8/13/2019 Network Administration concept and career
1/36
System Administration as a career
8/13/2019 Network Administration concept and career
2/36
SYSTEM PROTECTION &SECURITY
System and Network Threats
8/13/2019 Network Administration concept and career
3/36
Threats
8/13/2019 Network Administration concept and career
4/36
System and Network ThreatsVirusLaptop & mobile theft
Ddos attackUnauthorized access of informationAbuse of wireless network System protectionTelecom fraudMisuse of web applicationWebsite defacementWormsPort scanning
8/13/2019 Network Administration concept and career
5/36
Worms
8/13/2019 Network Administration concept and career
6/36
Talk Outline
Introduction of worms.
The life cycle of a simple worm:
scanning for a victim
exploiting the victim
cloning itself onto the victim
Administration the clone to further spread infection
Stealth techniques used to hide itself
8/13/2019 Network Administration concept and career
7/36
What are worms?
A worm is a self replicating program
Self-replicating => it makes copies of itself andsends them over to hosts across a network
All copies have the same functionality andgenerally lack any sort of synchronization amongthemselves
8/13/2019 Network Administration concept and career
8/36
Types of worms
Network worms
Email worms
IRC worms
IM worms File sharing worms
XSS worms
8/13/2019 Network Administration concept and career
9/36
The life cycle of a simple worm
Scanning for a victim
Exploiting the victim
Cloning itself onto the victim
Running the clone to further spread infection
Stealth methods used to hide itself
8/13/2019 Network Administration concept and career
10/36
The life of a worm
(1)
(2)
(2)
(2)
Victim
Victim
Victim
Victim
8/13/2019 Network Administration concept and career
11/36
The life of a worm
Worm created
Victim found
Scans for Victim
Send Exploit
Get a copy
Scan
Rooted !!
8/13/2019 Network Administration concept and career
12/36
Scanning for a victim
Random scan hose random scan IP from global and local
routing addresses
Overall scan Divide and conquer scan divideIP addresses among child worms
Subnet scan detect and scan local subnet
8/13/2019 Network Administration concept and career
13/36
Exploiting the victim
Exploit simply put: a piece of code which provides
access to a victim computer by utilizing some flaw in
the logic of a program running on the victim computer
Network worms use what is called a remote exploit
an exploit which can be launched remotely and which
gives some code running privileges on the victim
Find a suitable exploit to use in the worm
8/13/2019 Network Administration concept and career
14/36
Cloning itself onto the victim
Once the victim has been oppressed the wormneeds to get a copy of itself on the victim
Blaster worm
Http server
Ftp server
Compile source
8/13/2019 Network Administration concept and career
15/36
The clone to further spread infection Once the clone has been downloaded run it
Make it a service.
Add a registry entry for startup
Clone starts scanning again
Clone finds a victim
Cycle continues
8/13/2019 Network Administration concept and career
16/36
Stealth techniques used to hide itself
Hide procedure
Hide files
Hide movement
Delete logs
8/13/2019 Network Administration concept and career
17/36
The life of a worm
Worm created
Victim found
Scans for Victim
Send Exploit
Get a copy
Scan
Rooted !!
8/13/2019 Network Administration concept and career
18/36
Worms example
Slammer Worm
Code Red worm
MyDoom.B
8/13/2019 Network Administration concept and career
19/36
Port Scanning
Three way handshaking
Stealth Scan
Xmas Scan
FIN Scan
NULL Scan
Ideal Scan
8/13/2019 Network Administration concept and career
20/36
Tools
Nmap
Soft perfect network scanner
Port scanner ActiveX control
Acunetix Nessus
8/13/2019 Network Administration concept and career
21/36
DOS (distributed denial of service)
8/13/2019 Network Administration concept and career
22/36
What is Ddos attack??
The flood of arriving messages to the targetsystem essentially forces it to shut down, thereby
denying service to the system to legitimate users.
8/13/2019 Network Administration concept and career
23/36
Why DoS attack??
Attempt to flood a network, to enhance networktraffic.
Attempt to disrupt connections between twomachines.
Attempt to prevent a particular individual fromaccessing a service.
8/13/2019 Network Administration concept and career
24/36
Ddos attack types.
Smurf
Buffer overflow attack
Ping of death
Teardrop
SYN
Tribal flood Attack
8/13/2019 Network Administration concept and career
25/36
Tools for DoS Attack
Jolt2
Bubonic.c
Land and LaTierra
Targa
8/13/2019 Network Administration concept and career
26/36
Authentication
8/13/2019 Network Administration concept and career
27/36
What is Authentication?
Authentication is any method by which a systemverifies the identity of a user who wishes to
access it.
Authentication exist to establish trust between
two parties, or authentication entities. Theseentities consist of an identity and a key.
8/13/2019 Network Administration concept and career
28/36
Authentication Types. User Authentication-
User Authentication is the process ofdetermining that a user is who he/she claims tobe HTTP Basic, SSL & TLC
Entity Authentication-Entity authentication is the procedure ofdetermining if an entity is who it claims to be.
Cookies etc
8/13/2019 Network Administration concept and career
29/36
Password Based AuthenticationSystem Usernames
Storing Usernames and Passwords
Ensuring Password Quality
Password Lockout
Password Aging and Password History
Automated Password Reset Systems Sending Out Passwords
Single Sign-On Across Multiple DNS Domains
8/13/2019 Network Administration concept and career
30/36
Password maintenance. System Access
Password Creation Best Practices
Virus Protection
Malicious Code Best Practices
Software Installation
Encryption Web Browsing
E-mail Use
8/13/2019 Network Administration concept and career
31/36
Cracking password Social engineering
Shoulder surfing
Inference
Weak authentication
Bypassing authentication
Password cracking software (Brutus, John theripper)
Dictionary attacks
Brute-force attacks
8/13/2019 Network Administration concept and career
32/36
Other ways to crack passwords Keystroke logging
Weak password storage
Network analyzer
8/13/2019 Network Administration concept and career
33/36
Encrypted passwords SSL
HTTPS
SSH/TLS
Stelnet
8/13/2019 Network Administration concept and career
34/36
SECURITY POLICY Virus protection
Physical security of computer equipment
Access control
Lan security
Server Specific Security
Wide Area Network Security TCP/IP & Internet Security
Voice System Security
8/13/2019 Network Administration concept and career
35/36
Firewall A firewall is simply a program or hardware
device that protects the resources of a private
network from user of other network.
8/13/2019 Network Administration concept and career
36/36
For more details visit:Joburban.com
www.joburban.com
Cell-8860604040
http://www.joburban.com/http://www.joburban.com/Top Related