SlideShare une entreprise Scribd logo

Improving Network Security with IP &DNS Reputation Services

Télécharger en tant que PPTX, PDF
whitehat 'People'
whitehat 'People'

This is a presentation discussed in the whitehat 'People' local meet. This presentation details the importance of IP & DNS Reputation and Product Provisioning for IP & DNS Reputation in improving an organization's network security

1  sur  15
Importance of Product Provisioning in improving Network Security Sandeep Discussed at WHP Local Meet Reference: Improved network security with IP & DNS Reputation Services, A Business Whitepaper by HP Tipping Point Solutions
[object Object]
Motivated Hackers using Botnets other resources for attacks
Low Risk of Being Caught & ProsecutedCurrent Network Security Threats info@whitehatpeople.com
Network Traffic Divided into three parts - Good Traffic: trusted traffic that should pass through the network, unimpeded and uninspected Bad Traffic: traffic that should be blocked proactively before it can attempt to compromise the network Ugly Traffic: untrusted traffic that requires deep packet inspection to determine if it is “good” (legitimate) or “bad” (malicious) Categories of Cyber Threats info@whitehatpeople.com
[object Object],Botnet Command and Control (CnC) sites: ,[object Object]
Botnet CnC servers constantly moving to evade detection, block efforts from security and network personnel
Techniques used by Botnet Masters to avoid being discovered are as follows:
Use of IRC, P2P and HTTP Traffic allows to bypass traditional firewalls and some IPS Security Measures “Bad” Devices info@whitehatpeople.com
[object Object]
Uses both DNS & IP Addresses for identifying CnC Servers“Bad” Devices ,[object Object],frequent updating of CnC lists. Malware depots: ,[object Object],info@whitehatpeople.com
Malware Depots: Two Types Websites designed to lure victims and then infect their devices Web sites of legitimate businesses that are compromised because they haven’t been properly secured. ,[object Object]
Look up mechanism always DNS Address“Bad” Devices info@whitehatpeople.com
Malware Depot Identification Process: Monitoring for malware downloads and tracking their origin Evaluating data hosting sites worldwide. “Bad” Devices info@whitehatpeople.com
Phishing Sites: ,[object Object],Tow types of Phishing Sites: Purpose Built sites Sites that appear to be part of a known credible business “Bad” Devices info@whitehatpeople.com

Recommandé

Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0Q Fadlan
 
Presentation1
Presentation1Presentation1
Presentation1Abhishek Malhotra
 
Dns protection
Dns protectionDns protection
Dns protectionMarcello Marchesini
 
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...PROIDEA
 
Anomaly Detection and You
Anomaly Detection and YouAnomaly Detection and You
Anomaly Detection and YouMary Kelly Rich
 
ethical-hacking-guide
ethical-hacking-guideethical-hacking-guide
ethical-hacking-guideMatt Ford
 
Battlefield network
Battlefield networkBattlefield network
Battlefield networkTal Be'ery
 
Ethical hacking-guide-infosec
Ethical hacking-guide-infosecEthical hacking-guide-infosec
Ethical hacking-guide-infosecErfan Mallick
 

Recommandé

Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0Q Fadlan
 
Presentation1
Presentation1Presentation1
Presentation1Abhishek Malhotra
 
Dns protection
Dns protectionDns protection
Dns protectionMarcello Marchesini
 
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...PLNOG15-DNS is the root of all evil in the network. How to become a superhero...
PLNOG15-DNS is the root of all evil in the network. How to become a superhero...PROIDEA
 
Anomaly Detection and You
Anomaly Detection and YouAnomaly Detection and You
Anomaly Detection and YouMary Kelly Rich
 
ethical-hacking-guide
ethical-hacking-guideethical-hacking-guide
ethical-hacking-guideMatt Ford
 
Battlefield network
Battlefield networkBattlefield network
Battlefield networkTal Be'ery
 
Ethical hacking-guide-infosec
Ethical hacking-guide-infosecEthical hacking-guide-infosec
Ethical hacking-guide-infosecErfan Mallick
 
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopPoint of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopSymantec
 
Cyber intelligence-services
Cyber intelligence-servicesCyber intelligence-services
Cyber intelligence-servicesCyber 51 LLC
 
Extending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the EndpointExtending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the EndpointLancope, Inc.
 
PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryInvincea, Inc.
 
Investigating, Mitigating and Preventing Cyber Attacks with Security Analytics
Investigating, Mitigating and Preventing Cyber Attacks with Security AnalyticsInvestigating, Mitigating and Preventing Cyber Attacks with Security Analytics
Investigating, Mitigating and Preventing Cyber Attacks with Security AnalyticsIBMGovernmentCA
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingBharat Sabne
 
Burning Down the Haystack to Find the Needle: Security Analytics in Action
Burning Down the Haystack to Find the Needle: Security Analytics in ActionBurning Down the Haystack to Find the Needle: Security Analytics in Action
Burning Down the Haystack to Find the Needle: Security Analytics in ActionJosh Sokol
 
Save Your Network – Protecting Manufacturing Data from Deadly Breaches
Save Your Network – Protecting Manufacturing Data from Deadly BreachesSave Your Network – Protecting Manufacturing Data from Deadly Breaches
Save Your Network – Protecting Manufacturing Data from Deadly BreachesLancope, Inc.
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical HackingViral Parmar
 
Defend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkTripwire
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKSShaurya Gogia
 
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Lancope, Inc.
 
Hijacking a Pizza Delivery Robot (using SQL injection)
Hijacking a Pizza Delivery Robot (using SQL injection)Hijacking a Pizza Delivery Robot (using SQL injection)
Hijacking a Pizza Delivery Robot (using SQL injection)Priyanka Aash
 
Internal host-reputation-webinar
Internal host-reputation-webinarInternal host-reputation-webinar
Internal host-reputation-webinarLancope, Inc.
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0James Perry, Jr.
 
Essential Defense by Kevin Cardwell
Essential Defense by Kevin CardwellEssential Defense by Kevin Cardwell
Essential Defense by Kevin CardwellEC-Council
 
Ethical hacking by shivam
Ethical hacking by shivamEthical hacking by shivam
Ethical hacking by shivamShivam Ðreamchazer
 
1. penetration-testing-cyber51
1. penetration-testing-cyber511. penetration-testing-cyber51
1. penetration-testing-cyber51Doree Garcia, CCNA, OSWP
 
Wireless Intrusion Techniques
Wireless Intrusion TechniquesWireless Intrusion Techniques
Wireless Intrusion TechniquesCadis1
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hackingVishal Kumar
 
Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416Anthony Arrott
 
CSI2008 Gunter Ollmann Man-in-the-browser
CSI2008 Gunter Ollmann Man-in-the-browserCSI2008 Gunter Ollmann Man-in-the-browser
CSI2008 Gunter Ollmann Man-in-the-browserguestb1956e
 

Contenu connexe

Tendances

Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopPoint of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopSymantec
 
Cyber intelligence-services
Cyber intelligence-servicesCyber intelligence-services
Cyber intelligence-servicesCyber 51 LLC
 
Extending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the EndpointExtending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the EndpointLancope, Inc.
 
PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryInvincea, Inc.
 
Investigating, Mitigating and Preventing Cyber Attacks with Security Analytics
Investigating, Mitigating and Preventing Cyber Attacks with Security AnalyticsInvestigating, Mitigating and Preventing Cyber Attacks with Security Analytics
Investigating, Mitigating and Preventing Cyber Attacks with Security AnalyticsIBMGovernmentCA
 
Burning Down the Haystack to Find the Needle: Security Analytics in Action
Burning Down the Haystack to Find the Needle: Security Analytics in ActionBurning Down the Haystack to Find the Needle: Security Analytics in Action
Burning Down the Haystack to Find the Needle: Security Analytics in ActionJosh Sokol
 
Save Your Network – Protecting Manufacturing Data from Deadly Breaches
Save Your Network – Protecting Manufacturing Data from Deadly BreachesSave Your Network – Protecting Manufacturing Data from Deadly Breaches
Save Your Network – Protecting Manufacturing Data from Deadly BreachesLancope, Inc.
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical HackingViral Parmar
 
Defend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkTripwire
 
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Lancope, Inc.
 
Hijacking a Pizza Delivery Robot (using SQL injection)
Hijacking a Pizza Delivery Robot (using SQL injection)Hijacking a Pizza Delivery Robot (using SQL injection)
Hijacking a Pizza Delivery Robot (using SQL injection)Priyanka Aash
 
Internal host-reputation-webinar
Internal host-reputation-webinarInternal host-reputation-webinar
Internal host-reputation-webinarLancope, Inc.
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0James Perry, Jr.
 
Essential Defense by Kevin Cardwell
Essential Defense by Kevin CardwellEssential Defense by Kevin Cardwell
Essential Defense by Kevin CardwellEC-Council
 
Wireless Intrusion Techniques
Wireless Intrusion TechniquesWireless Intrusion Techniques
Wireless Intrusion TechniquesCadis1
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hackingVishal Kumar
 

Tendances (20)

Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopPoint of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
 
Cyber intelligence-services
Cyber intelligence-servicesCyber intelligence-services
Cyber intelligence-services
 
Extending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the EndpointExtending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the Endpoint
 
PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail Industry
 
Investigating, Mitigating and Preventing Cyber Attacks with Security Analytics
Investigating, Mitigating and Preventing Cyber Attacks with Security AnalyticsInvestigating, Mitigating and Preventing Cyber Attacks with Security Analytics
Investigating, Mitigating and Preventing Cyber Attacks with Security Analytics
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Burning Down the Haystack to Find the Needle: Security Analytics in Action
Burning Down the Haystack to Find the Needle: Security Analytics in ActionBurning Down the Haystack to Find the Needle: Security Analytics in Action
Burning Down the Haystack to Find the Needle: Security Analytics in Action
 
Save Your Network – Protecting Manufacturing Data from Deadly Breaches
Save Your Network – Protecting Manufacturing Data from Deadly BreachesSave Your Network – Protecting Manufacturing Data from Deadly Breaches
Save Your Network – Protecting Manufacturing Data from Deadly Breaches
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical Hacking
 
Defend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK Framework
 
DDOS ATTACKS
DDOS ATTACKSDDOS ATTACKS
DDOS ATTACKS
 
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Insider threats webinar 01.28.15
Insider threats webinar 01.28.15
 
Hijacking a Pizza Delivery Robot (using SQL injection)
Hijacking a Pizza Delivery Robot (using SQL injection)Hijacking a Pizza Delivery Robot (using SQL injection)
Hijacking a Pizza Delivery Robot (using SQL injection)
 
Internal host-reputation-webinar
Internal host-reputation-webinarInternal host-reputation-webinar
Internal host-reputation-webinar
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
 
Essential Defense by Kevin Cardwell
Essential Defense by Kevin CardwellEssential Defense by Kevin Cardwell
Essential Defense by Kevin Cardwell
 
Ethical hacking by shivam
Ethical hacking by shivamEthical hacking by shivam
Ethical hacking by shivam
 
1. penetration-testing-cyber51
1. penetration-testing-cyber511. penetration-testing-cyber51
1. penetration-testing-cyber51
 
Wireless Intrusion Techniques
Wireless Intrusion TechniquesWireless Intrusion Techniques
Wireless Intrusion Techniques
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hacking
 

Similaire à Improving Network Security with IP &DNS Reputation Services

Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416Anthony Arrott
 
CSI2008 Gunter Ollmann Man-in-the-browser
CSI2008 Gunter Ollmann Man-in-the-browserCSI2008 Gunter Ollmann Man-in-the-browser
CSI2008 Gunter Ollmann Man-in-the-browserguestb1956e
 
DevSecCon London 2018: How to fit threat modelling into agile development: sl...
DevSecCon London 2018: How to fit threat modelling into agile development: sl...DevSecCon London 2018: How to fit threat modelling into agile development: sl...
DevSecCon London 2018: How to fit threat modelling into agile development: sl...DevSecCon
 
Domain 4 of CEH V11 Network and Perimeter Hacking.pptx
Domain 4 of CEH V11 Network and Perimeter Hacking.pptxDomain 4 of CEH V11 Network and Perimeter Hacking.pptx
Domain 4 of CEH V11 Network and Perimeter Hacking.pptxInfosectrain3
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end usersNetWatcher
 
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...Distil Network Sponsor Presentation at the Property Portal Watch Conference -...
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...Property Portal Watch
 
Discover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiDiscover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiJeremy Li
 
Fundamental of ethical hacking
Fundamental of ethical hackingFundamental of ethical hacking
Fundamental of ethical hackingWaseem Rauf
 
Seceon’s Comprehensive Cybersecurity Platform - Seceon.pptx
Seceon’s Comprehensive Cybersecurity Platform - Seceon.pptxSeceon’s Comprehensive Cybersecurity Platform - Seceon.pptx
Seceon’s Comprehensive Cybersecurity Platform - Seceon.pptxCompanySeceon
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101Cloudflare
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
ITSolutions|Currie Network Security Seminar
ITSolutions|Currie Network Security SeminarITSolutions|Currie Network Security Seminar
ITSolutions|Currie Network Security SeminarDaniel Versola
 
3 Hkcert Trend
3 Hkcert Trend3 Hkcert Trend
3 Hkcert TrendSC Leung
 
Computer hacking
Computer hackingComputer hacking
Computer hackingArjun Tomar
 
Make Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your FavorMake Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your FavorDavid Perkins
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?TechSoup
 
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)Shivam Sahu
 
need help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfneed help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfanjandavid
 

Similaire à Improving Network Security with IP &DNS Reputation Services (20)

Volume And Vectors 090416
Volume And Vectors 090416Volume And Vectors 090416
Volume And Vectors 090416
 
CSI2008 Gunter Ollmann Man-in-the-browser
CSI2008 Gunter Ollmann Man-in-the-browserCSI2008 Gunter Ollmann Man-in-the-browser
CSI2008 Gunter Ollmann Man-in-the-browser
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
 
DevSecCon London 2018: How to fit threat modelling into agile development: sl...
DevSecCon London 2018: How to fit threat modelling into agile development: sl...DevSecCon London 2018: How to fit threat modelling into agile development: sl...
DevSecCon London 2018: How to fit threat modelling into agile development: sl...
 
Domain 4 of CEH V11 Network and Perimeter Hacking.pptx
Domain 4 of CEH V11 Network and Perimeter Hacking.pptxDomain 4 of CEH V11 Network and Perimeter Hacking.pptx
Domain 4 of CEH V11 Network and Perimeter Hacking.pptx
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end users
 
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...Distil Network Sponsor Presentation at the Property Portal Watch Conference -...
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...
 
Discover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiDiscover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy Li
 
Fundamental of ethical hacking
Fundamental of ethical hackingFundamental of ethical hacking
Fundamental of ethical hacking
 
Seceon’s Comprehensive Cybersecurity Platform - Seceon.pptx
Seceon’s Comprehensive Cybersecurity Platform - Seceon.pptxSeceon’s Comprehensive Cybersecurity Platform - Seceon.pptx
Seceon’s Comprehensive Cybersecurity Platform - Seceon.pptx
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
ITSolutions|Currie Network Security Seminar
ITSolutions|Currie Network Security SeminarITSolutions|Currie Network Security Seminar
ITSolutions|Currie Network Security Seminar
 
3 Hkcert Trend
3 Hkcert Trend3 Hkcert Trend
3 Hkcert Trend
 
Computer hacking
Computer hackingComputer hacking
Computer hacking
 
Make Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your FavorMake Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your Favor
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
 
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
 
need help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfneed help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdf
 

Improving Network Security with IP &DNS Reputation Services

  • 1. Importance of Product Provisioning in improving Network Security Sandeep Discussed at WHP Local Meet Reference: Improved network security with IP & DNS Reputation Services, A Business Whitepaper by HP Tipping Point Solutions
  • 2.
  • 3. Motivated Hackers using Botnets other resources for attacks
  • 4. Low Risk of Being Caught & ProsecutedCurrent Network Security Threats info@whitehatpeople.com
  • 5. Network Traffic Divided into three parts - Good Traffic: trusted traffic that should pass through the network, unimpeded and uninspected Bad Traffic: traffic that should be blocked proactively before it can attempt to compromise the network Ugly Traffic: untrusted traffic that requires deep packet inspection to determine if it is “good” (legitimate) or “bad” (malicious) Categories of Cyber Threats info@whitehatpeople.com
  • 6.
  • 7. Botnet CnC servers constantly moving to evade detection, block efforts from security and network personnel
  • 8. Techniques used by Botnet Masters to avoid being discovered are as follows:
  • 9. Use of IRC, P2P and HTTP Traffic allows to bypass traditional firewalls and some IPS Security Measures “Bad” Devices info@whitehatpeople.com
  • 10.
  • 11.
  • 12.
  • 13. Look up mechanism always DNS Address“Bad” Devices info@whitehatpeople.com
  • 14. Malware Depot Identification Process: Monitoring for malware downloads and tracking their origin Evaluating data hosting sites worldwide. “Bad” Devices info@whitehatpeople.com
  • 15.
  • 16.
  • 17. Compromising additional hosts to create more botnet devices“Bad” Devices info@whitehatpeople.com
  • 18.
  • 19. Providing access to local networks for further compromise
  • 20. Conducting Distributed Denial of Service (DDoS) attacks
  • 21. Conducting email spam or phishing campaigns
  • 22. Conducting online-click fraud scams“Bad” Devices Compromised host can be used by botnet master to conduct variety of malicious attacks (Contd..) : info@whitehatpeople.com
  • 23.
  • 24. Block Access to and from Devices that have a known bad reputation
  • 25. A need of a reputation database with significant metadata on each of these badly behaving devices—identified through IPv4 or IPv6 addresses or DNS namesDevice ReputationA Critical First Step info@whitehatpeople.com
  • 26.
  • 27. Collect large amounts of device data
  • 29. Validate the results of the data sets
  • 31. Assign a reputation scoreDevice ReputationA Critical First Step info@whitehatpeople.com
  • 32.
  • 33. Collect real-time attack events with very detailed attack data from a large worldwide community of sensors
  • 34. Analyze Web traffic and crawl Web sites of interest to collect data on sites hosting malicious content or scams
  • 35. Conduct careful malware analysis to identify botnet CnC sites, and botnet and malware drop sites
  • 36. Analyze attacks and scams to identify the devices that are participating in or conducting the attacksDevice ReputationA Critical First Step info@whitehatpeople.com
  • 37. Note: The most important component in building a strong reputation service is the depth of the database. Database quality depends heavily on the size, scope, and distribution of the attack collection sites, and the quality and depth of the collected attack data Recommendation: HP Tipping Point IP & DNS Reputation Services by HP Reference: Improved network security with IP and DNS reputation Business white paper by HP Tipping Point Solutions Conclusion info@whitehatpeople.com
  • 38. whitehat‘People’ Aboutwhitehat ‘People’ whitehat‘People’ is a an ‘open consortium’of national intellects delved to security being the sole intent; trained and specialized in the conception of solutions in all areas of our technical consulting services. whitehat‘People’ produces white papers for the industry, present at symposiums, technology and business conferences nationwide, and provide "thought leadership" for next generation technologies which are currently being deployed in a rapidly changing and fluid market place. The members include security researchers and consultants who are up-to-date with developments in technology from hardware and software vendors to ensure they are leading, and not following the market. Whitehat‘People’ adhere to the following ideals: 1. "Help government and industry maximize the value of Information security in information technology."2. "Deliver leading-edge information technology and services, support, training and education."3. "Function as a strategic arm for the clients by leveraging new concepts to support strategic goals and conceptual plans." info@whitehatpeople.com