Professional Documents
Culture Documents
Security in Information Technology: By:-Mithun.k Mtech TM
Security in Information Technology: By:-Mithun.k Mtech TM
TECHNOLOGY
By:- Mithun.k
Mtech TM
08/07/2010
Overview
What is security?
Why do we need security?
Who is vulnerable?
2 lines of defense
3 security areas
Common security threats, attacks and
countermeasures
What is “Security”?
Dictionary.com says:
1. Freedom from risk or danger; safety.
2. Freedom from doubt, anxiety, or fear;
confidence.
3. Something that gives or assures safety, as:
1. A group or department of private guards: Call
building security if a visitor acts suspicious.
2. Measures adopted by a government to prevent
espionage, sabotage, or attack.
3. Measures adopted, as by a business or
homeowner, to prevent a crime such as burglary or
assault:
What is “Information Security”?
Develop policies
Communicate
Identify
Test system
Obtain support
2 lines of defense
People Technology
st
People:1 line of defense
includes –
1. something user knows
Eg:- ID or Password
2. something user has
Eg:- Smartcard or Token
3. something that is part of user
Eg:- Fingerprint or Voice signature
2) Prevention & Resistance
Hacker:-
People who use and create computer software to
gain access to the information illegally.
Enjoys programming
Seeks further knowledge
Shows a positive approach to the system
Two types:-
Expert
Novice
b) Deliberate acts
i) Deliberate acts of espionage or trespass:- con…….
Cracker:-
Who cracks or removes an application software
protection that is designed to prevent unauthorized
duplication (copyright protected).
They’ll destroy vital data, deny legitimate user service
etc…
Negative approach to system
Phreaker:-
Hacks the public telephone network to make free
calls and to disrupt the services
b) Deliberate acts con…
Types of Malwares:-
Virus:-
A piece of self-replicating code attached to some other
code or program
A program that infects other programs by modifying
them
Propagates itself:- a copy of this program can go and
infect other progams. It consists of intrusion codes to
make specific copies to itself.
Opening an e-mail or by other data transmission causes
virus infection
Types:-
macro virus
boot virus etc…
b) Deliberate acts
v) Deliberate software attacks :- con…
Worms:-
Malicious programs that replicate themselves without
infecting the program
Programs that spread from one system to the other
network connection
Doesn’t exists in a particular system but affects the file
in that system
Types:-
Morris Worm
Code Red
Nimda
b) Deliberate acts
v) Deliberate software attacks :- con…
Trojan Horses:-
Fire
Flood
Earthquake
Lightening
Landslide
Tornado
Hurricane
Tsunami
Dust contamination
d) Technical failures
Hardware:-
Technical hardware failures or errors occur when a
manufacturer distributes to users equipment
containing a known or unknown flaw.
Software:-
Threats come from purchasing software with
unknown hidden faults.
e) Management failures
Malicious codes:-
Individual or group develop or designs software to
attack an unsuspecting system
Hoaxes:-
Warning about the latest viruses & worms
Transmitting a virus hoax, with a real virus attached
Password crack:-
Attempt to reverse calculate a password is called cracking
Used when a copy of Security Account Manager (SAM) data
file can be obtained.
SAM file contains Hashed representation of password.
Brute force:-
Try every possible combination of passwords
Dictionary attacks:-
Uses a list of commonly
used passwords (dictionary),
to guess instead of random
combination.
Attacks con…
Spoofing:-
Intruder sends message to computer with an IP address
indicating true host
Hacker first findout IP address of true host.
Once Connection was established, hacker got access to the
system
Spam:-
Unsolicited commercial e-mail
Considered as nuisance rather than an attack.
Mail bombing:-
Attacker router large number of unsolicited e-mail to the
target.
Target e-mail address is buried under unwanted e-mails.
Attacks con…
Sniffer:-
Program or device that can monitor data travelling over
network.
Unauthorized sniffers are extremely dangerous to
network.
Packet sniffers- they can work on TCP/IP n/w
Social engineering:-
Process of using social skills to convince people to
reveal the credentials and other valuable informations.
Attacks con…
Denial of Service(Dos):-
Purpose: Make a network service unusable,
usually by overloading the server or network
Denial of service:-
Attacks con…
Denial of service:-
SMURF:-
Source IP address of a broadcast ping is forged
Large number of machines respond back to victim,
overloading it
Attacks con…
Denial of service:-
Attacks con…
TCP attacks:-
Say hello to Alice, Bob and Mr. Big Ears
Attacks con…
TCP attacks:-
Alice and Bob have an established TCP connection
Attacks con…
TCP attacks:-
Mr. Big Ears lies on the path between Alice and
Bob on the network
He can intercept all of their packets
Attacks con…
TCP attacks:-
First, Mr. Big Ears must drop all of Alice’s packets
since they must not be delivered to Bob (why?)
Packet
s
The
Void
Attacks con…
TCP attacks:-
Firewalls
Intrusion detection system
Cryptography
Counter filters
Scanning and analysis tools
Firewalls
Internet DMZ
Web server, email
F server, web proxy, F
ir etc ir
e e
w w
a a
ll ll
Intranet
Firewalls
Types:-
Host based IDS
Network based IDS
Signature based IDS
Statistical anomaly based IDS
Cryptography
Secure computing
www.Wikipedia.org
Thank you…!