Upload
pakuna
View
78
Download
3
Tags:
Embed Size (px)
DESCRIPTION
INFORMATION SECURITY & ETHICAL HACKING. - Jophine Pranjal Antony. Information Security. Securing valuable information stored as soft copy is called information security. Types: Data Security Computer Security LAN Security Internet Security. What is hacking?. - PowerPoint PPT Presentation
Citation preview
INFORMATION SECURITY &
ETHICAL HACKING
- Jophine Pranjal Antony
Information Security Securing valuable information
stored as soft copy is called information
security.
Types:
Data SecurityComputer SecurityLAN SecurityInternet Security
What is hacking?Unauthorized use or attempts to circumvent or bypass the security mechanism of an information system like a computer / server / network.
HACKED!!!
Basic ThreatsTheft of passwordemail based threatsLaunch of malicious programs
(Trojans)
Be
Careful...
Concept of HackingWhite hat hacking (penetration
testing)Black hat hackingGrey hat hacking
Don’t get
trapped
Anatomy of HackingEither break username and
password orBomb the server with exploits
(weakness)
Please!!! wake
up
SAM FileSecurity Accounts Manager (SAM)
%systemroot%\system32\config
Passwords are not stored in SAM file rather than their hashes are. If you are logged in as administrator even then direct manipulation to this file is not possible. For authentication purpose the entered password is hashed and then compared.
Virus & WormsA VIRUS is a malicious piece of
code which cause an unexpected, harmful and negative effect on the victim’s system.
A WORM is similar to a VIRUS, but has additional ability to reside in the memory of infected computer, duplicate itself & spreads copies of itself via email, chat or the network.
Spyware & Trojan HorseSpyware is a software which gathers information
about the victim & passes on that information to the attacker, without even taking the victim’s consent.Tools: spy check, spyware info, spy stopper.
Trojan Horse is a piece of software which appears to perform a certain action but, in fact performs, another!
“It is an unauthorized program contained within a legitimate program. This performs function unknown by the user.”
Key LoggerIt is a spy software which monitors all
keystrokes made on the victim’s computer.Types:
1. Hardware key logger2. Software key logger.
Prevention:A typical key logger automatically loads itself
into memory, each time the computer boots.“So one should search all the start up files of
the system and remove it if any suspicious file or application is found”.
Password Cracking
Password guessingDictionary based attacksBrute Force AttacksDefault PasswordSocial Engineering
Tips for Strong PasswordDon’t use personal information for
password.Don’t use words in dictionary including
foreign languages.Use combination of uppercase and
lowercase letters, numbers and symbols.Don’t substitute number for letters to make
words.Eg. s0ph1st1cated
Use longer passwords. CONT…
Tips for Strong PasswordDon’t passwords that you see in security
articles, even if they are exceptionally complex.
Select passwords which can only be understood by you. For others it should look like random combination of characters.Eg: mfc!rB&G (“my favorite colors (!) are Blue & Green”)
Select password which you can type faster.
Thank YouCourtesy: Appin HomeTech