Sie sind auf Seite 1von 58

NETWORK VULNERABILITY

ASSESSMENT
NTC 1062
Chapter 1
Introduction to Security
Last Update 9/5/2011

WHO AM I
Ms

Noormelah Binti Shamsul


Anuar
019-2767570
TT0 room-L11 Room 2
noormelah@gmail.com /
noormelah@gmi.edu.my
Syllabus.
Books.
Coursework

SYLLABUS

CHAPTER 1 Network Security Assessment

CHAPTER 2 Internet Host & Network Reconnaissance

CHAPTER 3 Goggle Hacking

CHAPTER 4 Network Scanning

CHAPTER 5 Gaining Access

CHAPTER 6 Accessing Web Server & Application

CHAPTER 7 Assessment Methodology

BOOKS

COURSEWORK
ASSESSMENT

MARKS

FINAL EXAMINATION

30%

PBL ( Reconnaissance) softcopy

20%

THEORY TEST

10%

Assignments
-Lab Manual (10%)
-softcopy
- Mini Project Kali Linux
tools(20%) hardcopy &
Softcopy
KQ

30%

10%
5

MINI PROJECT (KALI LINUX


TOOLS) 20%
http://tools.kali.org/tools-listing
Information Gathering
Sniffing & Spoofing
Vulnerability Analysis
Exploitation Tools
Password Attacks
Wireless Attacks
Forensics Tools
Maintaining Access
Hardware Hacking
Web Applications (Compulsary)
Stress Testing
Reverse Engineering
Reporting Tools
Metasploit

Group of 2
Choose 5 tools from different categories listed above.
Report (Introduction, Installation screen shot) Hardcopy & softcopy
Presentation with live demo.
Video

OBJECTIVES
Describe the challenges of securing information
Define information security and explain why it is
important
Identify the types of attackers that are common
today
List the basic steps of an attack
Describe the five steps in a defense
Explain the different types of information security
careers

IT TAKES TIME TO BECOME


A HACKER

This class alone wont make you a hacker, or


an expert
It

might make you a script kiddies

It usually takes years of study and


experience to earn respect in the hacker
community
Its a hobby, a lifestyle, and an attitude

drive to figure out how things work

Were

not here to teach you how to


hack.

A QUOTE FROM ONE OF


HISTORYS GREATEST HACKERS
If

you know the enemy and know


yourself, you need not fear the result
of a hundred battles.
If you know yourself but not the
enemy, for every victory gained you
will also suffer a defeat.
If you know neither the enemy nor
yourself, you will succumb in every
battle.
9

Sun Tzu, The Art of War

WHAT IS VULNERABILITY

Weakness in a system that allows the system


to be maliciously exploited and used outside
of the way it was designed to be used and/or
open to a threat increasing the risk of
operational corruption or disaster

10

CLASSES OF
VULNERABILITIES
1) Hard vulnerabilities
Mistakes

made by the company that wrote the


software and has left open a hole for potential
exploit.

Types

of hard vulnerabilities

bugs
fixed by service pack and hotfixes
system complexity

11

CLASSES OF
VULNERABILITIES
2)

Soft vulnerabilities
Misconfigurations

by network and security

administrators
Type

of soft vulnerabilities:

A lack of general security policies


General security policies go against industry best
practices
A lack of security system procedures
A lack of configuration or change management
Logging not enabled
Log files ignored or deleted frequently

12

ASSESSMENT
METHODOLOGY
Reconnaissance

Scanning

Gaining Access

preparatory phase
where an attacker
gathers as much
information as possible
about the target prior
to launching the attack.

uses the details


gathered during
reconnaissance to
identify specific
vulnerabilities

Exploits

Maintaining Access

Covering Tracks

further use the system


as a launch pad to scan
and exploit other
systems

destroy evidence of
his/her presence and
activities for various
reasons

13

SECURITY VULNERABILITIES
FOR SALE

Anyone can buy


attack tools to
take over
computers
See

links 1a, 1b

14

CHALLENGES OF SECURING
INFORMATION

There is no simple solution to securing information

This can be seen through the different types of


attacks that users face today
As

well as the difficulties in defending against these


attacks

15

TODAYS SECURITY
ATTACKS

A new worm disables Microsoft Windows Automatic


Updating and the Task Manager
(link

Ch 1d)

Apple has issued an update to address 25 security


flaws in its operating system OS X

16

TODAYS SECURITY
ATTACKS
TJX Companies, Inc. had 45 million customer credit
card and debit card numbers stolen because they
used poor wireless security (WEP)
Ch 1f

17

DIFFICULTIES IN DEFENDING
AGAINST ATTACKS

18

19

20

WHAT IS INFORMATION
SECURITY?

21

DEFINING INFORMATION
SECURITY

Information security
The

tasks of guarding information that is in a digital

format
Ensures

that protective measures are properly

implemented
Cannot

completely prevent attacks or guarantee that

a system is totally secure


22

DEFINING INFORMATION
SECURITY

Information security protects information that


has value, protecting security element CIA:

CONFIDENTIALITY
Make sure that the data
is
sent to the right person

AVAILABILITY
INTEGRITY
Data cannot be
altered by

Services are
always available 23
to authorized
users whenever

HOW WOULD YOU ATTACK ?

24

25

INFORMATION SECURITY
LAYERS

26

FORMAL DEFINITION OF
INFORMATION SECURITY

Information Security
protects

the confidentiality, integrity,


and availability of information on the
devices that store, manipulate, and
transmit the information through
products, people, and procedures

27

INFORMATION SECURITY
TERMINOLOGY

Asset
Something

that has a value

Threat
An

event or object that may defeat the security


measures in place and result in a loss

Threat agent
A

person or thing that has the power to carry out a


threat
28

INFORMATION SECURITY
TERMINOLOGY

Vulnerability
Weakness

that allows a threat agent to bypass

security

Exploit
Takes

advantage of a vulnerability

Risk
The

likelihood that a threat agent will exploit a


vulnerability
Realistically, risk cannot ever be entirely eliminated

29

INFORMATION SECURITY
TERMINOLOGY (CONTINUED)

30

INFORMATION SECURITY
TERMINOLOGY (CONTINUED)

31

UNDERSTANDING THE
IMPORTANCE OF
INFORMATION SECURITY
32

DATA THEFT AND IDENTITY


THEFT

Preventing data theft


The

theft of data is one of the largest causes of


financial loss due to an attack

Thwarting identity theft


Identity

theft involves using someones personal


information to establish bank or credit card accounts

Cards are then left unpaid, leaving the victim with the debts
and ruining their credit rating

33

THE NSA HACKER


Gary McKinnon hacked
into NASA and the US
Military
He was looking for
evidence about UFOs
Link Ch 1g

34

WHO ARE THE ATTACKERS?

The types of people behind computer attacks are


generally divided into several categories
Hackers
Script

kiddies

Spies
Employees

35

HACKERS

Hacker
Anyone

who illegally breaks into or attempts to break


into a computer system

Although breaking into another persons


computer system is illegal
Some

hackers believe it is ethical as long as they do


not commit theft, vandalism, or breach any
confidentiality

Ethical Hacker
Has

permission from the owner to test security of


computers by attacking them
36

SCRIPT KIDDIES
Unskilled users
Download automated hacking software (scripts)
from Web sites and use it to break into computers

Image

from ning.com

37

SPIES

Computer spy
A

person who has been hired to break into a computer


and steal information
Excellent computer skills

38

EMPLOYEES
The largest information security threat
Motives

An

employee might want to show the company a


weakness in their security
Disgruntled employees may be intent on retaliating
against the company
Industrial espionage
Blackmailing

39

MAX BUTLER
Took over the worlds market in
stolen credit cards in 2006
From a San Francisco
apartment in the Tenderloin

Link

Ch 1h

40

WHAT YOU CAN DO


LEGALLY
Laws involving technology change as rapidly
as technology itself
Find what is legal for you locally

Laws

change from place to place

Be aware of what is allowed and what is not


allowed

41

WHAT YOU CANNOT DO


LEGALLY?
Accessing a computer without permission is
illegal
Other illegal actions

Installing

worms or viruses
Denial of Service attacks
Denying users access to network resources

Be careful your actions do not prevent


customers from doing their jobs

42

ATTACKS AND
DEFENSES
43

STEPS OF AN ATTACK

The five steps that make up an attack

Probe

for information
Penetrate any defenses
Modify security settings
Circulate to other systems
Paralyze networks and devices
44

45

DEFENSES AGAINST
ATTACKS
Although multiple defenses may be necessary to
withstand an attack
These defenses should be based on five
fundamental security principles:

Layering
Limiting
Diversity
Obscurity
Simplicity
46

LAYERING

Information security must be created in layers


One defense mechanism may be relatively easy
for an attacker to circumvent
Instead,

a security system must have layers, making


it unlikely that an attacker has the tools and skills to
break through all the layers of defenses

A layered approach can also be useful in resisting


a variety of attacks
Layered security provides the most
comprehensive protection
47

LIMITING
Limiting access to information reduces the threat
against it
Only those who must use data should have access
to it

In

addition, the amount of access granted to someone


should be limited to what that person needs to know

Some ways to limit access are technology-based,


while others are procedural
48

DIVERSITY

Layers must be different (diverse)


If

attackers penetrate one layer, they cannot use the


same techniques to break through all other layers

Using diverse layers of defense means that


breaching one security layer does not compromise
the whole system

49

OBSCURITY

An example of obscurity would be not revealing


the type of computer, operating system, software,
and network connection a computer uses
An

attacker who knows that information can more


easily determine the weaknesses of the system to
attack it

Obscuring information can be an important way to


protect information
50

SIMPLICITY

Information security is by its very nature complex


Complex security systems can be hard to
understand, troubleshoot, and feel secure about
As much as possible, a secure system should be
simple for those on the inside to understand and
use
Complex security schemes are often compromised
to make them easier for trusted users to work with
Keeping

a system simple from the inside but complex on


the outside can sometimes be difficult but reaps a major
benefit
51

INFORMATION SECURITY
CAREERS AND THE
SECURITY CERTIFICATION
52

TYPES OF INFORMATION
SECURITY JOBS

Information assurance (IA)


A

superset of information security including security


issues that do not involve computers
Covers a broader area than just basic technology
defense tools and tactics
Also includes reliability, strategic risk management,
and corporate governance issues such as privacy,
compliance, audits, business continuity, and disaster
recovery
Is interdisciplinary; individuals who are employed in it
may come from different fields of study
53

TYPES OF INFORMATION
SECURITY JOBS

Information security, also called computer


security
Involves

the tools and tactics to defend against


computer attacks
Does not include security issues that do not involve
computers

Two broad categories of information security


positions
Information

security managerial position


Information security technical position

54

55

ETHICAL HACKING IN A
NUTSHELL

What it takes to be a security tester


Knowledge

of network and computer technology


Ability to communicate with management and IT
personnel
Understanding of the laws
Ability to use necessary tools

56

CERTIFICATION

57

The End.

58