SlideShare ist ein Scribd-Unternehmen logo

ANS_Ch_05_Handouts.pdf

M
MeymunaMohammed1

network management

Technologie
1 von 48
Downloaden Sie, um offline zu lesen
DILLA UNIVERSITY COLLEGE OF ENGINEERING & TECHNOLOGY School of Computing & Informatics M. Sc in Computer Science & Networking By Chapter-05 Dr. Ananda Kumar K S M.Tech, Ph.D Associate Professor, School of Comp & Info Email: anandgdk@du.edu.et 1 Course Number CN6122 Course Title Advanced Network Security
Advanced Network Security CHAPTER-05 1. Ethical hacking 2. Denial of Service Attacks(DoS) 3. Distributed denial-of-service (DDoS) 4. Buffer-overflow attack 2
1. HACKING Hacking has been a part of computing for almost five decades and it is a very broad discipline, which covers a wide range of topics. The first known event of hacking had taken place in 1960 at MIT and at the same time, the term "Hacker" was originated. Hacking is the act of finding the possible entry points that exist in a computer system or a computer network and finally entering into them. 3
Cont..  Hacking is usually done to gain unauthorized access to a computer system or a computer network, either to harm the systems or to steal sensitive information available on the computer.  Hacking is usually legal as long as it is being done to find weaknesses in a computer or network system for testing purpose. This sort of hacking is what we call Ethical Hacking.  A computer expert who does the act of hacking is called a "Hacker".  Hackers are those who seek knowledge, to understand how systems operate, how they are designed, and then attempt to play with these systems. 4
Ethical Vs Unethical 5
6
Phases of hacking  Both the auditor and the cracker follow a logical sequence of steps when conducting a hacking. These grouped steps are called phases.  There is a general consensus among the entities and information security professionals that these phases are 5 in the following order:  Crackers Phases : 1-> Reconnaissance 2-> Scanning 3-> Gaining Access 4-> Maintaining Access 5-> Erasing Clues Ethical Hacking Phases: 1-> Reconnaissance 2-> Scanning 3-> Gaining Access 4-> Writing Report 5-> Presenting Report 7
Cont.. 8
Cont.. 9
Reconnaissance o This is the first step of Hacking. It is also called as Footprinting and information gathering Phase. o This is the preparatory phase where we collect as much information as possible about the target. o We usually collect information about three groups, Network, Host, People involved. There are two types of Footprinting: Active: Directly interacting with the target to gather information about the target. Eg: Using Nmap tool to scan the target Passive: Trying to collect the information about the target without directly accessing the target. This involves collecting information from social media, public websites etc. 10
Scanning Three types of scanning are involved: Port scanning: This phase involves scanning the target for the information like open ports, Live systems, various services running on the host. Vulnerability Scanning: Checking the target for weaknesses or vulnerabilities which can be exploited. Usually done with help of automated tools Network Mapping: Finding the topology of network, routers, firewalls servers if any, and host information and drawing a network diagram with the available information. This map may serve as a valuable piece of information throughout the hacking process. 11
Gaining Access This phase is where an attacker breaks into the system/network using various tools or methods. After entering into a system, he has to increase his privilege to administrator level so he can install an application he needs or modify data or hide data. 12
Maintaining Access o Hacker may just hack the system to show it was vulnerable or he can be so mischievous that he wants to maintain or persist the connection in the background without the knowledge of the user. o This can be done using Trojans, Rootkits or other malicious files. o The aim is to maintain the access to the target until he finishes the tasks he planned to accomplish in that target. 13
Erasing Clues or Clearing Track o No thief wants to get caught. An intelligent hacker always clears all evidence so that in the later point of time, no one will find any traces leading to him. o This involves modifying/corrupting/deleting the values of Logs, modifying registry values and uninstalling all applications he used and deleting all folders he created. 14
Cont..  Usually these phases are represented as a cycle that is commonly called “the circle of hacking” (see Figure 1) with the aim of emphasizing that the cracker can continue the process over and over again.  Though, information security auditors who perform ethical hacking services present a slight variation in the implementation phases like this:  1-> Reconnaissance 2-> Scanning 3-> Gaining Access 4-> Writing the Report 5-> Presenting the Report In this way, ethical hackers stop at Phase 3 of the “circle of hacking” to report their findings and make recommendations to the client. 15
TYPES OF HACKING  When we execute an ethical hacking is necessary to establish its scope to develop a realistic schedule of work and to deliver the economic proposal to the client.  To determine the project extent we need to know at least three basic elements: the type of hacking that we will conduct, the modality and the additional services that customers would like to include with the contracted service.  Depending on where we execute the penetration testing, an ethical hacking can be external or internal. 16
Cont.. External pentesting  This type of hacking is done from the Internet against the client’s public network infrastructure; that is, on those computers in the organization that are exposed to the Internet because they provide a public service.  Example of public hosts: router, firewall, web server, mail server, name server, etc. Internal pentesting  As the name suggests, this type of hacking is executed from the customer’s internal network, from the point of view of a company employee, consultant, or business associate that has access to the corporate network. 17
Cont.. since studies show that the majority of successful attacks come from inside the company. To cite an example, in a survey conducted on computer security to a group of businessmen in the UK, when they were asked “who the attackers are”, these figures were obtained: 25% external, 75% internal. 18
HACKING MODALITIES  Depending on the information that the customer provides to the consultant, an ethical hacking service could be executed in one of three modes: o black-box o gray-box o white-box  The method chosen will affect the cost and duration of the penetration testing audit, since the lesser the information received, the greater the time in research invested by the auditor. 19
Black box hacking  This mode is applicable to external testing only.  It is called so because the client only gives the name of the company to the consultant, so the auditor starts with no information, the infrastructure of the organization is a “black box”.  While this type of audit is considered more realistic, since the external attacker who chooses an X victim has no further information to start that the name of the organization that is going to attack, it is also true that it requires a greater investment of time and therefore the cost incurred is higher too. 20
Gray box hacking This method is often used synonymously to refer to internal pentestings. Nevertheless, some auditors also called gray- box-hacking an external test in which the client provides limited information on public computers to be audited. Example: a list of data such as IP address and type/function of the equipment (router, web- server, firewall, etc.). 21
White box hacking White-box hacking is also called transparent hacking. This method applies only to internal pentestings and is called this way because the client gives complete information to the auditor about its networks and systems.  This means, that besides providing a connection to the network and configuration information for the NIC, the consultant receives extensive information such as network diagrams, detailed equipment audit list including names, types, platforms, main services, IP addresses, information from remote subnets, etc.  Because the consultant avoids having to find out this information, this kind of hacking usually takes less time to execute and therefore also reduces costs. 22
Additional hacking services There are additional services that can be included with an ethical hacking; among the popular ones are: • Social engineering • Wardialing • Wardriving • Stolen equipment simulation • Physical security 23
Social engineering  Social engineering refers to the act of gathering information through the manipulation of people, it means that the hacker acquire confidential data using the well known fact that the weakest link in the chain of information security is the human component.  Examples of social engineering: sending fake emails with malicious attachments, calls to customer personnel pretending to be a technician from the ISP, visits to company premises pretending to be a customer in order to place a keystroke logger (keylogger), etc. 24
Wardialing  Wardialing or war dialing is a technique to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for modems, computers, bulletin board systems and fax machines.  War dialing is a brute-force method of finding a back door into an organization's network. It is particularly effective against a perimeter defense.  Most organizations have telephone numbers that are within a specified range and begin with the same prefix. 25
Cont.. 26
wardriving  The term wardriving is derived from its predecessor wardialing, but is applied to wireless networks.  The hacker strikes up a wireless war from the vicinity of the client/victim company, usually from his parked car with a laptop and a signal booster antenna.  Wardriving is the act of searching for Wi-Fi wireless networks, usually from a moving vehicle, using a laptop or smartphone. Software for wardriving is freely available on the internet.  Warbiking, warcycling, warwalking and similar use the same approach but with other modes of transportation. 27
Stolen equipment simulation  Here the objective is to verify if the organization has taken steps to safeguard the confidential information hosted on mobile devices that belong to key executives.  The auditor simulates a theft of the device and uses tools (HW/SW) and his expertise with the intention of extracting sensitive information.  Due to the sensitivity of the operation, we should always recommend to our customer to back up the devices prior to the audit. 28
Physical security Audit  Although physical security is considered by many experts as an independent subject from ethical hacking, specialized companies can integrate it as part of the service.  This type of audit involves difficulties and risks that you must be aware with the aim of avoiding situations that endanger those involved. 29
Simple steps that individuals can take to be more secure: – Keep your software up to date – Install antivirus software – Use public networks carefully – Backup your data – Secure your accounts with two-factor authentication – Make your passwords long, unique, and strong – Be suspicious of strange links and attachments 30
Steps to secure your computer • Keep up with system and software security updates. • Enable a firewall. • Adjust your browser settings. • Install antivirus and anti spyware software. • Password protect your software and lock your device. • Encrypt your data. • Use a VPN. 31
Tools for Information Security • Authentication • Access Control • Encryption • Passwords • Backup • Firewalls • Virtual Private Networks (VPN) • Physical Security • Security Policies 32
2. Denial of Service Attacks • Denial of Service Attack: an attack on a computer or network that prevents legitimate use of its resources. • In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. • DoS Attacks Affect: – Software Systems – Network Routers/Equipment/Servers – Servers and End-User PCs 33
Classification of DoS Attacks Attack Affected Area Example Description Network Level Device Routers, IP Switches, Firewalls Ascend Kill II, “Christmas Tree Packets” Attack attempts to exhaust hardware resources using multiple duplicate packets or a software bug. OS Level Equipment Vendor OS, End-User Equipment. Ping of Death, ICMP Echo Attacks, Teardrop Attack takes advantage of the way operating systems implement protocols. Application Level Attacks Finger Bomb(The repeated at(@) character causes finger to consume excessive CPU and RAM resources) Finger Bomb, Windows NT RealServer G2 6.0 Attack a service or machine by using an application attack to exhaust resources. Data Flood (Amplification, Oscillation, Simple Flooding) Host computer or network Smurf Attack (amplifier attack) UDP Echo (oscillation attack) Attack in which massive quantities of data are sent to a target with the intention of using up bandwidth/processing resources. Protocol Feature Attacks Servers, Client PC, DNS Servers SYN (connection depletion) Attack in which “bugs” in protocol are utilized to take down network resources. Methods of attack include: IP address spoofing, and corrupting DNS server cache. Page 34
Countermeasures for DoS Attacks Attack Countermeasure Options Example Description Network Level Device Software patches, packet filtering Ingress and Egress Filtering Software upgrades can fix known bugs and packet filtering can prevent attacking traffic from entering a network. OS Level SYN Cookies, drop backlog connections, shorten timeout time SYN Cookies Shortening the backlog time and dropping backlog connections will free up resources. SYN cookies proactively prevent attacks. Application Level Attacks Intrusion Detection System GuardDog, other vendors. Software used to detect illicit activity. Data Flood (Amplification, Oscillation, Simple Flooding) Replication and Load Balancing Akami/Digital Island provide content distribution. Extend the volume of content under attack makes it more complicated and harder for attackers to identify services to attack and accomplish complete attacks. Protocol Feature Attacks Extend protocols to support security. IETF standard for itrace, DNS SEC (Internet Engineering Task Force) Trace source/destination packets by a means other than the IP address (blocks against IP address spoofing). DNSSEC would provide authorization and authentication on DNS information. Page 35
3. Distributed Denial-of-service (DDoS)  A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.  DDoS attacks achieve effectiveness by utilizing multiple compromised computer systems as sources of attack traffic.  Exploited machines can include computers and other networked resources such as IoT devices. From a high level, a DDoS attack is like an unexpected traffic jam clogging up the highway, preventing regular traffic from arriving at its destination. 36
DDoS Architecture Client Client Handler Handler Handler Handler Agents 37
Widely Used DDoS Programs • Trinoo • Tribe Flood Network • TFN2K • stacheldraht (barbed wire) 38
4. What is Buffer Overflow o A buffer is a temporary area for data storage. When more data (than was originally allocated to be stored) gets placed by a program or system process, the extra data overflows. o It causes some of that data to leak out into other buffers, which can corrupt or overwrite whatever data they were holding. 39
40 Cont.. • A buffer overflow, or buffer overrun, is an anomalous condition where a process attempts to store data beyond the boundaries of a fixed-length buffer. • The result is that the extra data overwrites adjacent memory locations. • The overwritten data may include other buffers, variables and program flow data, and may result in erratic program behavior, a memory access exception, program termination (a crash), incorrect results or ― especially if deliberately caused by a malicious user ― a possible breach of system security. • Most common with C/C++ programs
Buffer-overflow attack o In a buffer-overflow attack, the extra data sometimes holds specific instructions for actions intended by a hacker or malicious user; for example, the data could trigger a response that damages files, changes data or unveils private information. o Attacker would use a buffer-overflow exploit to take advantage of a program that is waiting on a user’s input. 41
Types of buffer overflows There are two types of buffer overflows: stack-based and heap-based. o Heap-based, which are difficult to execute and the least common of the two, attack an application by flooding the memory space reserved for a program. o Stack-based buffer overflows, which are more common among attackers, exploit applications and programs by using what is known as a stack: memory space used to store user input. 42
43 What is needed to understand Buffer Overflow • Understanding C functions and the stack. • Some familiarity with machine code. • Know how systems calls are made. • The exec() system call. • Attacker needs to know which CPU and OS are running on the target machine. – Our examples are for x86 running Linux. – Details vary slightly between CPU’s and OS: • Stack growth direction. • big endian vs. little endian.
Buffer Overflow Example 44
45 Some unsafe C lib functions strcpy (char *dest, const char *src) strcat (char *dest, const char *src) gets (char *s) scanf ( const char *format, … ) sprintf (conts char *format, … )
46 Preventing Buffer Overflow Attacks • Use type safe languages (Java) • Use safe library functions • Static source code analysis • Non-executable stack • Run time checking • Address space layout randomization • Detection deviation of program behavior • Access control
References Reference Text Books: 1. Karig, David and Ruby Lee. Remote Denial of Service Attacks and Countermeasures, Princeton University Department of Electrical Engineering Technical Report CE-L2001-002, October 2001. 2. C.Easttom, Computer Security Fundamentals, Prentice Hall, May 2005. 3. D. Russell and G.T. Gangemi, Computer Security Basics, OReilly& Associates, 1991. 4. M. Bishop, Computer Security: Art and Science, Addison-Wesley, 2002. 5. S. A. Thomas, SSL and TLS Essentials: Securing the Web, Wiley, 2000. 47
THANK YOU 48

Empfohlen

Ashar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxAshar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptx
asharshaikh8
 
Selected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testingSelected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testing
CSITiaesprime
 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdf
ShivamSharma909
 
Vulnerability Prevention Using Ethical Hacking.pdf
Vulnerability Prevention Using Ethical Hacking.pdfVulnerability Prevention Using Ethical Hacking.pdf
Vulnerability Prevention Using Ethical Hacking.pdf
MithunJV
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
GETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptxGETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptx
BishalRay8
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Ramiro Cid
 
Network and web security
Network and web securityNetwork and web security
Network and web security
Nitesh Saitwal
 

Empfohlen

Ashar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxAshar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptx
asharshaikh8
 
Selected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testingSelected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testing
CSITiaesprime
 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdf
ShivamSharma909
 
Vulnerability Prevention Using Ethical Hacking.pdf
Vulnerability Prevention Using Ethical Hacking.pdfVulnerability Prevention Using Ethical Hacking.pdf
Vulnerability Prevention Using Ethical Hacking.pdf
MithunJV
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
GETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptxGETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptx
BishalRay8
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Ramiro Cid
 
Network and web security
Network and web securityNetwork and web security
Network and web security
Nitesh Saitwal
 
IRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical HackingIRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical Hacking
IRJET Journal
 
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptxDomain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Infosectrain3
 
An overview of network penetration testing
An overview of network penetration testingAn overview of network penetration testing
An overview of network penetration testing
eSAT Publishing House
 
Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.
Rishabh Gupta
 
Is4560
Is4560Is4560
Is4560
Tara Hardin
 
Ehical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network SecurityEhical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network Security
prachi67
 
Cyber Security PPT
Cyber Security PPTCyber Security PPT
Cyber Security PPT
ashish kumar
 
Top 25 SOC Analyst interview questions that You Should Know.pptx
Top 25 SOC Analyst interview questions that You Should Know.pptxTop 25 SOC Analyst interview questions that You Should Know.pptx
Top 25 SOC Analyst interview questions that You Should Know.pptx
Infosectrain3
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Prabhat kumar Suman
 
hacker culture
hacker culturehacker culture
hacker culture
Amy McMullin
 
Ethical Hacking: A Comprehensive Cheatsheet
Ethical Hacking: A Comprehensive CheatsheetEthical Hacking: A Comprehensive Cheatsheet
Ethical Hacking: A Comprehensive Cheatsheet
Megawatt Content Marketing
 
Introduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptxIntroduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptx
youfanlimboo
 
Ethical hacking interview questions and answers
Ethical hacking interview questions and answersEthical hacking interview questions and answers
Ethical hacking interview questions and answers
ShivamSharma909
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Nitheesh Adithyan
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
samprada123
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
Sweta Kumari Barnwal
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Sanu Subham
 
BASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKINGBASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKING
Drm Kapoor
 
Ethical Hacking And Hacking Attacks
Ethical Hacking And Hacking AttacksEthical Hacking And Hacking Attacks
Ethical Hacking And Hacking Attacks
Aman Gupta
 
Web security chapter#2
Web security chapter#2Web security chapter#2
Web security chapter#2
Ishaq Shinwari
 
Chapter 6-Synchronozation2.ppt
Chapter 6-Synchronozation2.pptChapter 6-Synchronozation2.ppt
Chapter 6-Synchronozation2.ppt
MeymunaMohammed1
 
Distributed system.pptx
Distributed system.pptxDistributed system.pptx
Distributed system.pptx
MeymunaMohammed1
 

Weitere ähnliche Inhalte

Ähnlich wie ANS_Ch_05_Handouts.pdf

Introduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptxIntroduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptx
youfanlimboo
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
samprada123
 
BASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKINGBASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKING
Drm Kapoor
 

Ähnlich wie ANS_Ch_05_Handouts.pdf (20)

IRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical HackingIRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical Hacking
 
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptxDomain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
 
An overview of network penetration testing
An overview of network penetration testingAn overview of network penetration testing
An overview of network penetration testing
 
Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.
 
Is4560
Is4560Is4560
Is4560
 
Ehical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network SecurityEhical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network Security
 
Cyber Security PPT
Cyber Security PPTCyber Security PPT
Cyber Security PPT
 
Top 25 SOC Analyst interview questions that You Should Know.pptx
Top 25 SOC Analyst interview questions that You Should Know.pptxTop 25 SOC Analyst interview questions that You Should Know.pptx
Top 25 SOC Analyst interview questions that You Should Know.pptx
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
hacker culture
hacker culturehacker culture
hacker culture
 
Ethical Hacking: A Comprehensive Cheatsheet
Ethical Hacking: A Comprehensive CheatsheetEthical Hacking: A Comprehensive Cheatsheet
Ethical Hacking: A Comprehensive Cheatsheet
 
Introduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptxIntroduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptx
 
Ethical hacking interview questions and answers
Ethical hacking interview questions and answersEthical hacking interview questions and answers
Ethical hacking interview questions and answers
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
BASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKINGBASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKING
 
Ethical Hacking And Hacking Attacks
Ethical Hacking And Hacking AttacksEthical Hacking And Hacking Attacks
Ethical Hacking And Hacking Attacks
 
Web security chapter#2
Web security chapter#2Web security chapter#2
Web security chapter#2
 

Mehr von MeymunaMohammed1

Mehr von MeymunaMohammed1 (11)

Chapter 6-Synchronozation2.ppt
Chapter 6-Synchronozation2.pptChapter 6-Synchronozation2.ppt
Chapter 6-Synchronozation2.ppt
 
Distributed system.pptx
Distributed system.pptxDistributed system.pptx
Distributed system.pptx
 
ANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdf
 
Seminar Course instruction .ppt
Seminar Course instruction .pptSeminar Course instruction .ppt
Seminar Course instruction .ppt
 
M.Sc Mobile computing.pptx
M.Sc Mobile computing.pptxM.Sc Mobile computing.pptx
M.Sc Mobile computing.pptx
 
Cloud_Ch_01_Handouts(1).pdf
Cloud_Ch_01_Handouts(1).pdfCloud_Ch_01_Handouts(1).pdf
Cloud_Ch_01_Handouts(1).pdf
 
ANS_Ch_06_Handouts.pdf
ANS_Ch_06_Handouts.pdfANS_Ch_06_Handouts.pdf
ANS_Ch_06_Handouts.pdf
 
ANS_Ch_04_Handouts.pdf
ANS_Ch_04_Handouts.pdfANS_Ch_04_Handouts.pdf
ANS_Ch_04_Handouts.pdf
 
Chapter 3-Processes2.pptx
Chapter 3-Processes2.pptxChapter 3-Processes2.pptx
Chapter 3-Processes2.pptx
 
Chapter 2-Architectures23.ppt
Chapter 2-Architectures23.pptChapter 2-Architectures23.ppt
Chapter 2-Architectures23.ppt
 
Chapter 2-Architectures2.ppt
Chapter 2-Architectures2.pptChapter 2-Architectures2.ppt
Chapter 2-Architectures2.ppt
 

Kürzlich hochgeladen

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Kürzlich hochgeladen (20)

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 

ANS_Ch_05_Handouts.pdf

  • 1. DILLA UNIVERSITY COLLEGE OF ENGINEERING & TECHNOLOGY School of Computing & Informatics M. Sc in Computer Science & Networking By Chapter-05 Dr. Ananda Kumar K S M.Tech, Ph.D Associate Professor, School of Comp & Info Email: anandgdk@du.edu.et 1 Course Number CN6122 Course Title Advanced Network Security
  • 2. Advanced Network Security CHAPTER-05 1. Ethical hacking 2. Denial of Service Attacks(DoS) 3. Distributed denial-of-service (DDoS) 4. Buffer-overflow attack 2
  • 3. 1. HACKING Hacking has been a part of computing for almost five decades and it is a very broad discipline, which covers a wide range of topics. The first known event of hacking had taken place in 1960 at MIT and at the same time, the term "Hacker" was originated. Hacking is the act of finding the possible entry points that exist in a computer system or a computer network and finally entering into them. 3
  • 4. Cont..  Hacking is usually done to gain unauthorized access to a computer system or a computer network, either to harm the systems or to steal sensitive information available on the computer.  Hacking is usually legal as long as it is being done to find weaknesses in a computer or network system for testing purpose. This sort of hacking is what we call Ethical Hacking.  A computer expert who does the act of hacking is called a "Hacker".  Hackers are those who seek knowledge, to understand how systems operate, how they are designed, and then attempt to play with these systems. 4
  • 6. 6
  • 7. Phases of hacking  Both the auditor and the cracker follow a logical sequence of steps when conducting a hacking. These grouped steps are called phases.  There is a general consensus among the entities and information security professionals that these phases are 5 in the following order:  Crackers Phases : 1-> Reconnaissance 2-> Scanning 3-> Gaining Access 4-> Maintaining Access 5-> Erasing Clues Ethical Hacking Phases: 1-> Reconnaissance 2-> Scanning 3-> Gaining Access 4-> Writing Report 5-> Presenting Report 7
  • 10. Reconnaissance o This is the first step of Hacking. It is also called as Footprinting and information gathering Phase. o This is the preparatory phase where we collect as much information as possible about the target. o We usually collect information about three groups, Network, Host, People involved. There are two types of Footprinting: Active: Directly interacting with the target to gather information about the target. Eg: Using Nmap tool to scan the target Passive: Trying to collect the information about the target without directly accessing the target. This involves collecting information from social media, public websites etc. 10
  • 11. Scanning Three types of scanning are involved: Port scanning: This phase involves scanning the target for the information like open ports, Live systems, various services running on the host. Vulnerability Scanning: Checking the target for weaknesses or vulnerabilities which can be exploited. Usually done with help of automated tools Network Mapping: Finding the topology of network, routers, firewalls servers if any, and host information and drawing a network diagram with the available information. This map may serve as a valuable piece of information throughout the hacking process. 11
  • 12. Gaining Access This phase is where an attacker breaks into the system/network using various tools or methods. After entering into a system, he has to increase his privilege to administrator level so he can install an application he needs or modify data or hide data. 12
  • 13. Maintaining Access o Hacker may just hack the system to show it was vulnerable or he can be so mischievous that he wants to maintain or persist the connection in the background without the knowledge of the user. o This can be done using Trojans, Rootkits or other malicious files. o The aim is to maintain the access to the target until he finishes the tasks he planned to accomplish in that target. 13
  • 14. Erasing Clues or Clearing Track o No thief wants to get caught. An intelligent hacker always clears all evidence so that in the later point of time, no one will find any traces leading to him. o This involves modifying/corrupting/deleting the values of Logs, modifying registry values and uninstalling all applications he used and deleting all folders he created. 14
  • 15. Cont..  Usually these phases are represented as a cycle that is commonly called “the circle of hacking” (see Figure 1) with the aim of emphasizing that the cracker can continue the process over and over again.  Though, information security auditors who perform ethical hacking services present a slight variation in the implementation phases like this:  1-> Reconnaissance 2-> Scanning 3-> Gaining Access 4-> Writing the Report 5-> Presenting the Report In this way, ethical hackers stop at Phase 3 of the “circle of hacking” to report their findings and make recommendations to the client. 15
  • 16. TYPES OF HACKING  When we execute an ethical hacking is necessary to establish its scope to develop a realistic schedule of work and to deliver the economic proposal to the client.  To determine the project extent we need to know at least three basic elements: the type of hacking that we will conduct, the modality and the additional services that customers would like to include with the contracted service.  Depending on where we execute the penetration testing, an ethical hacking can be external or internal. 16
  • 17. Cont.. External pentesting  This type of hacking is done from the Internet against the client’s public network infrastructure; that is, on those computers in the organization that are exposed to the Internet because they provide a public service.  Example of public hosts: router, firewall, web server, mail server, name server, etc. Internal pentesting  As the name suggests, this type of hacking is executed from the customer’s internal network, from the point of view of a company employee, consultant, or business associate that has access to the corporate network. 17
  • 18. Cont.. since studies show that the majority of successful attacks come from inside the company. To cite an example, in a survey conducted on computer security to a group of businessmen in the UK, when they were asked “who the attackers are”, these figures were obtained: 25% external, 75% internal. 18
  • 19. HACKING MODALITIES  Depending on the information that the customer provides to the consultant, an ethical hacking service could be executed in one of three modes: o black-box o gray-box o white-box  The method chosen will affect the cost and duration of the penetration testing audit, since the lesser the information received, the greater the time in research invested by the auditor. 19
  • 20. Black box hacking  This mode is applicable to external testing only.  It is called so because the client only gives the name of the company to the consultant, so the auditor starts with no information, the infrastructure of the organization is a “black box”.  While this type of audit is considered more realistic, since the external attacker who chooses an X victim has no further information to start that the name of the organization that is going to attack, it is also true that it requires a greater investment of time and therefore the cost incurred is higher too. 20
  • 21. Gray box hacking This method is often used synonymously to refer to internal pentestings. Nevertheless, some auditors also called gray- box-hacking an external test in which the client provides limited information on public computers to be audited. Example: a list of data such as IP address and type/function of the equipment (router, web- server, firewall, etc.). 21
  • 22. White box hacking White-box hacking is also called transparent hacking. This method applies only to internal pentestings and is called this way because the client gives complete information to the auditor about its networks and systems.  This means, that besides providing a connection to the network and configuration information for the NIC, the consultant receives extensive information such as network diagrams, detailed equipment audit list including names, types, platforms, main services, IP addresses, information from remote subnets, etc.  Because the consultant avoids having to find out this information, this kind of hacking usually takes less time to execute and therefore also reduces costs. 22
  • 23. Additional hacking services There are additional services that can be included with an ethical hacking; among the popular ones are: • Social engineering • Wardialing • Wardriving • Stolen equipment simulation • Physical security 23
  • 24. Social engineering  Social engineering refers to the act of gathering information through the manipulation of people, it means that the hacker acquire confidential data using the well known fact that the weakest link in the chain of information security is the human component.  Examples of social engineering: sending fake emails with malicious attachments, calls to customer personnel pretending to be a technician from the ISP, visits to company premises pretending to be a customer in order to place a keystroke logger (keylogger), etc. 24
  • 25. Wardialing  Wardialing or war dialing is a technique to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for modems, computers, bulletin board systems and fax machines.  War dialing is a brute-force method of finding a back door into an organization's network. It is particularly effective against a perimeter defense.  Most organizations have telephone numbers that are within a specified range and begin with the same prefix. 25
  • 27. wardriving  The term wardriving is derived from its predecessor wardialing, but is applied to wireless networks.  The hacker strikes up a wireless war from the vicinity of the client/victim company, usually from his parked car with a laptop and a signal booster antenna.  Wardriving is the act of searching for Wi-Fi wireless networks, usually from a moving vehicle, using a laptop or smartphone. Software for wardriving is freely available on the internet.  Warbiking, warcycling, warwalking and similar use the same approach but with other modes of transportation. 27
  • 28. Stolen equipment simulation  Here the objective is to verify if the organization has taken steps to safeguard the confidential information hosted on mobile devices that belong to key executives.  The auditor simulates a theft of the device and uses tools (HW/SW) and his expertise with the intention of extracting sensitive information.  Due to the sensitivity of the operation, we should always recommend to our customer to back up the devices prior to the audit. 28
  • 29. Physical security Audit  Although physical security is considered by many experts as an independent subject from ethical hacking, specialized companies can integrate it as part of the service.  This type of audit involves difficulties and risks that you must be aware with the aim of avoiding situations that endanger those involved. 29
  • 30. Simple steps that individuals can take to be more secure: – Keep your software up to date – Install antivirus software – Use public networks carefully – Backup your data – Secure your accounts with two-factor authentication – Make your passwords long, unique, and strong – Be suspicious of strange links and attachments 30
  • 31. Steps to secure your computer • Keep up with system and software security updates. • Enable a firewall. • Adjust your browser settings. • Install antivirus and anti spyware software. • Password protect your software and lock your device. • Encrypt your data. • Use a VPN. 31
  • 32. Tools for Information Security • Authentication • Access Control • Encryption • Passwords • Backup • Firewalls • Virtual Private Networks (VPN) • Physical Security • Security Policies 32
  • 33. 2. Denial of Service Attacks • Denial of Service Attack: an attack on a computer or network that prevents legitimate use of its resources. • In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. • DoS Attacks Affect: – Software Systems – Network Routers/Equipment/Servers – Servers and End-User PCs 33
  • 34. Classification of DoS Attacks Attack Affected Area Example Description Network Level Device Routers, IP Switches, Firewalls Ascend Kill II, “Christmas Tree Packets” Attack attempts to exhaust hardware resources using multiple duplicate packets or a software bug. OS Level Equipment Vendor OS, End-User Equipment. Ping of Death, ICMP Echo Attacks, Teardrop Attack takes advantage of the way operating systems implement protocols. Application Level Attacks Finger Bomb(The repeated at(@) character causes finger to consume excessive CPU and RAM resources) Finger Bomb, Windows NT RealServer G2 6.0 Attack a service or machine by using an application attack to exhaust resources. Data Flood (Amplification, Oscillation, Simple Flooding) Host computer or network Smurf Attack (amplifier attack) UDP Echo (oscillation attack) Attack in which massive quantities of data are sent to a target with the intention of using up bandwidth/processing resources. Protocol Feature Attacks Servers, Client PC, DNS Servers SYN (connection depletion) Attack in which “bugs” in protocol are utilized to take down network resources. Methods of attack include: IP address spoofing, and corrupting DNS server cache. Page 34
  • 35. Countermeasures for DoS Attacks Attack Countermeasure Options Example Description Network Level Device Software patches, packet filtering Ingress and Egress Filtering Software upgrades can fix known bugs and packet filtering can prevent attacking traffic from entering a network. OS Level SYN Cookies, drop backlog connections, shorten timeout time SYN Cookies Shortening the backlog time and dropping backlog connections will free up resources. SYN cookies proactively prevent attacks. Application Level Attacks Intrusion Detection System GuardDog, other vendors. Software used to detect illicit activity. Data Flood (Amplification, Oscillation, Simple Flooding) Replication and Load Balancing Akami/Digital Island provide content distribution. Extend the volume of content under attack makes it more complicated and harder for attackers to identify services to attack and accomplish complete attacks. Protocol Feature Attacks Extend protocols to support security. IETF standard for itrace, DNS SEC (Internet Engineering Task Force) Trace source/destination packets by a means other than the IP address (blocks against IP address spoofing). DNSSEC would provide authorization and authentication on DNS information. Page 35
  • 36. 3. Distributed Denial-of-service (DDoS)  A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.  DDoS attacks achieve effectiveness by utilizing multiple compromised computer systems as sources of attack traffic.  Exploited machines can include computers and other networked resources such as IoT devices. From a high level, a DDoS attack is like an unexpected traffic jam clogging up the highway, preventing regular traffic from arriving at its destination. 36
  • 37. DDoS Architecture Client Client Handler Handler Handler Handler Agents 37
  • 38. Widely Used DDoS Programs • Trinoo • Tribe Flood Network • TFN2K • stacheldraht (barbed wire) 38
  • 39. 4. What is Buffer Overflow o A buffer is a temporary area for data storage. When more data (than was originally allocated to be stored) gets placed by a program or system process, the extra data overflows. o It causes some of that data to leak out into other buffers, which can corrupt or overwrite whatever data they were holding. 39
  • 40. 40 Cont.. • A buffer overflow, or buffer overrun, is an anomalous condition where a process attempts to store data beyond the boundaries of a fixed-length buffer. • The result is that the extra data overwrites adjacent memory locations. • The overwritten data may include other buffers, variables and program flow data, and may result in erratic program behavior, a memory access exception, program termination (a crash), incorrect results or ― especially if deliberately caused by a malicious user ― a possible breach of system security. • Most common with C/C++ programs
  • 41. Buffer-overflow attack o In a buffer-overflow attack, the extra data sometimes holds specific instructions for actions intended by a hacker or malicious user; for example, the data could trigger a response that damages files, changes data or unveils private information. o Attacker would use a buffer-overflow exploit to take advantage of a program that is waiting on a user’s input. 41
  • 42. Types of buffer overflows There are two types of buffer overflows: stack-based and heap-based. o Heap-based, which are difficult to execute and the least common of the two, attack an application by flooding the memory space reserved for a program. o Stack-based buffer overflows, which are more common among attackers, exploit applications and programs by using what is known as a stack: memory space used to store user input. 42
  • 43. 43 What is needed to understand Buffer Overflow • Understanding C functions and the stack. • Some familiarity with machine code. • Know how systems calls are made. • The exec() system call. • Attacker needs to know which CPU and OS are running on the target machine. – Our examples are for x86 running Linux. – Details vary slightly between CPU’s and OS: • Stack growth direction. • big endian vs. little endian.
  • 45. 45 Some unsafe C lib functions strcpy (char *dest, const char *src) strcat (char *dest, const char *src) gets (char *s) scanf ( const char *format, … ) sprintf (conts char *format, … )
  • 46. 46 Preventing Buffer Overflow Attacks • Use type safe languages (Java) • Use safe library functions • Static source code analysis • Non-executable stack • Run time checking • Address space layout randomization • Detection deviation of program behavior • Access control
  • 47. References Reference Text Books: 1. Karig, David and Ruby Lee. Remote Denial of Service Attacks and Countermeasures, Princeton University Department of Electrical Engineering Technical Report CE-L2001-002, October 2001. 2. C.Easttom, Computer Security Fundamentals, Prentice Hall, May 2005. 3. D. Russell and G.T. Gangemi, Computer Security Basics, OReilly& Associates, 1991. 4. M. Bishop, Computer Security: Art and Science, Addison-Wesley, 2002. 5. S. A. Thomas, SSL and TLS Essentials: Securing the Web, Wiley, 2000. 47