Computer and network security

Computer and Network Security

University Of Sulaimani Faculty of Physical and Basic Education

By: MSc. Karwan M. Kareem

Cyber attack costs and effects:

Symantec's analysis of security threats in 2014 revealed thieves are working faster than companies can defend themselves, and launching more malicious attacks than in previous years.More than 317 million new pieces of malware -- computer viruses or other malicious software -- were created last year. That means nearly one million new threats were released each day. April 14, 2015 - cnn.com


The Metro online newspaper claims that cumbersome costs Britain almost £1,000 every second, this newspaper show that cyber-attacks is costing the British economy £27billion a year. These losses just occurred in the UK. We can ask how many costs or losses occur every day around the world via cyber-attack. 17 Feb 2011 - metro.co.uk


The computerweekly online newspaper claims Cyber security incidents cost UK firms £34.1bn in the past year, but under half have enhanced defences, a survey has revealed.

14 Jul 2016 12:45 - computerweekly.com


Haveibeenpwned official website write that 1,801,838,008 web accounts have been hacked haveibeenpwned.com – 10/2016


Norse-corp.com

The official acunetix website write that 70% of websites and networks are hackable! Close your doors shut before hackers find you

ttps://www.acunetix.com - 2016

Deep web and Dark web :

The deep web, invisible web, or hidden web are parts of the World Wide Web whose contents are not indexed by standard search engines for any reason.

Deep web

Dark web

Norse Dark Intelligence:

Norse-corp.com

Watch Cyber Attacks in Real Time unique attack intelligence that helps our customers block attacks..

Hamza Bendelladj:

The 27-year-old Algerian computer science graduate. He create a banking trojan horse called SpyEye. using a computer virus to steal money from more than 200 American

banks. According to Wired, a San Francisco-based technology magazine

“This infected more than 1.4 million computers in the US”. He then reportedly gave millions of dollars to Palestinian charities.

21 SEPTEMBER 2015

Top ten pwned websites:

Norse-corp.com

Haveibeenpwned official website write that 1,801,838,008 web accounts have been hacked

Use a Host-Based Firewall :

Download files only from trusted sites.. Not to open any unknown source downloads. For example: Brother soft Over 800 000 APK files , Over 200 000 free computer software ..

DDOS Agent – Handler Attack Model technique

IRC – based DDOS attack technique

ComputerWorld website that CryptoPhone users found and mapped 17 fake “cell towers” in the U.S. during the month of July.

computerworld.com - Sep 2, 2014

IMSI catcher:

IMSI catcher:2G (optional 3G) voice & data interception and location system

IMSI-Catchers are false mobile towers (base stations) acting between the target mobile phone(s) and the real towers of service providers. As such they are considered a Man-In-The-Middle (MITM) attack. In the USA the IMSI-Catcher technology is known under the name “StingRay“.

IMSI catcher:

The FBI or local police regularly deploys IMSI-Catchers hidden in vehicles at protests to obtain a record of everyone who attended with a cell phone (leave your phones at home by all means if you really have to attend).

IMSI-Catchers also allow adversaries to intercept your conversations, text messages, and data. Police can use them to determine your location, or to find out who is in a given geographic area at what time.

IMSI catcher:

The Passive GSM Interceptor is a real time dual or quad band 2G (optional 3G) voice & data interception and location system which utilises NO transmitting parts and is undetectable to both the hand set user and network operator.

– Interception of Incoming and Outgoing encrypted GSM communications including A5/1 in real-time and without the cooperation of network operators.– Interception of multiple simultaneous duplex calls (from 4 to 200 Channels available).– Extraction of phone identities including IMSI, IMEI and MSISDN.– Manipulation of target phone (SMS, Calls etc) using optional. “Active Add-On”.– Real time target location (2-4m accuracy using A-GPS).– Detailed country mapping provided.

IMSI catcher: Passive GSM Interceptor

Advanced passive GSM Interception System is designed for off - air interception for cellular communication in GSM networks.

The system listens to information exchange Between BTS (Base Transceiver Station) and MS (MoBile Station or, in another words, mobile phone), and, after a real time signal processing, intercepted calls can Be listened and recorded.

IMSI catcher: Advanced GSM Interceptor

The GSMK CryptoPhone 500 is an Android-based secure mobile phone with 360° mobile device security for secure messaging and voice over IP communication on any network.

GSMK CryptoPhones are your trustworthy solution for completely confidential encrypted telephone calls – whether by GSM cellular network, 3G/UMTS, satellite, or land line

http://www.cryptophone.de/en/products/mobile/cp500/

GSMK CryptoPhone 500:

Price 3500$

AIMSICD is an app to detect IMSI-Catchers. AIMSICD attempts to detect IMSI-Catchers through various methods such as these: - Check tower information consistency - Signal strength monitoring- Detect FemtoCells LAC/Cell ID Consistency - Check Neighboring Cell Info - Look for silent SMS - Prevent silent app installations

AIMSICD: http://cellularprivacy.github.io/Android-IMSI-Catcher-Detector/

Spy and Attack Emergency Management – police :

Price 3500$

Droidjack:

DroidJack gives you the power to establish control Android devices with an easy to use GUI and all the features you need to monitor and spy them. http://droidjack.net/

able to spy and monitor on an Android ..

Build a custom APK or bind the payload to an already existing APK such as a game or social media app

you'll be able to check the phone's incoming and outgoing SMS messages..

spy2mobile

Spy2mobile:

you'll be able to check the phone's call history..

you'll be able to check the contact list..

you'll be able to check the current location like accuracy, speed, altitude and previous tracks..

SpyHuman is an efficient tool that allows you to monitor your kid’s or your employee’s online/offline activities like GPS Locations, SMS chatting. Social sites activities, Call logs etc.

SpyHuman :

https://spyhuman.com/

Attacker can use Wireshark to analyze network packets, password sniffing, cookie stealing, session hijacking and information stealing.

Wireshark

Wifislax is a Slackware-based Linux distribution designed for wireless hacking and forensics. It contains a large number of security and forensics tools, which transforms it into a pentesting (penetration testing).

Acunetix Vulnerability Scanner automatically crawls and scans custom-built websites and web applications for SQL Injection, XSS, XXE, SSRF, Host Header Attacks & over 500 other web vulnerabilities..

https://www.acunetix.com/

site24x7 : Find IP Address of your website. Sign up for a Site24x7 Free Account to monitor up to 5 websites for free continuously and be alerted when it goes down!

https://www.site24x7.com/find-ip-address-of-web-site.html

Metadefender : Scan an IP address using 12 sources to determine if it has been compromised.

https://www.metadefender.com/#!/submit-ip

Whatismyipaddress: This IP-address search will give you general details only about what is on the end of that IP address. Here's what you'll find out:

The ISP and organization's nameThe IP's host nameThe country it's inThe region/stateThe city (a best guess) , with further information …

http://whatismyipaddress.com/ip-lookup

Tor : a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security.

https://www.torproject.org

Onion Link and Not Evil : To search in deep web, Enabling search and global access to Tor's onionsites

https://hss3uro2hsxfogfq.onion.to/

http://www.onion.link/

Haveibeenpwned : Check if you have an account that has been compromised in a data breach

https://haveibeenpwned.com/

RedPhone :

Makes private communication simple. Free, world-wide, end-to-end encryption for your calls, securing your conversations so that nobody can listen in.

https://play.google.com/store/apps/details?id=com.littlebytesofpi.linphonesip&hl=en

Baidu Antivirus 2015:

Baidu Antivirus is 100% free, forever. New virus definitions are always free.

http://antivirus.baidu.com/en/

Linux os: Linux is more secure than other operating systems.

Original Windows OS - Windows with license key ..

Backup file : Be sure do a full back up of your system on a regular basis. A backup file is a

copy of a file which is kept in case anything happens to the Google drive , Dropbox, One drive …

Use a Host-Based Firewall :

A personal firewall is an application which controls network traffic to and from a computer ..

Wise Folder Hider is a free file/folder hiding tool. Users can use it to hide files and folders on local partitions or removable devices.

Hide data Wise Folder Hider:

Hide data with steganography:

You can use a steganography program to hide data inside other data.

OpenStego is just 203 KB in size and is easy to use steganography application. You

can attach any type of secret message file to cover files. Supported file types for

cover are: BMP, GIF, JPEG, JPG, PNG, and WBMP http://www.openstego.com/

Wise Care 365: PC Cleaning and Speed up Tool

Clean registry and junk files from your PCs. Protect your privacy and make your PCs more secure. Provide a better option of optimizing and accelerating your computer! Over 30,000,000 downloads worldwide

http://www.openstego.com/

http://www.wisecleaner.com/

VirusTotal :VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.

https://www.virustotal.com/

Computer Virus • Definition

- Computer program “Piece of code” that automatically reproduces itself.

- It’s attached to other programs or files, but requires user intervention to propagate.

• Background- There are estimated 30,000 computer viruses in existence

- Over 300 new ones are created each month- Today almost 87% of all viruses are spread through the internet

• Infection (targets/carriers)- Executable files- Boot sectors- Documents (macros), scripts (web pages), etc.

• Propagationis made by the user. The mechanisms are storage elements, mails, downloaded files or shared folders

Halabjay Virus: is an Kurdish malware which is developed by kurd-intruder to test and analyze computer virus behaviors..

Worm• Definition

- Piece of code that automatically reproduces itself over the network. It doesn’t need the user intervention to propagate (autonomous).

• Target selection algorithm- Email addresses, DNS, IP, network neighborhood

• Payload- Malicious programs

- Backdoor, DDoS agent, etc.

• Anatomy of Worms - Attack Mechanism- Payload- New target selection

Trojans • A Trojan horse or Trojan, is a destructive program that

masquerades as an application.- The Trojan Horse, at first glance will appear to be useful

software but will actually do damage once installed or run on your computer.

- Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate.

• What Trojans can do? Use of the machine as part of a Botnet (e.g. to perform

automated spamming or to distribute Denial-of-service.) Uninstallation of software, including third-party router drivers. Downloading or uploading of files on the network hdd. Watching the user’s screen. Spreading other malware? Such as viruses. In this case? The

Trojan horse is called a dropper or vector. Modification or deletion of files. Data theft(e.g. retrieving username or postal code information) Crashing the computer. Setting up networks of zombie computers in order to launch

Dodos attacks or send spam.

Social Engineering• Definition

- Manipulating a person or persons to detect and steal confidential data and information.

- It is a way for criminals to gain access to information systems. The purpose of social engineering is usually to secretly install spyware, other malicious software or to trick persons into handing over passwords and/or other sensitive financial or personal information.

• What are they looking for ?

- Obtaining simple information such as your pet's name, where you're from, the places you've visited; information that you'd give out freely to your friends.

- Some have a 'secret question' you have to answer, if you cannot remember your username or password. The questions seem pretty tough for an outsider looking into trying to hack into your account.

What's the name of your first pet? What is your maiden name? When was your mother/father born? Where were you born?

Computer security

Login Alerts:

Get an alert when anyone logs into your account from an unrecognized device or browser.

Login Approvals:

Require a login code to access my account from unknown browsers

Public key:

Use this public key to encrypt notification emails that Facebook sends you?

Your trusted contacts:

Your trusted contacts are friends you chose who can securely help if you ever have trouble accessing your account.

Recognized devices:

You won't get notified or have to confirm your identity when logging in from these devices:

where are you logged in:

Review and manage where are you logged into Facebook

Legacy contact :

Chose a family member or close friend to care for your account if something's happens to you ..

Who can look me up :

1/ Who can look you up using the email address you provided ?

2/ Who can look you up using the phone number you provided ?

3/ Do you want search engines outside of Facebook to link to your profile?

Restricted List and Block User:

When you add a friend to your Restricted List:1/ they won't see posts on Facebook that you share only to Friends. 2/ They may still see things you share to Public.3/ Facebook doesn't notify your friends when you add them to your Restricted List.

Block message :

If you block messages and video calls from someone here:1/ they won't be able to contact you in the Messenger app.2/ they may be able to post on your Timeline, tag you, and comment on your posts or comments

Download a copy of your Facebook data:

Get a copy of what you have done on Facebook …

Facebook Disabled - Ineligible

“ I hope to retrieve my account and confirmed and are usually activated because it is very important. Thank Company Facebook "

https://www.facebook.com/help/contact/317389574998690

How to active a disable Facebook..?

4K Stogram:

4K Stogram is an Instagram Downloader for PC, Mac and Linux. The program allows you to download and backup Instagram photos and videos, even from private accounts

https://www.4kdownload.com/products/product-stogram

Google hacking :

Google hacking, also named Google dorking, is a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use.

Google Hacking Database (GHDB) link:https://www.exploit-db.com/google-hacking-database/

Admin Page Finder:

This is excellent admin page finder, it have the biggest dork list wich use to find admin page. It is bigger then havij, other programs, online scanners or perl

scripts.

https://www.youtube.com/watch?v=RLSoMS8AoRg

END…

Computer and network security

Technology

Transcript of Computer and network security