Jump to content
Banner by ~ The Wife of Hawks

Technology Understanding Computer/Network Security


Recommended Posts

(edited)

Well, some folks in the past have asked me, what is my career and what does it involve and there are some who have taken it as a joke, so instead, I'm gonna teach all of you a bit of IT/Network Security 101.  There are some parts I've taken from other forums, wiki, etc. yet I will also include my thoughts as well.  Now one thing I want to mention to all of you.............like it or not, there are a lot of Sons of Bitches out there who would do such cruel things, especially on the internet, so want to provide some of my knowledge to you as a "safety" measure or members who wish to pursue a career in IT, this will highly assist you.  In addition, there are several type of IT security categories, but I will explain the common one, and what are its functions. 

 

What is Network Security?

 

As a professional Network Administrator, specialized in Network Security, it involves the authorization of access to data in a network. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company (This is what I primarily did at my job, by managing them, specifically private forums), and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: It secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.

 

What Are Its Concepts?

 

Now, I don't think many will understand some of the terms (yes there are some funny ones, lol), but network security starts with authenticating, commonly with a username and a password. Once authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users.  Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as:

  • Worms
  • Viruses
  • Trojans

being transmitted over the network. Anti-virus software or an intrusion prevention system (IPS) help detect and inhibit the action of such malware. An anomaly-based intrusion detection system may also monitor the network like wireshark traffic and may be logged for audit purposes and for later high-level analysis.

 

With communication between two hosts using a network may be encrypted to maintain privacy.

Honeypots, essentially decoy network-accessible resources, may be deployed in a network as surveillance and early-warning tools, as the honeypots are not normally accessed for legitimate purposes. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques. Such analysis may be used to further tighten security of the actual network being protected by the honeypot. A honeypot can also direct an attacker's attention away from legitimate servers. A honeypot encourages attackers to spend their time and energy on the decoy server while distracting their attention from the data on the real server. Similar to a honeypot, a honeynet is a network set up with intentional vulnerabilities. Its purpose is also to invite attacks so that the attacker ’ s methods can be studied and that information can be used to increase network security. A honeynet typically contains one or more honeypots.

 

Types of Security?

 

There are several, but I will explain Security Management (which is common).  With Security Management, there are two types of securities.  The first one, is a home or small office, which may only require basic security (what you guys have in your home, is an example).  The second, is a more complex one which is heavily monitored in large businesses that may require high-maintenance and advanced software and hardware to prevent malicious attacks from hacking and spamming.  You'll see that in Hospitals, Banks, Companies, etc. (Federal Offices are a little different and they have specific type of security).  

 

What Are Attacks?

 

Let me hint you guys on a important thing, and I think many already know this.   NOTHING IS PRIVATE.  Networks are subject to attacks from malicious sources. However, there are two categories:

  • Passive - when a network intruder intercepts data traveling through the network
  • Active - in which an intruder initiates commands to disrupt the network's normal operation.

Now, to give you an example of attacks from each category, this will serve as somewhat of an easy guide, making it easier for you to identify a problem.  HINT: Some individuals can see it faster than others, by the level of activity. 

 

Passive:

---NETWORK

  • Wiretapping
  • Port Scanner
  • Idle Scan

Active:

  • Denial-of-service attack (Yes, very common for websites, and yes, you have seen them here)
  • Spoofing
  • Man in the middle
  • ARP poisoning
  • Smurf attack
  • Buffer overflow
  • Brute-Force
  • Password Cracking
  • Packet Sniffer
  • Heap overflow
  • Format string attack
  • Rootkit
  • SQL injection
  • Cyber attack
  • Social Engineering (The most trickiest one in the book, and are split into 4 categories)

 

Our Defense:

 

Beside Network Security, everyone has this to prevent attacks such as ones listed above.  The following defenses are:

  • Access Control Systems
  • Application security
    • Antivirus software
    • Secure coding
    • Security by design
    • Secure operating systems
  • Authentication
    • Two-factor authentication
    • Multi-factor authentication
  • Authorization
  • Firewall (computing)
  • Intrusion detection system
  • Intrusion prevention system

With these Defenses, it ensures safety within your walls, and thus prevents future attacks.  Unguarded and unwatched, these attacks can occur again and again.   Following these steps could assist you in preventing problems, on pretty much anything you have........whether its a home PC, network, website, forum, whatever.........

 

This is pretty much what I can explain, however, there is a lot on Computer Security, but if members are interested in pursuing a career involving that sort of specialty, be prepared, b/c you'll be doing a lot of studying and hands on work.   In addition, if you wish to contact me on a specific subject I didn't mention, please feel free to comment and I could give you a possible explanation (hint: even though i've done moderation for 6 years, and Security for 4 years, be aware that I may not have all the answers, which i may end up researching them).  Hope you enjoy reading this, :)


UPDATE: Had to Add some info on the Types of Attacks...........Expect a detail of each one later, for better understand of them. 

Edited by Thunder-Wing
  • Brohoof 6
Link to post
Share on other sites


Register now to remove this ad.

It's very kind of you to provide such a vivid and detailed introduction to the subject.  I'd be lying if I said it wasn't fascinating.  I'm attempting to wriggly my way into the field at the moment, and am studying up on anything I can get my hands on.

 

Tell me, what are your opinions on Firesheep?

Link to post
Share on other sites

It's very kind of you to provide such a vivid and detailed introduction to the subject.  I'd be lying if I said it wasn't fascinating.  I'm attempting to wriggly my way into the field at the moment, and am studying up on anything I can get my hands on.

 

Tell me, what are your opinions on Firesheep?

 

No problem, Sky, :D.  Indeed its a fascinating field, yet it takes a lot of studying.  If you need assistance, please feel free to contact me, and I would be glad to assist, :).  

 

As for Firesheep, I heard about thos Firefox Add-ons, which are murder, lol.  However, to defend yourself against them, I personally, wouldn't know, b/c they are packet sniffers and they are a bitch to find, but what you can do is test your network's security.   I'll get back to you on that, b/c I personally, haven't encountered them, but I'll see what countermeasures can be useful.

Link to post
Share on other sites

Apparently, its not letting me edit, but:

 

What is Social Engineering and Techniques?

All social engineering techniques are based on specific attributes of human decision-making known as cognitive biases.These biases, sometimes called "bugs in the human hardware," are exploited in various combinations to create attack techniques, some of which are listed here:

 

Pretexting

Pretexting, also known in the UK as blagging or bohoing, is the act of creating and using an invented scenario (the pretext) to engage a targeted victim in a manner that increases the chance the victim will divulge information or perform actions that would be unlikely in ordinary circumstances. An elaborate lie, it most often involves some prior research or setup and the use of this information for impersonation (e.g., date of birth, Social Security number, last bill amount) to establish legitimacy in the mind of the target.This technique can be used to fool a business into disclosing customer information as well as by private investigators to obtain telephone records, utility records, banking records and other information directly from company service representatives. The information can then be used to establish even greater legitimacy under tougher questioning with a manager, to make account changes, get specific balances, etc.  Pretexting can also be used to impersonate co-workers, police, bank, tax authorities, clergy, insurance investigators — or any other individual who could have perceived authority or right-to-know in the mind of the targeted victim. The pretext must simply prepare answers to questions that might be asked by the victim. In some cases, all that is needed is a voice that sounds authoritative, an earnest tone, and an ability to think on one's feet to create a pretextual scenario.

 

Diversion theft

Diversion theft, also known as the "Corner Game" or "Round the Corner Game", originated in the East End of London.  In summary, diversion theft is a "con" exercised by professional thieves, normally against a transport or courier company. The objective is to persuade the persons responsible for a legitimate delivery that the consignment is requested elsewhere — hence, "round the corner".

 

Phishing

Phishing is a technique of fraudulently obtaining private information. Typically, the phisher sends an e-mail that appears to come from a legitimate business—a bank, or credit card company—requesting "verification" of information and warning of some dire consequence if it is not provided. The e-mail usually contains a link to a fraudulent web page that seems legitimate—with company logos and content—and has a form requesting everything from a home address to an ATM card's PIN.  For example, 2003 saw the proliferation of a phishing scam in which users received e-mails supposedly from eBay claiming that the user's account was about to be suspended unless a link provided was clicked to update a credit card (information that the genuine eBay already had). Because it is relatively simple to make a Web site resemble a legitimate organization's site by mimicking the HTML code, the scam counted on people being tricked into thinking they were being contacted by eBay and subsequently, were going to eBay's site to update their account information. By spamming large groups of people, the "phisher" counted on the e-mail being read by a percentage of people who already had listed credit card numbers with eBay legitimately, who might respond.

 

IVR or phone phishing

Phone phishing (or "vishing") uses a rogue interactive voice response (IVR) system to recreate a legitimate-sounding copy of a bank or other institution's IVR system. The victim is prompted (typically via a phishing e-mail) to call in to the "bank" via a (ideally toll free) number provided in order to "verify" information. A typical system will reject log-ins continually, ensuring the victim enters PINs or passwords multiple times, often disclosing several different passwords. More advanced systems transfer the victim to the attacker posing as a customer service agent for further questioning.

 

Baiting

Baiting is like the real-world Trojan Horse that uses physical media and relies on the curiosity or greed of the victim.  In this attack, the attacker leaves a malware infected floppy disk, CD-ROM, or USB flash drive in a location sure to be found (bathroom, elevator, sidewalk, parking lot), gives it a legitimate looking and curiosity-piquing label, and simply waits for the victim to use the device.  For example, an attacker might create a disk featuring a corporate logo, readily available from the target's web site, and write "Executive Salary Summary Q2 2012" on the front. The attacker would then leave the disk on the floor of an elevator or somewhere in the lobby of the targeted company. An unknowing employee might find it and subsequently insert the disk into a computer to satisfy their curiosity, or a good samaritan might find it and turn it in to the company.  In either case, as a consequence of merely inserting the disk into a computer to see the contents, the user would unknowingly install malware on it, likely giving an attacker unfettered access to the victim's PC and, perhaps, the targeted company's internal computer network.  Unless computer controls block the infection, PCs set to "auto-run" inserted media may be compromised as soon as a rogue disk is inserted.Hostile devices, more attractive than simple memory, can also be used. For instance, a "lucky winner" is sent a free digital audio player that actually compromises any computer it is plugged to.

 

Quid pro quo

Quid pro quo means something for something:

  • An attacker calls random numbers at a company, claiming to be calling back from technical support. Eventually this person will hit someone with a legitimate problem, grateful that someone is calling back to help them. The attacker will "help" solve the problem and, in the process, have the user type commands that give the attacker access or launch malware.
  • In a 2003 information security survey, 90% of office workers gave researchers what they claimed was their password in answer to a survey question in exchange for a cheap pen.[8] Similar surveys in later years obtained similar results using chocolates and other cheap lures, although they made no attempt to validate the passwords.

Tailgating

An attacker, seeking entry to a restricted area secured by unattended, electronic access control, by RFID card, simply walks in behind a person who has legitimate access. Following common courtesy, the legitimate person will usually hold the door open for the attacker. The legitimate person may fail to ask for identification for any of several reasons, or may accept an assertion that the attacker has forgotten or lost the appropriate identity token. The attacker may also fake the action of presenting an identity token.

 

Other types

Common confidence tricksters or fraudsters also could be considered "social engineers" in the wider sense, in that they deliberately deceive and manipulate people, exploiting human weaknesses to obtain personal benefit. They may, for example, use social engineering techniques as part of an IT fraud.  A very recent type of social engineering technique includes spoofing or cracking IDs of people having popular e-mail IDs such as Yahoo!, Gmail, Hotmail, etc. Among the many motivations for deception are:

  • Phishing credit-card account numbers and their passwords.
  • Cracking private e-mails and chat histories, and manipulating them by using common editing techniques before using them to extort money and creating distrust among individuals.
  • Cracking websites of companies or organizations and destroying their reputation.
  • Computer virus hoaxes

Countermeasures

Organizations reduce their security risks by:

  • Establishing frameworks of trust on an employee/personnel level (specify and train personnel when/where/why/how sensitive information should be handled)
  • Identifying which information is sensitive and evaluating its exposure to social engineering and breakdowns in security systems (building, computer system, etc).
  • Establishing security protocols, policies, and procedures for handling sensitive information.
  • Training employees in security protocols relevant to their position. (Situations such as tailgating, if a person's identity cannot be verified, then employees must be trained to politely refuse).
  • Performing unannounced, periodic tests of the security framework.
  • Reviewing the above steps regularly: no solutions to information integrity are perfect.
  • Using a waste management service that has dumpsters with locks on them, with keys to them limited only to the waste management company and the cleaning staff. Locating the dumpster either in view of employees such that trying to access it carries a risk of being seen or caught or behind a locked gate or fence where the person must trespass before they can attempt to access the dumpster.
Link to post
Share on other sites

A very comprehensive guide. Clearly explained using simple language such that everyone can understand it which is not so easy to do sometimes. :lol:

 

Very interesting subject indeed.

 

EDIT : I just went through the guide again and I noticed you did not actually explain about the different types of attacks. You just listed them.

 

EDIT 2 : I just noticed that you have not actually finished the guide. I'm having trouble reading. I think I need to take a break :lol:

Edited by boiteporte
Link to post
Share on other sites

A very comprehensive guide. Clearly explained using simple language such that everyone can understand it which is not so easy to do sometimes. :lol:

 

Very interesting subject indeed.

 

EDIT : I just went through the guide again and I noticed you did not actually explain about the different types of attacks. You just listed them.

 

Yeah.......I only listed them in the beginning, but I'm gonna make a post for each one.   What it is, what does it affect, and how to prevent it.  :D

Link to post
Share on other sites

  • 4 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...