Lecture 2

Lecture 2 - CS682/393 Network Security Week 2 Network Recon...

Info iconThis preview shows pages 1–18. Sign up to view the full content.

View Full Document Right Arrow Icon
CS682/393 Network Security Week 2 Network Recon
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
RECAP
Background image of page 2
Who am I Nasir Memon LC 116 Dibner – 718 260 3970 memon@poly.edu OfFce hours 4 to 6 pm Wednesdays Open door - calendar on my website.
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Course Logistics Lab 1 assigned (Linux) – DUE FEB 1!! Will be using my.poly for class material You are responsible for checking it everyday Lab 2 assigned (Socket programming) - Due Feb 8!! Will be using Virtual Lab Discussion topics in my.poly.
Background image of page 4
Course Policies Lab 40%. Midterm and Final 20% each and term paper 20% (Graduates only) No late HW or Labs accepted. Lowest two dropped (8 to 12 total) Plagiarism policy
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Prerequisites for CS682 Knowledge of networking Basic Understanding of Operating Systems Mature programmer. Should be able to pick up whatever is needed.
Background image of page 6
Information Security Mark Stamp ISBN: 0471738484 Published: 2005 Also available on the Amazon Kindle Practical Cryptography (OPTIONAL) Neils Ferguson, Bruce Schneier ISBN: 0471223573 Published: 2003 Counter Hack Reloaded Ed Skoudis ISBN: 0131481045 Published: 2006 Textbooks:
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
What is This Course about? We will explore: Various vulnerabilities in network protocols and services. Mechanisms to protect networks. Security tools.
Background image of page 8
CIA Confdentiality, Integrity, and Availability Authentication, Access Control,
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Risk Security is about risk management
Background image of page 10
Risk Risk: The chance of something going wrong. Risk can exist when there is a known issue that increases the attack surface. Risk can also exist when there are non-speciFc issues, unexplored threat areas, or lack of depth-of-knowledge. Threat x Vulnerabilities = Risk . Computer security can be viewed as process of risk analysis and management.
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Threat Modeling Summary 1. Enumerate assets 2. Determine the threats to the system 3. Compute risk for each threat 4. Rank the threats by decreasing risk 5. Choose how to respond to the threats
Background image of page 12
Security is a process. Not a product or technology!! Threats Policy Specifcation Design Implementation Operation and Maintenance You will learn more about this in InFormation Security Management course
Background image of page 13

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Think like Trudy! Always question assumptions Strive to fnd a weak link It’s OK to break the rules But don’t do anything illegal…
Background image of page 14
Today’s Goal Tools and techniques for network reconnaissance
Background image of page 15

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Network Attack Methodology Recon – Information gathering Scanning – Enumeration Vulnerability Identification Exploit Keeping Access Covering the tracks 12
Background image of page 16
“Casing the joint” Gather as much information as possible about the target from open sources Bank robbers will typically perform reconnaissance on the branch. Will observe times when the branch is busy with customers, guard shift changes, location of cameras, etc. This is the same first step performed in computer network attacks.
Background image of page 17

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 18
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 58

Lecture 2 - CS682/393 Network Security Week 2 Network Recon...

This preview shows document pages 1 - 18. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online