SlideShare ist ein Scribd-Unternehmen logo

Infosec

S
SinarShebl
TechnologieNews & Politik
1 von 19
Downloaden Sie, um offline zu lesen
InfoSec Ahmad Aabed
Why InfoSec???  Nobody is perfect.  World is digitalized.  We are “System engineers,Programmers,Database administrators,Web developers”  At least we are “users”
Sniffing  Sniffer:computer software or computer hardware that can intercept and log traffic passing over a network or part of a network.  Depending on the network structure (hub or switch).
Spoofing  Is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.  “URL spoofing and phishing,Dns spoofing,Arp spoofing,MITM,E-mail address spoofing,Ip spoofing,Mac Spoofing”
E-mail spoofing  Describes e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source.
DNS spoofing  Is the art of making a DNS entry to point to an another IP than it would be supposed to point to.  DNS Cache Poisoning.  DNS ID Spoofing.  Birthday Paradox.
ARP spoofing  Faking the ARP message.  Associates the attacker's MAC address with the IP address of another machine.  Any traffic meant for that IP address would be mistakenly sent to the attacker.
Phishing  Attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity.  often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
IP spoofing  The creation of IP packets with a spoofed source IP address with the purpose of concealing the identity of another machine.
MAC Spoofing  ifconfig eth0 down hw ether 00:00:00:00:00:00  Allows the bypassing of access control lists on servers or routers,
MITM  Attack in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other.
Session hijacking  Refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.
Dos attacks  Is an attempt to make a computer resource unavailable to its intended users.  prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.  saturating the target (victim) machine with external communications requests, such that it cannot respond to legitimate traffic.
Dos attacks (cont)  ICMP flood (Smurf attack”Reflected attack”,Ping flood,Ping of death).  SYN flood.  login/logout.  Distributed attack.  Prevented by (switches,routers,firewall,ips).
Buffer overflow  Is an anomaly where a process stores data in a buffer outside the memory the programmer set aside for it.  1-overflow an input field, command-line argument, or input buffer.  2-overflow the current return address on the stack with address of the exploit code loaded in step 3.  3-write a simple set of code for the next space in the stack that includes attacker commands.
Exploits  Apiece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic.  Metasploit.  Coreimpact.
SQL injection  Is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters  “select * from `users` where `username` = '$userName' and `password` = '$password'”  What if user has entered his username as: ' + 1 = 1. Query where clause will be true, which will authenticate user in.
Password attacks  Bruteforce.  Dictionary.
DEMOS

Empfohlen

Spoofing
SpoofingSpoofing
SpoofingSanjeev
 
Access Controls Attacks
Access Controls AttacksAccess Controls Attacks
Access Controls AttacksHafiza Abas
 
What’s in your computer
What’s in your computerWhat’s in your computer
What’s in your computerlmadison10
 
Web spoofing hacking
Web spoofing hackingWeb spoofing hacking
Web spoofing hackingjignesh khunt
 
Alpha Tech Module7 8 glossary
Alpha Tech Module7 8 glossaryAlpha Tech Module7 8 glossary
Alpha Tech Module7 8 glossarythinkict
 
Security terms & definitions
Security terms & definitionsSecurity terms & definitions
Security terms & definitionsRozell Sneede
 
Top 10 common hacking techniques
Top 10 common hacking techniquesTop 10 common hacking techniques
Top 10 common hacking techniquesJhumarieAcdan
 
Access control attacks by Yaakub bin Idris
Access control attacks by Yaakub bin IdrisAccess control attacks by Yaakub bin Idris
Access control attacks by Yaakub bin IdrisHafiza Abas
 

Empfohlen

Spoofing
SpoofingSpoofing
SpoofingSanjeev
 
Access Controls Attacks
Access Controls AttacksAccess Controls Attacks
Access Controls AttacksHafiza Abas
 
What’s in your computer
What’s in your computerWhat’s in your computer
What’s in your computerlmadison10
 
Web spoofing hacking
Web spoofing hackingWeb spoofing hacking
Web spoofing hackingjignesh khunt
 
Alpha Tech Module7 8 glossary
Alpha Tech Module7 8 glossaryAlpha Tech Module7 8 glossary
Alpha Tech Module7 8 glossarythinkict
 
Security terms & definitions
Security terms & definitionsSecurity terms & definitions
Security terms & definitionsRozell Sneede
 
Top 10 common hacking techniques
Top 10 common hacking techniquesTop 10 common hacking techniques
Top 10 common hacking techniquesJhumarieAcdan
 
Access control attacks by Yaakub bin Idris
Access control attacks by Yaakub bin IdrisAccess control attacks by Yaakub bin Idris
Access control attacks by Yaakub bin IdrisHafiza Abas
 
Network Security and Spoofing Attacks
Network Security and Spoofing AttacksNetwork Security and Spoofing Attacks
Network Security and Spoofing AttacksPECB
 
2 2 the dangers of computer crime
2 2 the dangers of computer crime2 2 the dangers of computer crime
2 2 the dangers of computer crimeQondileRamokgadi
 
Types of attacks in cyber security
Types of attacks in cyber securityTypes of attacks in cyber security
Types of attacks in cyber securityBansari Shah
 
A to z of Cyber Crime
A to z of Cyber CrimeA to z of Cyber Crime
A to z of Cyber CrimeJessore University of Science & Technology, Jessore.
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeSahil Daw
 
cyber attacks in May , breaches in May
cyber attacks in May , breaches in Maycyber attacks in May , breaches in May
cyber attacks in May , breaches in MaySathish Kumar K
 
Spoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many otherSpoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many otherPankaj Dubey
 
Assignment 4
Assignment 4Assignment 4
Assignment 4noorulaindanish
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingShivamSharma909
 
Introduction to Web Server Security
Introduction to Web Server SecurityIntroduction to Web Server Security
Introduction to Web Server SecurityJITENDRA KUMAR PATEL
 
Hacking
HackingHacking
HackingSUNY Oneonta
 
iPhone forensics course overview
iPhone forensics course overviewiPhone forensics course overview
iPhone forensics course overviewSatish b
 
internet security
internet securityinternet security
internet securityCheryl Tanicala-Roldan
 
Trojan backdoors
Trojan backdoorsTrojan backdoors
Trojan backdoorsseth edmond
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing TechniquesRaza_Abidi
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingShivamSharma909
 
Cyber attack
Cyber attackCyber attack
Cyber attackAvinash Navin
 
Spoofing
SpoofingSpoofing
SpoofingGreater Noida Institute Of Technology
 
ip spoofing
ip spoofingip spoofing
ip spoofingvipin soni
 
Computer Security
Computer SecurityComputer Security
Computer SecurityVaibhavi Patel
 
Computer Security
Computer SecurityComputer Security
Computer SecurityVaibhavi Patel
 
IBPS SO
IBPS SOIBPS SO
IBPS SOJitendra kadu
 

Weitere ähnliche Inhalte

Was ist angesagt?

Network Security and Spoofing Attacks
Network Security and Spoofing AttacksNetwork Security and Spoofing Attacks
Network Security and Spoofing AttacksPECB
 
2 2 the dangers of computer crime
2 2 the dangers of computer crime2 2 the dangers of computer crime
2 2 the dangers of computer crimeQondileRamokgadi
 
Types of attacks in cyber security
Types of attacks in cyber securityTypes of attacks in cyber security
Types of attacks in cyber securityBansari Shah
 
cyber attacks in May , breaches in May
cyber attacks in May , breaches in Maycyber attacks in May , breaches in May
cyber attacks in May , breaches in MaySathish Kumar K
 
Spoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many otherSpoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many otherPankaj Dubey
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingShivamSharma909
 
Introduction to Web Server Security
Introduction to Web Server SecurityIntroduction to Web Server Security
Introduction to Web Server SecurityJITENDRA KUMAR PATEL
 
iPhone forensics course overview
iPhone forensics course overviewiPhone forensics course overview
iPhone forensics course overviewSatish b
 
Trojan backdoors
Trojan backdoorsTrojan backdoors
Trojan backdoorsseth edmond
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing TechniquesRaza_Abidi
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingShivamSharma909
 

Was ist angesagt? (19)

Network Security and Spoofing Attacks
Network Security and Spoofing AttacksNetwork Security and Spoofing Attacks
Network Security and Spoofing Attacks
 
2 2 the dangers of computer crime
2 2 the dangers of computer crime2 2 the dangers of computer crime
2 2 the dangers of computer crime
 
Types of attacks in cyber security
Types of attacks in cyber securityTypes of attacks in cyber security
Types of attacks in cyber security
 
A to z of Cyber Crime
A to z of Cyber CrimeA to z of Cyber Crime
A to z of Cyber Crime
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
cyber attacks in May , breaches in May
cyber attacks in May , breaches in Maycyber attacks in May , breaches in May
cyber attacks in May , breaches in May
 
Spoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many otherSpoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many other
 
Assignment 4
Assignment 4Assignment 4
Assignment 4
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application Hacking
 
Introduction to Web Server Security
Introduction to Web Server SecurityIntroduction to Web Server Security
Introduction to Web Server Security
 
Hacking
HackingHacking
Hacking
 
iPhone forensics course overview
iPhone forensics course overviewiPhone forensics course overview
iPhone forensics course overview
 
internet security
internet securityinternet security
internet security
 
Trojan backdoors
Trojan backdoorsTrojan backdoors
Trojan backdoors
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing Techniques
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter Hacking
 
Cyber attack
Cyber attackCyber attack
Cyber attack
 
Spoofing
SpoofingSpoofing
Spoofing
 
ip spoofing
ip spoofingip spoofing
ip spoofing
 

Ähnlich wie Infosec

Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hackingCmano Kar
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHackingAve Nawsh
 
Internet security
Internet securityInternet security
Internet securitygohel
 
Information Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons BulgariaInformation Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons BulgariaNew Horizons Bulgaria
 
Parag presentation on ethical hacking
Parag presentation on ethical hackingParag presentation on ethical hacking
Parag presentation on ethical hackingparag101
 
presentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.pptpresentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.pptJatinRajput67
 
Methods of Cybersecurity Attacks
Methods of Cybersecurity AttacksMethods of Cybersecurity Attacks
Methods of Cybersecurity AttacksZyrellLalaguna
 
Introduction Ethical hacking by eslam hussein
Introduction Ethical hacking by eslam husseinIntroduction Ethical hacking by eslam hussein
Introduction Ethical hacking by eslam husseinEslam Hussein
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
IS Security Presentation
IS Security PresentationIS Security Presentation
IS Security PresentationRenjith K P
 

Ähnlich wie Infosec (20)

Computer Security
Computer SecurityComputer Security
Computer Security
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
IBPS SO
IBPS SOIBPS SO
IBPS SO
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hacking
 
Hacking and its Defence
Hacking and its DefenceHacking and its Defence
Hacking and its Defence
 
31.ppt
31.ppt31.ppt
31.ppt
 
31.ppt
31.ppt31.ppt
31.ppt
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHacking
 
Computer security and
Computer security andComputer security and
Computer security and
 
Internet security
Internet securityInternet security
Internet security
 
Internet security
Internet securityInternet security
Internet security
 
Information Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons BulgariaInformation Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons Bulgaria
 
Parag presentation on ethical hacking
Parag presentation on ethical hackingParag presentation on ethical hacking
Parag presentation on ethical hacking
 
Network Security
Network SecurityNetwork Security
Network Security
 
presentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.pptpresentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.ppt
 
Methods of Cybersecurity Attacks
Methods of Cybersecurity AttacksMethods of Cybersecurity Attacks
Methods of Cybersecurity Attacks
 
Introduction Ethical hacking by eslam hussein
Introduction Ethical hacking by eslam husseinIntroduction Ethical hacking by eslam hussein
Introduction Ethical hacking by eslam hussein
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
 
IS Security Presentation
IS Security PresentationIS Security Presentation
IS Security Presentation
 

Mehr von SinarShebl

Introduction To Erlang Final
Introduction To Erlang FinalIntroduction To Erlang Final
Introduction To Erlang FinalSinarShebl
 
Pluggable Authentication Module
Pluggable Authentication ModulePluggable Authentication Module
Pluggable Authentication ModuleSinarShebl
 
Java Script Utilities
Java Script UtilitiesJava Script Utilities
Java Script UtilitiesSinarShebl
 
All Bow To Open Solaris Crossbow H4ck3rz Due
All Bow To Open Solaris Crossbow H4ck3rz DueAll Bow To Open Solaris Crossbow H4ck3rz Due
All Bow To Open Solaris Crossbow H4ck3rz DueSinarShebl
 
Fedora 11 Features and Installation
Fedora 11 Features and InstallationFedora 11 Features and Installation
Fedora 11 Features and InstallationSinarShebl
 

Mehr von SinarShebl (8)

Introduction To Erlang Final
Introduction To Erlang FinalIntroduction To Erlang Final
Introduction To Erlang Final
 
Cloud
CloudCloud
Cloud
 
Pluggable Authentication Module
Pluggable Authentication ModulePluggable Authentication Module
Pluggable Authentication Module
 
Scmp P & F
Scmp P & FScmp P & F
Scmp P & F
 
Java Script Utilities
Java Script UtilitiesJava Script Utilities
Java Script Utilities
 
All Bow To Open Solaris Crossbow H4ck3rz Due
All Bow To Open Solaris Crossbow H4ck3rz DueAll Bow To Open Solaris Crossbow H4ck3rz Due
All Bow To Open Solaris Crossbow H4ck3rz Due
 
Fedora 11 Features and Installation
Fedora 11 Features and InstallationFedora 11 Features and Installation
Fedora 11 Features and Installation
 
Google Docs
Google DocsGoogle Docs
Google Docs
 

Kürzlich hochgeladen

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 

Kürzlich hochgeladen (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

Infosec

  • 2. Why InfoSec???  Nobody is perfect.  World is digitalized.  We are “System engineers,Programmers,Database administrators,Web developers”  At least we are “users”
  • 3. Sniffing  Sniffer:computer software or computer hardware that can intercept and log traffic passing over a network or part of a network.  Depending on the network structure (hub or switch).
  • 4. Spoofing  Is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.  “URL spoofing and phishing,Dns spoofing,Arp spoofing,MITM,E-mail address spoofing,Ip spoofing,Mac Spoofing”
  • 5. E-mail spoofing  Describes e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source.
  • 6. DNS spoofing  Is the art of making a DNS entry to point to an another IP than it would be supposed to point to.  DNS Cache Poisoning.  DNS ID Spoofing.  Birthday Paradox.
  • 7. ARP spoofing  Faking the ARP message.  Associates the attacker's MAC address with the IP address of another machine.  Any traffic meant for that IP address would be mistakenly sent to the attacker.
  • 8. Phishing  Attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity.  often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
  • 9. IP spoofing  The creation of IP packets with a spoofed source IP address with the purpose of concealing the identity of another machine.
  • 10. MAC Spoofing  ifconfig eth0 down hw ether 00:00:00:00:00:00  Allows the bypassing of access control lists on servers or routers,
  • 11. MITM  Attack in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other.
  • 12. Session hijacking  Refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.
  • 13. Dos attacks  Is an attempt to make a computer resource unavailable to its intended users.  prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.  saturating the target (victim) machine with external communications requests, such that it cannot respond to legitimate traffic.
  • 14. Dos attacks (cont)  ICMP flood (Smurf attack”Reflected attack”,Ping flood,Ping of death).  SYN flood.  login/logout.  Distributed attack.  Prevented by (switches,routers,firewall,ips).
  • 15. Buffer overflow  Is an anomaly where a process stores data in a buffer outside the memory the programmer set aside for it.  1-overflow an input field, command-line argument, or input buffer.  2-overflow the current return address on the stack with address of the exploit code loaded in step 3.  3-write a simple set of code for the next space in the stack that includes attacker commands.
  • 16. Exploits  Apiece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic.  Metasploit.  Coreimpact.
  • 17. SQL injection  Is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters  “select * from `users` where `username` = '$userName' and `password` = '$password'”  What if user has entered his username as: ' + 1 = 1. Query where clause will be true, which will authenticate user in.
  • 18. Password attacks  Bruteforce.  Dictionary.
  • 19. DEMOS