traning security 2013
TRANSCRIPT
Part I
Last update 13/06/2013
( Internet Threat )
Last update 13/06/2013
Malware
Last update 13/06/2013
Virus
Last update 13/06/2013
Botnet
Bot
Worm Trojan
Last update 13/06/2013
Phishing
Last update 13/06/2013
( Spyware ).
Last update 13/06/2013
Adware
Last update 13/06/2013
•Adware software
download
.
• Adware Spyware
hijacker
Browser hijacker
malware
Start page, error page
search page
malware Last update 13/06/2013
Identity Theft / Social
Engineering
Indentity
TheftWEB “myspace”
:
“rnyspace”
Email Address
Last update 13/06/2013
Social
Network
Hacker
http://www.dek-d.com/board/view/2529707/
Last update 13/06/2013
SQL Injection
SQL Login
SELECT UserID
FROM User
WHERE UserName = '$userName'
AND Password = '$password'
userName password POST input tag Username Password
SQL Injection Post input tag
WHERE CLAUSE
User name: 1' = OR '1 = 1
Password: 1' = OR '1 = 1
SQL
SELECT UserID
FROM User
WHERE UserName = '1' = OR '1 = 1'
AND Password = '1' = OR '1 = 1'
Last update 13/06/2013
SQL Injection
hacker
SQL
Input UI
INSERT, UPDATE, DELETE, DROP
form input
post
Ransomware
”
”
Last update 13/06/2013
http://www.androidgyan.com/th/20
12/10/ransomware-internet-
security-risks.html
( OS )
.
.
(OS).
Windows, MacOS, Linux
,
OS
.
Last update 13/06/2013
Top 10 of Social Network
1.
2. Twitter
3. Google
4. Myspace
5. LinkedIn
6. Orkut
7. Friendster
8. Hi5
9. BeBo
10. NetLog
Last update 13/06/2013
Top 10 of Anti-VIRUS
Last update 13/06/2013
Online Anti-VIRUS
https://www.virustotal.com/en/Last update 13/06/2013
The top threats for 2013, as
seen by McAfee
Mobile threatsMobile worm infections could go on a shopping spree in 2013 -- once embedded in a
smartphone or tablet after a dodgy download, they'll purchase malicious apps and do
their stealing through near-field communications (NFC) technology, McAfee says. NFC
and other "tap and pay" mechanisms could also make it easier for our phones to become
infiltrated. McAfee suggests that "bump and infect" scenarios will become more common
in order to steal money and that these kinds of malware will be most commonly found in
densely populated areas including airports and malls.
In addition, mobile malware that prevents your smartphone or tablet from updating
security software is expected to rise.
Build your own ransomwareMcAfee predicts that ransomware "kits" designed around mobile technology will rise, allowing people
without advanced programming skills to be able to more easily attempt to extort money out of the
general public, especially through the Windows PC platform, which saw reported attacks triple in 2012.
Ransomware differs from backdoors, keyloggers or Trojans as it "locks" a system, leaving users without
the means to access their data or system. This is where the malicious software comes in; pay up or
potentially lose your data.
Last update 13/06/2013
The top threats for 2013, as
seen by McAfee
Attacks focused on new platformsThe report suggests that we will see a "rapid development" in ways to attack both
Microsoft'snew Windows 8 platform and HTML5, a standard for Web-based applications.
Rootkits, the use of bootkit techniques and attacks which target master boot records, the
BIOS and volume boot records are expected to diversify and evolve. Windows 8 platform is
expected to be targeted through malware as well as phishing techniques. McAfee warns that
platform upgrades will not necessarily protect your system, although it is deemed more
secure that previous versions.
An increase in large-scale attacksAccording to the firm, large scale attacks reminiscent of Stuxnet or Flame, designed to destroy infrastructure
rather than based on purely financial gain, will firmly take hold in 2013. Used in order to cripple
businesses, steal intellectual property and simply cause as much damage as possible, large-scale hacktivism
can be devastating for businesses that are often vulnerable to the simplest methods, such as distributed
denial-of-service (DDoS) attacks.
Last update 13/06/2013
The top threats for 2013, as
seen by McAfee
Snowshoes and spamIn addition to an increase in attacks based on botnets, "shoeshoe" spamming of
legitimate products available online, made through numerous IP addresses, is expected
to be a cyberattack trend in 2013. Well-known businesses can fall prey to shady
marketing companies that promise e-mail address lists of potential customers, and
blatant spamming still goes unchecked.
Hacking as a serviceHacking "as a service" is expected to rise, mainly due to the rise of invitation-only and fee-
paying professional hacker forums available to only those who have guarantors to ensure their
authenticity. Based on e-commerce shopping cart models, it is expected that anonymity will be
maintained through anonymous payment methods including Liberty Reserve.
The decline of Anonymous, but a rise in
extreme hacktivismMcAfee argues that a lack of structure and organization in the hacking collective referred to as Anonymous has
impacted the idea's reputation. Misinformation, false claims and hacking for the simple joy of it may result in the
collective's political claims taking a beating. As a result, success and fame will decline -- but higher-level
professional hacking groups may take up the slack, and promote a rise in military, religious, political and
"extreme" campaign attacks.
Last update 13/06/2013
Last update 13/06/2013
(
‘‘ ’’)
Last update 13/06/2013
No.1
,
Last update 13/06/2013
No.
USB , , Last update 13/06/2013
No.
CD ,
Last update 13/06/2013
No.
CD/USB
,
,
Last update 13/06/2013
No.
-
Last update 13/06/2013
No.
USB
CD, USB ,
Last update 13/06/2013
No.
Last update 13/06/2013
No.
[ ]Windows Update
Safety & Security
http://www.microsoft.com/securitity/
Windows Update
Last update 13/06/2013
No.
Last update 13/06/2013
No.
Last update 13/06/2013
No.
Last update 13/06/2013
No. ( Password )
ABC123
ABC123
?
Last update 13/06/2013
No.(
Virus )
ID
Last update 13/06/2013
No.
Last update 13/06/2013
No.
FAX
FAX
FAX
!!!
To
!!!!
Last update 13/06/2013
No.( E-mails )
TO, CC, BCC
Last update 13/06/2013
No.( E-
mails )
Last update 13/06/2013
No.
Last update 13/06/2013
No.
Last update 13/06/2013
No.
Last update 13/06/2013
No.
Last update 13/06/2013
No.
「
」
Last update 13/06/2013
No.
Last update 13/06/2013
No.
Last update 13/06/2013
No.
!
!
Last update 13/06/2013
Part III
Last update 13/06/2013
( User Account )
.
(
User Account )
Last update 13/06/2013
Notebook, Desktop
MAC Address
.
2
Last update 13/06/2013
3
: USB
, Storage Device, External Hard Drive, Floppy disk
password .
.
.
Last update 13/06/2013
4
Password
Screen Saver
3 Last update 13/06/2013
5
,
,
:
Hup, Switch, Bridge, Router Access point
.
Network Network
Last update 13/06/2013
6
:
scan port, sniffer, hacker .
, , ,
,
.
Last update 13/06/2013
7
: , ,
Share file .
IP Address
.
IP Address, Bridging, Routing
Internet Traffic
Proxy, DHCP Server, Bridge Router
.
Last update 13/06/2013
8 :
MS Excel, MS Powerpoint
:
1.
,
.pdf .
2.
.
Last update 13/06/2013
9
Software
.
.
Last update 13/06/2013
10
Sofware
.
Last update 13/06/2013
11
Internet
.
LTC
Network (
Billing ,
Accounting
, POS … )ADSL , WIFI
, HSPA …
Last update 13/06/2013
13 E-mail Internet
Posters .
Last update 13/06/2013
14
: (
Application System ),
.
.
Last update 13/06/2013
15
Share files
.
Last update 13/06/2013
16
.
Last update 13/06/2013
17
Password
Poster
.
Last update 13/06/2013
18
Antivirus/Anti-Spyware IT .
. Update
Virus (Virus Definition) .
E-mail, USB Storage Device External Hard Drive Antivirus Copy Transfer
.
(Disable) Last update 13/06/2013
Last update 13/06/2013
Password Server Network
Password 06
.
Default Password Application
.
06 Password Server Network
Last update 13/06/2013
20
Server Network Authentication logs, Web Server Logs, Mail Server logs, File Server logs, Remote access Logs,
( Application logs )
( Login-Logout logs )
( Login Attempts ) commandline
firewall logs
3 .
Last update 13/06/2013
21 Server
Port service .
Server Antivirus /
Anti-Spyware
.
Server Server
Backup,
Last update 13/06/2013
22 Remote Access / Administration
Secure Channels
: SSH VPN .
Remote Access System Administrator
Last update 13/06/2013
23
patch
(system software) DBMS web
server .
Firewall
.
:
◦.
◦ .
◦
.Last update 13/06/2013
24
parameter
parameter
.
.
(tools)
Last update 13/06/2013
25◦
( Operating System ) ,
( Application
System )
.
◦
:
.
( Media ).
( Copy ).
.
Last update 13/06/2013
26 ( log book )
.
1
.
.
Last update 13/06/2013
27
( computer
operator )
- ,
,
. Last update 13/06/2013
28
•
.
•
, , Hard disk ,
(CPU)
(capacity) .
•
Billing , OCS , Internet .
.
Last update 13/06/2013
29
supplier,
Third party Outsource
.
Development System
.
Supplier, Third party Outsource
2
Last update 13/06/2013
Last update 13/06/2013
30
,
.
:
( Stickly Confidential )
( Internal / Non-public / Last update 13/06/2013
31
◦
( storage ) , ( input ) ,
(operate) (output)
(distributed database)
.
◦
Last update 13/06/2013
32
/
:
, Flowchart , Software Supplier
.
.
Last update 13/06/2013
33
Recycle.
2048 bit RSA
DSS.
Encrypt
Last update 13/06/2013
Last update 13/06/2013
34
◦
, ,
.
◦
(emergency
change)
.
◦
.
◦
(
electronic transaction email ) Last update 13/06/2013
35
◦
( operation )
( security ) (
functionality ) .
◦
.
◦
(develop environment)
(promotion environment)
Last update 13/06/2013
36
◦
.
◦ (security)
(availability )
.
◦
Last update 13/06/2013
37
◦
.
◦
.
◦
, ,
,
program specification
Last update 13/06/2013
Last update 13/06/2013