Final ITAM Ppt

7/30/2019 Final ITAM Ppt

1/16

IT FOR SECURITY& PRIVACY

PRESENTED BY:-

POULAMI SARKAR 2013201

PRERNA BANSAL 2013209

PRIYADARSHI TANDON 2013211

PRIYANKA DOSHI

2013212


2/16

INTRODUCTION

Two major aspects of information

security are:

IT Security

Information assurance

Information Security Attributes or

qualities i.e. Confidentiality, Integrity &

Availability (CIA)

Information security, sometimes shortened to InfoSec, is the practice

of defending information from unauthorized access, use, disclosure,

disruption, modification, perusal, inspection, recording or destruction. It is a

general term that can be used regardless of the form the data may take

(electronic, physical, etc...).


3/16

IP SPOOFING IP spoofing is a technique used to gain unauthorized access to

computers, where by the attacker sends messages to a computer with aforging IP address indicating that the message is coming from a trusted

host.

Attacker puts an internal, or trusted, IP address as its source. The

access control device sees the IP address as trusted and lets it through.

Two general techniques are used during IP spoofing:A hacker uses an IP address that is within the range of trusted

IP addresses.A hacker uses an authorized external IP address that is trusted.

Types of IP Spoofing:

Flooding

Blind Spoofing

Non-blind Spoofing


4/16

REAL LIFE EXAMPLE TO EXPLAIN WHAT

IS

IP SPOOFING.

AB

C

B is on line

A disguising his voice,making

it sound more like that of B

If we now , replace the 3 people by computers and change the

term voice with IP-Address then you would know what we

mean by IP-SPOOFING


5/16

DNS POISONING

DNS spoofing (or DNS cache poisoning) is a computer

hacking attack, whereby data is introduced into a Domain Name

System (DNS) name server's cache database, causing the name server

to return an incorrect IP address, diverting traffic to another computer(often the attacker's).

A DNS cache can become poisoned if it contains an incorrect entry.

EXAMPLE:If various Internet service providers are getting their DNS informationfrom the compromised server, the poisoned DNS entry will spread to the

Internet service providers and be cached there. It will then spread to

home routers and the DNS caches on computers as they look up the

DNS entry, receive the incorrect response, and store it.


6/16

A SHORT OVERVIEW ON DNS

Internet: Authoritive

DNS Servers

Client

Caching

DNS Server

dns.microsoft.com

dns.hacker.com


7/16

ADDRESS BOOK THEFT

Stealing of email address book

Spamming

Solution: 1. Use email client on

computer.

2. Change the password

difficult to crack.

Precaution: 1. Personal Details arecorrect.

2. Creative Password

3. Proper security

question.


8/16

PASSWORD CRACKERS

Recovering passwords from data stored in computer

systems

Purpose: 1. Recover forgotten password2. Gain unauthorized access

3. Preventive measure for easily crackable

passwords

Methods: 1. Dictionary Attack

2. Hybrid Attack

3. Brute Force Attack


9/16

PASSWORD CRACKING

SOFTWAREPassword cracking

software tools

Most popularCainand Abel, John the

Ripper,

Hashcat, Hydra,SolarWinds, ElcomSoft

Mixture of cracking

strategiesbrute force

and dictionary attacks

most productive


10/16

TROJAN HORSE

A Trojan Horse is a program

that installs malicious software

while under the guise of doingsomething else.

It erases or Overwrites data on

a computer, spreading other

malware, such as viruses. Inthis case the Trojan horse is

called a 'dropper'.


11/16

TYPES OF TROJAN

AceBot

AceBot is a tremendous backdoor Trojan, which was designed for performing a

lot of destructive actions.

The parasite detects, terminates and totally disables running antivirus software

installed on the target computer.

AceBot also connects to the IRC network and uses it for giving the hacker a

remote control over the computerised system. Moreover, the Trojan is able to

connect to various malicious servers and download other harmful parasites from

there.

Secup The Secup Trojan displays fake security related messages. When the user clicks on such a message the Trojan opens malicious web site

that quietly installs potentially harmful software. Secup also serves undesirable commercial advertisements.

Dmsys

Dmsys is a dangerous Trojan that specializes in infecting various instant

messengers and stealing user confidential information.

By using its keystroke logging technique, Dmsys easily steals user passwords

and captures private conversations. This information is written into a log file,

which is then sent to the hacker.


12/16

COMPUTER WORM

Worms

A worm is a computer

program that has :

The ability to copy itself

from machine to machine.

Worms use up computer

processing time and

network bandwidth when

they replicate.


13/16

CODE RED (THE WORM)

The worm spread itself

using a common type of

vulnerability known asa buffer overflow. It did this

by using a long string of

the repeated character 'N'

to overflow a buffer

allowing the worm toexecute arbitrary code and

infect the machine


14/16

LOGIC BOMB A logic bomb is a piece

of code intentionally inserted into

a software system that will set off a

malicious function when specified

conditions are met. For example, a

programmer may hide a piece of codethat starts deleting files (such as

a salary)

On March 20, 2013 an attack was

launched against South Korea, a

logic bomb struck machines "and

wiped the hard drives and masterboot records of at least three banks

and two media companies

simultaneously". Symantec reported

that the malware also contained a

component that was capable of

wiping Linux machines.


15/16

IT PRIVACY

Internet privacy involves theright or mandate of

personal privacy concerning the

storing, repurposing, provisionto third-parties, and displaying

of information pertaining tooneself via the Internet

Examples:

Sony CD spywareAOL search leak

Google Street View


16/16

Final ITAM Ppt

Documents

Transcript of Final ITAM Ppt