SlideShare a Scribd company logo

Web security

Download as PPT, PDF
Jin Castor, profile picture
Jin Castor

The document discusses various security issues related to using the internet and networking. It introduces basic security concepts like confidentiality, integrity and availability. It then examines specific problems such as hijacked web servers, denial of service attacks, unsolicited commercial email, operator errors and natural disasters. It also defines and explains security terms like probes, scans, packet sniffers and malicious code. The overall document provides a high-level overview of internet security risks and challenges.

Technology
1 of 41
Downloaded 10 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
Internet & Web Security Prepared by: Jean Michael Castor
Introduction • As of 1996, the Internet connected an estimated 13 million computers in 195 countries on every continent, even Antarctica . The Internet is not a single network, but a worldwide collection of loosely connected networks that are accessible by individual computer hosts in a variety of ways, including gateways, routers, dial-up connections, and Internet service providers.
Introduction • The Internet is easily accessible to anyone with a computer and a network connection. Individuals and organizations worldwide can reach any point on the network without regard to national or geographic boundaries or time of day.
Introduction • However, along with the convenience and easy access to information come new risks. Among them are the risks that valuable information will be lost, stolen, corrupted, or misused and that the computer systems will be corrupted. If information is recorded electronically and is available on networked computers, it is more vulnerable than if the same information is printed on paper and locked in a file cabinet.
Introduction • Intruders do not need to enter an office or home, and may not even be in the same country. They can steal or tamper with information without touching a piece of paper or a photocopier. They can create new electronic files, run their own programs, and hide evidence of their unauthorized activity.
Basic Security Concepts • Three basic security concepts important to information on the Internet are confidentiality, integrity, and availability. Concepts relating to the people who use that information are authentication, authorization, and nonrepudiation.
Basic Security Concepts • Confidentiality - restricting access to information to authorized users. • Integrity - ensuring that stored data and data in transit are not modified unintentionally or maliciously. • Availability - ensuring that network services are not interrupted unintentionally or maliciously.
Internet Security Today • What are the main security-related problems on the Internet Today? – Hijacked web servers – Denial-of-Service Attacks – Unsolicited Commercial E-Mail – Operator Error, Natural Disasters – Microsoft... – Probe – Scan – Packet Sniffer – Malicious Code
Internet Security Today • What are not the major security-related problems? – Eavesdropped electronic mail. • (Misdirected email is a problem.) • (Email swiped from backup tapes is a problem.) – Sniffed credit card numbers. • (Credit card numbers stolen from databases is a problem.) – Hostile Java & ActiveX applets.
Hijacked Web Servers
Hijacked Web Servers • FBI – August 17, 1996 - Attacks on the Communications Decency Act. • CIA – September 18, 1996 - “Central Stupidity Agency” • NetGuide Live – “CMP Sucks.”
Hijacked Web Servers • Attacker gains access and changes contents of web server. • Usually stunts. • Can be very bad: – Attacker can plant hostile applets. – Attacker can plant data sniffers – Attacker can use compromised machine to take over internal system.
Hijacked Web Servers • Usually outsiders. • (Could be insiders masquerading as outsiders.) • Nearly impossible to trace.
How do they do it? • Administrative passwords captured by a password sniffer. • Utilize known vulnerability: – sendmail bug. – Buffer overflow. • Use web server CGI script to steal /etc/passwd file, then crack passwords. • Mount the web server’s filesystem.
How do you defend against it? • Patch known bugs. • Don’t run unnecessary services on the web server.
How do you defend? • Practice good host security. • Monitor system for unauthorized changes. – Tripwire • Monitor system for signs of penetration – Intrusion detection systems
How do you defend? • Make frequent backups. • Have a hot spare ready. • Monitor your system frequently.
Denial-of-Service Attacks
Denial-of-Service • Publicity is almost as good as changing somebody’s web server. – Attack on PANIX – Attack on CyberPromotions • Costs real money – Lost Sales – Damage to reputation
Kinds of Denial-of-Service Attacks • Direct attack: attack the machine itself. • Indirect attack: attack something that points to the machine. • Reputation attack: attack has nothing to do with the machine, but references it in some way.
Direct Denial-Of-Service Attack • Send a lot of requests (HTTP, finger, SMTP) – Easy to trace. – Relatively easy to defend against with TCP/IP blocking at router.
Direct Denial-Of-Service Attack 2 • SYN Flooding – Subverts the TCP/IP 3-way handshake • SYN / ACK / ACK – Hard to trace • Each SYN has a different return address. – Defenses now well understood • Ignore SYNs from impossible addresses. • Large buffer pools (10 → 1024) • Random drop, Oldest drop.
Indirect Denial-Of-Service Attack • Attack Routing • Attack routers (hard) • Inject bogus routes on BGP4 peering sessions (easy) – Accidents have been widely reported. – Expect to see an actual BGP4 attack sometime this year.
Reputation-based Denial-Of-Service Attack • Spoofed e-mail To: everybody@AOL.COM From: astrology@mail.vineyard.net Subject: Call Now! Hello. My name is Jean Dixon … • We got 3.9MB of angry responses.
Unsolicited Commercial E-Mail
Unsolicited Commercial E-Mail • Pits freedom-of-speech against right of privacy. • Consumes vast amounts of management time. • Drain on system resources.
Who are the bulk-mailers? • Advertising for Internet neophytes. • Advertising for sexually-oriented services. • Advertising get-rich-quick schemes. • Advertising bulk-mail service.
How do they send out messages? • Send directly from their site. • Send through an innocent third party. • Coming soon: – Sent with a computer virus or ActiveX applet
How did they get my e-mail addresses? • Usenet & Mailing list archives. • Collected from online address book. – AOL registry. – University directory. • Guessed – Sequential CompuServe addresses. • Break into machine & steal usernames.
Operator Error & Natural Disasters
Operator Error & Natural Disasters • Still a major source of data loss. • Hard to get management to take seriously. – Not sexy. – Preparation is expensive. – If nothing happens, money seems misspent.
Operator Error • Accidentally delete a file. • Accidentally install a bad service. • Accidentally break a CGI script. • Psychotic break.
Natural Disaster • Fire • Flood • Earthquake
Solutions • Frequent Backups – Backup to high-speed tape. – Real-time backup to spare machines. – Make sure some backups are off-site. • Recovery plans. • Recovery center. • Test your backups & plans!
Microsoft
Microsoft • Danger of homogeneous environment. • No demonstrated commitment to computer security. – Windows 95 is not secure. – Word Macro Viruses. – ActiveX – SMB • Windows NT …?
Probe • A probe is characterized by unusual attempts to gain access to a system or to discover information about the system. One example is an attempt to log in to an unused account. Probing is the electronic equivalent of testing doorknobs to find an unlocked door for easy entry. Probes are sometimes followed by a more serious security event, but they are often the result of curiosity or confusion.
Scan • A scan is simply a large number of probes done using an automated tool. Scans can sometimes be the result of a misconfiguration or other error, but they are often a prelude to a more directed attack on systems that the intruder has found to be vulnerable.
Packet Sniffer • A packet sniffer is a program that captures data from information packets as they travel over the network. That data may include user names, passwords, and proprietary information that travels over the network in clear text. With perhaps hundreds or thousands of passwords captured by the sniffer, intruders can launch widespread attacks on systems.
Malicious Code • Malicious code is a general term for programs that, when executed, would cause undesired results on a system. Users of the system usually are not aware of the program until they discover the damage. Malicious code includes Trojan horses, viruses, and worms. Trojan horses and viruses are usually hidden in legitimate programs or files that attackers have altered to do more than what is expected. Worms are self-replicating programs that spread with no human intervention after they are started.
Malicious Code • Viruses are also self-replicating programs, but usually require some action on the part of the user to spread inadvertently to other programs or systems. These sorts of programs can lead to serious data loss, downtime, denial of service, and other types of security incidents.

More Related Content

PPTX
Internet Issues (How to Deal on Internet Security)
Hannah Jane del Castillo
 
PPTX
Cyber security mis
Aditya Singh Rana
 
PPTX
9 - Security
Raymond Gao
 
PPTX
2014-09-03 Cybersecurity and Computer Crimes
Raffa Learning Community
 
PPT
BASIC IT AND CYBER SECURITY AWARENESS
Md Abu Syeem Dipu
 
PPTX
Cyber security # Lec 1
Kabul Education University
 
PPT
Cyber Security Awareness Training by Win-Pro
Ronald Soh
 
PPT
Cyber security awareness training by cyber security infotech(csi)
Cyber Security Infotech
 
Internet Issues (How to Deal on Internet Security)
Hannah Jane del Castillo
 
Cyber security mis
Aditya Singh Rana
 
9 - Security
Raymond Gao
 
2014-09-03 Cybersecurity and Computer Crimes
Raffa Learning Community
 
BASIC IT AND CYBER SECURITY AWARENESS
Md Abu Syeem Dipu
 
Cyber security # Lec 1
Kabul Education University
 
Cyber Security Awareness Training by Win-Pro
Ronald Soh
 
Cyber security awareness training by cyber security infotech(csi)
Cyber Security Infotech
 

What's hot (20)

PPTX
Computer Security 101
Progressive Integrations
 
PPT
System vulnerability and abuse
Prakash Raval
 
PPT
Computer security
Univ of Salamanca
 
PPTX
Computer Security risks Shelly
Adeel Khurram
 
PPT
Hacking
thajmohammed
 
PPTX
Cyber crime
Niraj Solanke
 
PPTX
Cyber-Espionage: Understanding the Advanced Threat Landscape
Aaron White
 
PPTX
Grade 7 Chap 10 Cyber Threats and Security
SultanaShaikh7
 
PPT
CYBER CRIME AND SECURITY
Sahil Vashishtha
 
PDF
Need For Ethical & Security Issue In It
Sonali Srivastava
 
PPTX
System failure
chrispaul8676
 
PPTX
Cyber Crime
AfnanHusain
 
PPTX
Introduction to Cyber Crime
Dr Raghu Khimani
 
PPT
11 Computer Privacy
Saqib Raza
 
PDF
Cyber Attack Analysis
codefortomorrow
 
PPTX
cyber_security
Jana Baxter
 
PPTX
Ethical hacking (legal)
Thangaraj Murugananthan
 
PPTX
Threats to information security
swapneel07
 
PPTX
Basic concepts in computer security
Arzath Areeff
 
PPTX
Mohammed tariq alsharhan
Ahmed Sleem
 
Computer Security 101
Progressive Integrations
 
System vulnerability and abuse
Prakash Raval
 
Computer security
Univ of Salamanca
 
Computer Security risks Shelly
Adeel Khurram
 
Hacking
thajmohammed
 
Cyber crime
Niraj Solanke
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Aaron White
 
Grade 7 Chap 10 Cyber Threats and Security
SultanaShaikh7
 
CYBER CRIME AND SECURITY
Sahil Vashishtha
 
Need For Ethical & Security Issue In It
Sonali Srivastava
 
System failure
chrispaul8676
 
Cyber Crime
AfnanHusain
 
Introduction to Cyber Crime
Dr Raghu Khimani
 
11 Computer Privacy
Saqib Raza
 
Cyber Attack Analysis
codefortomorrow
 
cyber_security
Jana Baxter
 
Ethical hacking (legal)
Thangaraj Murugananthan
 
Threats to information security
swapneel07
 
Basic concepts in computer security
Arzath Areeff
 
Mohammed tariq alsharhan
Ahmed Sleem
 
Ad

Viewers also liked (9)

PPTX
Cos 432 web_security
Michael Freyberger
 
PPTX
Web application security
Jin Castor
 
PPT
Web Based Security
John Wiley
 
PPTX
Social engineering-Attack of the Human Behavior
James Krusic
 
PPTX
Social engineering
Alexander Zhuravlev
 
PPTX
Social engineering presentation
pooja_doshi
 
PPTX
Presentation of Social Engineering - The Art of Human Hacking
msaksida
 
PPTX
Social Engineering
Cyber Agency
 
PPT
Web Security
Bharath Manoharan
 
Cos 432 web_security
Michael Freyberger
 
Web application security
Jin Castor
 
Web Based Security
John Wiley
 
Social engineering-Attack of the Human Behavior
James Krusic
 
Social engineering
Alexander Zhuravlev
 
Social engineering presentation
pooja_doshi
 
Presentation of Social Engineering - The Art of Human Hacking
msaksida
 
Social Engineering
Cyber Agency
 
Web Security
Bharath Manoharan
 
Ad

Similar to Web security (20)

PPTX
AN INTRODUCTION TO COMPUTER SECURITY TECHNIQUES.pptx
olisahchristopher
 
PPTX
Computer Security Presentation
PraphullaShrestha1
 
PPT
Complete notes security
Kitkat Emoo
 
PPTX
2014-09-03 Cybersecurity and Computer Crimes
Raffa Learning Community
 
PPTX
NETWORK SECURITY
afaque jaya
 
PPT
Ethical Hacking - Introduction to Computer Security
Vibrant Technologies & Computers
 
PPT
Ethical Hacking - Introduction to Computer Security
Vibrant Event
 
PPT
Introduction To Computer Security
Vibrant Event
 
PPTX
Trends in electronic crimes and its impact on businesses like yours
MotherGuardians
 
PPT
Hackers
Mohamed Boudchiche
 
PPT
Security for database administrator to enhance security
ssuser20fcbe
 
PPT
Computer Security
Greater Noida Institute Of Technology
 
PPT
How to become Hackers .
Greater Noida Institute Of Technology
 
PPT
Cyberterrorism
Varshil Patel
 
PPT
Cloud security
Tushar Kayande
 
PPTX
Cyber terrorism
Hiren Selani
 
PPT
Hackers Cracker Network Intruder
Erdo Deshiant Garnaby
 
PPTX
Week 11- 2 computer misuse slides .pptx
hassanarif1022
 
PPTX
Ransomeware and malware power point presentation
Parrie Vittiadarane
 
PPTX
It security the condensed version
Brian Pichman
 
AN INTRODUCTION TO COMPUTER SECURITY TECHNIQUES.pptx
olisahchristopher
 
Computer Security Presentation
PraphullaShrestha1
 
Complete notes security
Kitkat Emoo
 
2014-09-03 Cybersecurity and Computer Crimes
Raffa Learning Community
 
NETWORK SECURITY
afaque jaya
 
Ethical Hacking - Introduction to Computer Security
Vibrant Technologies & Computers
 
Ethical Hacking - Introduction to Computer Security
Vibrant Event
 
Introduction To Computer Security
Vibrant Event
 
Trends in electronic crimes and its impact on businesses like yours
MotherGuardians
 
Hackers
Mohamed Boudchiche
 
Security for database administrator to enhance security
ssuser20fcbe
 
Computer Security
Greater Noida Institute Of Technology
 
How to become Hackers .
Greater Noida Institute Of Technology
 
Cyberterrorism
Varshil Patel
 
Cloud security
Tushar Kayande
 
Cyber terrorism
Hiren Selani
 
Hackers Cracker Network Intruder
Erdo Deshiant Garnaby
 
Week 11- 2 computer misuse slides .pptx
hassanarif1022
 
Ransomeware and malware power point presentation
Parrie Vittiadarane
 
It security the condensed version
Brian Pichman
 

More from Jin Castor (17)

PPTX
Herbal Remedies for Migraine and Headache.pptx
Jin Castor
 
PPTX
Information security
Jin Castor
 
PPTX
Introduction to E-commerce
Jin Castor
 
PPTX
Introduction to Infographics Designing
Jin Castor
 
PPTX
Creative designing using Adobe Products
Jin Castor
 
PPTX
Introduction to Adobe Illustrator
Jin Castor
 
PDF
SEO Advanced and scalable link building
Jin Castor
 
PDF
Introduction to Web Designing
Jin Castor
 
PPTX
Introduction to search engine optimization
Jin Castor
 
PPTX
Web services protocols
Jin Castor
 
PPTX
Introduction to xampp
Jin Castor
 
PPTX
Drupal introduction
Jin Castor
 
PPTX
Control statements in Java
Jin Castor
 
PPT
Switch statements in Java
Jin Castor
 
PPT
Looping statements in Java
Jin Castor
 
PPTX
Java input
Jin Castor
 
PPTX
Java arrays
Jin Castor
 
Herbal Remedies for Migraine and Headache.pptx
Jin Castor
 
Information security
Jin Castor
 
Introduction to E-commerce
Jin Castor
 
Introduction to Infographics Designing
Jin Castor
 
Creative designing using Adobe Products
Jin Castor
 
Introduction to Adobe Illustrator
Jin Castor
 
SEO Advanced and scalable link building
Jin Castor
 
Introduction to Web Designing
Jin Castor
 
Introduction to search engine optimization
Jin Castor
 
Web services protocols
Jin Castor
 
Introduction to xampp
Jin Castor
 
Drupal introduction
Jin Castor
 
Control statements in Java
Jin Castor
 
Switch statements in Java
Jin Castor
 
Looping statements in Java
Jin Castor
 
Java input
Jin Castor
 
Java arrays
Jin Castor
 

Recently uploaded (20)

PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
Advanced Soft Computing BINUS July 2025.pdf
University of Hertfordshire
 
PDF
Advanced IT Governance
University of Hertfordshire
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Approach and Philosophy of On baking technology
30anthuong17
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Advanced Soft Computing BINUS July 2025.pdf
University of Hertfordshire
 
Advanced IT Governance
University of Hertfordshire
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 

Web security

  • 1. Internet & Web Security Prepared by: Jean Michael Castor
  • 2. Introduction • As of 1996, the Internet connected an estimated 13 million computers in 195 countries on every continent, even Antarctica . The Internet is not a single network, but a worldwide collection of loosely connected networks that are accessible by individual computer hosts in a variety of ways, including gateways, routers, dial-up connections, and Internet service providers.
  • 3. Introduction • The Internet is easily accessible to anyone with a computer and a network connection. Individuals and organizations worldwide can reach any point on the network without regard to national or geographic boundaries or time of day.
  • 4. Introduction • However, along with the convenience and easy access to information come new risks. Among them are the risks that valuable information will be lost, stolen, corrupted, or misused and that the computer systems will be corrupted. If information is recorded electronically and is available on networked computers, it is more vulnerable than if the same information is printed on paper and locked in a file cabinet.
  • 5. Introduction • Intruders do not need to enter an office or home, and may not even be in the same country. They can steal or tamper with information without touching a piece of paper or a photocopier. They can create new electronic files, run their own programs, and hide evidence of their unauthorized activity.
  • 6. Basic Security Concepts • Three basic security concepts important to information on the Internet are confidentiality, integrity, and availability. Concepts relating to the people who use that information are authentication, authorization, and nonrepudiation.
  • 7. Basic Security Concepts • Confidentiality - restricting access to information to authorized users. • Integrity - ensuring that stored data and data in transit are not modified unintentionally or maliciously. • Availability - ensuring that network services are not interrupted unintentionally or maliciously.
  • 8. Internet Security Today • What are the main security-related problems on the Internet Today? – Hijacked web servers – Denial-of-Service Attacks – Unsolicited Commercial E-Mail – Operator Error, Natural Disasters – Microsoft... – Probe – Scan – Packet Sniffer – Malicious Code
  • 9. Internet Security Today • What are not the major security-related problems? – Eavesdropped electronic mail. • (Misdirected email is a problem.) • (Email swiped from backup tapes is a problem.) – Sniffed credit card numbers. • (Credit card numbers stolen from databases is a problem.) – Hostile Java & ActiveX applets.
  • 11. Hijacked Web Servers • FBI – August 17, 1996 - Attacks on the Communications Decency Act. • CIA – September 18, 1996 - “Central Stupidity Agency” • NetGuide Live – “CMP Sucks.”
  • 12. Hijacked Web Servers • Attacker gains access and changes contents of web server. • Usually stunts. • Can be very bad: – Attacker can plant hostile applets. – Attacker can plant data sniffers – Attacker can use compromised machine to take over internal system.
  • 13. Hijacked Web Servers • Usually outsiders. • (Could be insiders masquerading as outsiders.) • Nearly impossible to trace.
  • 14. How do they do it? • Administrative passwords captured by a password sniffer. • Utilize known vulnerability: – sendmail bug. – Buffer overflow. • Use web server CGI script to steal /etc/passwd file, then crack passwords. • Mount the web server’s filesystem.
  • 15. How do you defend against it? • Patch known bugs. • Don’t run unnecessary services on the web server.
  • 16. How do you defend? • Practice good host security. • Monitor system for unauthorized changes. – Tripwire • Monitor system for signs of penetration – Intrusion detection systems
  • 17. How do you defend? • Make frequent backups. • Have a hot spare ready. • Monitor your system frequently.
  • 19. Denial-of-Service • Publicity is almost as good as changing somebody’s web server. – Attack on PANIX – Attack on CyberPromotions • Costs real money – Lost Sales – Damage to reputation
  • 20. Kinds of Denial-of-Service Attacks • Direct attack: attack the machine itself. • Indirect attack: attack something that points to the machine. • Reputation attack: attack has nothing to do with the machine, but references it in some way.
  • 21. Direct Denial-Of-Service Attack • Send a lot of requests (HTTP, finger, SMTP) – Easy to trace. – Relatively easy to defend against with TCP/IP blocking at router.
  • 22. Direct Denial-Of-Service Attack 2 • SYN Flooding – Subverts the TCP/IP 3-way handshake • SYN / ACK / ACK – Hard to trace • Each SYN has a different return address. – Defenses now well understood • Ignore SYNs from impossible addresses. • Large buffer pools (10 → 1024) • Random drop, Oldest drop.
  • 23. Indirect Denial-Of-Service Attack • Attack Routing • Attack routers (hard) • Inject bogus routes on BGP4 peering sessions (easy) – Accidents have been widely reported. – Expect to see an actual BGP4 attack sometime this year.
  • 24. Reputation-based Denial-Of-Service Attack • Spoofed e-mail To: everybody@AOL.COM From: astrology@mail.vineyard.net Subject: Call Now! Hello. My name is Jean Dixon … • We got 3.9MB of angry responses.
  • 26. Unsolicited Commercial E-Mail • Pits freedom-of-speech against right of privacy. • Consumes vast amounts of management time. • Drain on system resources.
  • 27. Who are the bulk-mailers? • Advertising for Internet neophytes. • Advertising for sexually-oriented services. • Advertising get-rich-quick schemes. • Advertising bulk-mail service.
  • 28. How do they send out messages? • Send directly from their site. • Send through an innocent third party. • Coming soon: – Sent with a computer virus or ActiveX applet
  • 29. How did they get my e-mail addresses? • Usenet & Mailing list archives. • Collected from online address book. – AOL registry. – University directory. • Guessed – Sequential CompuServe addresses. • Break into machine & steal usernames.
  • 31. Operator Error & Natural Disasters • Still a major source of data loss. • Hard to get management to take seriously. – Not sexy. – Preparation is expensive. – If nothing happens, money seems misspent.
  • 32. Operator Error • Accidentally delete a file. • Accidentally install a bad service. • Accidentally break a CGI script. • Psychotic break.
  • 33. Natural Disaster • Fire • Flood • Earthquake
  • 34. Solutions • Frequent Backups – Backup to high-speed tape. – Real-time backup to spare machines. – Make sure some backups are off-site. • Recovery plans. • Recovery center. • Test your backups & plans!
  • 36. Microsoft • Danger of homogeneous environment. • No demonstrated commitment to computer security. – Windows 95 is not secure. – Word Macro Viruses. – ActiveX – SMB • Windows NT …?
  • 37. Probe • A probe is characterized by unusual attempts to gain access to a system or to discover information about the system. One example is an attempt to log in to an unused account. Probing is the electronic equivalent of testing doorknobs to find an unlocked door for easy entry. Probes are sometimes followed by a more serious security event, but they are often the result of curiosity or confusion.
  • 38. Scan • A scan is simply a large number of probes done using an automated tool. Scans can sometimes be the result of a misconfiguration or other error, but they are often a prelude to a more directed attack on systems that the intruder has found to be vulnerable.
  • 39. Packet Sniffer • A packet sniffer is a program that captures data from information packets as they travel over the network. That data may include user names, passwords, and proprietary information that travels over the network in clear text. With perhaps hundreds or thousands of passwords captured by the sniffer, intruders can launch widespread attacks on systems.
  • 40. Malicious Code • Malicious code is a general term for programs that, when executed, would cause undesired results on a system. Users of the system usually are not aware of the program until they discover the damage. Malicious code includes Trojan horses, viruses, and worms. Trojan horses and viruses are usually hidden in legitimate programs or files that attackers have altered to do more than what is expected. Worms are self-replicating programs that spread with no human intervention after they are started.
  • 41. Malicious Code • Viruses are also self-replicating programs, but usually require some action on the part of the user to spread inadvertently to other programs or systems. These sorts of programs can lead to serious data loss, downtime, denial of service, and other types of security incidents.