Post on 22-Feb-2016
description
Internet Security(INFO 1370)
Detailed Objectives 1,2,3
Rich Hildredrhildred@conestogac.on.ca
519-594-0900
Objectives1. Internet Service Provider’s Setup
1. Describe an Internet Service Provider’s setup.
2. List equipment components of Internet connectivity.
3. Define DNS & IP addresses and their application.
4. Discuss user software applications.
Describe an ISP’s setup
Components of Connectivity
DNS and IP Addresses
Application Layer
Objectives (2)• Operating Systems & Programming
Languages– Distinguish between operating systems and
programming languages.– Discuss operating systems and Internet
security.– Define TCP/IP.– Explain protocols.
os/ programming languages
os/programming language (2)
OS and Internet Security
Define TCP/IP
Protocols• Application
– DHCP DHCPv6 DNS FTP HTTP IMAP IRC LDAP MGCP NNTP BGP NTP POP RPC RTP RTSP RIP SIP SMTP SNMP SOCKS SSH Telnet TLS/SSL XMPP
• Transport– TCP UDP DCCP SCTP RSVP
• Internet– IP IPv4 IPv6 ICMP ICMPv6 ECN IGMP Ipsec
• Link– ARP/InARP NDP OSPF Tunnels L2TP PPP
Media access control Ethernet DSL ISDN FDDI
Objectives (3)• Security Concepts
– Explain security concepts as applied to hackers and crackers.
– Review case studies of penetrated systems.– Discuss Internet warfare.– Explain destructive devices.
Hackers and Crackers• White Hat, Black Hat, Grey Hat, Blue Hat• Elite, Script Kiddie, Noob• Hacktivist• Nation State• Organized Crime• Bots
Cases of Penetrated Systems• 1. Heartland Payment Systems• Date: March 2008• Impact: 134 million credit cards exposed through SQL
injection to install spyware on Heartland's data systems.• 7. Sony's PlayStation Network• Date: April 20, 2011• Impact: 77 million PlayStation Network accounts
hacked; Sony is said to have lost millions while the site was down for a month.
Internet Warfare• Estonia – denial of service• 5. Stuxnet• Date: Sometime in 2010, but origins date to
2007• Impact: Meant to attack Iran's nuclear power
program, but will also serve as a template for real-world intrusion and service disruption of power grids, water supplies or public transportation systems.
Destructive Software Devices• Viruses Infectious programs that can reproduce
themselves but require interaction to propagate.• Worms Infectious programs that can self-
propagate via a network.• Rootkits and back doors Programs designed to
infiltrate a system, hide their own presence, and provide administrative control and monitoring functionality to an unauthorized user or attacker.
Destructive Software Devices -2• Bots and zombies Very similar to rootkits and
back doors but focused additionally on usurping the victim system’s resources to perform a specific task or tasks (for example, distributed denial of service against an unrelated target or send spam).
• Trojan horses Software that does something other than, or in addition to, its purported functionality. Usually, this means installing a rootkit or back door.