![Page 1: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/1.jpg)
الرحيم الرحمن الله بسم
By: Mohamed Ahmed Mohamed Ali
UNIVERSITY OF KHARTOUM
Faculty of Mathematical Sciences
Info. security
![Page 2: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/2.jpg)
الهجمات ATTACKS
استغالل إلى يهدف متعمد فعل هي الهجمةالمعلومات . نظام في الموجودة الثغرات
االستغاللEXPLOIT أو لتدمير تهدف طريقة هومعين . معلومات نظام تخريب
Info. security
![Page 3: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/3.jpg)
HACKERS
الكمبيوتر برامج يستعملون أو ينشئون الذين األشخاص همأو قانونية غير بصورة المعلومات إلى للوصول تهدف التي
و . المعلومات لنظام أو للمتلقي معينة خدمة وصول لتأخيريقومون تلك القرصنة عملية في المتخصصين أن نجد
جديدة . برامج بتصميم Hackers are experts in computer technology who
take great pleasure in solving software problems, frequently by circumventing the established rules. Often, these experts are tempted by the power of their skills and become criminals. They can steal money, pilfer data, or crash computer systems intentionally
Info. security
![Page 4: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/4.jpg)
CRACKERS
بالهجوم يقومون الذين األشخاص على يطلق مصطلح هومن النشر حقوق و النسخ من المحمية البرامج بعض على. البرامج تلك بنسخ والقيام الحماية تلك إزالة محاولة خالل
cracking (also called black-hat hacking) is the act of compromising the security of a system without permission from an authorized party, usually with the intent of accessing computers connected to the network (the somewhat similar activity of defeating copy prevention devices in software with the intent of using the software illegally is addressed at software cracking). ...
Info. security
![Page 5: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/5.jpg)
الثغرات VULNERABILITIES
: مثل عوامل لعدة نتيجة هو الثغرات وجود إن-TCP/IP SECURITY HOLES-SERVICE VULNERABILITIES-INTERNET TOPOLOGY-SOFTWARE BUGS-BAD SYSTEM CONFIGURATION
Info. security
![Page 6: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/6.jpg)
الهجوم عملية STAGESمراحلOF THE ATTACK PROCESS
1 -اإلكتشافDISCOVERY 2 -اإلختراقPENETRATION 3 -التحكمCONTROL
Info. security
![Page 7: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/7.jpg)
اإلكتشاف DISCOVERY
في بالبحث الهجوم منفذ يقوم المرحلة هذه خاللنقاط و الثغرات إلكتشاف المنظمة محيط
يقوم . أن يمكن التي المعلومات من و الضعفاكتشافها : بمحاولة الشخص
. الشركة مثل* معلومات اإلتصال و التوصيل طرقDNS.
. التشغيل قبل* نظم من المقدمة الخدماتالشركة .
Info. security
![Page 8: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/8.jpg)
اإلختراق PENETRATION
البدء في الهجوم منفذ يقوم المرحلة هذه عندلداخل خالله من يعبر حتى النظام أمن بمراوغة
تقويض . في االولى المرحلة هي و المعلومات نظاماألمني النظام
Info. security
![Page 9: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/9.jpg)
التحكم CONTROL
الحاجز كسر من تمكنه بعد الهجوم منفذ يقومفي اإلختراق هذا تمكين و تمديد محاولة من األمني
من ممكن قدر أكبر على للحصول اتجاهات عدةالثغرات .
النظام جعل هو الشهيرة التحكم أمثلة ومنتنصيب و الهجوم منفذ أوامر بتنفيذ يقوم المخترق
األدوات و النظام داخل به الخاصة البرامج بعضثغرات خلق و اإلختراق فترة إطالة في المساعدة
أخرى .
Info. security
![Page 10: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/10.jpg)
المحتملة للهجمات أمثلة
IP SPOOFING بتزوير الهجوم منفذ IP SOURCEيقوم
ADDRESS لعنوان قبله من المرسلة للحزمآخر قبل IP ADDRESSمصدر من بها موثوق
الثغرة . هذه و شرعي دخول على للحصول النظامالعناوين . تلك من التأكد في لقلة نتيجة هي
Info. security
![Page 11: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/11.jpg)
SOURCE ROUTING
تعديلSource Route field in TCP header لنشرخالل من الهجوم بمنفذ الخاصة الحزم من العديد
النظام .( )Man in the middle attackأجهزة
Info. security
![Page 12: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/12.jpg)
CONNECTION HIJACKING
اإلتصال خط ازدحام بقياس الهجوم منفذ يقوماإلتصال بسرقة يقوم ثم التصنت برامج باستخدام
المتتابعة . اإلتصال ارقام بتوقع وذلك
Info. security
![Page 13: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/13.jpg)
DENIEL OF SERVICE
TCP SYN FLODDING ATTACK(Due to TCP/IP lack of Authentication, system resource limitations)
SYN
SYN
SYN+ ACK.
ACK+DATA
SYNSYN
SYN
NORMAL FLOOD
Info. security
![Page 14: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/14.jpg)
DENIEL OF SERVICE
PING OF DEATH)TCP/IP vulnerability(
Echo
Echo+reply
Echo with large size
NORMAL
Info. security
![Page 15: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/15.jpg)
DENIEL OF SERVICE
-SMURF(ICMP))Vulnerability due to TOPOLOGY (
ECHOECHO
ECHO ECHO
TARGET
Info. security
![Page 16: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/16.jpg)
DENIAL OF SERVICE
-DATA DRIVEN ATTACKS -CROSS-SITE SCRIPTING (WWW SERVICES)
برنامج بإرسال الهجوم منفذ خدمة CODEيقوم طلب معخالل من الخدمة تنفيذ يتم و الخدمة مقدم من انترنت
SERVER.
-E-MAIL SPOOFING . -E-MAIL BORNE VIRUSES . -E-MAIL SPAM .(SPAM" mail is the practice of sending
massive amounts of e-mail promotions or advertisements (and
scams) to people that have not asked for it )
Info. security
![Page 17: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/17.jpg)
Back doors
An attacker can gain access to a system or network resources through a back door.
This attack is hard to detect, because the programmer who puts the back door also access it.
Info. security
![Page 18: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/18.jpg)
Brute Force
كلمة لتخمين الممكنة اإلحتماالت كل حساب هوالمرور.
Info. security
![Page 19: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/19.jpg)
Password Crack
خرق أو للنظام المرور كلمة على الحصول محاولة. المرور كلمات بحفظ الخاصة النظام ملفات
Security Account Manager (SAM) The file that contains the hashed representation of
the user’s password.
Info. security
![Page 20: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/20.jpg)
Dictionary
ال طرق من أخرى لتخمين Brute Forceطريقةفي البحث نطاق بتضييق وتكون المرور كلمات
بكثرة مستخدمة مرور The Dictionary fكلمات بدالالعشوائي . البحث من
Info. security
![Page 21: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/21.jpg)
Timing Attack
ال تحتويه ما معرفة و باستكشاف يتم webوbrowser Cache بالسماح الهجوم يكون و ،
مدمرة أوامر بإنشاء المواقع و الصفحات لمصمموقت أي في استغاللها يمكن
Info. security
![Page 22: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/22.jpg)
Sniffers
البيانات مراقبة خالله من يمكن جهاز أو برنامج هوالشديدة . المخاطر من و الشبكة خالل المنقولة
خالل من دائما يعمل و اكتشافه يمكن ال أنه .TCP/IPبروتوكول
بال البرامج هذه Packet Sniffersتعرف
Info. security and computer crimes preventionInfo. security
![Page 23: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/23.jpg)
األمنية اإلستراتيجياتSECURITY STRATEGIES
العديد اعتبار علينا يجب األمنية اإلجراءات لتطبيق: تشمل التي و األساسية المفاهيم من
الصالحيات LEAST PRIVILEGEتقليل العمق من DEFENCE IN DEPTHالدفاع اإلختناق CHOKE POINTنقطة األضعف WEAKEST LINKالحلقة ) (0 واقفا FAIL-SAFE STANCEالسقوطUniversal ParticipationDiversity of DefenseSecurity throw Obscurity
Info. security
![Page 24: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/24.jpg)
الصالحيات LEASTتقليلPRIVILEGE
لكافة توضع أن على يعتمد و أمني مفهوم أهم هو وو مستخدمين من النظام مع المتعاملة المكونات
قليلة ... . و محددة صالحيات الخ مشرفين و برامجلهم . الموكلة المهام بإنجاز فقط تسمح والتي
Info. security
![Page 25: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/25.jpg)
الصالحيات LEASTتقليلPRIVILEGE
Advantages : Limiting your exposure to attack. Limit changes made by attacks. e.g. (every user
doesn't need to modify or read every file)
1. The default configuration of O.S is (most privilege)
2. Failures of following least privilege on internet because the send mail program which run as a root and can easily be attacked.
Info. security
![Page 26: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/26.jpg)
الصالحيات LEASTتقليلPRIVILEGE
Disadvantages : Complex to implement when it doesn’t a design
feature in a program. You may end up implementing something less
than least privilege.
Info. security
![Page 27: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/27.jpg)
العمق من DEFENCE INالدفاعDEPTH
عدم حيث من األمن تطبيق المفهوم هذا يعالج ومهما فريدة و وحيدة أمنية طريقة على اإلعتماد
الطرق . من بعدد القيام بل قوتها درجة كانتاألخرى فتكون إحداها اختراق تم إذا حتى األمنية
لها اإلحتياطية الطريقة تتم BACKUPبمثابة بها والدفاعية الطرق أحد في خطأ حدوث معالجة
المتبعة .
Info. security
![Page 28: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/28.jpg)
العمق من DEFENCE INالدفاعDEPTH
Make the attacker attempt to risky. By provide multiple mechanisms of security.
Network security (firewall), host security and human security by education.
Info. security
![Page 29: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/29.jpg)
العمق من DEFENCE INالدفاعDEPTH
Disadvantages : It provide protection against failure of one level of
defense. It works isolated from each other.
Info. security
![Page 30: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/30.jpg)
اإلختناق CHOKEنقطةPOINT
منفذي على الخناق تضييق طريقها عن يتمقناة باستخدام محاوالتهم عند بإجبارهم الهجمات
بها . التحكم و مراقبتها يسهل ضيقة الموجه و الناري الجدار , FIREWALLمثل
ROUTER.
Info. security
![Page 31: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/31.jpg)
اإلختناق CHOKEنقطةPOINT Firewall between your site and the internet. Disadvantages :
Choke point is useless if there is an effective way for attacker to go around it.
The attacker can attacks unsecured dial-up lines rather than go throw firewall.
Solutions:
Split your attention among different possible attacks.
Info. security
![Page 32: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/32.jpg)
األضعف WEAKESTالحلقةLINK
) قوية تكون الحلقة أن هنا األساسي األمني المعتقدالحلقة ) تعتبر و بها األضعف الحلقة قوة بمقدار
يتم حتى الهجمات منفذي أنظار محط هي األضعفللتركيز الحاجة جاءت هنا من و خاللها من العبور
لتحمل كافية بصورة قوية بجعلها اإلهتمام و عليهاالمختلفة . الهجمات
Info. security
![Page 33: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/33.jpg)
األضعف WEAKESTالحلقةLINK
E.g. if attackers can attack you throw the network and physically, you can allow physical security to be the weakest link.
Host security suffers from the existence of nasty interaction between choke points and weak links, no choke points mean very large number of links that may be very weak.
Info. security
![Page 34: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/34.jpg)
) (0 واقفا FAIL-SAFEالسقوطSTANCE
الهجوم حصول الممكن من بأنه المفهوم هذا يتعاملعند يجب لكن ، إعاقته أو النظام تدمير محاولة و
إعاقة على قادر النظام يكون أن اللحظة تلكالنظام بإيقاف الهجوم تأخير و FAILالمحاولة
SAFELY قد الخدمة تكون الحالة هذه في و ،المصرح أو الشرعيين المستخدمين عن حتى توقفت
بأن للهجوم بالسماح مقارنة مقبول ضرر هو و لهم. f كامال يتم
األمني المشرف قبل من هنا الموقف تقدير ويتمالمقدمة . الخدمة طبيعة بحسب النظام على
Info. security
![Page 35: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/35.jpg)
) (0 واقفا FAIL-SAFEالسقوطSTANCE
من نوعان :Fail-safe Stanceهناك Default deny stance
Specify only what you allow and prohibit everything else.
Default permit stance Specify only what you prohibit and allow
everything else.
Info. security
![Page 36: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/36.jpg)
Default deny stance
What you don’t know can hurt you . Examine the services your users want. Consider the security implications of these
services and how you can safely provide them. Allow only the services that you understand, can
provide safely, and see a legitimate need for.
Info. security
![Page 37: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/37.jpg)
Default permit stance
Most users and managers prefer the default permit stance, they tend to assume the everything will be by default permitted, and that certain specific services will be prohibited as necessary: Users are not allowed to set up unauthorized
servers .
Info. security
![Page 38: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/38.jpg)
Universal Participation
Needs : Every one must report strange happenings that
might be security related. People must choose good passwords.
How do you get everyone to participate ? voluntary (to convince them ) Involuntary (some one with power )
Info. security
![Page 39: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/39.jpg)
Diversity of Defense
Means you need not only multiple layers of defense, but different kind of defense : Using two packet filtering from different vendors. Advantages : reducing the chances of a common
bugs or configuration errors.
Info. security
![Page 40: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/40.jpg)
Diversity of Defense
Disadvantages : complexity , cost, take additional time and effort for your
staff to learn how to deal with these different systems, take long time to implement.
How you create diversity of weakness instead of diversity of defense? e.g. using 2 different packet filtering, one of them in front of
the other – help protect you from weakness in either one (sequential) .
Each separately allow traffic to come in – make you vulnerable to 2 different problems .
Info. security
![Page 41: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/41.jpg)
Diversity of Defense
Two different systems with different companies names on the front may have more in common : System of the same type share the inherit
weaknesses of the technology. Systems configured by the same people are
probably configured with the same weaknesses. Many different systems share the same code for
things like TCP/IP protocol stacks is rarely written from scratch
Info. security
![Page 42: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/42.jpg)
Security Throw Obscurity
Means protecting things by hiding them e.g.
Put a machine in the internet and figuring no body will try to break into it because you haven’t told anybody it is there.
Info. security
![Page 43: بسم الله الرحمن الرحيم By: Mohamed Ahmed Mohamed Ali UNIVERSITY OF KHARTOUM Faculty of Mathematical Sciences Info. security](https://reader030.vdocument.in/reader030/viewer/2022032704/56649d785503460f94a5a599/html5/thumbnails/43.jpg)
Security Throw Obscurity
This mechanism is bad when : It is the only method. There isn’t any real obscurity involved. It prevent people from accurately determining
what level of security the product provides. It gives people irrational confidence.
Info. security