TAILIEUCHUNG - Lecture notes on Computer and network security: Lecture 30 - Avinash Kak

Lecture 30, mounting targeted attacks with trojans and social engineering - Cyber espionage. The goals of this chapter are: Can a well-engineered network be broken into? Socially engineered email lures, trojans and the gh0stRAT trojan, cyber espionage, exploiting browser vulnerabilities. | Lecture 30: Mounting Targeted Attacks with Trojans and Social Engineering — Cyber Espionage Lecture Notes on “Computer and Network Security” by Avi Kak (kak@) April 20, 2016 12:23am c 2016 Avinash Kak, Purdue University Goals: • Can a well-engineered network be broken into? • Socially engineered email lures • Trojans and the gh0stRAT trojan • Cyber espionage • Exploiting browser vulnerabilities CONTENTS Section Title Page Is It Possible to Break into a Well-Engineered Network? 3 Trojans 8 The ghOstRAT Trojan 14 Cyber Espionage 22 Cyber Espionage Through Browser Vulnerabilities 28 2 Computer and Network Security by Avi Kak Lecture 30 : IS IT POSSIBLE TO BREAK INTO A WELL-ENGINEERED NETWORK? • Consider an agent X who is determined to break into a network with the intention of stealing valuable documents belonging to an organization and for the purpose of conducting general espionage on the activities of the organization. • Assume that the targeted organization is vigilant about keeping up to date with the patches and with anti-virus software updates (Lecture 22). We also assume that the organization’s network operates behind a well-designed firewall (Lectures 18 and 19). Additionally, we assume that the organization hires a security company to periodically carry out vulnerability scans and for penetration testing of all its computers (Lecture 23). • We further assume that the computers in the targeted organization’s network are not vulnerable to either the dictionary or the rainbow-table attacks (Lecture 24). • In addition, we assume that X is physically based in a different country, which is not the same country where the organization’s 3 Computer and Network Security by Avi Kak Lecture 30 network is. Therefore, it is not possible for X to gain a James Bond like physical entry into the organization’s premises and install a packet sniffer in its LAN. • Given the assumptions listed above, it would seem that

• An ninh - Bảo mật
• Network security
• Lecture notes on Computer and network security
• Computer network
• Mounting targeted attacks
• Social engineering
• Cyber espionage
• Web security
• security rules
• encryption techniques
• security techniques
• Security chat rooms
• especially
• Network Security Tools
• CCNA Security
• Lecture CCNA Security
• Modern Network Security Threats
• Evolution of Network Security
• Drivers for Network Security
• Network Perimeter
• Network Perimeter Security
• Network Security Principles
• Cryptography
• IDS Tools
• CGI attacks
• network intruders
• Managing Security
• Wireless
• Wireless Network Security
• attack techniques
• defensive techniques
• operating system security
• application security
• security policy
• Network Security Fundamentals
• Guide to Network Security Fundamentals
• Information security
• Define information security
• Information security careers
• Operational security
• Harden physical security
• Secure the physical environment
• Mobile device security
• Lecture Network security
• Computer hacking
• Internet security
• Network security model
• Securing the Network Infrastructure
• Network cable plant
• Secure removable media
• Network security hacks
• Ebook Network security hacks
• Network security technologies
• Unix host security
• Windows host security
• Wireless Security
• Advanced security
• Computer forensics
• Harden security
• Network Management Security
• Management Security
• security mechanisms
• security services
• security architecture
• encryption system
• Security principles
• Effective authentication methods
• Control access to computer systems
• Security Baselines
• Disable nonessential systems
• Harden operating systems
• Protect e mail systems
• World Wide Web vulnerabilities
• Security policy cycle
• Risk identification
• Security management
• Identity management
• Plan for change management
• CompTIA® Security+
• CompTIA Security+ certification
• Linux file manipulation tools
• Internal physical security controls
• Network hardware security modules