Download
attack and malicious code n.
Skip this Video
Loading SlideShow in 5 Seconds..
Attack and Malicious Code PowerPoint Presentation
Download Presentation
Attack and Malicious Code

Attack and Malicious Code

124 Vues Download Presentation
Télécharger la présentation

Attack and Malicious Code

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Attack and Malicious Code Andrew Anaruk

  2. Denial of Service (DoS) Attacks Spoofing Social Engineering Attacks on Encrypted Data Software Exploitation Security Threats

  3. Denial of Service • SYN Floods • Smurf • Ping of Death • DDoS

  4. Spoofing • IP Address Spoofing • ARP poisoning • Web Spoofing • Man in the middle attacks • Social Engineering • DNS Spoofing

  5. “Thwart” Spoofing • Filter packets entering your network that have a source address of the local network • MAC Binding – Switches store the first MAC Address that appears on a port and it cannot be changed without authentication. • Educate users about Web Spoofing. Set home pages to secure sites. • DNS spoofing is prevented via securing DNS servers.

  6. Social Engineering • Occurs in the “World of People” • Try to by-pass the “what you know” aspect of authentication. • Dumpster Diving • Online Attacks • Web spoofing • E-mails prompting authentication information

  7. Social Engineering Countermeasures • Take Care of Trash • Paper Shredders or Locked Recycle Bins. • Bulk erase Magnetic Media before discarding. • Keep dumpsters in secure areas. • Train system users periodically • Educate users about Social Engineering Scams • Inform about the password policy. • Yada yada yada . . . User’s will still mess up.

  8. Attacks on Encrypted Data • Weak Keys • Mathematical Attacks • Password Guessing • Brute Force • Dictionary

  9. Software Exploitation • Malicious Software or Malware. • Almost an anagram for Walmart????? • Viruses • Backdoors • Trojan Horse • Logic Bombs • Worms