is an Exploit? – Crackers break into a computer network by exploiting weaknesses in operating system services. • Types of attacks – Local – Remote • Categories of exploits – 0-day ( new unpublished) – Account cracking – Buffer overflow – Denial of service – Impersonation
- 6. Network Security PENS-ITS Exploits (2) • Categories of exploits (cont.) – Man in the middle – Misconfiguration – Network sniffing – Session hijacking – System/application design errors
- 7. Network Security PENS-ITS SANS Security Threats • SANS/FBI top 20 security threats – http://www.sans.org/top20/ • Goals attackers try to achieve – Gain unauthorized access – Obtain administrative or root level – Destroy vital data – Deny legitimate users service – Individual selfish goals – Criminal intent
- 8. Network Security PENS-ITS Security Statistics: Attack Trends • Computer Security Institute (http://www.gocsi.com) • Growing Incident Frequency – Incidents reported to the Computer Emergency Response Team/Coordination Center – 1997: 2,134 – 1998: 3,474 (75% growth from previous year) – 1999: 9,859 (164% growth) – 2000: 21,756 (121% growth) – 2001: 52,658 (142% growth) – Tomorrow?
- 9. Network Security PENS-ITS Attack Targets • SecurityFocus – 31 million Windows-specific attacks – 22 million UNIX/LINUX attacks – 7 million Cisco IOS attacks – All operating systems are attacked!
- 10. Network Security PENS-ITS Hackers Vs Crackers • Ethical Hackers vs. Crackers – Hacker usually is a programmer constantly seeks further knowledge, freely share what they have discovered, and never intentionally damage data. – Cracker breaks into or otherwise violates system integrity with malicious intent. They destroy vital data or cause problems for their targets.
- 11. Network Security PENS-ITS Attack Type
- 12. Network Security PENS-ITS Types of Attacks Attacks Physical Access Attacks -- Wiretapping/menyadap Server Hacking Vandalism/perusakan Dialog Attacks -- Eavesdropping (Mendengar yg tdk boleh) Impersonation (meniru) Message Alteration Merubah message Penetration Attacks (Usaha menembus) Social Engineering -- Opening Attachments Password Theft Information Theft Scanning (Probing) Break-in Denial of Service Malware -- Viruses Worms
- 13. Network Security PENS-ITS Social Engineering • Definisi Social enginering – seni dan ilmu memaksa orang untuk memenuhi harapan anda ( Bernz ), – Suatu pemanfaatan trik-trik psikologis hacker luar pada seorang user legitimate dari sebuah sistem komputer (Palumbo) – Mendapatkan informasi yang diperlukan (misalnya sebuah password) dari seseorang daripada merusak sebuah sistem (Berg). • Tujuan dasar social engineering sama seperti umumnya hacking: mendapatkan akses tidak resmi pada sistem atau informasi untuk melakukan penipuan, intrusi jaringan, mata- mata industrial, pencurian identitas, atau secara sederhana untuk mengganggu sistem atau jaringan. • Target-target tipikal termasuk perusahaan telepon dan jasa-jasa pemberian jawaban, perusahaan dan lembaga keuangan dengan nama besar, badan-badan militer dan pemerintah dan rumah sakit.
- 14. Network Security PENS-ITS Bentuk Social Engineering • Social Engineering dengan telepon – Seorang hacker akan menelpon dan meniru seseorang dalam suatu kedudukan berwenang atau yang relevan dan secara gradual menarik informasi dari user. • Diving Dumpster – Sejumlah informasi yang sangat besar bisa dikumpulkan melalui company Dumpster. • Social engineering on-line : – Internet adalah lahan subur bagi para teknisi sosiaal yang ingin mendapatkan password – Berpura-pura menjadi administrator jaringan, mengirimkan e-mail melalui jaringan dan meminta password seorang user. • Persuasi – Sasaran utamanya adalah untuk meyakinkan orang untuk memberikan informasi yang sensitif • Reverse social engineering – sabotase, iklan, dan assisting
- 15. Network Security PENS-ITS Penetration Attacks Steps • Port scanner • Network enumeration • Gaining & keeping root / administrator access • Using access and/or information gained • Leaving backdoor • Attack – Denial of Services (DoS) :Network flooding – Buffer overflows : Software error – Malware :Virus, worm, trojan horse – Brute force • Covering his tracks
- 16. Network Security PENS-ITS Scanning (Probing) Attacks Probe Packets to 172.16.99.1, 172.16.99.2, etc. Internet Attacker Corporate Network Host 172.16.99.1 No Host 172.16.99.2 No Reply Reply from 172.16.99.1 Results 172.16.99.1 is reachable 172.16.99.2 is not reachable …
- 17. Network Security PENS-ITS Network Scanning
- 18. Network Security PENS-ITS Denial-of-Service (DoS) Flooding Attack Message Flood Server Overloaded By Message Flood Attacker
- 19. Network Security PENS-ITS DoS By Example
- 20. Network Security PENS-ITS Dialog Attack • Eavesdropping, biasa disebut dengan spoofing, cara penanganan dengan Encryption • Impersonation dan message alteration ditangani dengan gabungan enkripsi dan autentikasi
- 21. Network Security PENS-ITS Eavesdropping on a Dialog Client PC Bob Server Alice Dialog Attacker (Eve) intercepts and reads messages Hello Hello
- 22. Network Security PENS-ITS Password Attack By Example
- 23. Network Security PENS-ITS Sniffing By Example
- 24. Network Security PENS-ITS KeyLogger
- 25. Network Security PENS-ITS Message Alteration Client PC Bob Server Alice Dialog Attacker (Eve) intercepts and alters messages Balance = $1 Balance = $1 Balance = $1,000,000 Balance = $1,000,000
- 26. Network Security PENS-ITS Network Scanning dan Probing
- 27. Network Security Scanning nmap • Scanning nmap dengan TCP paket PENS-ITS
- 28. Network Security 28 Flag
- 29. Network Security 29 Three Way Handshake
- 30. Network Security Type Scanning • connect scan • TCP SYN scan • TCP FIN scan • TCP Xmas Tree scan • TCP Null scan • TCP ACK scan • TCP Windows scan • TCP RPC scan • UDP scan PENS-ITS
- 31. Network Security Tools Scanning • Netstat Netstat merupakan utility yang powerfull untuk menngamati current state pada server, service apa yang listening untuk incomming connection, interface mana yang listening, siapa saja yang terhubung. • Nmap Merupakan software scanner yang paling tua yang masih dipakai sampai sekarang. • Nessus Nessus merupakan suatu tools yang powerfull untuk melihat kelemahan port yang ada pada komputer kita dan komputer lain. Nessus akan memberikan report secara lengkap apa kelemahan komputer kita dan bagaimana cara mengatasinya. PENS-ITS
