Professional Documents
Culture Documents
Domain-5 Notes PDF
Domain-5 Notes PDF
Chapter Five:
1. Attack Types DDos, Spoofing, Port scanning, Man in Middle, Logic Bomb, Spyware, Botnets
2. Message Integrity, authenticity & confidentiality
3. Public key Infrastructure – Hemang Doshi
4. Digital Signature, Digital Certificat, Symmetric Encription, SSL – Hemang Doshi
5. Anti-spam filtering method e.g rules, check-sum, Heuristic, Static.
Shahed Bhai:
Sniffing
Sniffing means to illegally listen into another's conversation.
• Deny Port Scan?? - Enable only the traffic you need to access internal hosts —
preferably as far as possible from the hosts you're trying to protect — and deny
everything else.
Spoofing and Sniffing are types of cyber attacks. In simple words, Spoofing means to
pretend to be someone else. Sniffing means to illegally listen into another's conversation.
Logic Bomb - A logic bomb is a piece of code inserted into an operating system or software
application that implements a malicious function after a certain amount of time, or specific
conditions are met. Logic bombs are often used with viruses, worms, and trojan horses to
time them to do maximum damage before being noticed.
Spyware is unwanted software that infiltrates your computing device, stealing your internet
usage data and sensitive information. Spyware is classified as a type of malware —
malicious software designed to gain access to or damage your computer, often without your
knowledge.
Brute force attack - A Brute Force Attack is the simplest method to gain access to a
site or server (or anything that is password protected). It tries various combinations
of usernames and passwords again and again until it gets in.
War-driving:
Wardriving is the practice of physically searching for unsecured wireless networks or
networks that can easily be compromised.
Wardriving is the act of searching for Wi-Fi networks from a moving vehicle. It involves
slowly driving around an area with the goal of locating Wi-Fi signals. This may be
accomplished by an individual or by two or more people, with one person driving and others
searching for wireless networks.
War-walking: same thing like wardriving. Here target is the mall, hotels, city streets, but
walking with device instead of driving a car.
2. Message Integrity
Message integrity means that a message has not been tampered with or altered. The most
common approach is to use a hash function that combines all the bytes in the message with
a secret key and produces a message digest that is difficult to reverse
Authenticity
Message authentication or data origin authentication is a property that a message has not
been modified while in transit (data integrity) and that the receiving party can verify the
source of the message.
Confidentiality
It means that the content of a message when transmitted across a network must remain
confidential, i.e. only the intended receiver and no one else should be able to read the
message.
PKI (or Public Key Infrastructure) is the framework of encryption and cybersecurity
that protects communications between the server (your website) and the client (the
users). It works by using two different cryptographic keys: a public key and a private
key. ... This protects the user's information from theft or tampering.
Public Key Infrastructure (PKI) uses a combination of asymmetric and symmetric processes.
An initial “handshake” between communicating parties uses asymmetric encryption to
protect the secret key which is exchanged to enable symmetric encryption.
4. Anti-spam filtering method e.g rules, check-sum, Heuristic, Static.
Firewall:
7. Chain of custody of Data
Extra:
Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve
theory that can be used to create faster, smaller, and more efficient cryptographic keys. ... The
technology can be used in conjunction with most public key encryption methods, such as RSA, and
Diffie-Hellman.
Data diddling is a type of cybercrime in which data is altered as it is entered into a computer system,
most often by a data entry clerk or a computer virus.
Example: Entering data incorrectly, deleting data, or changing data (data diddling).
To secure communication with remote users, install a virtual private network (VPN), which encrypts
all the data sent between its users.
An IP tunnel is an Internet Protocol (IP) network communications channel between two networks. It
is used to transport another network protocol by encapsulation of its packets.
Digital certificate is issued by a trusted third party which proves sender's identity to the receiver
and receiver's identity to the sender.
SSL – self signed/expired marits/ demarits & how SSL works
Benefits of Securing Website with SSL Certificate. SSL stands for Secure Socket Layers and is a public
key infrastructure that uses the RSA method of encryption and authentication via security
certificates. It helps to establish a secure connection between the client and the server through the
secure protocol HTTPS.
The security warnings associated with self-signed SSL Certificates drive away potential clients for
fear that the website does not secure their credentials. Both brand reputation and customer trust
are damaged.
The biggest problem with a self-signed certificate, is a man-in-the-middle attack. Even if you are
100% sure that you are on the correct website and you completely trust the site (your email server
for example), you could have someone intercept the connection and present you with their own
self-signed certificate.
Self-Signed SSL Certificates aren't a viable security solution for data ... The online
security of customers should be one of the main priorities.
- The first is that of phone service disruption. Yep, VoIP is susceptible to denial of service just
like any other system or application.
- VoIP is as vulnerable as the most timing-sensitive applications out there.
Pharming is a cyber attack intended to redirect a website's traffic to another, fake site.
Pharming can be conducted either by changing the hosts file on a victim's computer or by
exploitation of a vulnerability in DNS server software.
Eavesdropping – encrypted data not able to read, but it can read traffic analysis.
With Fine-Grained Access Control, each data item has its own access control policy. This type of
access control is typically used in cloud computing, where often a large quantity of data types and
data sources may be stored together but each data item must be accessed based on different
criteria.
Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint
security technology (such as antivirus, host intrusion prevention, and vulnerability assessment),
user or system authentication and network security enforcement.
Challenge-response authentication uses a cryptographic protocol that allows to prove that the user
knows the password without revealing the password itself. ... It then computes the response by
applying a cryptographic hash function to the server challenge combined with the user's password.
What is the purpose of a challenge response mechanism?