5023 Security Class
Security Class
satya - 7/13/2015, 9:41:28 AM
Top 100 security tools nessus
Top 100 security tools nessus
satya - 7/13/2015, 9:43:10 AM
Here is one of the links to that content
satya - 7/13/2015, 9:47:51 AM
Use this for class:\\172.16.101.20
Use this for class:\\172.16.101.20
satya - 7/13/2015, 9:49:06 AM
compTIA practice tests
compTIA practice tests
satya - 7/13/2015, 9:49:23 AM
compTIA certification exam details
compTIA certification exam details
satya - 7/13/2015, 9:50:58 AM
What is VCM? for taking tests
What is VCM? for taking tests
satya - 7/13/2015, 9:58:31 AM
How do you prevent google drive from syncing data to a particular device?
How do you prevent google drive from syncing data to a particular device?
Search for: How do you prevent google drive from syncing data to a particular device?
satya - 7/13/2015, 10:07:50 AM
how to prevent syncing google drive on certain computers
how to prevent syncing google drive on certain computers
Search for: how to prevent syncing google drive on certain computers
satya - 7/13/2015, 10:12:23 AM
How can i copy a file or folder to google drive without syncing?
How can i copy a file or folder to google drive without syncing?
Search for: How can i copy a file or folder to google drive without syncing?
satya - 7/13/2015, 10:14:03 AM
accessing drive.google.com from a public computer
accessing drive.google.com from a public computer
Search for: accessing drive.google.com from a public computer
satya - 7/13/2015, 10:17:46 AM
Here it is
satya - 7/13/2015, 10:18:31 AM
Integrity
Hashing
Signatures
Certs
satya - 7/13/2015, 10:19:05 AM
Confidentiality
encryption
access controls
steganography
satya - 7/13/2015, 10:19:27 AM
Availability
redundancy
fault tolerance
patching
satya - 7/13/2015, 10:40:29 AM
Here is an article from Gary Kessler on Steganography
satya - 7/13/2015, 10:47:44 AM
Multi-factors that are distinct
you are (finger print, retinal)
you have (key or id card)
you know (password)
satya - 7/13/2015, 10:51:33 AM
whats up with kerberos
whats up with kerberos
satya - 7/13/2015, 10:52:37 AM
State and applicability of kerberos
State and applicability of kerberos
satya - 7/13/2015, 10:53:30 AM
Access control types
MAC - Mandatory access control
DAC - Discretionary
RBAC - Rolebased
satya - 7/13/2015, 10:54:59 AM
MAC
clearance has to dominate your classification
military
through security labels
non discretionary
satya - 7/13/2015, 10:55:50 AM
What is MAC: mandatory access control
What is MAC: mandatory access control
satya - 7/13/2015, 10:59:20 AM
Discretionary access control: DAC
Discretionary access control: DAC
satya - 7/13/2015, 10:59:49 AM
DAC
giving users a certain access by the owner directly with out the idea of roles or a mandatory
satya - 7/13/2015, 11:01:01 AM
Role based
Giving access to based on roles and not directly to users.
satya - 7/13/2015, 11:01:49 AM
Rule based security
Rule based security
satya - 7/13/2015, 11:05:02 AM
Implicit deny
deny first and then give access if needed.
satya - 7/13/2015, 11:06:18 AM
Principal of None to least privilege
Principal of None to least privilege
satya - 7/13/2015, 11:14:08 AM
Time of day controls
Time of day controls
satya - 7/13/2015, 11:23:41 AM
Token examples
id cards
fobs
number generators
satya - 7/13/2015, 11:24:19 AM
Biometrics
retina (best)
fingerprint
voice recog
facial recog
satya - 7/13/2015, 11:27:46 AM
Mutual Authentication
Mutual Authentication
satya - 7/13/2015, 12:38:31 PM
Professor Messer YouTube videos on security
Professor Messer YouTube videos on security
satya - 7/13/2015, 12:45:42 PM
Various types of ciphers
Various types of ciphers
satya - 7/13/2015, 12:46:37 PM
some types
Stream cipher - fast on the fly, light weight
Block cipher - at leisure and stronger
satya - 7/13/2015, 12:52:34 PM
How do you hide a document in a picture using steganography?
Convert it to binary first
Use the last bit in every pixels 8 bits
The resulting image is a bit different but not much
that is how
satya - 7/13/2015, 12:53:08 PM
You can do this for digital water marks
You can do this for digital water marks
satya - 7/13/2015, 12:57:20 PM
Keep in mind hashes are oneway!
Keep in mind hashes are oneway!
satya - 7/13/2015, 1:01:12 PM
Cane and abel and hashes
If someone gets hashes, they do a dictionary search and generate hashes for each.
It is worthwhile to put special characters because of this
satya - 7/13/2015, 1:02:54 PM
rainbow table
A rainbow table is a precomputed table for reversing cryptographic hash functions, usually for cracking password hashes. Tables are usually used in recovering a plaintext password up to a certain length consisting of a limited set of characters.
satya - 7/13/2015, 1:08:58 PM
salted hashes on servers
salted hashes on servers
satya - 7/13/2015, 1:11:11 PM
Hashing algorithms
MD5 ? 128-bit, too many collisions
SHA1 ? 160-bit, SHA-256, SHA-384, SHA-512
NTLM versions 1 and 2 ? used by Microsoft since Windows NT
RIPEMD ? 128, 160, 256, 320 bit strengths, 256 and 320 few collisions
HMAC ? integrity + authenticity by combining hash with a secret key
satya - 7/13/2015, 1:16:42 PM
Symmetric keys
fast
shared keys
Need to protect keys
satya - 7/13/2015, 1:17:07 PM
Symmetric keys
DES ? 64-bit block, 56-bit key
3DES ? encrypts each block 3x, triples performance impact
AES ? 128-bit block, 128, 192, or 256-bit key
Blowfish ? 64-bit block, variable key length
Twofish ? 128-bit block, 128, 192, or 256-bit key
RC4, 5, 6 ? RC4 is stream cipher, 5 & 6 are block
satya - 7/13/2015, 1:20:26 PM
Problem with encryption keys
guess a key and see if it can be translated.
satya - 7/13/2015, 1:21:13 PM
Current standard is AES: 128 bit
fast
secure
satya - 7/13/2015, 1:26:59 PM
Asymmetric players
RSA? - variable key length and block size
DH ? provides secure key exchange
ECC ? shorter keys than RSA with same security, used in wireless
DHE ? variant of DH ephemeral keys
ECDHE ? variant of DH using ECC and ephemeral keys
satya - 7/13/2015, 1:31:50 PM
DH - Diffey Helman to use Asymmetric keys to exchange symmetric keys
DH - Diffey Helman to use Asymmetric keys to exchange symmetric keys
satya - 7/13/2015, 1:32:37 PM
ECDHE used for mobile communication
quick
satya - 7/13/2015, 1:33:07 PM
Elliptic curve cryptography
Elliptic curve cryptography
satya - 7/13/2015, 1:47:56 PM
Two parties can communicate securely if they hold each others public keys
Two parties can communicate securely if they hold each others public keys
satya - 7/13/2015, 1:49:59 PM
Hash encrypted with a private key provides
Integrity
Non-repudiation
Not for confidentiality
satya - 7/13/2015, 1:51:17 PM
A signature is a hash encrypted with private keys
A signature is a hash encrypted with private keys
satya - 7/13/2015, 1:56:54 PM
Extending the idea of keys
Key exchange
Bulk encryption
Message authentication code
Pseudorandom function
satya - 7/13/2015, 2:07:25 PM
symmetric key is also called a session key
symmetric key is also called a session key
satya - 7/13/2015, 2:09:42 PM
A certificate is a public key
A certificate is a public key
satya - 7/13/2015, 2:10:59 PM
stretching keys
Key stretching makes it harder to crack passwords and passphrases.
Original key is enhanced by running it through a key-stretching algorithm
Keys are usually larger than 128 bits
PBKDF2
Bcrypt
satya - 7/13/2015, 2:11:28 PM
Use pass phrases instead of dictionary words
Use pass phrases instead of dictionary words
satya - 7/13/2015, 2:16:24 PM
Browser and Server interaction
Exchange public certs
Talk to the authority and verify public certs
Share session specific symmetric keys
communicate
satya - 7/13/2015, 2:21:47 PM
Summary of Active Directory
Summary of Active Directory
satya - 7/13/2015, 2:23:15 PM
If you trust the website through other physical means it is ok to accept self signed certs
If you trust the website through other physical means it is ok to accept self signed certs
satya - 7/13/2015, 2:42:37 PM
Listed social engineering types
Spoofing
Impersonation
Hoax
Phishing
Vishing
Spear Phishing **
Whaling
URL hijacking/typo squatting
Spam and spim
Shoulder surfing
Dumpster diving
Tailgating
satya - 7/13/2015, 3:04:23 PM
Virus and a Worm
A virus is transmitted explicitly by users
A worm spreads itself
-- they may be one and the same and virus may be both now
satya - 7/13/2015, 3:12:02 PM
rootkit
A rootkit is a stealthy type of software, typically malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer
satya - 7/13/2015, 3:14:24 PM
Logic Bomb
some virus that goes off based on some kind of logic
satya - 7/14/2015, 9:24:44 AM
Online certification testing: Pearson Vue
Online certification testing: Pearson Vue
satya - 7/14/2015, 9:26:44 AM
Name of the test: CompTIA security plus
Name of the test: CompTIA security plus
satya - 7/14/2015, 9:40:06 AM
There is a file called SAM in windows that keeps user hashes
There is a file called SAM in windows that keeps user hashes
satya - 7/14/2015, 9:41:16 AM
Common password-cracking utilities
Cain & Abel ? (demo)
Ophcrack ? (demo)
L0phCrack
John the Ripper
satya - 7/14/2015, 9:41:55 AM
Types of password attacks
Guessing
Stealing
Dictionary attack
Brute force attack
Rainbow tables
Hybrid password attack
Birthday attack
satya - 7/14/2015, 9:52:32 AM
Types of password attacks
Types of password attacks
satya - 7/14/2015, 10:15:00 AM
Cross-site scripting
Cross-site scripting
satya - 7/14/2015, 10:15:39 AM
Command injection attack
Command injection attack
satya - 7/14/2015, 10:16:05 AM
Cookies manipulation
Cookies manipulation
satya - 7/14/2015, 10:17:14 AM
Header manipulation security threat
Header manipulation security threat
satya - 7/14/2015, 10:17:28 AM
Buffer overflow security threat
Buffer overflow security threat
satya - 7/14/2015, 10:17:47 AM
Integer overflow security threat
Integer overflow security threat
satya - 7/14/2015, 10:24:03 AM
Ping of death and buffer overflow
Ping of death and buffer overflow
satya - 7/14/2015, 10:50:27 AM
popular standard ports
21 ftp
53 dns
80 http
110 pop3
119 nntp
443 https
satya - 7/14/2015, 10:50:59 AM
popular port scanning programs
popular port scanning programs
satya - 7/14/2015, 10:51:17 AM
SuperScan Angry IP Scan
SuperScan Angry IP Scan
satya - 7/14/2015, 10:54:23 AM
Using Wireshark for sniffing network traffic packet snipper
Using Wireshark for sniffing network traffic packet snipper
Search for: Using Wireshark for sniffing network traffic packet snipper
satya - 7/14/2015, 11:01:00 AM
man in the middle attach
man in the middle attach
satya - 7/14/2015, 11:06:04 AM
Evil Twin
Evil twin is a term for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up to eavesdrop on wireless communications.[1]
An evil twin is the wireless version of the phishing scam. An attacker fools wireless users into connecting a laptop or mobile phone to a tainted hotspot by posing as a legitimate provider.
This type of evil twin attack may be used to steal the passwords of unsuspecting users by either snooping the communication link or by phishing, which involves setting up a fraudulent web site and luring people ther
satya - 7/14/2015, 11:09:16 AM
Click jacking
A user might receive an email with a link to a video about a news item, but another valid page, say a product page on Amazon.com, can be "hidden" on top or underneath the "PLAY" button of the news video. The user tries to "play" the video but actually "buys" the product from Amazon.
Other known exploits include:
Tricking users into enabling their webcam and microphone through Flash
Tricking users into making their social networking profile information public
Making users follow someone on Twitter[8]
Sharing links on Facebook
satya - 7/14/2015, 11:11:58 AM
ICMP flood smurf attack
ICMP flood smurf attack
satya - 7/14/2015, 11:15:28 AM
Reflected DOS attack
Reflected DOS attack
satya - 7/14/2015, 11:15:48 AM
Permanent DOS attack (Phlashing)
Permanent DOS attack (Phlashing)
satya - 7/14/2015, 11:28:17 AM
Transitive access attacks
Transitive access attacks
satya - 7/14/2015, 1:05:02 PM
Bluejacking
Bluejacking
Attacker sending malware to a device via bluetooth
satya - 7/14/2015, 1:05:54 PM
Bluesnarfing
Bluesnarfing
Attacker stealing data transmitted over bluetooth
satya - 7/14/2015, 1:06:26 PM
war driving chalking
war driving chalking
satya - 7/14/2015, 1:06:45 PM
netstumbler inSSIDer Kismet Aircrack
netstumbler inSSIDer Kismet Aircrack
satya - 7/14/2015, 1:07:06 PM
Key things in this page
links
tools
key words
key topics
satya - 7/14/2015, 1:08:00 PM
wireless replay attacks
wireless replay attacks
satya - 7/14/2015, 1:08:57 PM
sinkhole
Attacker funnels wireless traffic into a single port
Intercepts data
Slows the network
satya - 7/14/2015, 1:09:49 PM
wep and wpa attacks
wep and wpa attacks
satya - 7/14/2015, 1:44:00 PM
Go after a directory of encrypted files to secure them from reading
Go after a directory of encrypted files to secure them from reading
satya - 7/14/2015, 1:51:22 PM
sophos disk encryption
sophos disk encryption
satya - 7/14/2015, 2:07:55 PM
CCCleaner registry cleaning tool
CCCleaner registry cleaning tool
satya - 7/14/2015, 3:05:47 PM
xss stored attack and reflected attack
xss stored attack and reflected attack
satya - 7/14/2015, 3:06:14 PM
More
Restrict HTML in form fields.
Use input validation.
Restrict cookie information.
Encrypt data communications.
Advise on the ?Remember Me? options.
satya - 7/14/2015, 3:15:18 PM
Managing internet explorer enhanced security configuration
Managing internet explorer enhanced security configuration
Search for: Managing internet explorer enhanced security configuration
satya - 7/14/2015, 3:15:43 PM
effects of internet explorer enhanced security configuration
effects of internet explorer enhanced security configuration
Search for: effects of internet explorer enhanced security configuration
satya - 7/14/2015, 3:26:29 PM
blackviper on tuning windows
blackviper on tuning windows
satya - 7/15/2015, 9:16:36 AM
Continue here with the next class, class 2