Two Days National Level Workshop on Network Security on Februrary 27th and 28th 2015 organzied by Department of Computer Science, Rathinam College of Arts and Science, Eachanari, Coimbatore.
The sessions are handled by Mr. Neeraj Kumar, Associate Consultant Information and Network Security, UTL Technologies, Banagalore.
The program was organized in association with UTL Technologies, Bangalore.
2. Network Security
• A specialized field in computer networking that
involves securing a computer network infrastructure.
• Network security is typically handled by a network
administrator or system administrator who
implements the security policy, network software and
hardware needed to protect a network.
8. The Art of Breaking In
1) Information Gathering
2) Scanning and Enumeration
3) Breaking In or Gaining Access
4) Privilege Escalation on the victim
5) Post Exploitation cleanup and Backdooring
10. Ways for Information Gathering
• Social Networking websites
• Professional & Business Networking websites
• Job Search websites
• People search websites
• Company websites
• Whois lookup
• Google Hacking
• And many more…
11. Google Hacking
• Google hacking is the use of a search engine, such as
Google, to locate a security vulnerability on the
Internet.
• Using complex search engine queries to get relevant
result in less time.
• There are generally two types of vulnerabilities to be
found on the Web: software vulnerabilities and
misconfigurations.
12. Port Scanning
• Port Scanning is the name for the technique used to
identify open ports and services available on a
network host.
• There are many tools to facilitate port scanning.
• The best tool is NMAP Port Scanner.
13. Packet Sniffers
• Packet sniffers or protocol analyzers are tools that
are commonly used by network technicians to
diagnose network-related problems.
• Packet sniffers can also be used by hackers for less
than noble purposes such as spying on network user
traffic and collecting passwords.
• The best tool is Wireshark.
14. Pivoting
• Attacker does not have direct access to Server 2.
• Attacker first breaks into Server 1 and then uses
Server 1 as a staging point to break into Server 2.
17. What is Penetration Testing?
• Penetration testing, often called “pentesting”, “pen testing”, or
“security testing”, is the practice of attacking your own or your
clients’ IT systems in the same way a hacker would to identify
security holes.
• Of course, you do this without actually harming the network.
The person carrying out a penetration test is called a penetration
tester or pentester.
• Let’s make one thing crystal clear: Penetration testing requires
that you get permission from the person who owns the system.
Otherwise, you would be hacking the system, which is illegal in
most countries.
18. Types of Penetration Testing
Black Box Pentesting: requires no previous
information and usually takes the approach of an
uninformed attacker. In a black box penetration test
the penetration tester has no previous information
about the target system.
White Box Pentesting: is an approach that uses the
knowledge of the internals of the target network that
organization should provide you during the
agreement.
19. Understanding Basic Terms
Vulnerability: A weakness that allows an attacker to
break into and compromise a system’s security.
Exploit: code which allows an attacker to take
advantage of a vulnerable system.
Payload: code that lets you control a computer system
after it’s been exploited.
22. Metasploit Framework
• Tools for development and testing of
vulnerabilities.
• Started by HD Moore in 2003.
• Acquired by Rapid7
• Remains open source and free for
use.
• Written in Ruby
23. Metasploit for Pentesting
• Over 1000 tested exploits
• Over 250 payloads and 28 encoders
• Metasploit offers “Plug & Play” of payloads with
exploits
• Tons of other features for better and faster pentests
25. Malware / Virus
• The term malware is short for "malicious software.“
• Malware refers to any computer program that is
designed to do things that are harmful to or
unwanted by a computer's legitimate user — meaning
you.
• A virus is a programming code that replicates by
being copied or initiating its copying to another
program, computer boot sector or document.
26. Malware / Virus
• Viruses can be transmitted as attachments to an e-
mail or in a downloaded file, or be present on a
pendrive, CD.
• The receiver of the e-mail, downloaded file is usually
unaware that it contains a virus.
27. Backdoor
• A backdoor is a technique in which a system security
mechanism is bypassed undetectably to access a
computer or its data.
• The backdoor access method is sometimes written
by the programmer who develops a program.
28. DoS & DDoS Attack
• It is an attack on the availability of an information
system.
• A denial-of-service (DoS) or distributed denial-of-
service (DDoS) attack is an attempt to make a machine
or network resource unavailable to its intended users.
39. Cryptography
• Cryptography is a method of storing and
transmitting data in a particular form so that only
those for whom it is intended can read and process it.
• Cryptography is the art of converting your
information from human readable form to human
unreadable form.
40. Cryptography
• In Cryptography Human unreadable information is
known as “Cipher Text” or “Encrypted Text”
• In Cryptography Human readable information is
known as “Clear Text” or “Plain Text” or “Decrypted
Text”
41. Cryptography
Encryption: Conversion of information from “Plain-
Text” to “Cipher-Text” is known as encryption, so that
information remains confidential.
Decryption: Conversion of information from “Cipher-
Text” to “Plain-Text” is known as decryption.
43. Steganography
• Steganography is the science of hiding information.
• The purpose of Steganography is covert
communication to hide a message from a third party.
• Examples Hiding a message in a Image
• Hiding a message in a MP3 file.
• Hiding a message in a video file.
47. Web Applications
• A Web application (Web app) is an application
program that is stored on a remote server and
delivered over the Internet through a browser
interface.
• Any application that you access through a web
browser is a web application.
49. Web Application Vulnerabilities
• Web applications suffer from many number of
vulnerabilities.
• SQL Injection
• Cross Site Scripting
• Web Server Misconfigurations
• Insecure protocol usage
• and many more