بسم الله الرحمن الرحيم
DESCRIPTION
بسم الله الرحمن الرحيم. Islamic University of Gaza Electrical & Computer Engineering Department. Web Security. Prepared By : Eman Khaled El-mashharawi Miriam Mofeed El-Mukhallalati Supervisor: Dr. Basil Hamad. Contents:. What is security?. Host threats and countermeasures. - PowerPoint PPT PresentationTRANSCRIPT
الرحمن الله بسم Islamic University of Gazaالرحيم
Electrical & Computer Engineering Department
Prepared By:
Eman Khaled El-mashharawi
Miriam Mofeed El-Mukhallalati
Supervisor:Dr. Basil Hamad
What is security?
Network threats and countermeasures.
Host threats and countermeasures.
Application threats and countermeasures.
Conclusion.
References.
Have you ever believed that:
OH.. This means that..
your NETWORK SECURITY has been broken !!!
All your personal information are available to a hacker!!!
There is a hacker who follows all your electronic steps!!
Imagine that you have received an E-mail..
OH Nooo!!
your HOST SECURITY has been broken !!!
And while opening..
This message appears!!!
What is this?!!Who steel my password?!
Who enter my E-mail??
Have you ever entered your E-mail and found your password has been changed??
OOOH..
your APPLICATION SECURITY has been broken!!!!
Or have you ever found that your password has been published to all your friends?
The protection of information assets through the use of technology, processes, and training.
HostThreats
Network ThreatsApp.
Threats
Viruses, Trojan horses, and worms.
Foot printing.
Password cracking.
A virus is a program that causes disruption to the operating system or applications.
A Trojan horse is a malicious code that is contained inside what appears to be a harmless data file or executable program.
A worm is self-replicates from one server to another.
Countermeasures against viruses, Trojan horses, and worms :
Block all unnecessary ports at the firewall and host.
Disable unused functionality including protocols and services
Stay current with the latest operating system service packs and software patches.
Cont…
Examples of foot printing are port scans and ping sweeps .
The type of information that are required by the attacker includes: account details, operating system, other software versions, server names, and database schema details.
Countermeasures to prevent foot printing include :
Disable unnecessary protocols.
Lock down ports with the appropriate firewall configuration.
Countermeasures to prevent password cracking include :
If you use default account names, you are giving the attacker a head start.
If you use blank or weak passwords you make the attacker's job even easier.
Use strong passwords for all account types.
Apply lockout policies to end-user accounts.
Information gathering Sniffing
Spoofing
Denial of service
Attackers usually start with port scanning.
detect device types and determine operating system and application versions
Countermeasures to prevent information gathering:
Configure routers to restrict their responses to footprinting requests.
Configure operating systems that host network software.
Read all plaintext passwords or configuration information.
crack packets encrypted by lightweight hashing algorithms.
Countermeasures to prevent sniffing:
Use strong physical security and proper segmenting of the network .
Encrypt communication fully, including authentication credentials.
Countermeasures
use a fake source address that does not represent the actual address of the packet.
hide the original source of an attack
to prevent spoofing:
Filter incoming packets
Filter outgoing packets
Countermeasures
denies legitimate users access to a server or services.
send more requests to a server than it can handle .
Apply the latest service packs.
Use a network Intrusion Detection System (IDS).
to prevent denial of service:
Authentication
Network eavesdropping
Cookie replay attacks
Capture traffic and obtain user names and passwords.
Countermeasures to prevent network eavesdropping include:
Make sure passwords are encrypted.
Use an encrypted communication channel.
do not transmit the password over the network such as Windows authentication.
Capture the user's authentication cookie to gain access under a false identity
Countermeasures to prevent cookie replay include:
Use an encrypted communication channel whenever an authentication cookie is transmitted.
Use a cookie timeout to a value that forces authentication after a relatively short time interval.
Cont…
The remedy for all corporate security issues cannot be described in just one paper.
It is meant by this research to be a starting point to a better understanding of the three types of web security and there threats .
you must know what the enemy knows.
By thinking like attackers and being aware of their likely tactics, you can be more effective when applying threats’ countermeasures .
Sima, C. Are Your Web Applications Vulnerable?. Atlanta, GA: SPI Dynamics, 2005.
http://www.webscurity.com/pe_benefits.htm [access at July 7, 2006]
J.D. Meier, Alex Mackman, Michael Dunner, Srinath Vasireddy, Ray Escamilla and Anandha Murukan. 2006. Improving Web Application Security: Threats and Countermeasures.U.S.A: Microsoft Corporation. Retrieved June 5, 2006 from:
http://www.msdn.microsoft.com/library
SafeNet. 2005. WB_Best Practices in Creating High Level Application Security. U.S.A: Belcamp, Maryland 21017 USA. Retrieved July 12, 2006 from:: http://www.safenet-inc.com
Microsoft’s patterns & practices team. 2005. Web Service Security: Scenarios, Patterns, and Implementation Guidance for Web Services Enhancements (WSE) 3.0. Retrieved July 7, 2006 from: http://www.msdn.microsoft.com/practices
Cont…
Thank you for attention