TAILIEUCHUNG - Lecture Professional Practices in IT: Lecture 19 - Saqib Iqbal

Lecture 19 - Hacking. After studying this chapter you will be able to understand: Security is much larger than just packets, firewalls, and hackers. Security includes: Policies and procedures; liabilities and laws; human behavior patterns; corporate security programs and implementation; technical aspects- firewalls, intrusion detection systems, proxies, encryption, antivirus software, hacks, cracks, and attacks. | Lecture 19 Hacking WHAT IS NETWORK SECURITY? Security is much larger than just packets, firewalls, and hackers. Security includes: Policies and procedures Liabilities and laws Human behavior patterns Corporate security programs and implementation Technical aspects- firewalls, intrusion detection systems, proxies, encryption, antivirus software, hacks, cracks, and attacks Understanding hacking tools and how attacks are carried out is only one piece of the puzzle. 2 ATTACKS THERE ARE MANY TYPES OF ATTACKS SPOOFING ATTACK TELNET BASED ATTACK DOS (Daniel of service) ATTACK PING OF DEATH DISTRIBUTED DOS ATTACK MAILBOMBS NEED FOR SECURITY SOME EXELLENT SOFTWARE CAN PROVIDE YOU BEST SECURITY LIKE TROJAN FIREWALL TROJAN WINDOWS TROJANS ARE SMALL ASPECT OF WINDOWS SECURUTY TROJAN IS UNOTHORIZED PROGRAM CONTAINED WITHIN A LEGIMATE PROGRAM THIS PROGRAM PERFORMS FUNCTION UNKNOWN BY USER FIREWALL FIREWALL IS ANY DEVICE USED TO PREVENT OUTSIDERS FROM GAINING ACCESS TO YOUR NETWORK TYPES OF FIREWALLS PACKET FILTER APPLICATION PROXY PACKET INSPECTION Common Steps for Attackers Reconnaissance Intelligent work of obtaining information either actively or passively Examples: Passively: Sniffing Traffic, eavesdropping Actively: Obtaining data from American Registry for Internet Numbers (ARIN), whois databases, web sites, social engineering 7 Common Steps for Attackers Scanning Identifying systems that are running and services that are active on them Examples: Ping sweeps and port scans 8 Common Steps for Attackers Gaining Access Exploiting identified vulnerabilities to gain unauthorized access Examples: Exploiting a buffer overflow or brute forcing a password and logging onto a system 9 Common Steps for Attackers Maintaining Access Uploading malicious software to ensure re-entry is possible Example: Installing a backdoor on a system 10 Common Steps for Attackers Covering Tracks Carrying out activities to hide one’s malicious activities Example: Deleting or modifying data in a system .

• Chứng chỉ quốc tế
• Professional Practices in IT
• Computer Science
• IT profession
• Information Technology
• Professional Ethics
• Professional Practices
• Professional practices in information technology
• Business data
• Computer technology
• World Wide Web
• Codes of conduct
• Characteristics of perfoessionalism
• IEEE code of ethics
• Uniqueness issue
• Ethical decision making
• Social media
• Upniqueness issue
• Integrating social media
• Information systems
• Crackers exist
• Ethical analysis
• Password hacking
• Professional Ethics