Soumettre la recherche
Mettre en ligne
Hacking case-studies
•
Télécharger en tant que PPT, PDF
•
1 j'aime
•
513 vues
venkadesh Prasath
Suivre
Technologie
Affichage du diaporama
Signaler
Partager
Affichage du diaporama
Signaler
Partager
1 sur 49
Télécharger maintenant
Recommandé
Consumerization of IT MSL Jumpstart Keynote
Consumerization of IT MSL Jumpstart Keynote
David Tesar
SIP and IPv6 - Can They Get Along?
SIP and IPv6 - Can They Get Along?
Deploy360 Programme (Internet Society)
IPv6 and SIP - Myth or Reality?
IPv6 and SIP - Myth or Reality?
Deploy360 Programme (Internet Society)
Risk Factory: Database Security: Oxymoron?
Risk Factory: Database Security: Oxymoron?
Risk Crew
Awarenesstechnologies Intro Document
Awarenesstechnologies Intro Document
GuardEra Access Solutions, Inc.
Wie Sie digitale Geschäftsmodelle erschließen
Wie Sie digitale Geschäftsmodelle erschließen
TWT
Growth Hacking Workshop - Selfnation Case Study
Growth Hacking Workshop - Selfnation Case Study
Luke Szkudlarek
Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...
Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...
eightbit
Recommandé
Consumerization of IT MSL Jumpstart Keynote
Consumerization of IT MSL Jumpstart Keynote
David Tesar
SIP and IPv6 - Can They Get Along?
SIP and IPv6 - Can They Get Along?
Deploy360 Programme (Internet Society)
IPv6 and SIP - Myth or Reality?
IPv6 and SIP - Myth or Reality?
Deploy360 Programme (Internet Society)
Risk Factory: Database Security: Oxymoron?
Risk Factory: Database Security: Oxymoron?
Risk Crew
Awarenesstechnologies Intro Document
Awarenesstechnologies Intro Document
GuardEra Access Solutions, Inc.
Wie Sie digitale Geschäftsmodelle erschließen
Wie Sie digitale Geschäftsmodelle erschließen
TWT
Growth Hacking Workshop - Selfnation Case Study
Growth Hacking Workshop - Selfnation Case Study
Luke Szkudlarek
Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...
Online Retailer's Conference 2013 - Hacking Mobile Applications - Industry Ca...
eightbit
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
IBMGovernmentCA
Oral Dna Logical Network
Oral Dna Logical Network
jmfarrington
eircom Managed Security
eircom Managed Security
eircom
Disaster Solutions 2.0
Disaster Solutions 2.0
ferryheeneman
Agenda Security Helsinki 29okt2009
Agenda Security Helsinki 29okt2009
Anna Näsmark
Vpn
Vpn
Pranay Panday
Green Cloud Computing
Green Cloud Computing
Seungyun Lee
05 Voice / Video
05 Voice / Video
Videoguy
Case Study - Establishing Visibility into Remote Vendor Access at Pelephone
Case Study - Establishing Visibility into Remote Vendor Access at Pelephone
ObserveIT
Cloud Foundry Architecture and Overview
Cloud Foundry Architecture and Overview
rajdeep
Integrated Business Solution
Integrated Business Solution
puterakasihkarunia
Yorkland lcc 2010-r1
Yorkland lcc 2010-r1
Sustainable Resources Management
Yorkland lcc 2010-r1
Yorkland lcc 2010-r1
Sustainable Resources Management
Spain Getting Ready For Cloud Computing
Spain Getting Ready For Cloud Computing
Carlos Domingo
Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4
Arrow ECS UK
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Katpro Technologies
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
gurkirankumar98700
Contenu connexe
Similaire à Hacking case-studies
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
IBMGovernmentCA
Oral Dna Logical Network
Oral Dna Logical Network
jmfarrington
eircom Managed Security
eircom Managed Security
eircom
Disaster Solutions 2.0
Disaster Solutions 2.0
ferryheeneman
Agenda Security Helsinki 29okt2009
Agenda Security Helsinki 29okt2009
Anna Näsmark
Vpn
Vpn
Pranay Panday
Green Cloud Computing
Green Cloud Computing
Seungyun Lee
05 Voice / Video
05 Voice / Video
Videoguy
Case Study - Establishing Visibility into Remote Vendor Access at Pelephone
Case Study - Establishing Visibility into Remote Vendor Access at Pelephone
ObserveIT
Cloud Foundry Architecture and Overview
Cloud Foundry Architecture and Overview
rajdeep
Integrated Business Solution
Integrated Business Solution
puterakasihkarunia
Yorkland lcc 2010-r1
Yorkland lcc 2010-r1
Sustainable Resources Management
Yorkland lcc 2010-r1
Yorkland lcc 2010-r1
Sustainable Resources Management
Spain Getting Ready For Cloud Computing
Spain Getting Ready For Cloud Computing
Carlos Domingo
Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4
Arrow ECS UK
Similaire à Hacking case-studies
(15)
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
Reducing IT Costs and Improving Security with Purpose Built Network Appliances
Oral Dna Logical Network
Oral Dna Logical Network
eircom Managed Security
eircom Managed Security
Disaster Solutions 2.0
Disaster Solutions 2.0
Agenda Security Helsinki 29okt2009
Agenda Security Helsinki 29okt2009
Vpn
Vpn
Green Cloud Computing
Green Cloud Computing
05 Voice / Video
05 Voice / Video
Case Study - Establishing Visibility into Remote Vendor Access at Pelephone
Case Study - Establishing Visibility into Remote Vendor Access at Pelephone
Cloud Foundry Architecture and Overview
Cloud Foundry Architecture and Overview
Integrated Business Solution
Integrated Business Solution
Yorkland lcc 2010-r1
Yorkland lcc 2010-r1
Yorkland lcc 2010-r1
Yorkland lcc 2010-r1
Spain Getting Ready For Cloud Computing
Spain Getting Ready For Cloud Computing
Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4
Dernier
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Katpro Technologies
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
gurkirankumar98700
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
wesley chun
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
Pooja Nehwal
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
Allon Mureinik
Dernier
(20)
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
Hacking case-studies
1.
Some “Ethical Hacking”
Case Studies Peter Wood First•Base Technologies
2.
How much damage
can a security breach cause? • 44% of UK businesses suffered at least one malicious security breach in 2002 • The average cost was £30,000 • Several cost more than £500,000 • and these are just the reported incidents …! Source: The DTI Information Security Breaches survey Slide 2 © First Base Technologies 2003
3.
The External Hacker Slide
3 © First Base Technologies 2003
4.
Internet
Web Developer home m Di n fr o al- up Dial-i e IS DN lin d co se nn Lea e cti o n Desktop PC Firewall Bridge Bridge My Client Client's business partner Slide 4 © First Base Technologies 2003
5.
Internet
Web Developer Secure home m Di n fr o the al- up Secure Dial-i e IS DN desktop d lin co se Lea Internetcti nn e on Desktop PC Firewall connections Bridge Bridge Secure Secure My Client Client's business partner the third-party Slide 5 network connections © First Base Technologies 2003
6.
The Inside Hacker Slide
6 © First Base Technologies 2003
7.
Plug and go
Ethernet ports are never disabled …. … or just steal a connection from a desktop NetBIOS tells you lots and lots …… …. And you don’t need to be logged on Slide 7 © First Base Technologies 2003
8.
Get yourself an
IP address • Use DHCP since almost everyone does! • Or … use a sniffer to see broadcast packets (even in a switched network) and try some suitable addresses Slide 8 © First Base Technologies 2003
9.
Browse the network Slide
9 © First Base Technologies 2003
10.
Pick a target
machine Pick a target Slide 10 © First Base Technologies 2003
11.
Try null sessions
... Slide 11 © First Base Technologies 2003
12.
List privileged users Slide
12 © First Base Technologies 2003
13.
Typical passwords
• administrator null, password, administrator • arcserve arcserve, backup • test test, password • username password, monday, football • backup backup • tivoli tivoli • backupexec backup • smsservice smsservice • … any service account … same as account name Slide 13 © First Base Technologies 2003
14.
Game over! Slide 14
© First Base Technologies 2003
15.
The Inside-Out Hacker Slide
15 © First Base Technologies 2003
16.
Senior person -
laptop at home Internet il e- ma Laptop Slide 16 © First Base Technologies 2003
17.
… opens attachment
Internet il e- ma Trojan software Laptop now silently installed Slide 17 © First Base Technologies 2003
18.
… takes laptop
to work Internet Firewall Laptop Laptop Corporate Network Slide 18 © First Base Technologies 2003
19.
… trojan sees
what they see Internet Firewall Finance Server HR Server Laptop Corporate Network Slide 19 © First Base Technologies 2003
20.
Information flows out
of the organisation Evil server Internet Firewall Finance Server HR Server Laptop Corporate Network Slide 20 © First Base Technologies 2003
21.
Physical Attacks Slide 21
© First Base Technologies 2003
22.
What NT password? Slide
22 © First Base Technologies 2003
23.
NTFSDOS Slide 23
© First Base Technologies 2003
24.
Keyghost Slide 24
© First Base Technologies 2003
25.
KeyGhost - keystroke
capture Keystrokes recorded so far is 2706 out of 107250 ... <PWR><CAD>fsmith<tab><tab>arabella xxxxxxx <tab><tab> None<tab><tab> None<tab><tab> None<tab><tab> <CAD> arabella <CAD> <CAD> arabella <CAD> <CAD> arabella exit tracert 192.168.137.240 telnet 192.168.137.240 cisco Slide 25 © First Base Technologies 2003
26.
Viewing Password-Protected Files Slide
26 © First Base Technologies 2003
27.
Office Documents Slide 27
© First Base Technologies 2003
28.
Zip Files Slide 28
© First Base Technologies 2003
29.
Plain Text Passwords Slide
29 © First Base Technologies 2003
30.
Netlogon
In the unprotected netlogon share on a server: logon scripts can contain: net use servershare “password” /u:“user” Slide 30 © First Base Technologies 2003
31.
Registry scripts
In shared directories you may find .reg files like this: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] "DefaultUserName"="username" "DefaultPassword"="password" "AutoAdminLogon"="1" Slide 31 © First Base Technologies 2003
32.
Passwords in
procedures & documents Slide 32 © First Base Technologies 2003
33.
Packet sniffing
Generated by : TCP.demux V1.02 Input File: carol.cap Output File: TB000463.txt • Leave the sniffer Summary File: summary.txt Date Generated: Thu Jan 27 08:43:08 2000 running 10.1.1.82 1036 10.1.2.205 23 (telnet) UnixWare 2.1.3 (mikew) (pts/31). • Capture all packets login: to port 23 or 21 cl_Carol Password: • The result ... carol1zz UnixWare 2.1.3. mikew. Copyright 1996 The Santa Cruz Operation, Inc. All Rights Reserved.. Copyright 1984-1995 Novell, Inc. All Rights Reserved.. Copyright 1987, 1988 Microsoft Corp. All Rights Reserved.. U.S. Pat. No. 5,349,642. Slide 33 © First Base Technologies 2003
34.
Port scan Slide 34
© First Base Technologies 2003
35.
Brutus dictionary attack Slide
35 © First Base Technologies 2003
36.
NT Password Cracking Slide
36 © First Base Technologies 2003
37.
How to get
the NT SAM • On any NT/W2K machine: - In memory (registry) - c:winntrepairsam (invoke rdisk?) - Emergency Repair Disk - Backup tapes - Sniffing (L0phtcrack) • Run L0phtcrack on the SAM …. Slide 37 © First Base Technologies 2003
38.
End of part
one! Slide 38 © First Base Technologies 2003
39.
And how to
prevent it! Peter Wood First•Base Technologies
40.
Prevention is better
... • Harden the servers • Monitor alerts (e.g. www.sans.org) • Scan, test and apply patches • Monitor logs • Good physical security • Intrusion detection systems • Train the technical staff on security • Serious policy and procedures! Slide 40 © First Base Technologies 2003
41.
Server hardening
• HardNT40rev1.pdf • Windows NT Security Guidelines (www.fbtechies.co.uk) (nsa1.www.conxion.com) • HardenW2K101.pdf • NTBugtraq FAQs (www.fbtechies.co.uk) (http://ntbugtraq.ntadvice.com/defa • FAQ for How to Secure Windows ult.asp?pid=37&sid=1) NT (www.sans.org) • Securing Windows 2000 • Fundamental Steps to Harden (www.sans.org) Windows NT 4_0 (www.sans.org) • Securing Windows 2000 Server • ISF NT Checklist v2 (www.sans.org) (www.securityforum.org) • Windows 2000 Known • http://www.microsoft.com/technet/ Vulnerabilities and Their Fixes security/bestprac/default.asp (www.sans.org) • Lockdown.pdf (www.iss.net) • SANS step-by-step guides Slide 41 © First Base Technologies 2003
42.
Alerts
• www.sans.org • www.cert.org • www.microsoft.com/security • www.ntbugtraq.com • www.winnetmag.com • razor.bindview.com • eeye.com • Security Pro News (ientrymail.com) Slide 42 © First Base Technologies 2003
43.
Scan and apply
patches Slide 43 © First Base Technologies 2003
44.
Monitor logs Slide 44
© First Base Technologies 2003
45.
Good physical security
• Perimeter security • Computer room security • Desktop security • Close monitoring of admin’s work areas • No floppy drives? • No bootable CDs? Slide 45 © First Base Technologies 2003
46.
Intrusion detection
• RealSecure • Tripwire • Dragon • Snort • www.networkintrusion.co.uk for guidance Slide 46 © First Base Technologies 2003
47.
Security Awareness
• Sharing admin accounts • Service accounts • Account naming conventions • Server naming conventions • Hardening • Passwords (understand NT passwords!) • Two-factor authentication? Slide 47 © First Base Technologies 2003
48.
Serious Policy &
Procedures • Top-down commitment • Investment • Designed-in security • Regular audits • Regular penetration testing • Education & awareness Slide 48 © First Base Technologies 2003
49.
Need more information?
Peter Wood peterw@firstbase.co.uk www.fbtechies.co.uk Slide 49 © First Base Technologies 2003
Télécharger maintenant