NETWORK VULNERABILITY ASSESSMENT

NTC 1062

Chapter 1Introduction to Security

Last Update 9/5/2011

WHO AM IMs Noormelah Binti Shamsul

Anuar019-2767570TT0 room-L11 Room 2noormelah@gmail.com /

noormelah@gmi.edu.my Syllabus.Books.Coursework 2

SYLLABUS CHAPTER 1 – Network Security Assessment CHAPTER 2– Internet Host & Network Reconnaissance CHAPTER 3 – Goggle Hacking CHAPTER 4– Network Scanning CHAPTER 5– Gaining Access CHAPTER 6– Accessing Web Server & Application CHAPTER 7– Assessment Methodology

3

BOOKS

4

COURSEWORKASSESSMENT MARKSFINAL EXAMINATION 30%

PBL ( Reconnaissance) - softcopy

20%

THEORY TEST 10%

Assignments-Lab Manual (10%) -

softcopy- Mini Project – Kali Linux tools(20%) – hardcopy &

Softcopy

30%

KQ 10% 5

MINI PROJECT (KALI LINUX TOOLS) – 20%

http://tools.kali.org/tools-listing Information Gathering Sniffing & Spoofing Vulnerability Analysis Exploitation Tools Password Attacks Wireless Attacks Forensics Tools Maintaining Access Hardware Hacking Web Applications

(Compulsary) Stress Testing

Reverse Engineering Reporting Tools Metasploit

Group of 2 Choose 5 tools from

different categories listed above.

Report (Introduction, Installation screen shot)– Hardcopy & softcopy

Presentation with live demo. Video 6

OBJECTIVES

Describe the challenges of securing information Define information security and explain why it is

important Identify the types of attackers that are common

today List the basic steps of an attack Describe the five steps in a defense Explain the different types of information security

careers7

IT TAKES TIME TO BECOME A HACKER

This class alone won’t make you a hacker, or an expert It might make you a script kiddies

It usually takes years of study and experience to earn respect in the hacker community

It’s a hobby, a lifestyle, and an attitude A drive to figure out how things workWe’re not here to teach you how to

hack.… 8

A QUOTE FROM ONE OF HISTORY’S GREATEST HACKERS

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

If you know yourself but not the enemy, for every victory gained you will also suffer a defeat.

If you know neither the enemy nor yourself, you will succumb in every battle.

—Sun Tzu, The Art of War9

WHAT IS VULNERABILITY

Weakness in a system that allows the system to be maliciously exploited and used outside of the way it was designed to be used and/or open to a threat increasing the risk of operational corruption or disaster

10

CLASSES OF VULNERABILITIES

1) Hard vulnerabilities

Mistakes made by the company that wrote the software and has left open a hole for potential exploit.

Types of hard vulnerabilities bugs fixed by service pack and hotfixes system complexity

11

CLASSES OF VULNERABILITIES

2) Soft vulnerabilities

Misconfigurations by network and security administrators

Type of soft vulnerabilities: A lack of general security policies General security policies go against industry best

practices A lack of security system procedures A lack of configuration or change management Logging not enabled Log files ignored or deleted frequently 12

ASSESSMENT METHODOLOGY

13

Reconnaissance• preparatory phase

where an attacker gathers as much information as possible about the target prior to launching the attack.

Scanning• uses the details

gathered during reconnaissance to identify specific vulnerabilities

Gaining Access• Exploits

Maintaining Access• further use the system

as a launch pad to scan and exploit other systems

Covering Tracks• destroy evidence of

his/her presence and activities for various reasons

SECURITY VULNERABILITIES FOR SALE

Anyone can buy attack tools to take over computers See links 1a, 1b

14

CHALLENGES OF SECURING INFORMATION

There is no simple solution to securing information

This can be seen through the different types of attacks that users face today As well as the difficulties in defending against these

attacks

15

TODAY’S SECURITY ATTACKS

A new worm disables Microsoft Windows Automatic Updating and the Task Manager (link Ch 1d)

Apple has issued an update to address 25 security flaws in its operating system OS X

16

TODAY’S SECURITY ATTACKS

TJX Companies, Inc. had 45 million customer credit card and debit card numbers stolen because they used poor wireless security (WEP)

Ch 1f

17

DIFFICULTIES IN DEFENDING AGAINST ATTACKS

18

19

20

WHAT IS INFORMATION SECURITY?

21

DEFINING INFORMATION SECURITY

Information security

The tasks of guarding information that is in a digital format

Ensures that protective measures are properly implemented

Cannot completely prevent attacks or guarantee that a system is totally secure

22

DEFINING INFORMATION SECURITY

Information security protects information that has value, protecting security element “CIA”:

CONFIDENTIALITYMake sure that the data

is sent to the right person

AVAILABILITYServices are

always available to authorized

users whenever needed

INTEGRITYData cannot be

altered by unauthorized user

23

HOW WOULD YOU ATTACK ?

24

25

INFORMATION SECURITY LAYERS

26

FORMAL DEFINITION OF INFORMATION SECURITY

Information Security

protects the confidentiality, integrity, and availability of information on the devices that store, manipulate, and transmit the information through products, people, and procedures

27

INFORMATION SECURITY TERMINOLOGY

Asset Something that has a value

Threat An event or object that may defeat the security

measures in place and result in a loss

Threat agent A person or thing that has the power to carry out a

threat28

INFORMATION SECURITY TERMINOLOGY

Vulnerability Weakness that allows a threat agent to bypass

security

Exploit Takes advantage of a vulnerability

Risk The likelihood that a threat agent will exploit a

vulnerability Realistically, risk cannot ever be entirely eliminated 29

INFORMATION SECURITY TERMINOLOGY (CONTINUED)

30

INFORMATION SECURITY TERMINOLOGY (CONTINUED)

31

UNDERSTANDING THE IMPORTANCE OF INFORMATION SECURITY

32

DATA THEFT AND IDENTITY THEFT

Preventing data theft The theft of data is one of the largest causes of

financial loss due to an attack

Thwarting identity theft Identity theft involves using someone’s personal

information to establish bank or credit card accounts Cards are then left unpaid, leaving the victim with the debts

and ruining their credit rating

33

THE NSA HACKER Gary McKinnon hacked

into NASA and the US Military

He was looking for evidence about UFOs

Link Ch 1g

34

WHO ARE THE ATTACKERS? The types of people behind computer attacks are

generally divided into several categories

Hackers Script kiddies Spies Employees

35

HACKERS Hacker

Anyone who illegally breaks into or attempts to break into a computer system

Although breaking into another person’s computer system is illegal Some hackers believe it is ethical as long as they do

not commit theft, vandalism, or breach any confidentiality

Ethical Hacker Has permission from the owner to test security of

computers by attacking them36

SCRIPT KIDDIES

Unskilled users Download automated hacking software (scripts)

from Web sites and use it to break into computers Image from ning.com

37

SPIES Computer spy

A person who has been hired to break into a computer and steal information

Excellent computer skills

38

EMPLOYEES

The largest information security threat Motives

An employee might want to show the company a weakness in their security

Disgruntled employees may be intent on retaliating against the company

Industrial espionage Blackmailing

39

MAX BUTLER Took over the world’s market in

stolen credit cards in 2006 From a San Francisco

apartment in the Tenderloin Link Ch 1h

40

WHAT YOU CAN DO LEGALLY

Laws involving technology change as rapidly as technology itself

Find what is legal for you locally Laws change from place to place

Be aware of what is allowed and what is not allowed

41

WHAT YOU CANNOT DO LEGALLY?

Accessing a computer without permission is illegal

Other illegal actions Installing worms or viruses Denial of Service attacks Denying users access to network resources

Be careful your actions do not prevent customers from doing their jobs

42

ATTACKS AND DEFENSES

43

STEPS OF AN ATTACK The five steps that make up an attack

Probe for informationPenetrate any defensesModify security settingsCirculate to other systemsParalyze networks and devices

44

45

DEFENSES AGAINST ATTACKS

Although multiple defenses may be necessary to withstand an attack

These defenses should be based on five fundamental security principles:

LayeringLimitingDiversityObscuritySimplicity

46

LAYERING

Information security must be created in layers One defense mechanism may be relatively easy

for an attacker to circumvent Instead, a security system must have layers, making

it unlikely that an attacker has the tools and skills to break through all the layers of defenses

A layered approach can also be useful in resisting a variety of attacks

Layered security provides the most comprehensive protection

47

LIMITING

Limiting access to information reduces the threat against it

Only those who must use data should have access to it In addition, the amount of access granted to someone

should be limited to what that person needs to know Some ways to limit access are technology-based,

while others are procedural

48

DIVERSITY Layers must be different (diverse)

If attackers penetrate one layer, they cannot use the same techniques to break through all other layers

Using diverse layers of defense means that breaching one security layer does not compromise the whole system

49

OBSCURITY

An example of obscurity would be not revealing the type of computer, operating system, software, and network connection a computer uses An attacker who knows that information can more

easily determine the weaknesses of the system to attack it

Obscuring information can be an important way to protect information

50

SIMPLICITY

Information security is by its very nature complex Complex security systems can be hard to

understand, troubleshoot, and feel secure about As much as possible, a secure system should be

simple for those on the inside to understand and use

Complex security schemes are often compromised to make them easier for trusted users to work with Keeping a system simple from the inside but complex

on the outside can sometimes be difficult but reaps a major benefit 51

INFORMATION SECURITY CAREERS AND THE SECURITY CERTIFICATION

52

TYPES OF INFORMATION SECURITY JOBS

Information assurance (IA) A superset of information security including security

issues that do not involve computers Covers a broader area than just basic technology

defense tools and tactics Also includes reliability, strategic risk management,

and corporate governance issues such as privacy, compliance, audits, business continuity, and disaster recovery

Is interdisciplinary; individuals who are employed in it may come from different fields of study

53

TYPES OF INFORMATION SECURITY JOBS

Information security, also called computer security Involves the tools and tactics to defend against

computer attacks Does not include security issues that do not involve

computers

Two broad categories of information security positions Information security managerial position Information security technical position

54

55

ETHICAL HACKING IN A NUTSHELL

What it takes to be a security tester Knowledge of network and computer technology Ability to communicate with management and IT

personnel Understanding of the laws Ability to use necessary tools

56

CERTIFICATION

57

The End….

58