Network SecurityWorkshop

27th & 28th Feb 2015

Network Security

• A specialized field in computer networking thatinvolves securing a computer network infrastructure.

• Network security is typically handled by a networkadministrator or system administrator whoimplements the security policy, network software andhardware needed to protect a network.

Goals of Network Security

Goals of Network Security

Hacking

• Hacking is the process of exploiting vulnerabilities togain unauthorized access to systems or resources.

Hacktivism

Types of Hackers

The Art of Breaking In

1) Information Gathering2) Scanning and Enumeration3) Breaking In or Gaining Access4) Privilege Escalation on the victim5) Post Exploitation cleanup and Backdooring

Information Gathering (Footprinting)

• Uncovering and collecting as much information aspossible about a target network.

Ways for Information Gathering

• Social Networking websites• Professional & Business Networking websites• Job Search websites• People search websites• Company websites• Whois lookup• Google Hacking• And many more…

Google Hacking

• Google hacking is the use of a search engine, such asGoogle, to locate a security vulnerability on theInternet.

• Using complex search engine queries to get relevantresult in less time.

• There are generally two types of vulnerabilities to befound on the Web: software vulnerabilities andmisconfigurations.

Port Scanning

• Port Scanning is the name for the technique used toidentify open ports and services available on anetwork host.

• There are many tools to facilitate port scanning.

• The best tool is NMAP Port Scanner.

Packet Sniffers

• Packet sniffers or protocol analyzers are tools thatare commonly used by network technicians todiagnose network-related problems.

• Packet sniffers can also be used by hackers for lessthan noble purposes such as spying on network usertraffic and collecting passwords.

• The best tool is Wireshark.

Pivoting

• Attacker does not have direct access to Server 2.• Attacker first breaks into Server 1 and then usesServer 1 as a staging point to break into Server 2.

Pivoting Attack

Penetration Testing

What is Penetration Testing?

• Penetration testing, often called “pentesting”, “pen testing”, or“security testing”, is the practice of attacking your own or yourclients’ IT systems in the same way a hacker would to identifysecurity holes.

• Of course, you do this without actually harming the network.The person carrying out a penetration test is called a penetrationtester or pentester.

• Let’s make one thing crystal clear: Penetration testing requiresthat you get permission from the person who owns the system.Otherwise, you would be hacking the system, which is illegal inmost countries.

Types of Penetration Testing

Black Box Pentesting: requires no previousinformation and usually takes the approach of anuninformed attacker. In a black box penetration testthe penetration tester has no previous informationabout the target system.

White Box Pentesting: is an approach that uses theknowledge of the internals of the target network thatorganization should provide you during theagreement.

Understanding Basic Terms

Vulnerability: A weakness that allows an attacker tobreak into and compromise a system’s security.

Exploit: code which allows an attacker to takeadvantage of a vulnerable system.

Payload: code that lets you control a computer systemafter it’s been exploited.

How does Exploitation work ?

1) Vulnerability2) Exploit3) Payload

On a more serious note …

Metasploit Framework

• Tools for development and testing of vulnerabilities.

• Started by HD Moore in 2003.

• Acquired by Rapid7

• Remains open source and free for use.

• Written in Ruby

Metasploit for Pentesting

• Over 1000 tested exploits• Over 250 payloads and 28 encoders

• Metasploit offers “Plug & Play” of payloads withexploits

• Tons of other features for better and faster pentests

Demo Metasploit

• Lab Setup:

Malware / Virus

• The term malware is short for "malicious software.“

• Malware refers to any computer program that isdesigned to do things that are harmful to orunwanted by a computer's legitimate user — meaningyou.

• A virus is a programming code that replicates bybeing copied or initiating its copying to anotherprogram, computer boot sector or document.

Malware / Virus

• Viruses can be transmitted as attachments to an e-mail or in a downloaded file, or be present on apendrive, CD.

• The receiver of the e-mail, downloaded file is usuallyunaware that it contains a virus.

Backdoor

• A backdoor is a technique in which a system securitymechanism is bypassed undetectably to access acomputer or its data.

• The backdoor access method is sometimes writtenby the programmer who develops a program.

DoS & DDoS Attack

• It is an attack on the availability of an informationsystem.

• A denial-of-service (DoS) or distributed denial-of-service (DDoS) attack is an attempt to make a machineor network resource unavailable to its intended users.

TCP 3 Way Handshake

DoS Attack

DDoS Attack

Symptoms of DoS & DDoS Attack

Impact of DDoS Attack

Impact of DDoS Attack

Impact of DDoS Attack

Impact of DDoS Attack

Impact of DDoS Attack

Impact of DDoS Attack

Cryptography

• Cryptography is a method of storing andtransmitting data in a particular form so that onlythose for whom it is intended can read and process it.

• Cryptography is the art of converting yourinformation from human readable form to humanunreadable form.

Cryptography

• In Cryptography Human unreadable information isknown as “Cipher Text” or “Encrypted Text”

• In Cryptography Human readable information isknown as “Clear Text” or “Plain Text” or “DecryptedText”

Cryptography

Encryption: Conversion of information from “Plain-Text” to “Cipher-Text” is known as encryption, so thatinformation remains confidential.

Decryption: Conversion of information from “Cipher-Text” to “Plain-Text” is known as decryption.

Popular Cryptographic Encryption Algorithms

• AES• DES• 3DES• RC2• RC4• Blowfish

Steganography

• Steganography is the science of hiding information.

• The purpose of Steganography is covert communication to hide a message from a third party.

• Examples Hiding a message in a Image

• Hiding a message in a MP3 file.

• Hiding a message in a video file.

Image Steganography

Image Steganography

Image Steganography in Terrorism

Web Applications

• A Web application (Web app) is an applicationprogram that is stored on a remote server anddelivered over the Internet through a browserinterface.

• Any application that you access through a webbrowser is a web application.

Web Application Architecture

Web Application Vulnerabilities

• Web applications suffer from many number ofvulnerabilities.• SQL Injection• Cross Site Scripting• Web Server Misconfigurations• Insecure protocol usage• and many more

Thank you !