Confidentiality
Protecting information from exposure
and disclosure
Integrity
Decrease possible problems caused by
corruption of data
Availability
Make Information always available
What is an Exploit?
Crackers break into a computer
network by exploiting weaknesses in
operating system services.
Types of attacks
Local
Remote
Categories of
exploits
- 0-day ( new
unpublished)
- Account cracking
- Buffer overflow
- Denial of service
- Impersonation
- Man in the
middle
- Misconfiguration
- Network sniffing
- Session hijacking
System/applicatio
n design errors
Security Focus
31 million Windows-specific attacks
22 million UNIX/LINUX attacks
7 million Cisco IOS attacks
All operating systems are attacked!
SOCIAL ENGINEERING
TUJUAN DASAR SE
TARGET
DIALOG ATTACK
EAVESDROPPING ON A DIALOG
PORT SCANNING
Port scanning adalah proses koneksi ke portport TCP atau UDP pada host yang menjadi
target untuk menentukan service apa yang
sedang berjalan (Listening).
Dengan mengidentifikasi port-port yang
listening ini kita dapat menentukan jenis
aplikasi dan sistem operasi apa yang
dipergunakan pada host tersebut.
Service yang dalam status listening ini
memungkinkan orang yang tidak berhak
menerobos ke dalam host tersebut
TOOLS SCANNING
Netstat
NMAP
Nessus
HTTP ATTACK
http://www.s
ans.org/topcybersecurityrisks/
http://www.s
ans.org/topcybersecurityrisks/
Source: Information
Technology Association of
America, Arlington, Va.
Only 0.4% of a company's
revenue, on average, is
dedicated to
information security in
the U.S. By 2011,
however, that figure will
accelerate tenfold to
4% of revenue for U.S.
companies, according to
Gartner Inc.'s total cost of
ownership model for
information security.
CYBERCRIME
http://www.enigm
asoftware.com/to
p-20-countriesthe-mostcybercrime/
ADA PERTANYAAN?
QUIZ