SlideShare ist ein Scribd-Unternehmen logo

Digital Immunity -The Myths and Reality

A
amiable_indian

Digital Immunity -The Myths and Reality From Christine M. Orshesky

Technologie
1 von 39
Digital Immunity The Myths and Reality Cornell University 27 June 2002 Christine M. Orshesky, CISSP, CQA
Topics for Discussion ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
What is Malware? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Virus – Defined ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Virus Infection Process Ensures virus executes before original executable Pre-pend Append PE Infector Overwrite
Types of Viruses ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Virus - Example ,[object Object],[object Object],[object Object],[object Object]
Worm - Defined ,[object Object],[object Object],[object Object],[object Object],[object Object]
Worm - Example ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Trojan horse – Defined ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Trojan horse - Examples ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Joke Program – Defined ,[object Object],[object Object],[object Object]
Joke Program – Example ,[object Object],[object Object],[object Object],[object Object]
Hoax – Defined ,[object Object],[object Object],[object Object],[object Object]
Hoax - Example ,[object Object],[object Object],[object Object]
Logic Bomb – Defined ,[object Object],[object Object],[object Object]
Logic Bomb – Example ,[object Object],[object Object]
Internet Threats ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Exposures ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Propagation Requirements ,[object Object],- Fred Cohen Short Course on Computer Viruses, 2 nd Edition
Propagation Requirements ,[object Object],[object Object],[object Object],[object Object]
Propagation ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
How Fast Do They Spread? Source: ICSA/TruSecure 22 minutes 2001 E-mail enabled script NIMDA 5 hours 2000 E-mail enabled script LoveLetter 4 days 1999 E-mail enabled word macro Melissa 4 months 1995 Word Macro Concept 3 years 1990 Boot Sector Form Time to #1 Year Type Malware
Concealment Techniques ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Impact and Effects ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Impact and Effects (concluded) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Incident Management Model ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Response Team Members ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Incident Management Model (continued) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Tools ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Techniques ,[object Object],[object Object],[object Object]
Sample Message Header From: stranger <stranger@yahoo.com> To: bluminx @hotmail.com Subject: Worm Klez.E immunity Date: Thu, 13 Jun 2002 09:39:56 -0400 MIME-Version: 1.0 Received: from [63.117.44.150] by hotmail.com (3.2) with ESMTP id MHotMailBED1EBAB002B400431923F752C9606970; Thu, 13 Jun 2002 06:39:59 -0700 Received: from Zkprhj [216.54.110.216] by mail.atel.net  (SMTPD32-6.06) id A08E53F007E; Thu, 13 Jun 2002 09:39:26 -0400 From [email_address] Thu, 13 Jun 2002 06:41:03 -0700 Message-Id: <200206130939556.SM02700@Zkprhj>
Incident Management Model (continued) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Incident Management Model (concluded) ,[object Object],[object Object],[object Object],[object Object],[object Object]
Demonstration ,[object Object],[object Object],[object Object]
Summary ,[object Object],[object Object],[object Object],[object Object]
Some Information Resources ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Additional Resources ,[object Object],[object Object],[object Object],[object Object],[object Object]
End of Presentation ,[object Object]

Empfohlen

CSE Final Year Project Presentation on Android Application
CSE Final Year Project Presentation on Android ApplicationCSE Final Year Project Presentation on Android Application
CSE Final Year Project Presentation on Android ApplicationAhammad Karim
 
Top 45 interactive brokers interview questions and answers pdf
Top 45 interactive brokers interview questions and answers pdfTop 45 interactive brokers interview questions and answers pdf
Top 45 interactive brokers interview questions and answers pdfselinasimpson228
 
Historical development of cloud computing
Historical development of cloud computingHistorical development of cloud computing
Historical development of cloud computinggaurav jain
 
Introduction to php
Introduction to phpIntroduction to php
Introduction to phpTaha Malampatti
 
Ppt for Online music store
Ppt for Online music storePpt for Online music store
Ppt for Online music storeADEEBANADEEM
 
Fingerprint based transaction system
Fingerprint based transaction systemFingerprint based transaction system
Fingerprint based transaction systemsagar solanky
 
Cloud deployment models
Cloud deployment modelsCloud deployment models
Cloud deployment modelsAshok Kumar
 
Steganography Project
Steganography Project Steganography Project
Steganography Project Jitu Choudhary
 

Empfohlen

CSE Final Year Project Presentation on Android Application
CSE Final Year Project Presentation on Android ApplicationCSE Final Year Project Presentation on Android Application
CSE Final Year Project Presentation on Android ApplicationAhammad Karim
 
Top 45 interactive brokers interview questions and answers pdf
Top 45 interactive brokers interview questions and answers pdfTop 45 interactive brokers interview questions and answers pdf
Top 45 interactive brokers interview questions and answers pdfselinasimpson228
 
Historical development of cloud computing
Historical development of cloud computingHistorical development of cloud computing
Historical development of cloud computinggaurav jain
 
Introduction to php
Introduction to phpIntroduction to php
Introduction to phpTaha Malampatti
 
Ppt for Online music store
Ppt for Online music storePpt for Online music store
Ppt for Online music storeADEEBANADEEM
 
Fingerprint based transaction system
Fingerprint based transaction systemFingerprint based transaction system
Fingerprint based transaction systemsagar solanky
 
Cloud deployment models
Cloud deployment modelsCloud deployment models
Cloud deployment modelsAshok Kumar
 
Steganography Project
Steganography Project Steganography Project
Steganography Project Jitu Choudhary
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing pptDatta Dharanikota
 
OpenGL Mini Projects With Source Code [ Computer Graphics ]
OpenGL Mini Projects With Source Code [ Computer Graphics ]OpenGL Mini Projects With Source Code [ Computer Graphics ]
OpenGL Mini Projects With Source Code [ Computer Graphics ]Daffodil International University
 
Human activity recognition
Human activity recognition Human activity recognition
Human activity recognition srikanthgadam
 
Google App Engine
Google App EngineGoogle App Engine
Google App EngineSoftware Park Thailand
 
Introduction to Google App Engine
Introduction to Google App EngineIntroduction to Google App Engine
Introduction to Google App Enginerajdeep
 
20 Latest Computer Science Seminar Topics on Emerging Technologies
20 Latest Computer Science Seminar Topics on Emerging Technologies20 Latest Computer Science Seminar Topics on Emerging Technologies
20 Latest Computer Science Seminar Topics on Emerging TechnologiesSeminar Links
 
Hand gesture recognition
Hand gesture recognitionHand gesture recognition
Hand gesture recognitionbakhti rahman
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureAdarsh Kumar Yadav
 
Virtualization
VirtualizationVirtualization
VirtualizationSrisailam Reddy Kanapuram
 
KaGemCo - Mobile Recharge System
KaGemCo - Mobile Recharge SystemKaGemCo - Mobile Recharge System
KaGemCo - Mobile Recharge SystemPanos Gemos
 
Safety app for woman
Safety app for womanSafety app for woman
Safety app for womanSMNajrulHowlader
 
Internship report
Internship reportInternship report
Internship reportSabana Maharjan
 
Cloud operating system
Cloud operating systemCloud operating system
Cloud operating systemsadak pramodh
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
Edge Computing
Edge ComputingEdge Computing
Edge ComputingChetan Kumar S
 
Introduction to Amazon Web Services
Introduction to Amazon Web ServicesIntroduction to Amazon Web Services
Introduction to Amazon Web ServicesAmazon Web Services
 
Ajax ppt
Ajax pptAjax ppt
Ajax pptOECLIB Odisha Electronics Control Library
 
Cloud computing notes
Cloud computing notesCloud computing notes
Cloud computing notesSrinivasa Rao
 
Virtualization in cloud computing
Virtualization in cloud computingVirtualization in cloud computing
Virtualization in cloud computingMohammad Ilyas Malik
 
cloud computing:Types of virtualization
cloud computing:Types of virtualizationcloud computing:Types of virtualization
cloud computing:Types of virtualizationDr.Neeraj Kumar Pandey
 
Malware, Trojans and Slurpware
Malware, Trojans and SlurpwareMalware, Trojans and Slurpware
Malware, Trojans and SlurpwareVarun Arora
 
Security
Security Security
Security chian417
 

Weitere ähnliche Inhalte

Was ist angesagt?

OpenGL Mini Projects With Source Code [ Computer Graphics ]
OpenGL Mini Projects With Source Code [ Computer Graphics ]OpenGL Mini Projects With Source Code [ Computer Graphics ]
OpenGL Mini Projects With Source Code [ Computer Graphics ]Daffodil International University
 
Human activity recognition
Human activity recognition Human activity recognition
Human activity recognition srikanthgadam
 
Introduction to Google App Engine
Introduction to Google App EngineIntroduction to Google App Engine
Introduction to Google App Enginerajdeep
 
20 Latest Computer Science Seminar Topics on Emerging Technologies
20 Latest Computer Science Seminar Topics on Emerging Technologies20 Latest Computer Science Seminar Topics on Emerging Technologies
20 Latest Computer Science Seminar Topics on Emerging TechnologiesSeminar Links
 
Hand gesture recognition
Hand gesture recognitionHand gesture recognition
Hand gesture recognitionbakhti rahman
 
KaGemCo - Mobile Recharge System
KaGemCo - Mobile Recharge SystemKaGemCo - Mobile Recharge System
KaGemCo - Mobile Recharge SystemPanos Gemos
 
Cloud operating system
Cloud operating systemCloud operating system
Cloud operating systemsadak pramodh
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
Introduction to Amazon Web Services
Introduction to Amazon Web ServicesIntroduction to Amazon Web Services
Introduction to Amazon Web ServicesAmazon Web Services
 
Cloud computing notes
Cloud computing notesCloud computing notes
Cloud computing notesSrinivasa Rao
 
cloud computing:Types of virtualization
cloud computing:Types of virtualizationcloud computing:Types of virtualization
cloud computing:Types of virtualizationDr.Neeraj Kumar Pandey
 

Was ist angesagt? (20)

Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing ppt
 
OpenGL Mini Projects With Source Code [ Computer Graphics ]
OpenGL Mini Projects With Source Code [ Computer Graphics ]OpenGL Mini Projects With Source Code [ Computer Graphics ]
OpenGL Mini Projects With Source Code [ Computer Graphics ]
 
Human activity recognition
Human activity recognition Human activity recognition
Human activity recognition
 
Google App Engine
Google App EngineGoogle App Engine
Google App Engine
 
Introduction to Google App Engine
Introduction to Google App EngineIntroduction to Google App Engine
Introduction to Google App Engine
 
20 Latest Computer Science Seminar Topics on Emerging Technologies
20 Latest Computer Science Seminar Topics on Emerging Technologies20 Latest Computer Science Seminar Topics on Emerging Technologies
20 Latest Computer Science Seminar Topics on Emerging Technologies
 
Hand gesture recognition
Hand gesture recognitionHand gesture recognition
Hand gesture recognition
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Virtualization
VirtualizationVirtualization
Virtualization
 
KaGemCo - Mobile Recharge System
KaGemCo - Mobile Recharge SystemKaGemCo - Mobile Recharge System
KaGemCo - Mobile Recharge System
 
Safety app for woman
Safety app for womanSafety app for woman
Safety app for woman
 
Internship report
Internship reportInternship report
Internship report
 
Cloud operating system
Cloud operating systemCloud operating system
Cloud operating system
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Edge Computing
Edge ComputingEdge Computing
Edge Computing
 
Introduction to Amazon Web Services
Introduction to Amazon Web ServicesIntroduction to Amazon Web Services
Introduction to Amazon Web Services
 
Ajax ppt
Ajax pptAjax ppt
Ajax ppt
 
Cloud computing notes
Cloud computing notesCloud computing notes
Cloud computing notes
 
Virtualization in cloud computing
Virtualization in cloud computingVirtualization in cloud computing
Virtualization in cloud computing
 
cloud computing:Types of virtualization
cloud computing:Types of virtualizationcloud computing:Types of virtualization
cloud computing:Types of virtualization
 

Andere mochten auch

Malware, Trojans and Slurpware
Malware, Trojans and SlurpwareMalware, Trojans and Slurpware
Malware, Trojans and SlurpwareVarun Arora
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoorsShrey Vyas
 
Data security in data communication
Data security in data communicationData security in data communication
Data security in data communicationMohd Arif
 
Security in Data Communication and Networking
Security in Data Communication and NetworkingSecurity in Data Communication and Networking
Security in Data Communication and NetworkingZahidul Hossain
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoorsGaurav Dalvi
 
1 security goals
1 security goals1 security goals
1 security goalsdrewz lin
 
File Transfer Protocol
File Transfer ProtocolFile Transfer Protocol
File Transfer ProtocolVinh Nguyen
 
Congestion Control in Networks
Congestion Control in NetworksCongestion Control in Networks
Congestion Control in Networksrapatil
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threadssrivijaymanickam
 
What is Next-Generation Antivirus?
What is Next-Generation Antivirus?What is Next-Generation Antivirus?
What is Next-Generation Antivirus?Ryan G. Murphy
 
Tcp Congestion Avoidance
Tcp Congestion AvoidanceTcp Congestion Avoidance
Tcp Congestion AvoidanceRam Dutt Shukla
 
Protocolo SMTP (Simple Mail Transfer Protocol)
Protocolo SMTP (Simple Mail Transfer Protocol)Protocolo SMTP (Simple Mail Transfer Protocol)
Protocolo SMTP (Simple Mail Transfer Protocol)Luis Alfredo Sanchez
 
Ftp (file transfer protocol)
Ftp (file transfer protocol)Ftp (file transfer protocol)
Ftp (file transfer protocol)Raghu nath
 
Congestion control
Congestion controlCongestion control
Congestion controlAbhay Pai
 

Andere mochten auch (20)

Malware, Trojans and Slurpware
Malware, Trojans and SlurpwareMalware, Trojans and Slurpware
Malware, Trojans and Slurpware
 
Security
Security Security
Security
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
 
Unit 2
Unit 2Unit 2
Unit 2
 
Data security in data communication
Data security in data communicationData security in data communication
Data security in data communication
 
Security in Data Communication and Networking
Security in Data Communication and NetworkingSecurity in Data Communication and Networking
Security in Data Communication and Networking
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoors
 
1 security goals
1 security goals1 security goals
1 security goals
 
Anti virus
Anti virusAnti virus
Anti virus
 
File Transfer Protocol
File Transfer ProtocolFile Transfer Protocol
File Transfer Protocol
 
Congestion Control in Networks
Congestion Control in NetworksCongestion Control in Networks
Congestion Control in Networks
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threads
 
What is Next-Generation Antivirus?
What is Next-Generation Antivirus?What is Next-Generation Antivirus?
What is Next-Generation Antivirus?
 
Tcp Congestion Avoidance
Tcp Congestion AvoidanceTcp Congestion Avoidance
Tcp Congestion Avoidance
 
Telnet
TelnetTelnet
Telnet
 
TelNet
TelNetTelNet
TelNet
 
Congestion Control
Congestion ControlCongestion Control
Congestion Control
 
Protocolo SMTP (Simple Mail Transfer Protocol)
Protocolo SMTP (Simple Mail Transfer Protocol)Protocolo SMTP (Simple Mail Transfer Protocol)
Protocolo SMTP (Simple Mail Transfer Protocol)
 
Ftp (file transfer protocol)
Ftp (file transfer protocol)Ftp (file transfer protocol)
Ftp (file transfer protocol)
 
Congestion control
Congestion controlCongestion control
Congestion control
 

Ähnlich wie Digital Immunity -The Myths and Reality

(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious CodeSatria Ady Pradana
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Satria Ady Pradana
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & preventionPriSim
 
Ne Course Part One
Ne Course Part OneNe Course Part One
Ne Course Part Onebackdoor
 
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric VanderburgEthical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric VanderburgEric Vanderburg
 
Malicious software
Malicious softwareMalicious software
Malicious softwaremsdeepika
 
Introduction to Computer Virus
Introduction to Computer VirusIntroduction to Computer Virus
Introduction to Computer VirusImtiaz Ahmed
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityLumension
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyOPSWAT
 
Presentation2
Presentation2Presentation2
Presentation2Jeslynn
 
4 threatsandvulnerabilities
4 threatsandvulnerabilities4 threatsandvulnerabilities
4 threatsandvulnerabilitiesricharddxd
 
How to Protect your PC from Malware
How to Protect your PC from MalwareHow to Protect your PC from Malware
How to Protect your PC from Malwareaaberra
 
Types of malicious software and remedies
Types of malicious software and remediesTypes of malicious software and remedies
Types of malicious software and remediesManish Kumar
 

Ähnlich wie Digital Immunity -The Myths and Reality (20)

NetWitness
NetWitnessNetWitness
NetWitness
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)
 
Ch19
Ch19Ch19
Ch19
 
Unit - 5.ppt
Unit - 5.pptUnit - 5.ppt
Unit - 5.ppt
 
Mitppt
MitpptMitppt
Mitppt
 
Network Attacks
Network AttacksNetwork Attacks
Network Attacks
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 
Ne Course Part One
Ne Course Part OneNe Course Part One
Ne Course Part One
 
Final malacious softwares
Final malacious softwaresFinal malacious softwares
Final malacious softwares
 
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric VanderburgEthical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
 
Computer crimes
Computer crimesComputer crimes
Computer crimes
 
Malicious software
Malicious softwareMalicious software
Malicious software
 
Introduction to Computer Virus
Introduction to Computer VirusIntroduction to Computer Virus
Introduction to Computer Virus
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint Security
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny Czarny
 
Presentation2
Presentation2Presentation2
Presentation2
 
4 threatsandvulnerabilities
4 threatsandvulnerabilities4 threatsandvulnerabilities
4 threatsandvulnerabilities
 
How to Protect your PC from Malware
How to Protect your PC from MalwareHow to Protect your PC from Malware
How to Protect your PC from Malware
 
Types of malicious software and remedies
Types of malicious software and remediesTypes of malicious software and remedies
Types of malicious software and remedies
 

Mehr von amiable_indian

Phishing As Tragedy of the Commons
Phishing As Tragedy of the CommonsPhishing As Tragedy of the Commons
Phishing As Tragedy of the Commonsamiable_indian
 
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art amiable_indian
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentestersamiable_indian
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...amiable_indian
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CDamiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writersamiable_indian
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in Indiaamiable_indian
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyamiable_indian
 
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure CodingReverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Codingamiable_indian
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learnedamiable_indian
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissectedamiable_indian
 
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to ImmunityImmune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunityamiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writersamiable_indian
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecuritiesamiable_indian
 
Web Exploit Finder Presentation
Web Exploit Finder PresentationWeb Exploit Finder Presentation
Web Exploit Finder Presentationamiable_indian
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualizationamiable_indian
 
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization amiable_indian
 
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over TimeTop Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Timeamiable_indian
 
What are the Business Security Metrics?
What are the Business Security Metrics? What are the Business Security Metrics?
What are the Business Security Metrics? amiable_indian
 

Mehr von amiable_indian (20)

Phishing As Tragedy of the Commons
Phishing As Tragedy of the CommonsPhishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
 
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentesters
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in India
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
 
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure CodingReverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
 
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to ImmunityImmune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
 
Web Exploit Finder Presentation
Web Exploit Finder PresentationWeb Exploit Finder Presentation
Web Exploit Finder Presentation
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
 
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
 
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over TimeTop Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Time
 
What are the Business Security Metrics?
What are the Business Security Metrics? What are the Business Security Metrics?
What are the Business Security Metrics?
 

Kürzlich hochgeladen

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Kürzlich hochgeladen (20)

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Digital Immunity -The Myths and Reality

  • 1. Digital Immunity The Myths and Reality Cornell University 27 June 2002 Christine M. Orshesky, CISSP, CQA
  • 2.
  • 3.
  • 4.
  • 5. Virus Infection Process Ensures virus executes before original executable Pre-pend Append PE Infector Overwrite
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23. How Fast Do They Spread? Source: ICSA/TruSecure 22 minutes 2001 E-mail enabled script NIMDA 5 hours 2000 E-mail enabled script LoveLetter 4 days 1999 E-mail enabled word macro Melissa 4 months 1995 Word Macro Concept 3 years 1990 Boot Sector Form Time to #1 Year Type Malware
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32. Sample Message Header From: stranger <stranger@yahoo.com> To: bluminx @hotmail.com Subject: Worm Klez.E immunity Date: Thu, 13 Jun 2002 09:39:56 -0400 MIME-Version: 1.0 Received: from [63.117.44.150] by hotmail.com (3.2) with ESMTP id MHotMailBED1EBAB002B400431923F752C9606970; Thu, 13 Jun 2002 06:39:59 -0700 Received: from Zkprhj [216.54.110.216] by mail.atel.net  (SMTPD32-6.06) id A08E53F007E; Thu, 13 Jun 2002 09:39:26 -0400 From [email_address] Thu, 13 Jun 2002 06:41:03 -0700 Message-Id: <200206130939556.SM02700@Zkprhj>
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.