Please enable JavaScript.
Coggle requires JavaScript to display documents.
SECURITY& THREATS (WEB SECURITY (Hacking (White Hat/Ethical Hacker
A…
SECURITY& THREATS
WEB SECURITY
- TLS
Transport Layer Security is a cryptographic protocol. When securely connected, the connection is private because symmetric encryption is used to encrypt the data transmitted.
- SSL
Predecesor to transport layer
- Spambot
A program designed to collect, or harvest email addresses to build a mailing list for bulk emails (spam).
Hacking
- White Hat/Ethical Hacker
A computer security specialist who breaks into protected systems and networks to test and asses their security.
- Penetration Testing
- Ethical hacker is employed to simulate a range of network attacks such as denial of Service attacks (DoS), SQL injections and Brute Force Attacks to find weaknessses.
- Report Findings to improve security
- Black Hat
A hacker who breaks into a computer system or network with malicious intent. May exploit the vulnerability for monetary gain (money), to steal information or shut down websites or networks.
- Digital Certificate
An attachment to an electronic message used for security purposes. Usually used to verify that a user sending a message is who they say they are and to provide the receiver with the means to encode a reply.
- Firewall
- A network security system (either software or hardware) that monitors incoming and outgoing network traffi on portsc.
- A barrier between a trusted network and an untrusted network.
- They keep ports closed and open only those that they expect data to be sent to. For example, incoming emails are usually sent to port 110 (POP3)
Filtering
- White List
- Access control mechanism that allows through all (trusted) elements on the list.
- Overides a blacklist
- Black List
Access control mechanism that allows through all elements (email addresses, users, passwords, URLs, IP addresses, domain names, file hashes, etc.), except those on the list
CONSEQUENCES
-
Sale of data to advertisers, fraudsters, etc
-
-
-
-
CRPTOGRAPHY
- Substitution Cypher
Cesar Cypher - Replace letters according to a translation
- Permutation Cypher
Columnar Transposition Cypher - ordering direction & grid size is a key)
ASYMMETRIC CIPHERE
- Public Key Crytography
RSA (Ronald, Shamir, Adeleman): - publicly available key. Uses a pair of keys. Public key - encrypt, private key - decrypt
-
SYMMETRIC CYPHER
- Triple DES (Data Encryption Standard):
three'56' bit keys. The total key length adds '168' bits.
- Blowfish:
Splits messages into blocks of '64' bits and encrypts them individually.
- Diffie–Hellman (one way) key exchange allows two parties (without knowledge of each other) to jointly establish a shared secrete key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric cipher.
- Twofish
Keys used in this algorithm may be up to '256' bits in length. Free in PhotoEncrypt, GPG, TrueCrypt.
- AES (Advanced Encryption Standard). In'128', '192' or '256' keys. Chops data into 16byte blocks applies permutations & substitutions based on key pair. Then repeated 10+ times. Practicle crytography: Balances performance/security
- Symmetric Encryption:
Uses key exchange (one way maths functions).
Public key X1:
X, Ap (Person A, private key)
X, Bp (Person B, private key)
XBpAp (Person A) = XApBp (Person B)
- Defence In Depth
means multiple layers of security
MALWARE & THREATS
TYPES OF THREAT
- Phishing
Using emails as a means to gain personal information by pretending to be from a legitimate organisation.
- Smishing
A form of phishing done by SMS communication. Occurs when a fraudster sends messages asking the victim to provide billing details, and other private/personal info
- Vishing
Phishing by phone Vishing calls, video etc...
- Cracking: This is the process of trying to get into a computer system in order to steal, corrupt or illegitimately view data. (think cracking a safe)
- Dictionary Attack
An attempted illegal entry to a computer system using dictionary headwords list to generate
possible passwords.
- Key;ogger
Program that logs keystrokes made by a computer user, to gain unauthorised access to passwords and other confidential information.
- Brute Force
In a brute force attack, automated software is used to generate a large number of consecutive guesses of the password.
- DDOS
The intentional paralyzing of a computer network by flooding it with data sent simultaneously from many individual computers.
- Identity theft: is the deliberate use of someone else's identity, usually as a method to gain money or other private information.
- Pharming
scamming practice in which malicious code is installed on a personalcomputer or server, misdirecting users to fraudulent Web sites without their knowledge or consent.
- DNS Poisoning type of attack that exploits vulnerabilities in the domain name system (DNS) to divert internet traffic (flow of data) away from legitimate servers to fake ones
- Botnet: group or a network of interconnected zombie computers, served to perform malicious things
What it does?
- Ddos: distributed bombarding of web server with messages to shut it down
-
- spamming: Sending bulk unsolicited email from multiple computers in the botnet.
TYPES OF MALWARE
- Trojan
malware disguised as legitimate software but contain malicious code (pay loads), which, when triggered, cause loss, theft, and deletion of data. Spread e.g. opening mails with an attachment.Trojans can be employed by cyber-thieves and hackers trying to gain access to users' systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems.
- Spyware
Malicious software used to secretely gather private/personal info about a person or an organization without them.
- Worn
A worm is a type of malicious software (malware) that replicates while moving across computers, leaving copies of itself in the memory of each computer in its path. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it.
- Rootkit
A collection of malicious software used to enable unauthorized access to a computer system, without the owners knowledge of it.
- Virus
malicious program that self-replicates by copying itself to another program. Corrupts system, destroying data.
- Ransomware
Type of malicious software that encrypts the victims data and blocks access to it unless they a ransom for decrypting it.
- Adware
A type of advertisement software that automatically displays adverts to generate revenue for its author. Companies usually do this to make profit.
- Cyber Kill Chain:
- Reconnaisance (research)
- Weaponise (create malware)
- Delivery(email etc.)
- Exploit (code execution)
- Installation (of malware)
- Command & Control (connection)
- Actions (by attacker)
-
-
- WIRELESS SECURITY
[Method] [Effectiveness] [Notes]
- WEPPoor - Used as a last resort
- WPA Poor - Used as a last resort
- WPA2 Good - Common
- 802.1x Very Good - Requires authentication Server uses EAP (Extensible Authentication Protocol) to provide authentication mechanism to devices wishing to attach to a WLAN,