traning security 2013

90
: : 55500777 , Fax . 215523 , Email : [email protected] Last update 13/06/2013

Upload: somvang-phengsavanh

Post on 13-Jul-2015

143 views

Category:

Education


22 download

TRANSCRIPT

Page 1: Traning security 2013

:

: 55500777 , Fax . 215523 ,

Email : [email protected] update 13/06/2013

Page 2: Traning security 2013

Part I

Last update 13/06/2013

Page 3: Traning security 2013

( Internet Threat )

Last update 13/06/2013

Page 4: Traning security 2013

Malware

Last update 13/06/2013

Page 5: Traning security 2013

Virus

Last update 13/06/2013

Page 6: Traning security 2013

Botnet

Bot

Worm Trojan

Last update 13/06/2013

Page 7: Traning security 2013

Phishing

Last update 13/06/2013

Page 8: Traning security 2013

( Spyware ).

Last update 13/06/2013

Page 9: Traning security 2013

Adware

Last update 13/06/2013

•Adware software

download

.

• Adware Spyware

Page 10: Traning security 2013

hijacker

Browser hijacker

malware

Start page, error page

search page

malware Last update 13/06/2013

Page 11: Traning security 2013

Identity Theft / Social

Engineering

Indentity

TheftWEB “myspace”

:

“rnyspace”

Email Address

Last update 13/06/2013

Social

Network

Page 13: Traning security 2013

SQL Injection

SQL Login

SELECT UserID

FROM User

WHERE UserName = '$userName'

AND Password = '$password'

userName password POST input tag Username Password

SQL Injection Post input tag

WHERE CLAUSE

User name: 1' = OR '1 = 1

Password: 1' = OR '1 = 1

SQL

SELECT UserID

FROM User

WHERE UserName = '1' = OR '1 = 1'

AND Password = '1' = OR '1 = 1'

Last update 13/06/2013

SQL Injection

hacker

SQL

Input UI

INSERT, UPDATE, DELETE, DROP

form input

post

Page 15: Traning security 2013

( OS )

.

.

(OS).

Windows, MacOS, Linux

,

OS

.

Last update 13/06/2013

Page 16: Traning security 2013

Top 10 of Social Network

1.

Facebook

2. Twitter

3. Google

4. Myspace

5. LinkedIn

6. Orkut

7. Friendster

8. Hi5

9. BeBo

10. NetLog

Last update 13/06/2013

Page 17: Traning security 2013

Top 10 of Anti-VIRUS

Last update 13/06/2013

Page 18: Traning security 2013

Online Anti-VIRUS

https://www.virustotal.com/en/Last update 13/06/2013

Page 19: Traning security 2013

The top threats for 2013, as

seen by McAfee

Mobile threatsMobile worm infections could go on a shopping spree in 2013 -- once embedded in a

smartphone or tablet after a dodgy download, they'll purchase malicious apps and do

their stealing through near-field communications (NFC) technology, McAfee says. NFC

and other "tap and pay" mechanisms could also make it easier for our phones to become

infiltrated. McAfee suggests that "bump and infect" scenarios will become more common

in order to steal money and that these kinds of malware will be most commonly found in

densely populated areas including airports and malls.

In addition, mobile malware that prevents your smartphone or tablet from updating

security software is expected to rise.

Build your own ransomwareMcAfee predicts that ransomware "kits" designed around mobile technology will rise, allowing people

without advanced programming skills to be able to more easily attempt to extort money out of the

general public, especially through the Windows PC platform, which saw reported attacks triple in 2012.

Ransomware differs from backdoors, keyloggers or Trojans as it "locks" a system, leaving users without

the means to access their data or system. This is where the malicious software comes in; pay up or

potentially lose your data.

Last update 13/06/2013

Page 20: Traning security 2013

The top threats for 2013, as

seen by McAfee

Attacks focused on new platformsThe report suggests that we will see a "rapid development" in ways to attack both

Microsoft'snew Windows 8 platform and HTML5, a standard for Web-based applications.

Rootkits, the use of bootkit techniques and attacks which target master boot records, the

BIOS and volume boot records are expected to diversify and evolve. Windows 8 platform is

expected to be targeted through malware as well as phishing techniques. McAfee warns that

platform upgrades will not necessarily protect your system, although it is deemed more

secure that previous versions.

An increase in large-scale attacksAccording to the firm, large scale attacks reminiscent of Stuxnet or Flame, designed to destroy infrastructure

rather than based on purely financial gain, will firmly take hold in 2013. Used in order to cripple

businesses, steal intellectual property and simply cause as much damage as possible, large-scale hacktivism

can be devastating for businesses that are often vulnerable to the simplest methods, such as distributed

denial-of-service (DDoS) attacks.

Last update 13/06/2013

Page 21: Traning security 2013

The top threats for 2013, as

seen by McAfee

Snowshoes and spamIn addition to an increase in attacks based on botnets, "shoeshoe" spamming of

legitimate products available online, made through numerous IP addresses, is expected

to be a cyberattack trend in 2013. Well-known businesses can fall prey to shady

marketing companies that promise e-mail address lists of potential customers, and

blatant spamming still goes unchecked.

Hacking as a serviceHacking "as a service" is expected to rise, mainly due to the rise of invitation-only and fee-

paying professional hacker forums available to only those who have guarantors to ensure their

authenticity. Based on e-commerce shopping cart models, it is expected that anonymity will be

maintained through anonymous payment methods including Liberty Reserve.

The decline of Anonymous, but a rise in

extreme hacktivismMcAfee argues that a lack of structure and organization in the hacking collective referred to as Anonymous has

impacted the idea's reputation. Misinformation, false claims and hacking for the simple joy of it may result in the

collective's political claims taking a beating. As a result, success and fame will decline -- but higher-level

professional hacking groups may take up the slack, and promote a rise in military, religious, political and

"extreme" campaign attacks.

Last update 13/06/2013

Page 22: Traning security 2013

Last update 13/06/2013

Page 23: Traning security 2013

(

‘‘ ’’)

Last update 13/06/2013

Page 24: Traning security 2013

No.1

,

Last update 13/06/2013

Page 25: Traning security 2013

No.

USB , , Last update 13/06/2013

Page 26: Traning security 2013

No.

CD ,

Last update 13/06/2013

Page 27: Traning security 2013

No.

CD/USB

,

,

Last update 13/06/2013

Page 28: Traning security 2013

No.

-

Last update 13/06/2013

Page 29: Traning security 2013

No.

USB

CD, USB ,

Last update 13/06/2013

Page 30: Traning security 2013

No.

Last update 13/06/2013

Page 31: Traning security 2013

No.

[ ]Windows Update

Safety & Security

http://www.microsoft.com/securitity/

Windows Update

Last update 13/06/2013

Page 32: Traning security 2013

No.

Last update 13/06/2013

Page 33: Traning security 2013

No.

Last update 13/06/2013

Page 34: Traning security 2013

No.

Last update 13/06/2013

Page 35: Traning security 2013

No. ( Password )

ABC123

ABC123

?

Last update 13/06/2013

Page 36: Traning security 2013

No.(

Virus )

ID

Last update 13/06/2013

Page 37: Traning security 2013

No.

Last update 13/06/2013

Page 38: Traning security 2013

No.

FAX

FAX

FAX

!!!

To

!!!!

Last update 13/06/2013

Page 39: Traning security 2013

No.( E-mails )

TO, CC, BCC

Last update 13/06/2013

Page 40: Traning security 2013

No.( E-

mails )

Last update 13/06/2013

Page 41: Traning security 2013

No.

Last update 13/06/2013

Page 42: Traning security 2013

No.

Last update 13/06/2013

Page 43: Traning security 2013

No.

Last update 13/06/2013

Page 44: Traning security 2013

No.

Last update 13/06/2013

Page 45: Traning security 2013

No.

Last update 13/06/2013

Page 46: Traning security 2013

No.

Last update 13/06/2013

Page 47: Traning security 2013

No.

Last update 13/06/2013

Page 48: Traning security 2013

No.

!

!

Last update 13/06/2013

Page 49: Traning security 2013

Part III

Last update 13/06/2013

Page 50: Traning security 2013

( User Account )

.

(

User Account )

Last update 13/06/2013

Page 51: Traning security 2013

Notebook, Desktop

MAC Address

.

2

Last update 13/06/2013

Page 52: Traning security 2013

3

: USB

, Storage Device, External Hard Drive, Floppy disk

password .

.

.

Last update 13/06/2013

Page 53: Traning security 2013

4

Password

Screen Saver

3 Last update 13/06/2013

Page 54: Traning security 2013

5

,

,

:

Hup, Switch, Bridge, Router Access point

.

Network Network

Last update 13/06/2013

Page 55: Traning security 2013

6

:

scan port, sniffer, hacker .

, , ,

,

.

Last update 13/06/2013

Page 56: Traning security 2013

7

: , ,

Share file .

IP Address

.

IP Address, Bridging, Routing

Internet Traffic

Proxy, DHCP Server, Bridge Router

.

Last update 13/06/2013

Page 57: Traning security 2013

8 :

MS Excel, MS Powerpoint

:

1.

,

.pdf .

2.

.

Last update 13/06/2013

Page 58: Traning security 2013

9

Software

.

.

Last update 13/06/2013

Page 59: Traning security 2013

10

Sofware

.

Last update 13/06/2013

Page 60: Traning security 2013

11

Internet

.

LTC

Network (

Billing ,

Accounting

, POS … )ADSL , WIFI

, HSPA …

Last update 13/06/2013

Page 61: Traning security 2013

12 E-mail account

.

[email protected]

[email protected]

Last update 13/06/2013

Page 62: Traning security 2013

13 E-mail Internet

Posters .

Last update 13/06/2013

Page 63: Traning security 2013

14

: (

Application System ),

.

.

Last update 13/06/2013

Page 64: Traning security 2013

15

Share files

.

Last update 13/06/2013

Page 65: Traning security 2013

16

.

Last update 13/06/2013

Page 66: Traning security 2013

17

Password

Poster

.

Last update 13/06/2013

Page 67: Traning security 2013

18

Antivirus/Anti-Spyware IT .

. Update

Virus (Virus Definition) .

E-mail, USB Storage Device External Hard Drive Antivirus Copy Transfer

.

(Disable) Last update 13/06/2013

Page 68: Traning security 2013

Last update 13/06/2013

Page 69: Traning security 2013

Password Server Network

Password 06

.

Default Password Application

.

06 Password Server Network

Last update 13/06/2013

Page 70: Traning security 2013

20

Server Network Authentication logs, Web Server Logs, Mail Server logs, File Server logs, Remote access Logs,

( Application logs )

( Login-Logout logs )

( Login Attempts ) commandline

firewall logs

3 .

Last update 13/06/2013

Page 71: Traning security 2013

21 Server

Port service .

Server Antivirus /

Anti-Spyware

.

Server Server

Backup,

Last update 13/06/2013

Page 72: Traning security 2013

22 Remote Access / Administration

Secure Channels

: SSH VPN .

Remote Access System Administrator

Last update 13/06/2013

Page 73: Traning security 2013

23

patch

(system software) DBMS web

server .

Firewall

.

:

◦.

◦ .

.Last update 13/06/2013

Page 74: Traning security 2013

24

parameter

parameter

.

.

(tools)

Last update 13/06/2013

Page 75: Traning security 2013

25◦

( Operating System ) ,

( Application

System )

.

:

.

( Media ).

( Copy ).

.

Last update 13/06/2013

Page 76: Traning security 2013

26 ( log book )

.

1

.

.

Last update 13/06/2013

Page 77: Traning security 2013

27

( computer

operator )

- ,

,

. Last update 13/06/2013

Page 78: Traning security 2013

28

.

, , Hard disk ,

(CPU)

(capacity) .

Billing , OCS , Internet .

.

Last update 13/06/2013

Page 79: Traning security 2013

29

supplier,

Third party Outsource

.

Development System

.

Supplier, Third party Outsource

2

Last update 13/06/2013

Page 80: Traning security 2013

Last update 13/06/2013

Page 81: Traning security 2013

30

,

.

:

( Stickly Confidential )

( Internal / Non-public / Last update 13/06/2013

Page 82: Traning security 2013

31

( storage ) , ( input ) ,

(operate) (output)

(distributed database)

.

Last update 13/06/2013

Page 83: Traning security 2013

32

/

:

, Flowchart , Software Supplier

.

.

Last update 13/06/2013

Page 84: Traning security 2013

33

Recycle.

2048 bit RSA

DSS.

Encrypt

Last update 13/06/2013

Page 85: Traning security 2013

Last update 13/06/2013

Page 86: Traning security 2013

34

, ,

.

(emergency

change)

.

.

(

electronic transaction email ) Last update 13/06/2013

Page 87: Traning security 2013

35

( operation )

( security ) (

functionality ) .

.

(develop environment)

(promotion environment)

Last update 13/06/2013

Page 88: Traning security 2013

36

.

◦ (security)

(availability )

.

Last update 13/06/2013

Page 89: Traning security 2013

37

.

.

, ,

,

program specification

Last update 13/06/2013

Page 90: Traning security 2013

Last update 13/06/2013