Download - Protection from hacking attacks
![Page 1: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/1.jpg)
PROTECTION FROM HACKING ATTACKS
By Sugirtha Jasmine M (ME Cyber Security)Information Security Analyst
![Page 2: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/2.jpg)
1.MALWARES
• Malware is a collective term for any malicious software which enters system without authorization of user of the system.• The term is created from merging
the words malicious and softwares
![Page 3: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/3.jpg)
Types of Malwares
• VIRUS (VITAL INFORMATION RESOURCES UNDER SEIZE)
• A Virus is computer program that executes when an infected program is executed.
• On MS-DOS system, these files usually have the extensions .exe, .com, .bat, .sys
• Virus always needs a trigger to execute itself and after execution itself and after execution they leave the memory part.
![Page 4: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/4.jpg)
• Types of VirusBoot sector VirusFile infecting VirusesPolymorphic virusesStealth VirusesMulti Partite Viruses
![Page 5: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/5.jpg)
• Boot sector VirusesBoot sector viruses are those that
infect the boot sector on a computer system
• File infecting Virusesare unsurprisingly viruses that infect
files. Sometime these viruses are memory resident
![Page 6: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/6.jpg)
• Polymorphic Virusesit change their appearance with each
infection. Such encryption viruses are usually difficult to detect because they are better at hiding themselves from antivirus software.
• Stealth Virusesit attempt to hide from both the
operating system and anti-virus software.• Multi partite viruses
it infects both boot sector files and executable files.
![Page 7: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/7.jpg)
HOW VIRUSES SPREAD?
![Page 8: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/8.jpg)
WORMS
• Worms are constructed to infiltrate legitimate data processing programs and alter or destroy the data.• It do not replicate themselves
![Page 9: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/9.jpg)
TROJAN HORSES
• A trojan horse is a destructive program that has been concealed in an innocuous piece of software• It is not viruses because they do
not reproduce themselves and spread as viruses do.
![Page 10: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/10.jpg)
LOGIC BOMBS
• Writing a logic bomb program is similar to trojan horses.• It depends on time and date
![Page 11: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/11.jpg)
BOTS AND BOTNETS
• A bot is a program that operates automatically as an agent for a user or another program
• Hackers forward bots to the victim system
• It also used for mass spam mailings, installing key logging software that can steal victims password and data.
![Page 12: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/12.jpg)
VULNERABILITY TO MALWARE
• Use of the same operating system• Software bugs• Over privileged users• Unconfirmed code
![Page 13: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/13.jpg)
ANTI-MALWARE STRATERGIES
• Anti viruses and Anti malware software• Website Security Scans• Eliminating Over Privileged Scan
![Page 14: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/14.jpg)
MALWARE DETECTION TECHNIQUES
• Signature based malware detection techniques• Specification based detection• Behavior based detection
![Page 15: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/15.jpg)
COUNTER MEASURES
• Vaccine Software and Keep it Up-to-date• Email attachment File Should be scanned• Downloaded file should be scanned• For application utilize security functions• Security patches should be applied• Symptoms of Virus infection must be
Overlooked• Incase of emergency data should be Backed up
![Page 16: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/16.jpg)
NETWORK INTRUSION
• Computer Networks that are currently to the internet are vulnerable to a variety of exploits that can compromise their intended operations.
![Page 17: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/17.jpg)
TYPES OF INTRUSION
• Non TechnicalSocial Engineering attackPretextingPhishingSmishingVishingTabnabbing
![Page 18: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/18.jpg)
• Technical Intrusion DOSInput ValidationKeyloggersSniffing
![Page 19: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/19.jpg)
Non Technical Intrusion
• Social Engineering IntrusionAs humans we are bound by both nature
and nurture to the social contract which, like many contracts, might be twisted to our disadvantage. Such twisting is called Social Engineering.
![Page 20: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/20.jpg)
• Common types of social EngineeringHuman Based
ImpersonationImportant UserDumpster DivingShoulder Surfing
![Page 21: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/21.jpg)
• Computer BasedPopup WindowsMail AttachmentsSpamWebsites
![Page 22: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/22.jpg)
• PretextingPretexting is an act of creating and using
an invented scenario to obtain information from the target, usually over the telephone.
![Page 23: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/23.jpg)
• Phishingit uses both social engineering and
technical activities to to steals consumers personal identity data and financial account credentials.
![Page 24: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/24.jpg)
• SmishingSmishing is the cell phone equivalent to
“Phishing” , text messages that lead you to a counterfeit web site trying to get your personal information using SMS.
![Page 25: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/25.jpg)
• VishingVoIP Phishing is an electronic fraud tactic
in which individuals are tricked in to revealing critical financial or personal information to unauthorized entities
![Page 26: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/26.jpg)
TECHNICAL INTRUSION
• DOSTo make service unavailable.TypesPing of DeathLAND attackTear drop attackSYN flood attackICMP flood attackSmurf attack
![Page 27: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/27.jpg)
• Ping of DeathAn attacker sends an ICMP echo request
packet that is larger than the maximum packet size.Since the received ICMP echo packet is larger than the normal IP packet size. The target cant reassemble the packets. So the OS crashes or reboot
![Page 28: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/28.jpg)
• LAND AttackWhen the attacker initiates a SYN
Flood attack using the IP address of the victim as source and destination IP address, then it is said that the attacker has launched a LAND ATTACK.
![Page 29: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/29.jpg)
• Tear Drop AttackThis type of attack deals with
fragmentation and reassembly of IP Packets. The IP header contains the necessary fields to handle fragmentation issues
![Page 30: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/30.jpg)
• SYN Flood AttackAn attacker could deliberately flood the
server with TCP SYN segments without acknowledging back the server SYN response.
![Page 31: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/31.jpg)
• ICMP Flood AttackSimilar to the SYN flood attack, an ICMP
flood attack takes place when an attacker overloads its victim with huge number of ICMP echo request with spoofed source IP address.
![Page 32: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/32.jpg)
Smurf attackit is a type of network level DOS attack
using ICMP echo replies from computer in the same broadcast network by sending forged ICMP echo request
![Page 33: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/33.jpg)
• DDOS Attackthe attacks come from multiple host or
system
![Page 34: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/34.jpg)
• Input ValidationInput Validation Attacks are where an attacker intentionally sends unusual input in the hopes of confusing the application.SQL InjectionSQL injection is an attack in which malicious code is inserted in to strings that are later passed to an instance of SQL Server.Manual or Using Tools
![Page 35: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/35.jpg)
• Blind SQL InjectionIt is used when a web application is
vulnerable to an SQL injection but the results of the injection are not visible to the attacker.
![Page 36: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/36.jpg)
• XSS Cross site scriptingis generally believed to be one of the most common application layer hacking techniques. In general cross site scripting refers to that hacking techniques that leverages vulnerabilities in the code of the web application to allow an attacker to send malicious content from an end user and collect some type of data from the victim
![Page 37: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/37.jpg)
• BUFFER OVERFLOW– An Buffer overflow occurs when a progress or
program running on your computer system uses more memory than it was allocated and has to store the extra data in the temporary location called a buffer overflow
![Page 38: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/38.jpg)
• KEY LOGGERThis is the one of the simplest method
for hacking the computer. A keylogger is a piece of hardware or software that logs everything someone types.
![Page 39: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/39.jpg)
• SNIFFINGSniffing is observing packets passing by on the network. It is a popular way to steal data from the network, usually in form of passwords, ID Names, etc
![Page 40: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/40.jpg)
• SESSION HIJACKING– It is the exploitation of a valid computer session ,
sometimes called a session key. To gain unauthorized access to information or services in a computer system
![Page 41: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/41.jpg)
PASSWORD INTRUSION
• Any attack designed to allow an unauthorized user access to an authorized password
Types of password attacksDefault passwordDictionary PasswordBruteforce Password
![Page 42: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/42.jpg)
BACKDOOR
• A secret or underhand means of access (to a place or a position) or an undocumented way to get access to a computer system
![Page 43: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/43.jpg)
ROOTKITS
• A rootkits is a collection of programs that enable administrator-level access to a computer or computer network.
![Page 44: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/44.jpg)
MONITORING TOOLS
• The term monitoring or network monitoring describes the use of a system that constantly monitors a computer network for slow or failing components and that notifies the network administrator.
![Page 45: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/45.jpg)
ART OF GOOGLING
• Google search or Google web search is a web search engine owned by Google.
• And it is the most used search engine on the web.
• Google receives several hundred million queries each day through its various services.
• Biggest database
![Page 46: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/46.jpg)
• GOOGLE SEARCH• I’M FEELING LUCKING• ADVANCED SEARCH• PREFERENCES• LANGUAGE TOOL• GOOGLE AS A PROXY SERVER
![Page 47: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/47.jpg)
SEARCHING TECHNIQUES
• Basic Search Technique• Advance search Technique
![Page 48: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/48.jpg)
BASIC SEARCH TECHNIQUES
• Basic Keyword Search• Phrase Search “jbbub”• Operator Search + or – • Range Search eg: jdk 1.3.1.6
![Page 49: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/49.jpg)
ADVANCE SEARCHING TECHNIQUES
• Site Operator .gov .com• InTitle Operator intitle: index of master name• Inurl operator inurl:etc/passwd• File type Operator• Link Operator• Cache operator• Phonebook Operator
![Page 50: Protection from hacking attacks](https://reader036.vdocument.in/reader036/viewer/2022062503/58e4a61a1a28abbb038b46eb/html5/thumbnails/50.jpg)
THANK YOU