ch06 - Computer Security: Principles and Practice Chapter 6...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 6 Chapter 6 Intrusion Detection Intrusion Detection
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Intruders significant issue hostile/unwanted trespass from benign to serious user trespass unauthorized logon, privilege abuse software trespass virus, worm, or trojan horse classes of intruders: masquerader, misfeasor, clandestine user
Background image of page 2
3 Examples of Intrusion remote root compromise web server defacement guessing / cracking passwords copying viewing sensitive data / databases running a packet sniffer distributing pirated software using an unsecured modem to access net impersonating a user to reset password using an unattended workstation
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Security Intrusion a security event, or combination of multiple security events, that constitutes a security incident in which an intruder gains, or attempts to gain, access to a system (or system resource) without having authorization to do so. Intrusion Detection a security service that monitors and analyzes system events for the purpose of finding, and providing real-time or near real- time warning of attempts to access system resources in an unauthorized manner.
Background image of page 4
5 Hackers motivated by thrill of access and status hacking community a strong meritocracy status is determined by level of competence benign intruders might be tolerable do consume resources and may slow performance can’t know in advance whether benign or malign IDS / IPS / VPNs can help counter awareness led to establishment of CERTs collect / disseminate vulnerability info / responses
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Hacker Behavior Example 1. select target using IP lookup tools 2. map network for accessible services 3. identify potentially vulnerable services 4. brute force (guess) passwords 5. install remote administration tool 6. wait for admin to log on and capture password 7. use password to access remainder of network
Background image of page 6
7 Criminal Enterprise organized groups of hackers now a threat
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/05/2011 for the course CS 2105 taught by Professor Ana during the Fall '09 term at National University of Singapore.

Page1 / 30

ch06 - Computer Security: Principles and Practice Chapter 6...

This preview shows document pages 1 - 8. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online