MADE BY- Aman Jain – 00511503115 Gaurav Sachdeva-01211503115 CYBER SECURIT Y Presentation by BVCOE Delhi
MADE BY-Aman Jain – 00511503115Gaurav Sachdeva-01211503115
CYBER SECURITY
Presentation by BVCOE Delhi
CONTENTS• Introduction• Topics that matter• Hacker vs Cracker• Firewall• Shell• Case Study• Inferences
The internet in India is growing rapidly. It has given rise to new opportunities in every field we can
think of be it entertainment, business, sports or education.
There’re two sides to a coin. Internet also has it’s own disadvantages that is Cyber crime- Illegal activity
committed on the internet .
INTRODUCTION
Hacker vs Cracker
The general view is that, while hackers build things, crackers break things.
Cracker is the name given to hackers who break into computers for criminal gain; whereas, hackers can also be internet security experts hired to find
vulnerabilities in systems .
Types Of Hackers
A Black hat hacker is an individual with extensive computer knowledge whose purpose is to breach or bypass internet security.
Gray hat hackers refers to a computer hacker or computer security expert whose ethical standards fall somewhere between purely altruistic and purely malicious.
White hat hacker refers to ethical computer hacker who specializes in penetration testing
and in other testing methodologies to ensure the security of an organization's information systems.
ANONYMOUS GROUP
Anonymous is a international network of activist and hacktivist entities. The group became known for a series of well-publicized publicity stunts and distributed denial-of-service (DDoS) attacks on government, religious, and corporate website .
Firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules.
A firewall typically establishes a barrier between a trusted, secure internal network and another outside network, such as the Internet, that is assumed not to be secure or trusted.
TYPES OF FIREWALLS
Hardware Firewalls Protect an entire network Implemented on the router level Usually more expensive, harder to configure
Software Firewalls Protect a single computer Usually less expensive, easier to configure
FIREWALL ARCHITECTURES
The configuration that works best for a particular organization depends on three factors: The objectives of the network the organization‘s ability to develop and implement the
architectures the budget available for the function
Packet filtering routers
Screened subnet firewalls. Dual-homed
firewalls
Screened host firewalls
Bastion HostA bastion host is a special purpose computer on a network specifically designed and configured to withstand attacks. Generally , placed outside the firewall
For example a proxy server, and all other services are removed or limited to reduce the threat to the computer.
Dual-Homed Host Firewalls Architecture with high complexity
In this architectural approach , the bastion host contains two NICs (Network Interface Cards)
One NIC is connected to the external network, and one is connected to the internal network, providing an additional layer of protection.
Implementation of this architecture often makes use of NATs.
WHAT IS NAT ? Function as network-level proxy Convert IP addresses of internal hosts to IP address
assigned by firewall
Taking advantage of this , NAT prevents external attacks from reaching internal machines with addresses in specified ranges.
Hide TCP/IP information of hosts in the network being protected, preventing hackers from getting address of actual host
ADVANTAGES OF DUAL – HOMED ARCHITECTURE
High protection as compared to Packet Filtering and Screened host architecture.
Overall Strong protection at low expense
LIMITATIONS OF DUAL – HOMED ARCHITECTURE
It can disable the connection to the external network, and as traffic volume increases, it can become over- loaded.
• The standard TCP port 22 has been assigned for contacting SSH servers.
• An SSH tunnel can provide a secure path over the Internet, through a firewall to a virtual machine.
«Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked
computers that connects, via a secure channel over an insecure network, a server
and a client
Definition
Client-> Computer programs that can make requests to servers and fetch responses are called clientsServer->A web server can listen to requests and respond back with data on the same connection
SSH
Client Server
Structure
SSH-Usage
• SecureSHell handles the set up and generation of an encrypted TCP connection
• SSH can handle secure remote logins (ssh)
• SSH can handle secure file copy (scp)
. SSH can even drive secure FTP (sftp)
I Password Authentication
Password Authentication • The user specifies the username and corresponding password.
Prompts for Password
you server
ssh sshd
you> ssh mac-1password: ****other>
• Doesn’t require user credentials (password or key)
• Provides trust based on hostname and user id
• User id on both system has to be the same
• Disabled by default -- not that useful
II Host-based Authentication
CYBER AWARENESSPremise one: Cyber security should be viewed and managed as a strategic activity that impacts the enterprise’s most valued assets. Premise two: Designs and plans for cyber security should be data driven to move from reactive to predictive responses. Shared intelligence among countries and organizations is critical. Findings from a recent survey conducted by IBM indicated that organizations most able to handle or avoid security breaches had some unique characteristics: 1. Security leaders had a strategic voice in the enterprise;2. Cyber security was not viewed as an IT issue but as an enterprise wide
responsibility3. Security budgets were managed at a senior level;4. Security was considered early in the design of new products and services;
o Measurement and accountability were part of the security design;5. A culture of proactively protecting the enterprise existed.
Putty
Putty is a SSH client ,open source software used to connect client to a sever.
.Control over the SSH encryption key and protocol version.
. Unicode support.
. Support for local serial port connections.
features