Suche senden
Hochladen
Hacking case-studies
•
Als PPT, PDF herunterladen
•
1 gefällt mir
•
513 views
venkadesh Prasath
Folgen
Technologie
Melden
Teilen
Melden
Teilen
1 von 49
Jetzt herunterladen
Empfohlen
Consumerization of IT MSL Jumpstart Keynote
Consumerization of IT MSL Jumpstart Keynote
David Tesar
SIP and IPv6 - Can They Get Along?
SIP and IPv6 - Can They Get Along?
Deploy360 Programme (Internet Society)
IPv6 and SIP - Myth or Reality?
IPv6 and SIP - Myth or Reality?
Deploy360 Programme (Internet Society)
Risk Factory: Database Security: Oxymoron?
Risk Factory: Database Security: Oxymoron?
Risk Crew
Awarenesstechnologies Intro Document
Awarenesstechnologies Intro Document
GuardEra Access Solutions, Inc.
Wie Sie digitale Geschäftsmodelle erschließen
Wie Sie digitale Geschäftsmodelle erschließen
TWT
Growth Hacking Workshop - Selfnation Case Study
Growth Hacking Workshop - Selfnation Case Study
Luke Szkudlarek
Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...
Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...
eightbit
Empfohlen
Consumerization of IT MSL Jumpstart Keynote
Consumerization of IT MSL Jumpstart Keynote
David Tesar
SIP and IPv6 - Can They Get Along?
SIP and IPv6 - Can They Get Along?
Deploy360 Programme (Internet Society)
IPv6 and SIP - Myth or Reality?
IPv6 and SIP - Myth or Reality?
Deploy360 Programme (Internet Society)
Risk Factory: Database Security: Oxymoron?
Risk Factory: Database Security: Oxymoron?
Risk Crew
Awarenesstechnologies Intro Document
Awarenesstechnologies Intro Document
GuardEra Access Solutions, Inc.
Wie Sie digitale Geschäftsmodelle erschließen
Wie Sie digitale Geschäftsmodelle erschließen
TWT
Growth Hacking Workshop - Selfnation Case Study
Growth Hacking Workshop - Selfnation Case Study
Luke Szkudlarek
Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...
Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...
eightbit
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
IBMGovernmentCA
Oral Dna Logical Network
Oral Dna Logical Network
jmfarrington
eircom Managed Security
eircom Managed Security
eircom
Disaster Solutions 2.0
Disaster Solutions 2.0
ferryheeneman
Agenda Security Helsinki 29okt2009
Agenda Security Helsinki 29okt2009
Anna Näsmark
Vpn
Vpn
Pranay Panday
Green Cloud Computing
Green Cloud Computing
Seungyun Lee
05 Voice / Video
05 Voice / Video
Videoguy
Case Study - Establishing Visibility into Remote Vendor Access at Pelephone
Case Study - Establishing Visibility into Remote Vendor Access at Pelephone
ObserveIT
Cloud Foundry Architecture and Overview
Cloud Foundry Architecture and Overview
rajdeep
Integrated Business Solution
Integrated Business Solution
puterakasihkarunia
Yorkland lcc 2010-r1
Yorkland lcc 2010-r1
Sustainable Resources Management
Yorkland lcc 2010-r1
Yorkland lcc 2010-r1
Sustainable Resources Management
Spain Getting Ready For Cloud Computing
Spain Getting Ready For Cloud Computing
Carlos Domingo
Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4
Arrow ECS UK
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
null - The Open Security Community
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
Manik S Magar
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Patryk Bandurski
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Safe Software
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
gvaughan
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
Weitere ähnliche Inhalte
Ähnlich wie Hacking case-studies
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
IBMGovernmentCA
Oral Dna Logical Network
Oral Dna Logical Network
jmfarrington
eircom Managed Security
eircom Managed Security
eircom
Disaster Solutions 2.0
Disaster Solutions 2.0
ferryheeneman
Agenda Security Helsinki 29okt2009
Agenda Security Helsinki 29okt2009
Anna Näsmark
Vpn
Vpn
Pranay Panday
Green Cloud Computing
Green Cloud Computing
Seungyun Lee
05 Voice / Video
05 Voice / Video
Videoguy
Case Study - Establishing Visibility into Remote Vendor Access at Pelephone
Case Study - Establishing Visibility into Remote Vendor Access at Pelephone
ObserveIT
Cloud Foundry Architecture and Overview
Cloud Foundry Architecture and Overview
rajdeep
Integrated Business Solution
Integrated Business Solution
puterakasihkarunia
Yorkland lcc 2010-r1
Yorkland lcc 2010-r1
Sustainable Resources Management
Yorkland lcc 2010-r1
Yorkland lcc 2010-r1
Sustainable Resources Management
Spain Getting Ready For Cloud Computing
Spain Getting Ready For Cloud Computing
Carlos Domingo
Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4
Arrow ECS UK
Ähnlich wie Hacking case-studies
(15)
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
Oral Dna Logical Network
Oral Dna Logical Network
eircom Managed Security
eircom Managed Security
Disaster Solutions 2.0
Disaster Solutions 2.0
Agenda Security Helsinki 29okt2009
Agenda Security Helsinki 29okt2009
Vpn
Vpn
Green Cloud Computing
Green Cloud Computing
05 Voice / Video
05 Voice / Video
Case Study - Establishing Visibility into Remote Vendor Access at Pelephone
Case Study - Establishing Visibility into Remote Vendor Access at Pelephone
Cloud Foundry Architecture and Overview
Cloud Foundry Architecture and Overview
Integrated Business Solution
Integrated Business Solution
Yorkland lcc 2010-r1
Yorkland lcc 2010-r1
Yorkland lcc 2010-r1
Yorkland lcc 2010-r1
Spain Getting Ready For Cloud Computing
Spain Getting Ready For Cloud Computing
Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4
Kürzlich hochgeladen
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
null - The Open Security Community
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
Manik S Magar
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Patryk Bandurski
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Safe Software
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
gvaughan
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
SeasiaInfotech2
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
Stephanie Beckett
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Addepto
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Sergiu Bodiu
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Zilliz
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Padma Pradeep
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Lorenzo Miniero
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
carlostorres15106
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Fwdays
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
charlottematthew16
Kürzlich hochgeladen
(20)
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
Hacking case-studies
1.
Some “Ethical Hacking”
Case Studies Peter Wood First•Base Technologies
2.
How much damage
can a security breach cause? • 44% of UK businesses suffered at least one malicious security breach in 2002 • The average cost was £30,000 • Several cost more than £500,000 • and these are just the reported incidents …! Source: The DTI Information Security Breaches survey Slide 2 © First Base Technologies 2003
3.
The External Hacker Slide
3 © First Base Technologies 2003
4.
Internet
Web Developer home m Di n fr o al- up Dial-i e IS DN lin d co se nn Lea e cti o n Desktop PC Firewall Bridge Bridge My Client Client's business partner Slide 4 © First Base Technologies 2003
5.
Internet
Web Developer Secure home m Di n fr o the al- up Secure Dial-i e IS DN desktop d lin co se Lea Internetcti nn e on Desktop PC Firewall connections Bridge Bridge Secure Secure My Client Client's business partner the third-party Slide 5 network connections © First Base Technologies 2003
6.
The Inside Hacker Slide
6 © First Base Technologies 2003
7.
Plug and go
Ethernet ports are never disabled …. … or just steal a connection from a desktop NetBIOS tells you lots and lots …… …. And you don’t need to be logged on Slide 7 © First Base Technologies 2003
8.
Get yourself an
IP address • Use DHCP since almost everyone does! • Or … use a sniffer to see broadcast packets (even in a switched network) and try some suitable addresses Slide 8 © First Base Technologies 2003
9.
Browse the network Slide
9 © First Base Technologies 2003
10.
Pick a target
machine Pick a target Slide 10 © First Base Technologies 2003
11.
Try null sessions
... Slide 11 © First Base Technologies 2003
12.
List privileged users Slide
12 © First Base Technologies 2003
13.
Typical passwords
• administrator null, password, administrator • arcserve arcserve, backup • test test, password • username password, monday, football • backup backup • tivoli tivoli • backupexec backup • smsservice smsservice • … any service account … same as account name Slide 13 © First Base Technologies 2003
14.
Game over! Slide 14
© First Base Technologies 2003
15.
The Inside-Out Hacker Slide
15 © First Base Technologies 2003
16.
Senior person -
laptop at home Internet il e- ma Laptop Slide 16 © First Base Technologies 2003
17.
… opens attachment
Internet il e- ma Trojan software Laptop now silently installed Slide 17 © First Base Technologies 2003
18.
… takes laptop
to work Internet Firewall Laptop Laptop Corporate Network Slide 18 © First Base Technologies 2003
19.
… trojan sees
what they see Internet Firewall Finance Server HR Server Laptop Corporate Network Slide 19 © First Base Technologies 2003
20.
Information flows out
of the organisation Evil server Internet Firewall Finance Server HR Server Laptop Corporate Network Slide 20 © First Base Technologies 2003
21.
Physical Attacks Slide 21
© First Base Technologies 2003
22.
What NT password? Slide
22 © First Base Technologies 2003
23.
NTFSDOS Slide 23
© First Base Technologies 2003
24.
Keyghost Slide 24
© First Base Technologies 2003
25.
KeyGhost - keystroke
capture Keystrokes recorded so far is 2706 out of 107250 ... <PWR><CAD>fsmith<tab><tab>arabella xxxxxxx <tab><tab> None<tab><tab> None<tab><tab> None<tab><tab> <CAD> arabella <CAD> <CAD> arabella <CAD> <CAD> arabella exit tracert 192.168.137.240 telnet 192.168.137.240 cisco Slide 25 © First Base Technologies 2003
26.
Viewing Password-Protected Files Slide
26 © First Base Technologies 2003
27.
Office Documents Slide 27
© First Base Technologies 2003
28.
Zip Files Slide 28
© First Base Technologies 2003
29.
Plain Text Passwords Slide
29 © First Base Technologies 2003
30.
Netlogon
In the unprotected netlogon share on a server: logon scripts can contain: net use servershare “password” /u:“user” Slide 30 © First Base Technologies 2003
31.
Registry scripts
In shared directories you may find .reg files like this: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] "DefaultUserName"="username" "DefaultPassword"="password" "AutoAdminLogon"="1" Slide 31 © First Base Technologies 2003
32.
Passwords in
procedures & documents Slide 32 © First Base Technologies 2003
33.
Packet sniffing
Generated by : TCP.demux V1.02 Input File: carol.cap Output File: TB000463.txt • Leave the sniffer Summary File: summary.txt Date Generated: Thu Jan 27 08:43:08 2000 running 10.1.1.82 1036 10.1.2.205 23 (telnet) UnixWare 2.1.3 (mikew) (pts/31). • Capture all packets login: to port 23 or 21 cl_Carol Password: • The result ... carol1zz UnixWare 2.1.3. mikew. Copyright 1996 The Santa Cruz Operation, Inc. All Rights Reserved.. Copyright 1984-1995 Novell, Inc. All Rights Reserved.. Copyright 1987, 1988 Microsoft Corp. All Rights Reserved.. U.S. Pat. No. 5,349,642. Slide 33 © First Base Technologies 2003
34.
Port scan Slide 34
© First Base Technologies 2003
35.
Brutus dictionary attack Slide
35 © First Base Technologies 2003
36.
NT Password Cracking Slide
36 © First Base Technologies 2003
37.
How to get
the NT SAM • On any NT/W2K machine: - In memory (registry) - c:winntrepairsam (invoke rdisk?) - Emergency Repair Disk - Backup tapes - Sniffing (L0phtcrack) • Run L0phtcrack on the SAM …. Slide 37 © First Base Technologies 2003
38.
End of part
one! Slide 38 © First Base Technologies 2003
39.
And how to
prevent it! Peter Wood First•Base Technologies
40.
Prevention is better
... • Harden the servers • Monitor alerts (e.g. www.sans.org) • Scan, test and apply patches • Monitor logs • Good physical security • Intrusion detection systems • Train the technical staff on security • Serious policy and procedures! Slide 40 © First Base Technologies 2003
41.
Server hardening
• HardNT40rev1.pdf • Windows NT Security Guidelines (www.fbtechies.co.uk) (nsa1.www.conxion.com) • HardenW2K101.pdf • NTBugtraq FAQs (www.fbtechies.co.uk) (http://ntbugtraq.ntadvice.com/defa • FAQ for How to Secure Windows ult.asp?pid=37&sid=1) NT (www.sans.org) • Securing Windows 2000 • Fundamental Steps to Harden (www.sans.org) Windows NT 4_0 (www.sans.org) • Securing Windows 2000 Server • ISF NT Checklist v2 (www.sans.org) (www.securityforum.org) • Windows 2000 Known • http://www.microsoft.com/technet/ Vulnerabilities and Their Fixes security/bestprac/default.asp (www.sans.org) • Lockdown.pdf (www.iss.net) • SANS step-by-step guides Slide 41 © First Base Technologies 2003
42.
Alerts
• www.sans.org • www.cert.org • www.microsoft.com/security • www.ntbugtraq.com • www.winnetmag.com • razor.bindview.com • eeye.com • Security Pro News (ientrymail.com) Slide 42 © First Base Technologies 2003
43.
Scan and apply
patches Slide 43 © First Base Technologies 2003
44.
Monitor logs Slide 44
© First Base Technologies 2003
45.
Good physical security
• Perimeter security • Computer room security • Desktop security • Close monitoring of admin’s work areas • No floppy drives? • No bootable CDs? Slide 45 © First Base Technologies 2003
46.
Intrusion detection
• RealSecure • Tripwire • Dragon • Snort • www.networkintrusion.co.uk for guidance Slide 46 © First Base Technologies 2003
47.
Security Awareness
• Sharing admin accounts • Service accounts • Account naming conventions • Server naming conventions • Hardening • Passwords (understand NT passwords!) • Two-factor authentication? Slide 47 © First Base Technologies 2003
48.
Serious Policy &
Procedures • Top-down commitment • Investment • Designed-in security • Regular audits • Regular penetration testing • Education & awareness Slide 48 © First Base Technologies 2003
49.
Need more information?
Peter Wood peterw@firstbase.co.uk www.fbtechies.co.uk Slide 49 © First Base Technologies 2003
Jetzt herunterladen