Soumettre la recherche
Mettre en ligne
Mining attackers mind
•
Télécharger en tant que PPTX, PDF
•
0 j'aime
•
565 vues
K
keyuradmin
Suivre
Think like an attacker and take proactive approach to security
Lire moins
Lire la suite
Technologie
Signaler
Partager
Signaler
Partager
1 sur 28
Télécharger maintenant
Recommandé
Chapter 5 Networking and Server Attacks
Chapter 5 Networking and Server Attacks
Dr. Ahmed Al Zaidy
UTM Cyberoam
UTM Cyberoam
Rodrigo Martini
SecurityOperations
SecurityOperations
Antonio (Tony) Robinson
Ccnsp
Ccnsp
Rudi Permana Yudha
Maritime Cyber Security
Maritime Cyber Security
Dimitris Chalambalis
CCNSP
CCNSP
Sagun Shrestha
Chapter 2 Malware and Social Engineering Attacks
Chapter 2 Malware and Social Engineering Attacks
Dr. Ahmed Al Zaidy
Ccnsptrainerpresentation 111019052032-phpapp01
Ccnsptrainerpresentation 111019052032-phpapp01
Ralbary
Recommandé
Chapter 5 Networking and Server Attacks
Chapter 5 Networking and Server Attacks
Dr. Ahmed Al Zaidy
UTM Cyberoam
UTM Cyberoam
Rodrigo Martini
SecurityOperations
SecurityOperations
Antonio (Tony) Robinson
Ccnsp
Ccnsp
Rudi Permana Yudha
Maritime Cyber Security
Maritime Cyber Security
Dimitris Chalambalis
CCNSP
CCNSP
Sagun Shrestha
Chapter 2 Malware and Social Engineering Attacks
Chapter 2 Malware and Social Engineering Attacks
Dr. Ahmed Al Zaidy
Ccnsptrainerpresentation 111019052032-phpapp01
Ccnsptrainerpresentation 111019052032-phpapp01
Ralbary
Ce hv6 module 45 privacy on the internet
Ce hv6 module 45 privacy on the internet
Vi Tính Hoàng Nam
Ccnsp trainer presentation
Ccnsp trainer presentation
Soap MacTavish
CCNSE
CCNSE
Riyad Khatib
Ce hv6 module 49 creating security policies
Ce hv6 module 49 creating security policies
Vi Tính Hoàng Nam
Cyberoam Firewall Presentation
Cyberoam Firewall Presentation
Manoj Kumar Mishra
Common Cyberthreats and How to Prevent Them (2019)
Common Cyberthreats and How to Prevent Them (2019)
Evan Clark
Web Security and Network Security
Web Security and Network Security
crussell79
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t Enough
Imperva
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
Andris Soroka
Ceh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hacking
Vi Tính Hoàng Nam
The State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On Steroids
Imperva
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed Adam
Mohammed Adam
Chapter 6Network Security Devices, Design, and Technology
Chapter 6Network Security Devices, Design, and Technology
Dr. Ahmed Al Zaidy
Introduction to Web Server Security
Introduction to Web Server Security
JITENDRA KUMAR PATEL
Network security - Defense in Depth
Network security - Defense in Depth
Dilum Bandara
The Golden Rules - Detecting more with RSA Security Analytics
The Golden Rules - Detecting more with RSA Security Analytics
Demetrio Milea
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
Shah Sheikh
Information Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons Bulgaria
New Horizons Bulgaria
Web Server Security Guidelines
Web Server Security Guidelines
webhostingguy
Ethical hacking
Ethical hacking
hcls
Threat Modeling for the Internet of Things
Threat Modeling for the Internet of Things
Eric Vétillard
Contenu connexe
Tendances
Ce hv6 module 45 privacy on the internet
Ce hv6 module 45 privacy on the internet
Vi Tính Hoàng Nam
Ccnsp trainer presentation
Ccnsp trainer presentation
Soap MacTavish
CCNSE
CCNSE
Riyad Khatib
Ce hv6 module 49 creating security policies
Ce hv6 module 49 creating security policies
Vi Tính Hoàng Nam
Cyberoam Firewall Presentation
Cyberoam Firewall Presentation
Manoj Kumar Mishra
Common Cyberthreats and How to Prevent Them (2019)
Common Cyberthreats and How to Prevent Them (2019)
Evan Clark
Web Security and Network Security
Web Security and Network Security
crussell79
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t Enough
Imperva
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
Andris Soroka
Ceh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hacking
Vi Tính Hoàng Nam
The State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On Steroids
Imperva
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed Adam
Mohammed Adam
Chapter 6Network Security Devices, Design, and Technology
Chapter 6Network Security Devices, Design, and Technology
Dr. Ahmed Al Zaidy
Introduction to Web Server Security
Introduction to Web Server Security
JITENDRA KUMAR PATEL
Network security - Defense in Depth
Network security - Defense in Depth
Dilum Bandara
The Golden Rules - Detecting more with RSA Security Analytics
The Golden Rules - Detecting more with RSA Security Analytics
Demetrio Milea
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
Shah Sheikh
Information Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons Bulgaria
New Horizons Bulgaria
Web Server Security Guidelines
Web Server Security Guidelines
webhostingguy
Tendances
(20)
Ce hv6 module 45 privacy on the internet
Ce hv6 module 45 privacy on the internet
Ccnsp trainer presentation
Ccnsp trainer presentation
CCNSE
CCNSE
Ce hv6 module 49 creating security policies
Ce hv6 module 49 creating security policies
Cyberoam Firewall Presentation
Cyberoam Firewall Presentation
Common Cyberthreats and How to Prevent Them (2019)
Common Cyberthreats and How to Prevent Them (2019)
Web Security and Network Security
Web Security and Network Security
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t Enough
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
Ceh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hacking
The State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On Steroids
Career Guidance on Cybersecurity by Mohammed Adam
Career Guidance on Cybersecurity by Mohammed Adam
Chapter 6Network Security Devices, Design, and Technology
Chapter 6Network Security Devices, Design, and Technology
Introduction to Web Server Security
Introduction to Web Server Security
Network security - Defense in Depth
Network security - Defense in Depth
The Golden Rules - Detecting more with RSA Security Analytics
The Golden Rules - Detecting more with RSA Security Analytics
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
Information Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons Bulgaria
Web Server Security Guidelines
Web Server Security Guidelines
Similaire à Mining attackers mind
Ethical hacking
Ethical hacking
hcls
Threat Modeling for the Internet of Things
Threat Modeling for the Internet of Things
Eric Vétillard
[CLASS 2014] Palestra Técnica - Fabio Rosa
[CLASS 2014] Palestra Técnica - Fabio Rosa
TI Safe
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15
Lancope, Inc.
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
BAKOTECH
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
BAKOTECH
zero trust - how to build zero trust.pdf
zero trust - how to build zero trust.pdf
AliAlwesabi
Information Security
Information Security
Mohit8780
Zero Trust Model Presentation
Zero Trust Model Presentation
Gowdhaman Jothilingam
03 secure the computer
03 secure the computer
Ministry of Education Malaysia
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Lastline, Inc.
Domain 4 of CEH V11 Network and Perimeter Hacking.pptx
Domain 4 of CEH V11 Network and Perimeter Hacking.pptx
Infosectrain3
Anatomy of the Compromised Insider
Anatomy of the Compromised Insider
Imperva
Adaptive Trust for Strong Network Security
Adaptive Trust for Strong Network Security
Aruba, a Hewlett Packard Enterprise company
Should You Pay Ransomware.pdf
Should You Pay Ransomware.pdf
KavitaDubey18
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
WilheminaRossi174
Cse ethical hacking ppt
Cse ethical hacking ppt
shreya_omar
Top Security Trends for 2014
Top Security Trends for 2014
Imperva
Cyber security
Cyber security
vishakha bhagwat
Are you ready for a cloud pentest? AWS re:Inforce 2019
Are you ready for a cloud pentest? AWS re:Inforce 2019
Teri Radichel
Similaire à Mining attackers mind
(20)
Ethical hacking
Ethical hacking
Threat Modeling for the Internet of Things
Threat Modeling for the Internet of Things
[CLASS 2014] Palestra Técnica - Fabio Rosa
[CLASS 2014] Palestra Técnica - Fabio Rosa
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
zero trust - how to build zero trust.pdf
zero trust - how to build zero trust.pdf
Information Security
Information Security
Zero Trust Model Presentation
Zero Trust Model Presentation
03 secure the computer
03 secure the computer
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Domain 4 of CEH V11 Network and Perimeter Hacking.pptx
Domain 4 of CEH V11 Network and Perimeter Hacking.pptx
Anatomy of the Compromised Insider
Anatomy of the Compromised Insider
Adaptive Trust for Strong Network Security
Adaptive Trust for Strong Network Security
Should You Pay Ransomware.pdf
Should You Pay Ransomware.pdf
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Chapter 4Secure Design PrinciplesCopyright © 2014 by McGraw-
Cse ethical hacking ppt
Cse ethical hacking ppt
Top Security Trends for 2014
Top Security Trends for 2014
Cyber security
Cyber security
Are you ready for a cloud pentest? AWS re:Inforce 2019
Are you ready for a cloud pentest? AWS re:Inforce 2019
Dernier
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
MadyBayot
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
rafiqahmad00786416
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
Architecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
apidays
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Deepika Singh
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
danishmna97
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
johnbeverley2021
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Remote DBA Services
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
Remote DBA Services
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Christopher Logan Kennedy
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Rustici Software
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
WSO2
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
MIND CTI
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
Sandro Moreira
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Dropbox
Dernier
(20)
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
Architecting Cloud Native Applications
Architecting Cloud Native Applications
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Mining attackers mind
1.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com www.cyberoam.com Our Products © Copyright 2014 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. Network Security Appliances - UTM, NGFW (Hardware & Virtual) Modem Router Integrated Security appliance Presenter: Cyberoam Mining Attackers Mind
2.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Agenda • Innovative technologies impacting complexity in security • Challenges to IT security administrators and gaps in security infrastructure • Changing motivation of cyber criminals and evolving threat engineering • Hacking into the mind of today's cyber criminal
3.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Innovative technology changes everything Social business 1 billion mobile workers 1 trillion Connected objects Bring your own IT Cloud and virtualization
4.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Innovative technology changes everything People Data Applications Infrastructure … that requires a new approach Employees Hackers Outsourcers Suppliers Consultants Terrorists Customers Systems Applications Web Applications Web 2.0 Mobile Applications Datacenters PCs Laptops Mobile Structured Unstructured At rest In motion Cloud Non- traditional
5.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Administrators approach Most spend 50% of their security budgets on reactive tools and resources No actionable information or outcome analysis on How can an attack happen Security infrastructure has Gaps Endpoint Suites Network UTM Application Security Vulnerability Management
6.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Engineering for Attacks
7.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com 2,641,350 Security Attacks The Average Company Faces per Week
8.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com If you think you are safe- Think Again Source: IBM X-Force@ Research and Development
9.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com If you think you are safe- Think Again Source: IBM X-Force@ Research and Development
10.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Script-Kiddy Undergraduate Expert Specialist National Interest Personal Gain Personal Fame Curiosity Vandal Thief Spy Trespasser Author
11.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Motivations and sophistication are rapidly evolving Monetary Gain Organized crime Zeus Espionage, Activism Competitors and Hacktivists Aurora National Security Nation-state actors Stuxnet Insiders and Script-kiddies Code Red Revenge, Curiosity
12.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Thinking like an attacker Plan Practice Covering Tracks Attack on defense Organized community
13.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com 5 Phases Hacker follows Reconnaissance Preparatory phase Competitive intelligence Time consuming Most important Scanning Network Mapping Check for open ports Banner Grabbing Identify open services Scanning for vulnerabilities Prepare proxies Gaining Access Potential Damage logic or time bomb session Hijacking, buffer overflows Targeted attack Brute force/Dictionary attack Maintaining access Backdoor Trojans Rootkit Data trafer Covering Tracks Erasing contaminated logs Cover for additional attack
14.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Reconnaissance preparatory phase competitive intelligence Time consuming Hacker’s list Result Search Fine Web Employee contact information, Phone numbers, Business Partners, Recent Mergers Search Engines Search employee group for sensitive information or Job related infromation Whois Database Internet address, Domain names, Contact information, ARIN Domain lookup IP address, Mail Server information Ping, Traceroute, SMTP VRFY Live IP, Round trip time, Possible Firewall, Valid Email addresses
15.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Defending Reconnaissance No way to prevent attackers from gaining Registration data Avoid DNS leaking unnecessary information Restrict Zone transfer Use Slipt DNS and limit the amount of DNS information Disable ping from WAN side on Firewall Remember employees contact information can be used in social engineering
16.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Scanning Hacker’s list Result Network Mapping Network security assessment Port Scanning Search for open well known ports Banner Grabbing/OS finger printing Search of operating system on end PC Vulnerability Scanning Identify vulnerabilities of computing systems Proxies Masking the traceback
17.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Defending Scanning Check the systems before hacker does Scan, find and patch – Regular process Change content of 404 Page Edit server info properties – if you want to engage hacker and study behavior Evade them using IPS at network level Do not forget about UDP open ports Check for traffic with known source ports- can be a disguise
18.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Gaining Access Hacker’s List Result Session Hijacking Sniffing, capturing passwords Brute Force Strong against weak passwords DNS poisoning Redirect traffic to another imitating website Exploit Vulnerability Access to the restricted content, privilege elevation
19.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Defending Gaining Access Complex passwords Find vulnerabilities before hacker does Scan Patch Test DHCP snooping on L2 switches Create separate management VLAN All protocols must be encrypted Use SSH, SSL, HTTPS Use LDAPS instead of simple LDAP bind requests Protect webservers against OWASP top vulnerabilities with WAF
20.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Maintaining access Hackers List Result Backdoor Preinstalled or Backdoor soft wares are used by hackers to gain access to systems so that they can send in the malicious soft wares to that particular system. Trojan horses Trojan horse is used as a dropper it will allow other hackers and worms to attack the network easily. Root Kits Very hard to get detected
21.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Defending Maintaining access Regular scanning Regular monitoring of the data passing through the network updated Antivirus with advanced Root kit removal capabilities IPS should be capable to stop the bots getting connected to the command center LAN to WAN should not be open for all the traffic Outbound Spam filter should be included in the priority list
22.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Covering Tracks Hackers list Result Hide the entry points Difficult in passive monitoring to detect Hide the logs Too many logs confuse the customers Hide the data transfer logs Data transfer is done using the encrypted tunnels. Difficult to predict Professional work
23.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Defending Covering Tracks Logs should be stored and multiple servers Regular backup of the logs should be done to Hackers usually clean and shut the service. SNMP will help. Close monitoring of the logs may help SIEM tools are better in those scenarios
24.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Analyze to Learn To protect a system, you have to learn how it can be attacked Systems are resistant to changes once deployed Thinking like attacker is not always easy- may sound counter productive But hackers do that everyday
25.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Security Evaluation Threat Modeling Most power security engineering activities Focus on actual Threat, not just vulnerabilities Plans and reviews by offering deep insight into the methods attackers could use to manipulate service or servers Weigh security decisions against other design goals Understand attack vectors and conditions for successful attack
26.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Threat Priority Impact What is the impact to the business? Resource How likely is the threat given the controls? Vulnerability How could the threat occur? Mitigation What is currently reducing the risk? Threat What are you afraid of happening? Resource What are you trying to protect?
27.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com 10 Assumptions to get hacked easily Allow everything from LAN to WAN DMZ to LAN allowed by default use very easy passwords allow applications to use administrative passwords no update of antivirus Running unhardened application servers Assume your security is fully secure Assume Firewall can save you from all type of attacks Do not patch servers, end machines or workstations Allow users to use BYOD without corporate policy Virtual network are secure by design
28.
© Copyright 2014
Cyberoam Technologies Pvt. Ltd. All Rights Reserved. www.cyberoam.com Thank you
Télécharger maintenant