Cyber secure

MADE BY-Aman Jain – 00511503115Gaurav Sachdeva-01211503115

CYBER SECURITY

Presentation by BVCOE Delhi

CONTENTS• Introduction• Topics that matter• Hacker vs Cracker• Firewall• Shell• Case Study• Inferences

The internet in India is growing rapidly. It has given rise to new opportunities in every field we can

think of be it entertainment, business, sports or education.

There’re two sides to a coin. Internet also has it’s own disadvantages that is Cyber crime- Illegal activity

committed on the internet .

INTRODUCTION

Topics that matter…

Cyber Security

Internet Securityfocusing Firewall

Secure SHell Case Studies

Hacker vs Cracker

The general view is that, while hackers build things, crackers break things.

Cracker is the name given to hackers who break into computers for criminal gain; whereas, hackers can also be internet security experts hired to find

vulnerabilities in systems .

Types Of Hackers

A Black hat hacker is an individual with extensive computer knowledge whose purpose is to breach or bypass internet security.

Gray hat hackers refers to a computer hacker or computer security expert whose ethical standards fall somewhere between purely altruistic and purely malicious.

White hat hacker refers to ethical computer hacker who specializes in penetration testing

and in other testing methodologies to ensure the security of an organization's information systems.

ANONYMOUS GROUP

Anonymous is a international network of activist and hacktivist entities. The group became known for a series of well-publicized publicity stunts and distributed denial-of-service (DDoS) attacks on government, religious, and corporate website .

Firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules.

A firewall typically establishes a barrier between a trusted, secure internal network and another outside network, such as the Internet, that is assumed not to be secure or trusted.

TYPES OF FIREWALLS

Hardware Firewalls Protect an entire network Implemented on the router level Usually more expensive, harder to configure

Software Firewalls Protect a single computer Usually less expensive, easier to configure

FIREWALL ARCHITECTURES

The configuration that works best for a particular organization depends on three factors: The objectives of the network the organization‘s ability to develop and implement the

architectures the budget available for the function

Packet filtering routers

Screened subnet firewalls. Dual-homed

firewalls

Screened host firewalls

Bastion HostA bastion host is a special purpose computer on a network specifically designed and configured to withstand attacks. Generally , placed outside the firewall

For example a proxy server, and all other services are removed or limited to reduce the threat to the computer.

Dual-Homed Host Firewalls Architecture with high complexity

In this architectural approach , the bastion host contains two NICs (Network Interface Cards)

One NIC is connected to the external network, and one is connected to the internal network, providing an additional layer of protection.

Implementation of this architecture often makes use of NATs.

WHAT IS NAT ? Function as network-level proxy Convert IP addresses of internal hosts to IP address

assigned by firewall

Taking advantage of this , NAT prevents external attacks from reaching internal machines with addresses in specified ranges.

Hide TCP/IP information of hosts in the network being protected, preventing hackers from getting address of actual host

ADVANTAGES OF DUAL – HOMED ARCHITECTURE

High protection as compared to Packet Filtering and Screened host architecture.

Overall Strong protection at low expense

LIMITATIONS OF DUAL – HOMED ARCHITECTURE

It can disable the connection to the external network, and as traffic volume increases, it can become over- loaded.

Secure SHellEcrypted command-line communication

• The standard TCP port 22 has been assigned for contacting SSH servers.

• An SSH tunnel can provide a secure path over the Internet, through a firewall to a virtual machine.

«Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked

computers that connects, via a secure channel over an insecure network, a server

and a client

Definition

Client-> Computer programs that can make requests to servers and fetch responses are called clientsServer->A web server can listen to requests and respond back with data on the same connection

SSH

Client Server

Structure

SSH-Usage

• SecureSHell handles the set up and generation of an encrypted TCP connection

• SSH can handle secure remote logins (ssh)

• SSH can handle secure file copy (scp)

. SSH can even drive secure FTP (sftp)

Architecture

SSH Authentication Methods

$ Password$ Host-based

authentication

I Password Authentication

Password Authentication • The user specifies the username and corresponding password.

Prompts for Password

you server

ssh sshd

you> ssh mac-1password: ****other>

• Doesn’t require user credentials (password or key)

• Provides trust based on hostname and user id

• User id on both system has to be the same

• Disabled by default -- not that useful

II Host-based Authentication

CYBER AWARENESSPremise one: Cyber security should be viewed and managed as a strategic activity that impacts the enterprise’s most valued assets. Premise two: Designs and plans for cyber security should be data driven to move from reactive to predictive responses. Shared intelligence among countries and organizations is critical. Findings from a recent survey conducted by IBM indicated that organizations most able to handle or avoid security breaches had some unique characteristics: 1. Security leaders had a strategic voice in the enterprise;2. Cyber security was not viewed as an IT issue but as an enterprise wide

responsibility3. Security budgets were managed at a senior level;4. Security was considered early in the design of new products and services;

o Measurement and accountability were part of the security design;5. A culture of proactively protecting the enterprise existed.

Putty

Putty is a SSH client ,open source software used to connect client to a sever.

.Control over the SSH encryption key and protocol version.

. Unicode support.

. Support for local serial port connections.

features

QUESTION - TIME

THANK – YOU

CREDITSAMAN JAIN

GAURAV SACHDEVA