Abstract image of a woman sitting on books and studying on a laptop

July132000

CTIN, profile picture
CTIN

The document introduces various topics related to computer networks including: - An overview of how network logging and tracing has evolved from centralized mainframe systems to today's decentralized environment where logs can be found in many different places. - A discussion of some of the challenges involved in network log file tracking, including time synchronization and understanding different system log formats. - Explanations of firewalls, virtual private networks (VPNs), and the security software ZoneAlarm, including their purposes and basic functions.

Technology
1 of 39
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
Introduction to Networks Sandy Bacik [email_address] Breakwater Security Associates
Agenda Complexity of network incidents Firewalls Encrypted tunnels Zone Alarm
Way Back When
Way Back When Not enough hard drive space to hide anything No logs on the workstation All logs were centralized on the main frame Easy phone logs for traces
Then...
Then... Not enough hard drive space to hide anything No logs on the workstation All logs were centralized on the main frame Easy phone logs for traces
Then...
Then... Now the hard drives could start storing information Sometime there were logs on the workstation The logs are now decentralized, but for the most part remained with the network Easy phone logs for traces
Early Today...
Early Today... Now the hard drives could start storing information Sometime there were logs on the workstation The logs are now decentralized Easy phone logs for traces Still no really good encrypted tunnels
Today
Today Almost anything can be logged - somewhere The logs are now decentralized Now follow packets, not phone logs Encrypted tunnels - all bets are off
Where to look for logs Corporate/Personal servers Corporate/Home workstation Firewall Internet Service Provider (ISP) and all their logs Outside networks - anywhere in the world
Issues with log file tracking Time synchronizations from system to system Time synchronizations from server to workstation IP address spoofing Understanding each systems log file information
IP Addresses 192 . 168 . 124 . 123 http://www.cisco.com/univercd/cc/td/doc/product/software/ssr90/ptc_r_90/54084.htm
Domain Names .com .edu .gov .mil .net .org .int . xx
Domain Lookups www.iana.org/dev7/iana/ www.internic.net www.networksolutions.com www.arin.net
Whois Sample
Whois Sample
Whois Sample
Simple ways to track an IP address/host name ping -a <ipaddress> ping <sitename> tracert <ipaddress> tracert <sitename>
Ping results
Ping results
Tracert results
What is a firewall? A set of hardware and software mechanisms that shield ‘internal’ trusted networks from ‘external’ untrusted networks such as the Internet or shield internal networks from other internal networks.
Firewall Design
What a firewall does not protect against Invalid configurations Other entry points into the network Dial-up access Viruses Single points of failure/throughput Insiders
Purposes of encryption Protect sensitive information from disclosure Identify the corruption or unauthorized change of information Designed to make compromise too expensive or too time consuming
What is a VPN? Virtual private network An encrypted tunnel A secure link between entities using the Internet or a network as a backbone
What’s a VPN for? Strong encryption for sensitive data transmission Reliability of critical data transmissions Good authentication Access and traffic control
VPN Design
How can we protect our home machine(s) Virus scanners Logging and auditing Firewalls http://www.zonelabs.com/default.htm
ZoneAlarm Alerts
ZoneAlarm Lock
ZoneAlarm Security
ZoneAlarm Programs
ZoneAlarm Configure
ZoneAlarm STOP
Thank you

More Related Content

PPT
Evidence Seizure Ctin Version Draft
CTIN
 
PPT
Evidence Seizure Level One
CTIN
 
PPT
Evidence Seizure Ctin Version Draft Sent To Sandy For Polishing
CTIN
 
PPTX
Investigative Tools and Equipments for Cyber Crime by Raghu Khimani
Dr Raghu Khimani
 
PPTX
Intro to cyber forensics
Chaitanya Dhareshwar
 
DOCX
Hardwar based Security of Systems
Jamal Jamali
 
PPT
Preserving and recovering digital evidence
Online
 
PPTX
Hardware Security
Mani Rathnam
 
Evidence Seizure Ctin Version Draft
CTIN
 
Evidence Seizure Level One
CTIN
 
Evidence Seizure Ctin Version Draft Sent To Sandy For Polishing
CTIN
 
Investigative Tools and Equipments for Cyber Crime by Raghu Khimani
Dr Raghu Khimani
 
Intro to cyber forensics
Chaitanya Dhareshwar
 
Hardwar based Security of Systems
Jamal Jamali
 
Preserving and recovering digital evidence
Online
 
Hardware Security
Mani Rathnam
 

What's hot (20)

PPTX
Computer forensics and its role
Sudeshna Basak
 
PPT
Computer forensics
Hiren Selani
 
PDF
File000117
Desmond Devendran
 
PPT
Csi Netsec 2006 Poor Mans Guide Merdinger
shawn_merdinger
 
PPTX
Computer forensics toolkit
Milap Oza
 
PPTX
Computer forensics
Ramesh Ogania
 
PPTX
Anti forensic
Milap Oza
 
PPTX
Processing Crimes and Incident Scenes
primeteacher32
 
PDF
05 Duplication and Preservation of Digital evidence - Notes
Kranthi
 
PDF
File000120
Desmond Devendran
 
PPT
Computer forensics
SCREAM138
 
PPT
Understanding computer investigation
Online
 
PDF
File000113
Desmond Devendran
 
PPT
Cyber Crimes & Cyber Forensics
jahanzebmunawar
 
PDF
File000119
Desmond Devendran
 
PPT
Information Security Lesson 13 - Advanced Security - Eric Vanderburg
Eric Vanderburg
 
PDF
02 Types of Computer Forensics Technology - Notes
Kranthi
 
PDF
Computer Forensic
Novizul Evendi
 
PDF
Anti forensics-techniques-for-browsing-artifacts
gaurang17
 
PDF
CS6004 Cyber Forensics - UNIT IV
ArthyR3
 
Computer forensics and its role
Sudeshna Basak
 
Computer forensics
Hiren Selani
 
File000117
Desmond Devendran
 
Csi Netsec 2006 Poor Mans Guide Merdinger
shawn_merdinger
 
Computer forensics toolkit
Milap Oza
 
Computer forensics
Ramesh Ogania
 
Anti forensic
Milap Oza
 
Processing Crimes and Incident Scenes
primeteacher32
 
05 Duplication and Preservation of Digital evidence - Notes
Kranthi
 
File000120
Desmond Devendran
 
Computer forensics
SCREAM138
 
Understanding computer investigation
Online
 
File000113
Desmond Devendran
 
Cyber Crimes & Cyber Forensics
jahanzebmunawar
 
File000119
Desmond Devendran
 
Information Security Lesson 13 - Advanced Security - Eric Vanderburg
Eric Vanderburg
 
02 Types of Computer Forensics Technology - Notes
Kranthi
 
Computer Forensic
Novizul Evendi
 
Anti forensics-techniques-for-browsing-artifacts
gaurang17
 
CS6004 Cyber Forensics - UNIT IV
ArthyR3
 
Ad

Viewers also liked (20)

PPT
Live Forensics
CTIN
 
PPT
Translating Geek To Attorneys It Security
CTIN
 
PPTX
Windows 10 Forensics: OS Evidentiary Artefacts
Brent Muir
 
PPT
Registry forensics
Prince Boonlia
 
ODP
Introduction to memory forensics
Marco Alamanni
 
PDF
Windows 7 forensics event logs-dtl-r3
CTIN
 
PDF
www.indonezia.net Hacking Windows Registry
Chandra Pr. Singh
 
PPT
Unit B Windows 7
Chaffey College
 
PPTX
Computer forensic 101 - OWASP Khartoum
OWASP Khartoum
 
PPTX
Windows Forensics
Prince Boonlia
 
PPTX
Open Source Forensics
CTIN
 
PDF
Forensics of a Windows System
Conferencias FIST
 
PDF
Windows 8.x Forensics 1.0
Brent Muir
 
PPT
Vista Forensics
CTIN
 
PDF
Sadfe2007
CTIN
 
PDF
Windows logging cheat sheet
Michael Gough
 
PPTX
Mounting virtual hard drives
CTIN
 
ODP
File carving tools
Marco Alamanni
 
PPTX
Windows 8 Forensics & Anti Forensics
Mike Spaulding
 
PPT
Raidprep
CTIN
 
Live Forensics
CTIN
 
Translating Geek To Attorneys It Security
CTIN
 
Windows 10 Forensics: OS Evidentiary Artefacts
Brent Muir
 
Registry forensics
Prince Boonlia
 
Introduction to memory forensics
Marco Alamanni
 
Windows 7 forensics event logs-dtl-r3
CTIN
 
www.indonezia.net Hacking Windows Registry
Chandra Pr. Singh
 
Unit B Windows 7
Chaffey College
 
Computer forensic 101 - OWASP Khartoum
OWASP Khartoum
 
Windows Forensics
Prince Boonlia
 
Open Source Forensics
CTIN
 
Forensics of a Windows System
Conferencias FIST
 
Windows 8.x Forensics 1.0
Brent Muir
 
Vista Forensics
CTIN
 
Sadfe2007
CTIN
 
Windows logging cheat sheet
Michael Gough
 
Mounting virtual hard drives
CTIN
 
File carving tools
Marco Alamanni
 
Windows 8 Forensics & Anti Forensics
Mike Spaulding
 
Raidprep
CTIN
 
Ad

Similar to July132000 (20)

PPT
The 300 Leonidas Solution
matthew.maisel
 
PPTX
You Spent All That Money And Still Got Owned
Joe McCray
 
PPT
Network security
-jyothish kumar sirigidi
 
PDF
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
Felipe Prado
 
PPTX
CIRA Labs - Secure Home Gateway Project 2019-03.pptx
ssuserfb92ae
 
PDF
IoT Security
Narudom Roongsiriwong, CISSP
 
PPT
Top Five Internal Security Vulnerabilities
Peter Wood
 
PDF
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
fangjiafu
 
PDF
iotsecurity-171108154118.pdf
KerimBozkanli
 
PPT
Ch13 Protecting Networks with Security Devices
phanleson
 
PPT
Firewall
Angga Racing
 
PPT
Day4
Jai4uk
 
PPTX
Cyber_Threat_Intelligent_Cyber_Operation_Contest
nkrafacyberclub
 
PPTX
Introduction of firewall slides
rahul kundu
 
PPT
New internet security
university of mumbai
 
PPT
NewIinternet security
university of mumbai
 
PDF
Web Server Security Guidelines
webhostingguy
 
PPTX
Firewall ppt
saloni mittal
 
PPT
Unified Threat Management
Tapas Shome
 
PPT
Firewall
Apo
 
The 300 Leonidas Solution
matthew.maisel
 
You Spent All That Money And Still Got Owned
Joe McCray
 
Network security
-jyothish kumar sirigidi
 
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
Felipe Prado
 
CIRA Labs - Secure Home Gateway Project 2019-03.pptx
ssuserfb92ae
 
IoT Security
Narudom Roongsiriwong, CISSP
 
Top Five Internal Security Vulnerabilities
Peter Wood
 
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
fangjiafu
 
iotsecurity-171108154118.pdf
KerimBozkanli
 
Ch13 Protecting Networks with Security Devices
phanleson
 
Firewall
Angga Racing
 
Day4
Jai4uk
 
Cyber_Threat_Intelligent_Cyber_Operation_Contest
nkrafacyberclub
 
Introduction of firewall slides
rahul kundu
 
New internet security
university of mumbai
 
NewIinternet security
university of mumbai
 
Web Server Security Guidelines
webhostingguy
 
Firewall ppt
saloni mittal
 
Unified Threat Management
Tapas Shome
 
Firewall
Apo
 

More from CTIN (20)

PDF
Encase V7 Presented by Guidance Software august 2011
CTIN
 
PDF
Windows 7 forensics -overview-r3
CTIN
 
PPTX
Msra 2011 windows7 forensics-troyla
CTIN
 
PPTX
Windows 7 forensics thumbnail-dtl-r4
CTIN
 
PPTX
Windows 7 forensics jump lists-rv3-public
CTIN
 
PPTX
Time Stamp Analysis of Windows Systems
CTIN
 
PPT
Mac Forensics
CTIN
 
PPT
Nra
CTIN
 
PPT
Edrm
CTIN
 
PPT
Computer Searchs, Electronic Communication, Computer Trespass
CTIN
 
PPT
CyberCrime
CTIN
 
PPT
Search Warrants
CTIN
 
PPT
Part6 Private Sector Concerns
CTIN
 
PPT
Networking Overview
CTIN
 
PPT
M Compevid
CTIN
 
PPT
L Scope
CTIN
 
PPT
Level1 Part8 End Of The Day
CTIN
 
PPT
Law Enforcement Role In Computing
CTIN
 
PPT
Level1 Part7 Basic Investigations
CTIN
 
PPT
K Ai
CTIN
 
Encase V7 Presented by Guidance Software august 2011
CTIN
 
Windows 7 forensics -overview-r3
CTIN
 
Msra 2011 windows7 forensics-troyla
CTIN
 
Windows 7 forensics thumbnail-dtl-r4
CTIN
 
Windows 7 forensics jump lists-rv3-public
CTIN
 
Time Stamp Analysis of Windows Systems
CTIN
 
Mac Forensics
CTIN
 
Nra
CTIN
 
Edrm
CTIN
 
Computer Searchs, Electronic Communication, Computer Trespass
CTIN
 
CyberCrime
CTIN
 
Search Warrants
CTIN
 
Part6 Private Sector Concerns
CTIN
 
Networking Overview
CTIN
 
M Compevid
CTIN
 
L Scope
CTIN
 
Level1 Part8 End Of The Day
CTIN
 
Law Enforcement Role In Computing
CTIN
 
Level1 Part7 Basic Investigations
CTIN
 
K Ai
CTIN
 

Recently uploaded (20)

PDF
NewMind AI Weekly Chronicles – August ’25 Week III
NewMind AI
 
PPTX
Final SEM Unit 1 for mit wpu at pune .pptx
anishtilekar08
 
PDF
Produktkatalog für HOBO Datenlogger, Wetterstationen, Sensoren, Software und ...
Metrics GmbH
 
PDF
Five Habits of High-Impact Board Members
OnBoard
 
PDF
OpenACC and Open Hackathons Monthly Highlights July 2025
OpenACC
 
PPTX
2018-HIPAA-Renewal-Training for executives
Mayank Mathur
 
PPTX
Chapter 5: Probability Theory and Statistics
RandyFin
 
PPTX
AI IN MARKETING- PRESENTED BY ANWAR KABIR 1st June 2025.pptx
HiraJay1
 
PDF
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
PDF
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
PDF
UiPath Agentic Automation session 1: RPA to Agents
suhanisingh58689
 
PDF
Convolutional neural network based encoder-decoder for efficient real-time ob...
IAESIJAI
 
PDF
sbt 2.0: go big (Scala Days 2025 edition)
Eugene Yokota
 
DOCX
search engine optimization ppt fir known well about this
StandardCodeLearning
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PDF
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
PDF
Taming the Chaos: How to Turn Unstructured Data into Decisions
Safe Software
 
PDF
Architecture types and enterprise applications.pdf
ChristopherTHyatt
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PPTX
Benefits of Physical activity for teenagers.pptx
Nokwanda Thabethe
 
NewMind AI Weekly Chronicles – August ’25 Week III
NewMind AI
 
Final SEM Unit 1 for mit wpu at pune .pptx
anishtilekar08
 
Produktkatalog für HOBO Datenlogger, Wetterstationen, Sensoren, Software und ...
Metrics GmbH
 
Five Habits of High-Impact Board Members
OnBoard
 
OpenACC and Open Hackathons Monthly Highlights July 2025
OpenACC
 
2018-HIPAA-Renewal-Training for executives
Mayank Mathur
 
Chapter 5: Probability Theory and Statistics
RandyFin
 
AI IN MARKETING- PRESENTED BY ANWAR KABIR 1st June 2025.pptx
HiraJay1
 
Enhancing emotion recognition model for a student engagement use case through...
IAESIJAI
 
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
UiPath Agentic Automation session 1: RPA to Agents
suhanisingh58689
 
Convolutional neural network based encoder-decoder for efficient real-time ob...
IAESIJAI
 
sbt 2.0: go big (Scala Days 2025 edition)
Eugene Yokota
 
search engine optimization ppt fir known well about this
StandardCodeLearning
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
Taming the Chaos: How to Turn Unstructured Data into Decisions
Safe Software
 
Architecture types and enterprise applications.pdf
ChristopherTHyatt
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
Benefits of Physical activity for teenagers.pptx
Nokwanda Thabethe
 

July132000

  • 1. Introduction to Networks Sandy Bacik [email_address] Breakwater Security Associates
  • 2. Agenda Complexity of network incidents Firewalls Encrypted tunnels Zone Alarm
  • 4. Way Back When Not enough hard drive space to hide anything No logs on the workstation All logs were centralized on the main frame Easy phone logs for traces
  • 6. Then... Not enough hard drive space to hide anything No logs on the workstation All logs were centralized on the main frame Easy phone logs for traces
  • 8. Then... Now the hard drives could start storing information Sometime there were logs on the workstation The logs are now decentralized, but for the most part remained with the network Easy phone logs for traces
  • 10. Early Today... Now the hard drives could start storing information Sometime there were logs on the workstation The logs are now decentralized Easy phone logs for traces Still no really good encrypted tunnels
  • 11. Today
  • 12. Today Almost anything can be logged - somewhere The logs are now decentralized Now follow packets, not phone logs Encrypted tunnels - all bets are off
  • 13. Where to look for logs Corporate/Personal servers Corporate/Home workstation Firewall Internet Service Provider (ISP) and all their logs Outside networks - anywhere in the world
  • 14. Issues with log file tracking Time synchronizations from system to system Time synchronizations from server to workstation IP address spoofing Understanding each systems log file information
  • 15. IP Addresses 192 . 168 . 124 . 123 http://www.cisco.com/univercd/cc/td/doc/product/software/ssr90/ptc_r_90/54084.htm
  • 16. Domain Names .com .edu .gov .mil .net .org .int . xx
  • 17. Domain Lookups www.iana.org/dev7/iana/ www.internic.net www.networksolutions.com www.arin.net
  • 21. Simple ways to track an IP address/host name ping -a <ipaddress> ping <sitename> tracert <ipaddress> tracert <sitename>
  • 25. What is a firewall? A set of hardware and software mechanisms that shield ‘internal’ trusted networks from ‘external’ untrusted networks such as the Internet or shield internal networks from other internal networks.
  • 27. What a firewall does not protect against Invalid configurations Other entry points into the network Dial-up access Viruses Single points of failure/throughput Insiders
  • 28. Purposes of encryption Protect sensitive information from disclosure Identify the corruption or unauthorized change of information Designed to make compromise too expensive or too time consuming
  • 29. What is a VPN? Virtual private network An encrypted tunnel A secure link between entities using the Internet or a network as a backbone
  • 30. What’s a VPN for? Strong encryption for sensitive data transmission Reliability of critical data transmissions Good authentication Access and traffic control
  • 32. How can we protect our home machine(s) Virus scanners Logging and auditing Firewalls http://www.zonelabs.com/default.htm