IT FOR SECURITY & PRIVACY

PRESENTED BY:POULAMI SARKAR 2013201 PRERNA BANSAL 2013209 PRIYADARSHI TANDON 2013211 PRIYANKA DOSHI 2013212

INTRODUCTION
Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (electronic, physical, etc...).

Two major aspects of information security are: IT Security Information assurance Information Security Attributes or qualities i.e. Confidentiality, Integrity & Availability (CIA)

IP SPOOFING
IP spoofing is a technique used to gain unauthorized access to computers, where by the attacker sends messages to a computer with a forging IP address indicating that the message is coming from a trusted host. Attacker puts an internal, or trusted, IP address as its source. The access control device sees the IP address as trusted and lets it through. Two general techniques are used during IP spoofing: A hacker uses an IP address that is within the range of trusted IP addresses. A hacker uses an authorized external IP address that is trusted.
Types of IP Spoofing:

Flooding Blind Spoofing Non-blind Spoofing

REAL LIFE EXAMPLE TO EXPLAIN WHAT IS IP SPOOFING. B is on line

A disguising his voice,making it sound more like that of B

C B

If we now , replace the 3 people by computers and change the term voice with IP-Address then you would know what we mean by IP-SPOOFING

DNS POISONING
DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) name server's cache database, causing the name server to return an incorrect IP address, diverting traffic to another computer (often the attacker's). A DNS cache can become poisoned if it contains an incorrect entry. EXAMPLE: If various Internet service providers are getting their DNS information from the compromised server, the poisoned DNS entry will spread to the Internet service providers and be cached there. It will then spread to home routers and the DNS caches on computers as they look up the DNS entry, receive the incorrect response, and store it.

A SHORT OVERVIEW ON DNS

Internet: Authoritive DNS Servers dns.microsoft.com dns.hacker.com

Caching DNS Server

Client

ADDRESS BOOK THEFT

Stealing of email address book
Spamming Solution: 1. Use email client on computer. 2. Change the password difficult to crack. Precaution: 1. Personal Details are correct. 2. Creative Password 3. Proper security question.

PASSWORD CRACKERS
Recovering passwords from data stored in computer systems
Purpose: 1. Recover forgotten password 2. Gain unauthorized access 3. Preventive measure for easily crackable passwords

Methods: 1. Dictionary Attack 2. Hybrid Attack 3. Brute Force Attack

PASSWORD CRACKING SOFTWARE

Password cracking software tools Most popular Cain and Abel, John the Ripper, Hashcat, Hydra, SolarWinds, ElcomSoft Mixture of cracking strategies brute force and dictionary attacks most productive

TROJAN HORSE
A Trojan Horse is a program that installs malicious software while under the guise of doing something else. It erases or Overwrites data on a computer, spreading other malware, such as viruses. In this case the Trojan horse is called a 'dropper'.

TYPES OF TROJAN
AceBot AceBot is a tremendous backdoor Trojan, which was designed for performing a lot of destructive actions. The parasite detects, terminates and totally disables running antivirus software installed on the target computer. AceBot also connects to the IRC network and uses it for giving the hacker a remote control over the computerised system. Moreover, the Trojan is able to connect to various malicious servers and download other harmful parasites from there. Secup The Secup Trojan displays fake security related messages. When the user clicks on such a message the Trojan opens malicious web site that quietly installs potentially harmful software. Secup also serves undesirable commercial advertisements. Dmsys Dmsys is a dangerous Trojan that specializes in infecting various instant messengers and stealing user confidential information. By using its keystroke logging technique, Dmsys easily steals user passwords and captures private conversations. This information is written into a log file, which is then sent to the hacker.

COMPUTER WORM
Worms
A worm is a computer program that has : The ability to copy itself from machine to machine.

Worms use up computer processing time and network bandwidth when they replicate.

CODE RED (THE WORM)

The worm spread itself using a common type of vulnerability known as a buffer overflow. It did this by using a long string of the repeated character 'N' to overflow a buffer allowing the worm to execute arbitrary code and infect the machine

LOGIC BOMB
A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files (such as a salary) On March 20, 2013 an attack was launched against South Korea, a logic bomb struck machines "and wiped the hard drives and master boot records of at least three banks and two media companies simultaneously". Symantec reported that the malware also contained a component that was capable of wiping Linux machines.

IT PRIVACY
Internet privacy involves the right or mandate of personal privacy concerning the storing, repurposing, provision to third-parties, and displaying of information pertaining to oneself via the Internet
Examples: Sony CD spyware AOL search leak Google Street View