1 / 21

Network and System Security Risk Assessment

Network and System Security Risk Assessment. --Introduction. Outline. Why to begin this subject? Network Security System Security What is in this course? Network protocols and problems System security configuration and programming 知己知彼,百战不殆。. some interesting examples. Conan

waynemwilliams
Télécharger la présentation

Network and System Security Risk Assessment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network and System Security Risk Assessment --Introduction

  2. Outline • Why to begin this subject? • Network Security • System Security • What is in this course? • Network protocols and problems • System security configuration and programming • 知己知彼,百战不殆。

  3. some interesting examples • Conan • Kevin Mitnick • And other hackers

  4. An interesting movie clip • Phreaking • is a slang term coined to describe the activity of a culture of people who study, experiment with, or explore telecommunication systems, such as equipment and systems connected to public telephone networks.

  5. An interesting interview • Kevin Mitnick interview • Kevin Mitnick attack in 1994

  6. Purpose of the Course • provide a basic introduction on common network and system security vulnerabilities; • Cultivate basic networking and system programming skills;

  7. Content of the Course • Analysis of packet structure • Packet sniffing • Port scanning…. • …. • Introduction to a number of threats and vulnerabilities of TCP/IP protocol stack: • ARP poison… • TCP SYN Flooding • ….

  8. Content of the Course • Cover some computer system security problems and programming • Firewall: iptables & netfilter • Kernel module • Rootkit • ….

  9. Experiments • Write simple programs: • backdoor; • sniffer; • Firewall; • Rootkit; • ….

  10. Expectation: • Get an in-depth understanding of TCP/IP protocol stack • Familiarize with usage of various network commands and tools • Master socket programming, netfilter, etc.

  11. Contents of Network Security • Protocols, Vulnerabilities, Attacks & Defences • ARP Protocol and ARP cache poisioning • IP protocol, packet sniffering, IP spoofing, IP fragmentation attacks • ICMP protocol and ICMP misbehaviors • TCP protocol, TCP session hijacking, SYN flooding attacks, DoS attacks, and DDoS attacks • IP Routing protocols and Attacks • DNS and Pharming • Port scanning and signature identification.

  12. Skills to be mastered • Various commands • Various tools

  13. Grading (subject to change) • Final Exam: 60% • Labs and Projects: 30% • Class Attendance: 10%

  14. Demo: Security Tricks • ARP Poisoning • Attackers use spoofed ARP message in LAN to associate MAC address and IP address in a malicious way to poison victim’s ARP cache • Netwox 80 –eth –ip –eth-dst --ip-dst

  15. Demo: Security Tricks • ICMP Redirect Attack • Attackers sends ICMP redirect message to user, spoofing as default route, to change the best routing to attacker itself • netwox 86 –gw 192.168.137.220 –src-ip 192.168.137.2

  16. Demo: Security Tricks • SYN Flooding Attacks: • Perform denial of service attack, attacker sends packets of SYN request message to target and never sends ACK message. • Netwox 76 –dst-ip --dst-port

  17. Demo: Security Attacks • Backdoor • Based on socket programming, this program will bind to a port and waits for a password • The program is with root priviledge

  18. Demo: Security Tricks • A packet sniffer: • Write a program to sniff packets on the local machine with libpcap • Compile self-defined rules

  19. Demo: security tricks • A simple packet filter: • Which will filter packets on lo interface, UDP packets, etc.

  20. Demo: Security Tricks • A simple rootkit to hide a process • When using ps, a process can be kept from shown

  21. Reference • http://baike.baidu.com/view/165032.htm • http://en.wikipedia.org/wiki/Kevin_Mitnick • http://www.cis.syr.edu/~wedu/Teaching/cis758/netw522/netwox-doc_html/html/examples.html

More Related