SlideShare ist ein Scribd-Unternehmen logo

Session Slide

Als PPTX, PDF herunterladen
M
Muralidharan Radhakrishnan

Two Days National Level Workshop on Network Security on Februrary 27th and 28th 2015 organzied by Department of Computer Science, Rathinam College of Arts and Science, Eachanari, Coimbatore. The sessions are handled by Mr. Neeraj Kumar, Associate Consultant Information and Network Security, UTL Technologies, Banagalore. The program was organized in association with UTL Technologies, Bangalore.

Bildung
1 von 50
Network Security Workshop 27th & 28th Feb 2015
Network Security • A specialized field in computer networking that involves securing a computer network infrastructure. • Network security is typically handled by a network administrator or system administrator who implements the security policy, network software and hardware needed to protect a network.
Goals of Network Security
Goals of Network Security
Hacking • Hacking is the process of exploiting vulnerabilities to gain unauthorized access to systems or resources.
Hacktivism
Types of Hackers
The Art of Breaking In 1) Information Gathering 2) Scanning and Enumeration 3) Breaking In or Gaining Access 4) Privilege Escalation on the victim 5) Post Exploitation cleanup and Backdooring
Information Gathering (Footprinting) • Uncovering and collecting as much information as possible about a target network.
Ways for Information Gathering • Social Networking websites • Professional & Business Networking websites • Job Search websites • People search websites • Company websites • Whois lookup • Google Hacking • And many more…
Google Hacking • Google hacking is the use of a search engine, such as Google, to locate a security vulnerability on the Internet. • Using complex search engine queries to get relevant result in less time. • There are generally two types of vulnerabilities to be found on the Web: software vulnerabilities and misconfigurations.
Port Scanning • Port Scanning is the name for the technique used to identify open ports and services available on a network host. • There are many tools to facilitate port scanning. • The best tool is NMAP Port Scanner.
Packet Sniffers • Packet sniffers or protocol analyzers are tools that are commonly used by network technicians to diagnose network-related problems. • Packet sniffers can also be used by hackers for less than noble purposes such as spying on network user traffic and collecting passwords. • The best tool is Wireshark.
Pivoting • Attacker does not have direct access to Server 2. • Attacker first breaks into Server 1 and then uses Server 1 as a staging point to break into Server 2.
Pivoting Attack
Penetration Testing
What is Penetration Testing? • Penetration testing, often called “pentesting”, “pen testing”, or “security testing”, is the practice of attacking your own or your clients’ IT systems in the same way a hacker would to identify security holes. • Of course, you do this without actually harming the network. The person carrying out a penetration test is called a penetration tester or pentester. • Let’s make one thing crystal clear: Penetration testing requires that you get permission from the person who owns the system. Otherwise, you would be hacking the system, which is illegal in most countries.
Types of Penetration Testing Black Box Pentesting: requires no previous information and usually takes the approach of an uninformed attacker. In a black box penetration test the penetration tester has no previous information about the target system. White Box Pentesting: is an approach that uses the knowledge of the internals of the target network that organization should provide you during the agreement.
Understanding Basic Terms Vulnerability: A weakness that allows an attacker to break into and compromise a system’s security. Exploit: code which allows an attacker to take advantage of a vulnerable system. Payload: code that lets you control a computer system after it’s been exploited.
How does Exploitation work ? 1) Vulnerability 2) Exploit 3) Payload
On a more serious note …
Metasploit Framework • Tools for development and testing of vulnerabilities. • Started by HD Moore in 2003. • Acquired by Rapid7 • Remains open source and free for use. • Written in Ruby
Metasploit for Pentesting • Over 1000 tested exploits • Over 250 payloads and 28 encoders • Metasploit offers “Plug & Play” of payloads with exploits • Tons of other features for better and faster pentests
Demo Metasploit • Lab Setup:
Malware / Virus • The term malware is short for "malicious software.“ • Malware refers to any computer program that is designed to do things that are harmful to or unwanted by a computer's legitimate user — meaning you. • A virus is a programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document.
Malware / Virus • Viruses can be transmitted as attachments to an e- mail or in a downloaded file, or be present on a pendrive, CD. • The receiver of the e-mail, downloaded file is usually unaware that it contains a virus.
Backdoor • A backdoor is a technique in which a system security mechanism is bypassed undetectably to access a computer or its data. • The backdoor access method is sometimes written by the programmer who develops a program.
DoS & DDoS Attack • It is an attack on the availability of an information system. • A denial-of-service (DoS) or distributed denial-of- service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users.
TCP 3 Way Handshake
DoS Attack
DDoS Attack
Symptoms of DoS & DDoS Attack
Impact of DDoS Attack
Impact of DDoS Attack
Impact of DDoS Attack
Impact of DDoS Attack
Impact of DDoS Attack
Impact of DDoS Attack
Cryptography • Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. • Cryptography is the art of converting your information from human readable form to human unreadable form.
Cryptography • In Cryptography Human unreadable information is known as “Cipher Text” or “Encrypted Text” • In Cryptography Human readable information is known as “Clear Text” or “Plain Text” or “Decrypted Text”
Cryptography Encryption: Conversion of information from “Plain- Text” to “Cipher-Text” is known as encryption, so that information remains confidential. Decryption: Conversion of information from “Cipher- Text” to “Plain-Text” is known as decryption.
Popular Cryptographic Encryption Algorithms • AES • DES • 3DES • RC2 • RC4 • Blowfish
Steganography • Steganography is the science of hiding information. • The purpose of Steganography is covert communication to hide a message from a third party. • Examples Hiding a message in a Image • Hiding a message in a MP3 file. • Hiding a message in a video file.
Image Steganography
Image Steganography
Image Steganography in Terrorism
Web Applications • A Web application (Web app) is an application program that is stored on a remote server and delivered over the Internet through a browser interface. • Any application that you access through a web browser is a web application.
Web Application Architecture
Web Application Vulnerabilities • Web applications suffer from many number of vulnerabilities. • SQL Injection • Cross Site Scripting • Web Server Misconfigurations • Insecure protocol usage • and many more
Thank you !

Empfohlen

Network sec 1
Network sec 1Network sec 1
Network sec 1Jasleen Kaur
 
Cyber security
Cyber securityCyber security
Cyber securityJahirUddinKomol
 
Spamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSpamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSyed Ali Mujtaba Jaffary
 
Incident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresIncident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresJose L. Quiñones-Borrero
 
Cs8792 cns - unit v
Cs8792 cns - unit vCs8792 cns - unit v
Cs8792 cns - unit vArthyR3
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testingAbdul Rahman
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentalsManesh T
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & AttacksNetwax Lab
 

Empfohlen

Network sec 1
Network sec 1Network sec 1
Network sec 1Jasleen Kaur
 
Cyber security
Cyber securityCyber security
Cyber securityJahirUddinKomol
 
Spamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSpamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSyed Ali Mujtaba Jaffary
 
Incident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresIncident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresJose L. Quiñones-Borrero
 
Cs8792 cns - unit v
Cs8792 cns - unit vCs8792 cns - unit v
Cs8792 cns - unit vArthyR3
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testingAbdul Rahman
 
Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentalsManesh T
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & AttacksNetwax Lab
 
Types of Attack in Information and Network Security
Types of Attack in Information and Network SecurityTypes of Attack in Information and Network Security
Types of Attack in Information and Network Securitypadmeshagrekar
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksSam Bowne
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCUJose L. Quiñones-Borrero
 
CNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking OverviewCNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking OverviewSam Bowne
 
Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0Q Fadlan
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics IntroJake K.
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasureskaranwayne
 
Certified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book SummaryCertified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book Summaryudemy course
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical HackingViral Parmar
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKSShaurya Gogia
 
Cyber Security: Trends and Globar War
Cyber Security: Trends and Globar WarCyber Security: Trends and Globar War
Cyber Security: Trends and Globar WarNasir Bhutta
 
CNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksCNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksSam Bowne
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9koolkampus
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Intruders detection
Intruders detectionIntruders detection
Intruders detectionEhtisham Ali
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network securityNEHA PATEL
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksInformation Technology
 
Introduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivismIntroduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivismGlobal Micro Solutions
 
VB6 Using ADO Data Control
VB6 Using ADO Data ControlVB6 Using ADO Data Control
VB6 Using ADO Data ControlNotre Dame of Midsayap College
 
ADO CONTROLS - Database usage
ADO CONTROLS - Database usageADO CONTROLS - Database usage
ADO CONTROLS - Database usageMuralidharan Radhakrishnan
 

Weitere ähnliche Inhalte

Was ist angesagt?

Types of Attack in Information and Network Security
Types of Attack in Information and Network SecurityTypes of Attack in Information and Network Security
Types of Attack in Information and Network Securitypadmeshagrekar
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksSam Bowne
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
 
CNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking OverviewCNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking OverviewSam Bowne
 
Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0Q Fadlan
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1limsh
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics IntroJake K.
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasureskaranwayne
 
Certified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book SummaryCertified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book Summaryudemy course
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical HackingViral Parmar
 
Cyber Security: Trends and Globar War
Cyber Security: Trends and Globar WarCyber Security: Trends and Globar War
Cyber Security: Trends and Globar WarNasir Bhutta
 
CNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksCNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksSam Bowne
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9koolkampus
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Intruders detection
Intruders detectionIntruders detection
Intruders detectionEhtisham Ali
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network securityNEHA PATEL
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksInformation Technology
 
Introduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivismIntroduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivismGlobal Micro Solutions
 

Was ist angesagt? (20)

Types of Attack in Information and Network Security
Types of Attack in Information and Network SecurityTypes of Attack in Information and Network Security
Types of Attack in Information and Network Security
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer Attacks
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network Attacks
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCU
 
CNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking OverviewCNIT 123 Ch 1: Ethical Hacking Overview
CNIT 123 Ch 1: Ethical Hacking Overview
 
Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0
 
BAIT1103 Chapter 1
BAIT1103 Chapter 1BAIT1103 Chapter 1
BAIT1103 Chapter 1
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics Intro
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasures
 
Certified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book SummaryCertified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book Summary
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical Hacking
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKS
 
Cyber Security: Trends and Globar War
Cyber Security: Trends and Globar WarCyber Security: Trends and Globar War
Cyber Security: Trends and Globar War
 
CNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksCNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer Attacks
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
 
Intruders detection
Intruders detectionIntruders detection
Intruders detection
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network security
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and Attacks
 
Introduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivismIntroduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivism
 

Andere mochten auch

ADO Controls - Database Usage from Exploring MS Visual Basic 6.0 Book
ADO Controls - Database Usage from Exploring MS Visual Basic 6.0 BookADO Controls - Database Usage from Exploring MS Visual Basic 6.0 Book
ADO Controls - Database Usage from Exploring MS Visual Basic 6.0 BookMuralidharan Radhakrishnan
 
Tutorial 7 - Wireless Networking and Security
Tutorial 7 - Wireless Networking and SecurityTutorial 7 - Wireless Networking and Security
Tutorial 7 - Wireless Networking and Securitydpd
 
CS4443 - Modern Programming Language - I Lecture (1)
CS4443 - Modern Programming Language - I Lecture (1)CS4443 - Modern Programming Language - I Lecture (1)
CS4443 - Modern Programming Language - I Lecture (1)Dilawar Khan
 
assembly language programming and organization of IBM PC" by YTHA YU
assembly language programming and organization of IBM PC" by YTHA YUassembly language programming and organization of IBM PC" by YTHA YU
assembly language programming and organization of IBM PC" by YTHA YUEducation
 
Micro hydro power plant final 1
Micro hydro power plant final 1Micro hydro power plant final 1
Micro hydro power plant final 1richa khatri
 
Microprocessor chapter 9 - assembly language programming
Microprocessor chapter 9 - assembly language programmingMicroprocessor chapter 9 - assembly language programming
Microprocessor chapter 9 - assembly language programmingWondeson Emeye
 
It essentials pc hardware and software overview
It essentials pc hardware and software overviewIt essentials pc hardware and software overview
It essentials pc hardware and software overviewAhmed Sultan
 
C Programming Language Tutorial for beginners - JavaTpoint
C Programming Language Tutorial for beginners - JavaTpointC Programming Language Tutorial for beginners - JavaTpoint
C Programming Language Tutorial for beginners - JavaTpointJavaTpoint.Com
 
Hydro power ppt
Hydro power pptHydro power ppt
Hydro power pptsrgirlsdk
 
Active directory
Active directory Active directory
Active directory deshvikas
 
Computer hardware presentation
Computer hardware presentationComputer hardware presentation
Computer hardware presentationJisu Dasgupta
 
Networking devices
Networking devicesNetworking devices
Networking devicesrupinderj
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
Introduction to computer hardware
Introduction to computer hardwareIntroduction to computer hardware
Introduction to computer hardwaremite6025.hku
 

Andere mochten auch (20)

VB6 Using ADO Data Control
VB6 Using ADO Data ControlVB6 Using ADO Data Control
VB6 Using ADO Data Control
 
ADO CONTROLS - Database usage
ADO CONTROLS - Database usageADO CONTROLS - Database usage
ADO CONTROLS - Database usage
 
ADO Controls - Database Usage from Exploring MS Visual Basic 6.0 Book
ADO Controls - Database Usage from Exploring MS Visual Basic 6.0 BookADO Controls - Database Usage from Exploring MS Visual Basic 6.0 Book
ADO Controls - Database Usage from Exploring MS Visual Basic 6.0 Book
 
IT Essentials Chapter 9
IT Essentials Chapter 9IT Essentials Chapter 9
IT Essentials Chapter 9
 
Tutorial 7 - Wireless Networking and Security
Tutorial 7 - Wireless Networking and SecurityTutorial 7 - Wireless Networking and Security
Tutorial 7 - Wireless Networking and Security
 
CS4443 - Modern Programming Language - I Lecture (1)
CS4443 - Modern Programming Language - I Lecture (1)CS4443 - Modern Programming Language - I Lecture (1)
CS4443 - Modern Programming Language - I Lecture (1)
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
 
assembly language programming and organization of IBM PC" by YTHA YU
assembly language programming and organization of IBM PC" by YTHA YUassembly language programming and organization of IBM PC" by YTHA YU
assembly language programming and organization of IBM PC" by YTHA YU
 
Micro hydro power plant final 1
Micro hydro power plant final 1Micro hydro power plant final 1
Micro hydro power plant final 1
 
Microprocessor chapter 9 - assembly language programming
Microprocessor chapter 9 - assembly language programmingMicroprocessor chapter 9 - assembly language programming
Microprocessor chapter 9 - assembly language programming
 
It essentials pc hardware and software overview
It essentials pc hardware and software overviewIt essentials pc hardware and software overview
It essentials pc hardware and software overview
 
Hydro power presentation
Hydro power presentationHydro power presentation
Hydro power presentation
 
C Programming Language Tutorial for beginners - JavaTpoint
C Programming Language Tutorial for beginners - JavaTpointC Programming Language Tutorial for beginners - JavaTpoint
C Programming Language Tutorial for beginners - JavaTpoint
 
Hydro power ppt
Hydro power pptHydro power ppt
Hydro power ppt
 
Active directory
Active directory Active directory
Active directory
 
Computer hardware presentation
Computer hardware presentationComputer hardware presentation
Computer hardware presentation
 
Networking devices
Networking devicesNetworking devices
Networking devices
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
Network security
Network securityNetwork security
Network security
 
Introduction to computer hardware
Introduction to computer hardwareIntroduction to computer hardware
Introduction to computer hardware
 

Ähnlich wie Session Slide

Ethical hacking and cyber security intro
Ethical hacking and cyber security introEthical hacking and cyber security intro
Ethical hacking and cyber security introAbhilash Ak
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxvamshimatangi
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.Ankur Kumar
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolschrizjohn896
 
building foundation for ethical hacking.ppt
building foundation for ethical hacking.pptbuilding foundation for ethical hacking.ppt
building foundation for ethical hacking.pptShivaniSingha1
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hackingankit sarode
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationJoshua Prince
 
cyber sequirety Terms.pptx
cyber sequirety Terms.pptxcyber sequirety Terms.pptx
cyber sequirety Terms.pptxAritMistri1
 
Introduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf fileIntroduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf filedebmajumder741249
 
ethical hacking.pptx
ethical hacking.pptxethical hacking.pptx
ethical hacking.pptxdaxgame
 
Ethical Hacking Redefined
Ethical Hacking RedefinedEthical Hacking Redefined
Ethical Hacking RedefinedPawan Patil
 

Ähnlich wie Session Slide (20)

Ethical hacking and cyber security intro
Ethical hacking and cyber security introEthical hacking and cyber security intro
Ethical hacking and cyber security intro
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptx
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and tools
 
building foundation for ethical hacking.ppt
building foundation for ethical hacking.pptbuilding foundation for ethical hacking.ppt
building foundation for ethical hacking.ppt
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
 
Botnets Attacks.pptx
Botnets Attacks.pptxBotnets Attacks.pptx
Botnets Attacks.pptx
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
 
Types of attack -Part2
Types of attack -Part2Types of attack -Part2
Types of attack -Part2
 
cyber sequirety Terms.pptx
cyber sequirety Terms.pptxcyber sequirety Terms.pptx
cyber sequirety Terms.pptx
 
Computer security
Computer securityComputer security
Computer security
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
Introduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf fileIntroduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf file
 
ethical hacking.pptx
ethical hacking.pptxethical hacking.pptx
ethical hacking.pptx
 
sourabh_sipPPT.pptx
sourabh_sipPPT.pptxsourabh_sipPPT.pptx
sourabh_sipPPT.pptx
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Ethical Hacking Redefined
Ethical Hacking RedefinedEthical Hacking Redefined
Ethical Hacking Redefined
 

Kürzlich hochgeladen

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 

Kürzlich hochgeladen (20)

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 

Session Slide

  • 2. Network Security • A specialized field in computer networking that involves securing a computer network infrastructure. • Network security is typically handled by a network administrator or system administrator who implements the security policy, network software and hardware needed to protect a network.
  • 3. Goals of Network Security
  • 4. Goals of Network Security
  • 5. Hacking • Hacking is the process of exploiting vulnerabilities to gain unauthorized access to systems or resources.
  • 8. The Art of Breaking In 1) Information Gathering 2) Scanning and Enumeration 3) Breaking In or Gaining Access 4) Privilege Escalation on the victim 5) Post Exploitation cleanup and Backdooring
  • 9. Information Gathering (Footprinting) • Uncovering and collecting as much information as possible about a target network.
  • 10. Ways for Information Gathering • Social Networking websites • Professional & Business Networking websites • Job Search websites • People search websites • Company websites • Whois lookup • Google Hacking • And many more…
  • 11. Google Hacking • Google hacking is the use of a search engine, such as Google, to locate a security vulnerability on the Internet. • Using complex search engine queries to get relevant result in less time. • There are generally two types of vulnerabilities to be found on the Web: software vulnerabilities and misconfigurations.
  • 12. Port Scanning • Port Scanning is the name for the technique used to identify open ports and services available on a network host. • There are many tools to facilitate port scanning. • The best tool is NMAP Port Scanner.
  • 13. Packet Sniffers • Packet sniffers or protocol analyzers are tools that are commonly used by network technicians to diagnose network-related problems. • Packet sniffers can also be used by hackers for less than noble purposes such as spying on network user traffic and collecting passwords. • The best tool is Wireshark.
  • 14. Pivoting • Attacker does not have direct access to Server 2. • Attacker first breaks into Server 1 and then uses Server 1 as a staging point to break into Server 2.
  • 17. What is Penetration Testing? • Penetration testing, often called “pentesting”, “pen testing”, or “security testing”, is the practice of attacking your own or your clients’ IT systems in the same way a hacker would to identify security holes. • Of course, you do this without actually harming the network. The person carrying out a penetration test is called a penetration tester or pentester. • Let’s make one thing crystal clear: Penetration testing requires that you get permission from the person who owns the system. Otherwise, you would be hacking the system, which is illegal in most countries.
  • 18. Types of Penetration Testing Black Box Pentesting: requires no previous information and usually takes the approach of an uninformed attacker. In a black box penetration test the penetration tester has no previous information about the target system. White Box Pentesting: is an approach that uses the knowledge of the internals of the target network that organization should provide you during the agreement.
  • 19. Understanding Basic Terms Vulnerability: A weakness that allows an attacker to break into and compromise a system’s security. Exploit: code which allows an attacker to take advantage of a vulnerable system. Payload: code that lets you control a computer system after it’s been exploited.
  • 20. How does Exploitation work ? 1) Vulnerability 2) Exploit 3) Payload
  • 21. On a more serious note …
  • 22. Metasploit Framework • Tools for development and testing of vulnerabilities. • Started by HD Moore in 2003. • Acquired by Rapid7 • Remains open source and free for use. • Written in Ruby
  • 23. Metasploit for Pentesting • Over 1000 tested exploits • Over 250 payloads and 28 encoders • Metasploit offers “Plug & Play” of payloads with exploits • Tons of other features for better and faster pentests
  • 25. Malware / Virus • The term malware is short for "malicious software.“ • Malware refers to any computer program that is designed to do things that are harmful to or unwanted by a computer's legitimate user — meaning you. • A virus is a programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document.
  • 26. Malware / Virus • Viruses can be transmitted as attachments to an e- mail or in a downloaded file, or be present on a pendrive, CD. • The receiver of the e-mail, downloaded file is usually unaware that it contains a virus.
  • 27. Backdoor • A backdoor is a technique in which a system security mechanism is bypassed undetectably to access a computer or its data. • The backdoor access method is sometimes written by the programmer who develops a program.
  • 28. DoS & DDoS Attack • It is an attack on the availability of an information system. • A denial-of-service (DoS) or distributed denial-of- service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users.
  • 29. TCP 3 Way Handshake
  • 32. Symptoms of DoS & DDoS Attack
  • 33. Impact of DDoS Attack
  • 34. Impact of DDoS Attack
  • 35. Impact of DDoS Attack
  • 36. Impact of DDoS Attack
  • 37. Impact of DDoS Attack
  • 38. Impact of DDoS Attack
  • 39. Cryptography • Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. • Cryptography is the art of converting your information from human readable form to human unreadable form.
  • 40. Cryptography • In Cryptography Human unreadable information is known as “Cipher Text” or “Encrypted Text” • In Cryptography Human readable information is known as “Clear Text” or “Plain Text” or “Decrypted Text”
  • 41. Cryptography Encryption: Conversion of information from “Plain- Text” to “Cipher-Text” is known as encryption, so that information remains confidential. Decryption: Conversion of information from “Cipher- Text” to “Plain-Text” is known as decryption.
  • 42. Popular Cryptographic Encryption Algorithms • AES • DES • 3DES • RC2 • RC4 • Blowfish
  • 43. Steganography • Steganography is the science of hiding information. • The purpose of Steganography is covert communication to hide a message from a third party. • Examples Hiding a message in a Image • Hiding a message in a MP3 file. • Hiding a message in a video file.
  • 47. Web Applications • A Web application (Web app) is an application program that is stored on a remote server and delivered over the Internet through a browser interface. • Any application that you access through a web browser is a web application.
  • 49. Web Application Vulnerabilities • Web applications suffer from many number of vulnerabilities. • SQL Injection • Cross Site Scripting • Web Server Misconfigurations • Insecure protocol usage • and many more