Upload File

mis 5212.001 week 9 site:

8
ADVANCED PENETRATION TESTING MIS 5212.001 Week 9 Site: http:// community.mis.temple.edu/mis5212sec001s1 5/

Upload: phoebe-floyd

Post on 29-Dec-2015

213 views

Category:

Documents


1 download

Report

TRANSCRIPT

Page 1: MIS 5212.001 Week 9 Site:

ADVANCED PENETRATION TESTING

MIS 5212.001Week 9

Site: http://community.mis.temple.edu/mis5212sec001s15/

http://community.mis.temple.edu/mis5212sec001s15/
http://community.mis.temple.edu/mis5212sec001s15/
http://community.mis.temple.edu/mis5212sec001s15/
Page 2: MIS 5212.001 Week 9 Site:

MIS 5212.001 2

Tonight's Plan

In the news More Walk Through of WebGoat Next Week

Page 3: MIS 5212.001 Week 9 Site:

MIS 5212.001 3

In The News

Submitted http://www.cnet.com/news/fridge-caught-send

ing-spam-emails-in-botnet-attack/

http://arstechnica.com/security/2015/03/bogus-ssl-certificate-for-windows-live-could-allow-man-in-the-middle-hacks/

http://www.wired.com/2015/03/nsa_domains/?mbid=social_twitter

http://www.scmagazine.com/premera-blue-cross-attack-may-have-exposed-data-on-11m-customers/article/404052/

http://www.darkreading.com/the-7-best-social-engineering-attacks-ever/d/d-id/1319411

http://www.cnet.com/news/fridge-caught-sending-spam-emails-in-botnet-attack/
http://www.cnet.com/news/fridge-caught-sending-spam-emails-in-botnet-attack/
http://www.cnet.com/news/fridge-caught-sending-spam-emails-in-botnet-attack/
http://arstechnica.com/security/2015/03/bogus-ssl-certificate-for-windows-live-could-allow-man-in-the-middle-hacks/
http://arstechnica.com/security/2015/03/bogus-ssl-certificate-for-windows-live-could-allow-man-in-the-middle-hacks/
http://arstechnica.com/security/2015/03/bogus-ssl-certificate-for-windows-live-could-allow-man-in-the-middle-hacks/
http://arstechnica.com/security/2015/03/bogus-ssl-certificate-for-windows-live-could-allow-man-in-the-middle-hacks/
http://www.wired.com/2015/03/nsa_domains/?mbid=social_twitter
http://www.wired.com/2015/03/nsa_domains/?mbid=social_twitter
http://www.scmagazine.com/premera-blue-cross-attack-may-have-exposed-data-on-11m-customers/article/404052/
http://www.scmagazine.com/premera-blue-cross-attack-may-have-exposed-data-on-11m-customers/article/404052/
http://www.scmagazine.com/premera-blue-cross-attack-may-have-exposed-data-on-11m-customers/article/404052/
http://www.scmagazine.com/premera-blue-cross-attack-may-have-exposed-data-on-11m-customers/article/404052/
http://www.darkreading.com/the-7-best-social-engineering-attacks-ever/d/d-id/1319411
http://www.darkreading.com/the-7-best-social-engineering-attacks-ever/d/d-id/1319411
http://www.darkreading.com/the-7-best-social-engineering-attacks-ever/d/d-id/1319411
Page 4: MIS 5212.001 Week 9 Site:

MIS 5212.001 4

In The News

Submitted http://

thehackernews.com/2015/03/cardless-atm-smartphone.html

http://thehackernews.com/2015/03/google-play-store-app-review.html

http://www.newsy.com/videos/yahoo-s-password-free-login-has-its-own-set-of-problems/

http://www.csoonline.com/article/2898735/data-protection/corporate-culture-hinders-cyber-insurance-buy-in.html

http://thehackernews.com/2015/03/cardless-atm-smartphone.html
http://thehackernews.com/2015/03/cardless-atm-smartphone.html
http://thehackernews.com/2015/03/cardless-atm-smartphone.html
http://thehackernews.com/2015/03/google-play-store-app-review.html
http://thehackernews.com/2015/03/google-play-store-app-review.html
http://thehackernews.com/2015/03/google-play-store-app-review.html
http://www.newsy.com/videos/yahoo-s-password-free-login-has-its-own-set-of-problems/
http://www.newsy.com/videos/yahoo-s-password-free-login-has-its-own-set-of-problems/
http://www.newsy.com/videos/yahoo-s-password-free-login-has-its-own-set-of-problems/
http://www.csoonline.com/article/2898735/data-protection/corporate-culture-hinders-cyber-insurance-buy-in.html
http://www.csoonline.com/article/2898735/data-protection/corporate-culture-hinders-cyber-insurance-buy-in.html
http://www.csoonline.com/article/2898735/data-protection/corporate-culture-hinders-cyber-insurance-buy-in.html
http://www.csoonline.com/article/2898735/data-protection/corporate-culture-hinders-cyber-insurance-buy-in.html
Page 5: MIS 5212.001 Week 9 Site:

MIS 5212.001 5

In The News

What I noted http://www.dailydot.com/politics/federal-websi

tes-https-secure-proposal/

http://www.itworld.com/article/2897775/researchers-find-same-rsa-encryption-key-used-28000-times.html

http://www.forbes.com/sites/thomasbrewster/2015/03/17/apple-mac-gatekeeper-bypass-exacerbated-by-unencrypted-av-downloads/

http://krebsonsecurity.com/2015/03/dark-webs-evolution-market-vanishes/

http://www.dailydot.com/politics/federal-websites-https-secure-proposal/
http://www.dailydot.com/politics/federal-websites-https-secure-proposal/
http://www.dailydot.com/politics/federal-websites-https-secure-proposal/
http://www.itworld.com/article/2897775/researchers-find-same-rsa-encryption-key-used-28000-times.html
http://www.itworld.com/article/2897775/researchers-find-same-rsa-encryption-key-used-28000-times.html
http://www.itworld.com/article/2897775/researchers-find-same-rsa-encryption-key-used-28000-times.html
http://www.itworld.com/article/2897775/researchers-find-same-rsa-encryption-key-used-28000-times.html
http://www.forbes.com/sites/thomasbrewster/2015/03/17/apple-mac-gatekeeper-bypass-exacerbated-by-unencrypted-av-downloads/
http://www.forbes.com/sites/thomasbrewster/2015/03/17/apple-mac-gatekeeper-bypass-exacerbated-by-unencrypted-av-downloads/
http://www.forbes.com/sites/thomasbrewster/2015/03/17/apple-mac-gatekeeper-bypass-exacerbated-by-unencrypted-av-downloads/
http://www.forbes.com/sites/thomasbrewster/2015/03/17/apple-mac-gatekeeper-bypass-exacerbated-by-unencrypted-av-downloads/
http://krebsonsecurity.com/2015/03/dark-webs-evolution-market-vanishes/
http://krebsonsecurity.com/2015/03/dark-webs-evolution-market-vanishes/
http://krebsonsecurity.com/2015/03/dark-webs-evolution-market-vanishes/
Page 6: MIS 5212.001 Week 9 Site:

MIS 5212.001 6

WebGoat

Injection Flaws: Command Injection: " & netstat -ant &

ifconfig“ Numerical SQL Injection: or 1=1 Log Spoofing XPATH Injection String SQL Injection Modifying Data with SQL Injection Adding Data with SQL Injection Blind Numeric SQL Injection Blind String SQL Injection

Page 7: MIS 5212.001 Week 9 Site:

MIS 5212.001 7

Next Week

Test 2 Intro to Wireless

Page 8: MIS 5212.001 Week 9 Site:

MIS 5212.001 8

Questions

?


MIS 0855 Fall 2016 – Data Sciencecommunity.mis.temple.edu/mis0855sec005fall16/files/2016/08/Week-01... · MIS 0855 Fall 2016 – Data Science Week 1 ... Communicate analyses and

Fox MIS Spring 2011 Database Week 6 Mid-term Review

WEEK 10 - Temple MIS

week 12 MIS

MIS 5211.001 Week 11 Site:

MIS 5211.001 Week 6 Site:

Protecting Information Assets - Temple MIS › mis5206sec701fall... · Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption ... MIS 5206 Protecting Information

MIS 5211.001 Week 1 Site:

Oakland University: SBA-MIS 405: Business Data Communications & Networking1 MIS 405: Week 2 Data Communication Al Fields, Instructor

MIS 5211.001 Week 5 Site:

MIS 0855 Fall 2016 – Data Science€¦ · MIS 0855 Fall 2016 – Week 2 – Data, Information, Knowledge 6 MIS 0855 – Data Science Min-Seok Pang – Sep.08.2016 Knowledge –

MIS 3534 Spring 2015 – Strategic Management of …...MIS 3534 – Strategic Management of Information Technology MIS 3534 Spring 2015 – Week 3 – IT and Competitive Strategy (II)

MIS 5203 Week 1 -1 Presentation · MIS 5203 Systems & Infrastructure Lifecycle Management 1 Week 10 March 24, 2016 . Systems & Infrastructure ... F. Object-Oriented Programming G

MIS 3534 Fall 2016 Strategic Management of Information ......MIS 3534 Fall 2016 –Week 2 –IT and Competitive Strategies (I) 4 MIS 3534 –Strategic Management of Information Technology

Week 10: Valuing Information Systems Investments MIS 2101: Management Information Systems

MIS 5212.001 Week 4 Site:

MIS 218A Multimedia for the Web Andy Stokes Week 1

MIS 5211.001 Week 3 Site:

Week 10 - Temple MIS...Week 10 MIS 5214. Agenda •Project •Authentication –Biometrics •Access Control Models •Access Control Techniques •Centralized Remote Access Control

What MIS Brings to the Table & What MIS Needs From Your Area MIS 495 - Week 8

MIS 0855 Fall 2016 – Data Science€¦ · MIS 0855 Fall 2016 – Data Science. Week 11 – Predictive Analytics. MIS 0855 Fall 2016 – Week 11 – Predictive Analytics 2 MIS 0855

MIS 3534 Spring 2015 – Strategic Management of ...€¦ · 3 Min-Seok Pang – Feb.23.2015 MIS 3534 Spring 2015 – Week 7 – IT Governance MIS 3534 – Strategic Management of

MIS- AHLAEI week 1

1 Week 11: Evaluating Emerging Technology Trends MIS 2101

MIS 5211.001 Week 2 Site: 1

MIS 5211.001 Week 8 Site:

MIS 5208 Week 2 Fraud Detection & Preventioncommunity.mis.temple.edu/mis5208sp2016/files/2015/01/MIS-5208-Week...Key Data Vendor Name, Address, Bank Information Clerks & Vendor Duplicate

MIS 5211.001 Week 9 Site:

Fox MIS Spring 2011 Database Week 6 ERD and SQL Exercise

MIS 5203 Week 1 -1 Presentation...MIS 5203 Week 1 -1 Presentation Author: Kumar, Vasant Created Date: 1/29/2016 12:07:55 AM

MIS 3537: Internet & Supply Chains Prof. Sunil Wattal Week 1: Introduction

MIS 3534 Fall 2016 – Strategic Management of Information ......MIS 3534 – Strategic Management of Information Technology Min-Seok Pang – Oct.24.2016 MIS 3534 Fall 2016 – Week

MIS 5212.001 Week 5 Site:

MIS 5211.001 Week 4 Site:

MIS 5212.001 Week 2 Site: