1 / 33

Network Forensics: Unveiling Cyber Intrusion Patterns

Dive into the world of cyber warfare to understand the tactics used by cyber warriors for intrusion. Explore encrypted hard disks, re-imaged boxes, USB response difficulties, and the rise in intrusion numbers. Discover the significance of IP end point analysis, log analysis, geolocation, and proxies. Delve into methods like spear phishing, exploiting vulnerabilities in applications and operating systems, weak passwords, and insider threats. Gain insights on protecting your network through firewall and UAC settings against malware upload tricks and malicious activities. Learn how network forensics helps uncover the who, what, how, when of attacks. Take proactive measures to prevent future breaches. Thank you for reading!

lilia
Télécharger la présentation

Network Forensics: Unveiling Cyber Intrusion Patterns

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Future Cyber Warriors

  2. Why Network Forensics? • Encrypted Hard Disks • Re-imaged Boxes • USB Response Difficulty • Increase in Number of Intrusions • IP End Point Analysis • Log Analysis • Geolocation • Proxies

  3. How do they get in? • Spear Phish • Links (Twitter) • Vulnerabilities • Applications • OS • Weak Passwords

  4. And Let’s Not Forget • The Insider Threat

  5. The Old Ping Scan

  6. Can’t We be Quieter ? • Use tcpdump with no IP • Listen Passively

  7. Zenmapcan be Indecisive • Accurate as the weather… • And noisy, so you will be noticed in Logs

  8. Getting a Better OS Guess

  9. Searching for 08 exploits

  10. Setting Options within Metasploit

  11. Exploiting the Victim • Firewall and UAC Enabled…

  12. Important Facts when you Hacks • Who are You? • How are you in? • Got PID? • Why no GUI?

  13. Step Right Up – Get Your Malware • How do you get malware on the victim? • Meterpreter upload • FTP Answer File • Write a BAT FILE • Use DEBUG to Compile • TFTP (not likely) • wget or curl (if Linux)

  14. You got caught doing bad things • At least rename your stuff

  15. I hate it when I get Dumped

  16. You don’t want to get Caned Either

  17. Help the Admin Manage Users

  18. Looking at the Traffic

  19. Snort Sees Bad People

  20. Summary • Hackers get in • Network Forensics may explain: • Who • How • What • When • At a minimum, endpoint analysis • Actions can help mitigate future attacks

  21. Thank You! Questions and Comments

More Related