Web Security - Sniper Corporation - PowerPoint PPT Presentation

About This Presentation
Title:

Web Security - Sniper Corporation

Description:

Web Security, also known as “Cyber security” involves protecting that information by preventing, detecting, and responding to attacks. – PowerPoint PPT presentation

Number of Views:46

less

Transcript and Presenter's Notes

Title: Web Security - Sniper Corporation


1
Web Security
Website www.snipercorporation.com
2
What is web security?
  • Web Security, also known as Cyber security
    involves protecting that information by
    preventing, detecting, and responding to attacks.

Website www.snipercorporation.com
3
Web Security Terminologies
  • Hacker people who seek to exploit weaknesses in
    software and computer systems for their own gain.
  • Viruses - A piece of code has a detrimental
    effect, such as corrupting the system or
    destroying data.

Website www.snipercorporation.com
4
Web Security Terminologies
  • Worms - Worms propagate without user
    intervention. Once the victim computer has been
    infected the worm will attempt to find and infect
    other computers.
  • Trojan horses - A Trojan horse program is
    software that claims to be one thing while in
    fact doing something different behind the scenes.

Website www.snipercorporation.com
5
Web Security Terminologies
  • Ransomware
  • A form of trojan that has been around since 1989
    (as the PC CYBORG trojan)
  • It infects the target computer by encrypting the
    owner's personal files.
  • The victim is then contacted and offered a key
    to decrypt the files in exchange for cash

Website www.snipercorporation.com
6
Web Security Terminologies
  • Firewalls
  • Mechanism for content regulation and data
    filtering
  • Blocking unwanted traffic from entering the
    sub-network (inbound)
  • Preventing subnet users' use of unauthorised
    material/sites (outbound)

Website www.snipercorporation.com
7
Web Security Issues
  • Malicious websites
  • Email Viruses
  • Phishing
  • DDOS

Website www.snipercorporation.com
8
Malicious websites
  • Malicious Websites are those which contains
    Malwares, viruses, trojans etc. and effects your
    System.
  • More than 3 million Web pages on the Internet are
    malicious.
  • According to Google, the percent is one in 1,000.
  • The experts call these attacks "drive-by
    downloads"
  • Malicious websites
  • China - 67
  • US - 15
  • Russia - 4
  • Malaysia - 2.2
  • Korea - 2

Website www.snipercorporation.com
9
Malicious websites
  • Preventive measures
  • Use latest browser software
  • Internet Explorer version 9
  • Mozilla Firefox
  • Opera
  • Internet Explorer 6 is the most vulnerable as
    well as the most widely used browser.
  • It is highly recommended to upgrade from IE 6

Website www.snipercorporation.com
10
Email Viruses
  • It is unsolicited e-mail on the Internet.
    A virus that comes within an attached file in
    an e-mail message. When that file is opened,
    the virus does its damage. Macro viruses can come
    in Microsoft Word documents that are sent
    as e-mail attachments.

Website www.snipercorporation.com
11
Email Viruses
  • It has the ability to scan the complete address
    book in the email client program and it is
    regular problem of outlook users.
  • Once the virus enters your system, it starts
    sending out emails to your friends and colleagues
    or to the random list of recipients and forward
    the same virus.
  • Such emails are better known as No-reply emails
    which pass a message where you cannot send the
    message back to them.

Website www.snipercorporation.com
12
Email Viruses
- Corporate employees are reported to accrue a
loss of productivity of 3.1. - Nucleus Research
Analysis - To increase the effectiveness of
SPAM detection, always report any SPAM mail to
your SPAM filter.
Website www.snipercorporation.com
13
Phishing
  • This is a method of luring an unsuspecting user
    into giving out their username and password for a
    secure web resource, usually a bank, credit card
    account, login information etc.

Website www.snipercorporation.com
14
Phishing
  • Usually achieved by creating a website identical
    to the secure site
  • User is sent email requesting them to log in, and
    providing a link to the bogus site
  • When user logs in, password is stored and used to
    access the account by the attacker
  • Difficult to guard against, particularly if using
    HTML email

Website www.snipercorporation.com
15
Phishing
  • Phishing Email sample
  • Subject Verify your E-mail with Citibank
  • This email was sent by the Citibank server to
    verify your E-mail
  • address. You must complete this process by
    clicking on the link
  • below and entering in the small window your
    Citibank ATM/Debit
  • Card number and PIN that you use on ATM.
  • This is done for your protection - because some
    of our members
  • no longer have access to their email addresses
    and we must
  • verify it.
  • To verify your E-mail address and access your
    bank account,
  • click on the link below
  • https//web.da-us.citibank.com/signin/citifi/scrip
    ts/email_verify.jsp
  • Thank you for using Citibank

Website www.snipercorporation.com
16
Phishing
  • The link uses an anchor text, and the actual
    website opens as,
  • http//citibusinessonline.da.us.citibank.com.citio
    nline.ru/...

Instead of, http//www.citibank.com/us/index.htm
17
Phishing
  • Landing Page

Website www.snipercorporation.com
18
Phishing
  • - Unwitting users submit the data, and the data
    is captured by scammers and all the money in
    their account will be stolen immediately.
  • - This method is the main reason for loss of
    email passwords also.

Website www.snipercorporation.com
19
Denial of Service
  • It is an attack to make a computer resource
    unavailable to its intended users.
  • Resources
  • - Bandwidth CPU

Website www.snipercorporation.com
20
How it Works?
  • One way to attack a companys network or website
    is to flood its systems with information.
  • Web and e-mail servers can only handle a finite
    amount of traffic and an attacker overloads the
    targeted system with packets of data.

Website www.snipercorporation.com
21
How to prevent?
Middle wall or Firewall
  • Simple special-purpose high-speed firewalls being
    deployed in the core of the Internet at
    inter-domain boundaries to serve as a filter of
    sorts
  • Gives Upstream access control to a server under
    stress

Website www.snipercorporation.com
22
Take Action
  • If everyone keep their systems secure, such
    threats can never happen.
  • Small gestures can avoid gigantic problems in our
    context.

Website www.snipercorporation.com
23
Action Plan
  • Use Anti-virus
  • Use Anti-Spyware
  • Use Total Security Software
  • Be aware not to fall for scams and phishing
    attacks
  • Report SPAM

Website www.snipercorporation.com
24
Thank You
Website www.snipercorporation.com
Write a Comment
User Comments (0)
About PowerShow.com