Computer and network security

Computer and Network Security
University Of Sulaimani
Faculty of Physical and Basic Education
By: MSc. Karwan M. Kareem

Symantec's analysis of security threats in 2014 revealed thieves are working faster
than companies can defend themselves, and launching more malicious attacks than
in previous years.
More than 317 million new pieces of malware -- computer viruses or other malicious
software -- were created last year. That means nearly one million new threats were
released each day. April 14, 2015 - cnn.com

 The Metro online newspaper claims that cumbersome costs Britain almost
£1,000 every second, this newspaper show that cyber-attacks is costing the
British economy £27billion a year. These losses just occurred in the UK. We can
ask how many costs or losses occur every day around the world via cyber-
attack. 17 Feb 2011 - metro.co.uk

 The computerweekly online newspaper claims Cyber security incidents cost
UK firms £34.1bn in the past year, but under half have enhanced defences, a
survey has revealed.
14 Jul 2016 12:45 - computerweekly.com

 Haveibeenpwned official website write that 1,801,838,008 web accounts have
been hacked haveibeenpwned.com – 10/2016

 The official acunetix website write that 70% of websites and networks are
hackable! Close your doors shut before hackers find you
ttps://www.acunetix.com - 2016

Deep web and Dark web :
The deep web, invisible web, or hidden web are parts of the World Wide Web
whose contents are not indexed by standard search engines for any reason.
Deep web
Dark web

Watch Cyber Attacks in Real Time
unique attack intelligence that helps our customers block attacks..

Hamza Bendelladj:
 The 27-year-old Algerian computer science graduate.
 He create a banking trojan horse called SpyEye.
 using a computer virus to steal money from more than 200 American
banks.
 According to Wired, a San Francisco-based technology magazine
“This infected more than 1.4 million computers in the US”.
 He then reportedly gave millions of dollars to Palestinian charities.
21 SEPTEMBER 2015

Haveibeenpwned official website write that
1,801,838,008 web accounts have been hacked

Use a Host-Based Firewall :
 Download files only from trusted sites..
 Not to open any unknown source downloads.
 For example: Brother soft
 Over 800 000 APK files , Over 200 000 free computer software ..

DDOS Agent – Handler Attack Model technique

IRC – based DDOS attack technique

ComputerWorld website that CryptoPhone users found and mapped
17 fake “cell towers” in the U.S. during the month of July.
computerworld.com - Sep 2, 2014
IMSI catcher:

IMSI catcher:
2G (optional 3G) voice & data
interception and location system

IMSI-Catchers are false mobile towers (base stations) acting between the target
mobile phone(s) and the real towers of service providers. As such they are
considered a Man-In-The-Middle (MITM) attack. In the USA the IMSI-Catcher
technology is known under the name “StingRay“.
IMSI catcher:

The FBI or local police regularly deploys IMSI-Catchers hidden in vehicles at
protests to obtain a record of everyone who attended with a cell phone (leave
your phones at home by all means if you really have to attend).
IMSI-Catchers also allow adversaries to intercept your conversations, text
messages, and data. Police can use them to determine your location, or to find
out who is in a given geographic area at what time.
IMSI catcher:

The Passive GSM Interceptor is a real time dual or quad band 2G (optional 3G) voice &
data interception and location system which utilises NO transmitting parts and is
undetectable to both the hand set user and network operator.
– Interception of Incoming and Outgoing encrypted GSM communications including A5/1
in real-time and without the cooperation of network operators.
– Interception of multiple simultaneous duplex calls (from 4 to 200 Channels available).
– Extraction of phone identities including IMSI, IMEI and MSISDN.
– Manipulation of target phone (SMS, Calls etc) using optional. “Active Add-On”.
– Real time target location (2-4m accuracy using A-GPS).
– Detailed country mapping provided.
IMSI catcher: Passive GSM Interceptor

Advanced passive GSM Interception System is designed for off - air interception
for cellular communication in GSM networks.
The system listens to information exchange Between BTS (Base Transceiver
Station) and MS (MoBile Station or, in another words, mobile phone), and, after
a real time signal processing, intercepted calls can Be listened and recorded.
IMSI catcher: Advanced GSM Interceptor

The GSMK CryptoPhone 500 is an Android-based secure mobile phone with 360°
mobile device security for secure messaging and voice over IP communication on
any network.
GSMK CryptoPhones are your trustworthy solution for completely confidential
encrypted telephone calls – whether by GSM cellular network, 3G/UMTS, satellite,
or land line
http://www.cryptophone.de/en/products/mobile/cp500/
GSMK CryptoPhone 500:
Price  3500$

AIMSICD is an app to detect IMSI-Catchers. AIMSICD attempts to detect IMSI-
Catchers through various methods such as these:
- Check tower information consistency
- Signal strength monitoring
- Detect FemtoCells LAC/Cell ID Consistency
- Check Neighboring Cell Info
- Look for silent SMS
- Prevent silent app installations
AIMSICD:
http://cellularprivacy.github.io/Android-IMSI-Catcher-Detector/

Spy and Attack Emergency Management – police :
Price  3500$

Droidjack:
 DroidJack gives you the power to establish control Android devices with
an easy to use GUI and all the features you need to monitor and spy
them.
http://droidjack.net/
able to spy and monitor on an Android ..
 Build a custom APK or bind the
payload to an already existing APK
such as a game or social media
app

 you'll be able to check the phone's incoming and
outgoing SMS messages..
spy2mobile
Spy2mobile:

 you'll be able to check the
phone's call history..
 you'll be able to
check the contact
list..

 you'll be able to check the current location like accuracy,
speed, altitude and previous tracks..

 SpyHuman is an efficient tool that allows you to monitor your
kid’s or your employee’s online/offline activities like GPS
Locations, SMS chatting. Social sites activities, Call logs etc.
SpyHuman :
https://spyhuman.com/

Attacker can use Wireshark to analyze network packets, password sniffing, cookie
stealing, session hijacking and information stealing.
Wireshark

Wifislax is a Slackware-based Linux distribution designed for wireless hacking and forensics.
It contains a large number of security and forensics tools, which transforms it into a
pentesting (penetration testing).

Acunetix Vulnerability Scanner automatically crawls and scans custom-built websites
and web applications for SQL Injection, XSS, XXE, SSRF, Host Header Attacks & over 500
other web vulnerabilities..
https://www.acunetix.com/

site24x7 : Find IP Address of your website. Sign up for a Site24x7 Free Account
to monitor up to 5 websites for free continuously and be alerted when it goes
down!
https://www.site24x7.com/find-ip-address-of-web-site.html

Metadefender :
Scan an IP address using 12 sources to determine if it has been compromised.
https://www.metadefender.com/#!/submit-ip

Whatismyipaddress:
This IP-address search will give you general details only about what is on the end
of that IP address. Here's what you'll find out:
The ISP and organization's name
The IP's host name
The country it's in
The region/state
The city (a best guess) , with further information …
http://whatismyipaddress.com/ip-lookup

Tor :
a form of network surveillance that threatens personal freedom
and privacy, confidential business activities and relationships, and
state security.
https://www.torproject.org

Onion Link and Not Evil :
To search in deep web, Enabling search and global access to Tor's onionsites
https://hss3uro2hsxfogfq.onion.to/
http://www.onion.link/

Haveibeenpwned :
Check if you have an account that has been compromised in a data breach
https://haveibeenpwned.com/

RedPhone :
Makes private communication simple. Free, world-wide, end-to-end encryption
for your calls, securing your conversations so that nobody can listen in.
https://play.google.com/store/apps/details?id=com.littlebytesofpi.linphonesip&

Baidu Antivirus 2015:
 Baidu Antivirus is 100% free, forever.
 New virus definitions are always free.
http://antivirus.baidu.com/en/

Linux os:
 Linux is more secure than other operating systems.
Original Windows OS
 - Windows with license key ..

Backup file :
 Be sure do a full back up of your system on a regular basis. A backup file is a
copy of a file which is kept in case anything happens to the
 Google drive , Dropbox, One drive …

Use a Host-Based Firewall :
 A personal firewall is an application which controls network traffic to and
from a computer ..

Wise Folder Hider is a free file/folder hiding tool. Users can use it to hide files and
folders on local partitions or removable devices.
Hide data Wise Folder Hider:

Hide data with steganography:
You can use a steganography program to hide data inside other data.
OpenStego is just 203 KB in size and is easy to use steganography application. You
can attach any type of secret message file to cover files. Supported file types for
cover are: BMP, GIF, JPEG, JPG, PNG, and WBMP
http://www.openstego.com/

Wise Care 365: PC Cleaning and Speed up Tool
Clean registry and junk files from your PCs. Protect your privacy and make your
PCs more secure. Provide a better option of optimizing and accelerating your
computer! Over 30,000,000 downloads worldwide
http://www.openstego.com/
http://www.wisecleaner.com/

VirusTotal :
VirusTotal is a free service that analyzes suspicious files and URLs and facilitates
the quick detection of viruses, worms, trojans, and all kinds of malware.
https://www.virustotal.com/

Computer Virus
• Definition
- Computer program “Piece of code” that automatically
reproduces itself.
- It’s attached to other programs or files, but requires user
intervention to propagate.
• Background
- There are estimated 30,000 computer viruses in existence
-Over 300 new ones are created each month
-Today almost 87% of all viruses are spread through the internet
• Infection (targets/carriers)
- Executable files
- Boot sectors
- Documents (macros), scripts (web pages), etc.
• Propagation
is made by the user. The mechanisms are storage elements,
mails, downloaded files or shared folders

Halabjay Virus: is an Kurdish malware which is developed by kurd-
intruder to test and analyze computer virus behaviors..

Worm
• Definition
-Piece of code that automatically reproduces itself over the
network. It doesn’t need the user intervention to propagate
(autonomous).
• Target selection algorithm
-Email addresses, DNS, IP, network neighborhood
• Payload
- Malicious programs
-Backdoor, DDoS agent, etc.
• Anatomy of Worms
- Attack Mechanism
- Payload
- New target selection

 Trojans
• A Trojan horse or Trojan, is a destructive program that masquerades
as an application.
- The Trojan Horse, at first glance will appear to be useful
software but will actually do damage once installed or run on
your computer.
-Unlike viruses and worms, Trojans do not reproduce by
infecting other files nor do they self-replicate.
•What Trojans can do?
Use of the machine as part of a Botnet (e.g. to perform
automated spamming or to distribute Denial-of-service.)
Uninstallation of software, including third-party router drivers.
Downloading or uploading of files on the network hdd.
Watching the user’s screen.
Spreading other malware? Such as viruses. In this case? The
Trojan horse is called a dropper or vector.
Modification or deletion of files.
Data theft(e.g. retrieving username or postal code information)
Crashing the computer.
Setting up networks of zombie computers in order to launch
Dodos attacks or send spam.

Social Engineering
• Definition
- Manipulating a person or persons to detect and steal
confidential data and information.
- It is a way for criminals to gain access to information systems.
The purpose of social engineering is usually to secretly install
spyware, other malicious software or to trick persons into
handing over passwords and/or other sensitive financial or
personal information.
• What are they looking for ?
- Obtaining simple information such as your pet's name, where
you're from, the places you've visited; information that you'd give
out freely to your friends.
- Some have a 'secret question' you have to answer, if you cannot
remember your username or password. The questions seem
pretty tough for an outsider looking into trying to hack into your
account.
 What's the name of your first pet?
 What is your maiden name?
 When was your mother/father born?
 Where were you born?

Login Alerts:
Get an alert when anyone logs into your account from an unrecognized
device or browser.

Login Approvals:
Require a login code to access my account from unknown browsers

Public key:
Use this public key to encrypt notification emails that Facebook sends
you?

Your trusted contacts:
Your trusted contacts are friends you chose who can securely help if you
ever have trouble accessing your account.

Recognized devices:
You won't get notified or have to confirm your identity when logging in
from these devices:

where are you logged in:
Review and manage where are you logged into Facebook

Legacy contact :
Chose a family member or close friend to care for your account if
something's happens to you ..

Who can look me up :
1/ Who can look you up using the email address you provided ?
2/ Who can look you up using the phone number you provided ?
3/ Do you want search engines outside of Facebook to link to your
profile?

Restricted List and Block User:
When you add a friend to your Restricted List:
1/ they won't see posts on Facebook that you share only to Friends.
2/ They may still see things you share to Public.
3/ Facebook doesn't notify your friends when you add them to your
Restricted List.

Block message :
If you block messages and video calls from someone here:
1/ they won't be able to contact you in the Messenger app.
2/ they may be able to post on your Timeline, tag you, and comment on
your posts or comments

Download a copy of your Facebook data:
Get a copy of what you have done on Facebook …

Facebook Disabled - Ineligible
“ I hope to retrieve my account and confirmed and are usually activated
because it is very important. Thank Company Facebook "
https://www.facebook.com/help/contact/317389574998690
How to active a disable Facebook..?

4K Stogram:
 4K Stogram is an Instagram Downloader for PC, Mac and Linux. The
program allows you to download and backup Instagram photos and
videos, even from private accounts
https://www.4kdownload.com/products/product-stogram

Google hacking :
 Google hacking, also named Google dorking, is a computer hacking
technique that uses Google Search and other Google applications to
find security holes in the configuration and computer code that
websites use.
 Google Hacking Database (GHDB) link:
https://www.exploit-db.com/google-hacking-database/

Admin Page Finder:
 This is excellent admin page finder,
 it have the biggest dork list wich use to find admin page.
 It is bigger then havij, other programs, online scanners or perl scripts.
https://www.youtube.com/watch?v=RLSoMS8AoRg

Computer and network security

More Related Content

What's hot (20)

Viewers also liked (20)

Similar to Computer and network security (20)

More from Karwan Mustafa Kareem (7)

Recently uploaded (20)

Computer and network security