Upload
arabindu
View
219
Download
0
Embed Size (px)
Citation preview
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 1/66
1
Prepared By : Devendra Singh Tomar
To Get More This Type of Hand Books Contact Us at
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 2/66
rojans and Backdoors:
ojans can communicate in several different ways. Some use overt communications. Theseograms make no attempt to hide the transmission of data as it is moved onto or off of the victimmputer. Others use covert communications. This means that the hacker goes to lengths to hidee transmission of data to and from the victim. Many Trojans that open covert channels also
nction as backdoors. A backdoor is any type of program that will allow a hacker to connect to amputer without going through the normal authentication process. If a hacker can get a backdooogram loaded on an internal device, the hacker has the ability to come and go at will. Some ofe programs spawn a connection on the victim's computer connecting out to the hacker. Thenger of this type of attack is the traffic moving from inside out, which means from inside theganization to the outside Internet. This is typically the least restrictive, as companies are usuallyore concerned about what comes in the network as they are about what leaves the network.
2
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 3/66
3
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 4/66
4
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 5/66
5
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 6/66
Wrapper Covert Program:
6
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 7/66
Working of Trojans
Types of Trojans & Backdoors
e EC-Council groups Trojans into seven primary types, which is simply their way of organizingem. In reality, it's hard to place some Trojans into a single type, as many have more that one
nction. To better understand what Trojans can do, these types are outlined in the following list:emote access Trojans (RAT)ow the attacker full control over the system. Sub Seven is an example of this type of Trojan.
emote access Trojans are usually set up as client/server programs so that the attacker cannnect to the infected system and control it remotely.ata sending Trojanse idea behind this type of Trojan is to capture and redirect data. Eblaster is an example of this
pe of Trojan. These programs can capture keystrokes, passwords, or any other type oformation and redirect it to a hidden file or even email it there as a predefined email account.estructive Trojansese Trojans are particularly malicious. Hard Disk Killer is an example of this type of Trojan. Thele purpose of these types of programs is to destroy files or wipe out a system. Your only warningan infection might be that you see excessive hard drive activity or hear your hard drive makingise. However, it is most likely that by the time you realize something is wrong, your files mighteady have been wiped out.enial of service (DoS) Trojanshese Trojans are designed to cause a DoS. They can be designed to knock out a specificrvice or to bring an entire system offline.roxy Trojans
ese Trojans are designed to work as proxies. These programs can help a hacker hide and allowm to perform activities from the victim's computer, not his own. After all, the farther away thecker is from the crime, the harder it becomes to trace.
7
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 8/66
TP Trojansese Trojans are specifically designed to work on port 21. They allow the hacker or others toload, download, or move files at will on the victim's machine.ecurity software disablersese Trojans are designed to attack and kill antivirus or software firewalls. The goal of disabling
ese programs is to make it easier for the hacker to control the system.
Viruses and Worms:
8
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 9/66
9
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 10/66
10
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 11/66
11
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 12/66
12
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 13/66
13
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 14/66
14
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 15/66
15
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 16/66
16
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 17/66
17
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 18/66
18
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 19/66
19
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 20/66
20
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 21/66
21
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 22/66
22
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 23/66
23
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 24/66
24
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 25/66
25
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 26/66
26
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 27/66
27
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 28/66
28
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 29/66
29
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 30/66
30
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 31/66
31
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 32/66
32
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 33/66
33
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 34/66
34
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 35/66
35
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 36/66
36
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 37/66
37
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 38/66
38
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 39/66
39
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 40/66
40
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 41/66
41
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 42/66
42
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 43/66
43
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 44/66
44
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 45/66
45
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 46/66
46
Definition:
Attack through which a person can render a system unusable
or significantly slow down the system for legitimate users
by overloading the system so that no one else can use it.
Types:1. Crashing the system or network
– Send the victim data or packets which will cause
system to crash or reboot.
2. Exhausting the resources by flooding the system or
network with information
– Since all resources are exhausted others are denied
access to the resources
3. Distributed DOS attacks are coordinated denial of service
attacks involving several people and/or machines to
launch attacks
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 47/66
47
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 48/66
48
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 49/66
49
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 50/66
50
This attack takes advantage of the way in which information is
stored by computer programs .
An attacker tries to store more information on the stack thanthe size of the buffer.
How does it work?
Programs which do not do not have a rigorous memorycheck in the code are vulnerable to this attack
Simple weaknesses can be exploitedo If memory allocated for name is 50 characters,
someone can break the system by sending a fictitiousname of more than 50 characters
Can be used for espionage, denial of service orcompromising the integrity of the data
Exampleso NetMeeting Buffer Overflowo Outlook Buffer Overflowo AOL Instant Messenger Buffer Overflow
o SQL Server 2000 Extended Stored Procedure BufferOverflow
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 51/66
51
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 52/66
52
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 53/66
53
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 54/66
54
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 55/66
55
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 56/66
56
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 57/66
57
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 58/66
58
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 59/66
59
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 60/66
60
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 61/66
61
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 62/66
62
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 63/66
63
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 64/66
64
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 65/66
65
8/8/2019 Unit 4 Security
http://slidepdf.com/reader/full/unit-4-security 66/66