look at the big picture

Information Security: The Big Picture – Part I

... caught, or they may just get bored and go elsewhere Much of this goes to the motivation of the attacker Why are they trying to attack you? What you have that they want? Unfortunately, the answer ... Security: The Big Picture - SANS GIAC © 2000 When looking at the possible sources that threaten your organization’s systems, you have to look at several types The first group is the “hacker.” I ... getting to the sensitive hosts on that network We looked at possible approaches to this problem when we looked at Defense in Depth You also need to look at separating the risks associated with...

27
598
1

Information Security: The Big Picture – Part II

Danh mục: An ninh - Bảo mật

... city The operator looks up the CO where the second person is located and contacts the operator at that CO Once the second operator is called the connection is patched through to the second CO The ... they would contact the operator at the central office and tell them the name of the person they wanted to talk to The operator would then connect the caller’s plug to the plug of the person being ... device that carries the communication from the source to the destination The receiver is the device that receives the communication Without these three elements there is no communication Basic...

33
535
1

Information Security: The Big Picture – Part III

Danh mục: An ninh - Bảo mật

... information: - The IP address of the originating computer - The port number that the application used on the originating computer - The IP address of the destination computer - The port number of the ... Layer then sends the packet to the Transport Layer The Transport Layer takes the packet and adds a header to it The header has all the information that the Transport Layer on the other side of the ... Translation (NAT) to translate between the two When a computer on a private network needs to connect to the outside, it connects to the Internet gateway of the organization’s network The gateway then...

26
554
0

Write Better Essays - Revising - The Big Picture

Danh mục: Kỹ năng viết tiếng Anh

... REVISING: THE BIG PICTURE Support That’s Directly Related to the Thesis As important as the amount of support is its relevance to the thesis What good are ten supporting paragraphs if they’re ... revise her thesis to eliminate the idea that silent lies are “more devastating” than regular lies? Choosing the latter, she revised her thesis once more and created the following thesis statement: ... paragraph together by stating the idea that they all relate to If you can’t locate a topic sentence, should the main idea be stated in one, instead of implied by your examples? If there is a topic sentence,...

14
520
0

Information Security: The Big Picture – Part IV

Danh mục: An ninh - Bảo mật

... is done, the attacker then appears to be the original user and computer that originally authenticated The attacker’s computer looks to the service like a legitimate computer and the attacker ... involved in an attack One of the Agents is tagged as the Handler It is the Handler’s responsibility to coordinate the attack on behalf of the Attacker When the Attacker is ready to launch the attack, ... strengthen the attack The attack seems to be coming from everywhere at once, and since there is no authentication on TCP/IP connections, there is no way to tell the real origin of the attack...

31
669
0

Information Security: The Big Picture – Part V

Danh mục: An ninh - Bảo mật

... that in a hidden field for later use If you look at the HTML source for the page with the hidden field you will see that information Unfortunately, so will anyone else that may be sniffing the ... allows the browser to send some information to the server, usually information from a form the user fills out POST transactions send the information from the browser to the server The server will then ... Information Security: The Big Picture - SANS GIAC © 2000 One of the interesting things that we mentioned before about the HTTP protocol is that it is stateless By “stateless” we mean that each...

25
395
0

Intrusion Detection The Big Picture

Danh mục: Quản trị mạng

... organization Finally, we’ll look at how we are going to divide up the rest of the course 10 What better introduction to Intrusion Detection than the Mitnick Attack? Intrusion Detection - The Big Picture ... determine a trust relationship, A trusts B B Attacker Intrusion Detection - The Big Picture - SANS GIAC © 2000 13 The attack started when the attacker detected a trust relationship was in place ... violation of your organization’s security policy It is the combination of that trust decision and the rshell vulnerability that allowed the attack to succeed Since networks and host configurations...

35
417
0

Information Security: The Big Picture – Part VI

Danh mục: An ninh - Bảo mật

... certificate Without knowing what algorithm was used to sign the certificate there is no way of verifying the signature A certificate also contains validation dates These are the dates that the certificate ... to the Company B person that the certificate is legitimate Certificate Issues • Certificate chaining • Certificate revocation • The Public Key Infrastructure Information Security: The Big Picture ... The device takes this information and generates the response In other cases, the user looks up the challenge in a table or database to determine what the appropriate response should be In either...

37
550
0

Tài liệu Intrusion Detection The Big Picture – Part III docx

Danh mục: Quản trị mạng

... to the raw data to verify or report the detect This is the more detailed log file, notice the rule that found the detect is displayed at the top Then summary information about the packet The ... by attacking over the Internet (Editor’s note: The statement the statistic that 90% of all attacks are perpetrated by insiders is dead wrong” may be confusing in light of the opposite statistic ... - The Big Picture - SANS GIAC © 2000 3 Need for Network-Based ID • Most attacks come from the Internet • Detecting these attacks allows a site to tune defenses The statistic that 90% of all attacks...

28
476
0

Tài liệu Information Security: The Big Picture – Part V pdf

Danh mục: An ninh - Bảo mật

... that in a hidden field for later use If you look at the HTML source for the page with the hidden field you will see that information Unfortunately, so will anyone else that may be sniffing the ... allows the browser to send some information to the server, usually information from a form the user fills out POST transactions send the information from the browser to the server The server will then ... Information Security: The Big Picture - SANS GIAC © 2000 One of the interesting things that we mentioned before about the HTTP protocol is that it is stateless By “stateless” we mean that each...

25
636
0

Tài liệu Information Security: The Big Picture – Part IV doc

Danh mục: An ninh - Bảo mật

... is done, the attacker then appears to be the original user and computer that originally authenticated The attacker’s computer looks to the service like a legitimate computer and the attacker ... involved in an attack One of the Agents is tagged as the Handler It is the Handler’s responsibility to coordinate the attack on behalf of the Attacker When the Attacker is ready to launch the attack, ... strengthen the attack The attack seems to be coming from everywhere at once, and since there is no authentication on TCP/IP connections, there is no way to tell the real origin of the attack...

31
382
0

Tài liệu Information Security: The Big Picture – Part V pptx

Danh mục: An ninh - Bảo mật

... that in a hidden field for later use If you look at the HTML source for the page with the hidden field you will see that information Unfortunately, so will anyone else that may be sniffing the ... allows the browser to send some information to the server, usually information from a form the user fills out POST transactions send the information from the browser to the server The server will then ... Information Security: The Big Picture - SANS GIAC © 2000 One of the interesting things that we mentioned before about the HTTP protocol is that it is stateless By “stateless” we mean that each...

25
443
0

Tài liệu Information Security: The Big Picture – Part VI doc

Danh mục: An ninh - Bảo mật

... certificate Without knowing what algorithm was used to sign the certificate there is no way of verifying the signature A certificate also contains validation dates These are the dates that the certificate ... to the Company B person that the certificate is legitimate Certificate Issues • Certificate chaining • Certificate revocation • The Public Key Infrastructure Information Security: The Big Picture ... The device takes this information and generates the response In other cases, the user looks up the challenge in a table or database to determine what the appropriate response should be In either...

37
533
0

Tài liệu Intrusion Detection The Big Picture – Part IV pdf

Danh mục: Quản trị mạng

... - The Big Picture – SANS GIAC ©2000 What is a state machine? If you meet the condition at the first state, you can transition to the next Please take a minute to read the slide State is initiated ... outside the firewall or allow the traffic through the firewall to the honeypot on an isolated network, we can collect information as to what the attacker is trying to 15 Why you want others to run them ... responsibility begins On the slide, the cyberscape shows the attacker is at the right and the target or defender on the left We will learn about Indications and Warnings later in the course This is...

41
358
0

Tài liệu Intrusion Detection The Big Picture – Part V docx

Danh mục: Quản trị mạng

... - The Big Picture – SANS GIAC ©2000, 2001 19 The intrusion detection system can detect a signature, and if that connection matches a known attack signature, it can order the firewall to drop the ... to take them seriously, to take action Then, when they get attacked with pinpoint accuracy, (the attacker knows which system to attack and which exploit to use), the victims scratch their heads ... rehearsal One attack that proved to be somewhat damaging to the United States is called Solar Sunrise In this case, the attackers could be seen testing their techniques months before the attack was...

40
363
0

Tài liệu Intrusion Detection The Big Picture – Part VI pdf

Danh mục: Quản trị mạng

... advising them of the risk and potential loss and also that there potential countermeasures, with a recommendation that the organization invest the time to further evaluate the solutions 33 Threat Assessment ... uncomfortable with that information The more specific and clear that information is, the more they squirm The idea is to take an inventory of the data sources that you have available and see if these already ... EXPLANATIONS" how the risk is mitigated by other means In the absence of indications to the contrary, the Information System is operating at an acceptable risk (accreditable) when all of the leftmost...

74
357
0

Tài liệu Risk Management The Big Picture – Part IV docx

Danh mục: An ninh - Bảo mật

... to get to the raw data to verify or report the detect This is the more detailed log file Notice the rule that found the detect is displayed at the top Then summary information about the packet ... incidents.org, while they have their own customers that submit raw data, they correlate this with data from other CIRTs One or two attackers determined to confuse the picture could spoof the source addresses ... function What about detect? It turns out that some personal firewalls have the capability to more than just detect attacks, they can log the attack, which allows the analyst to study the attributes...

35
420
0

Tài liệu Risk Management The Big Picture – Part V doc

Danh mục: An ninh - Bảo mật

... the organization to discover the method and motives of the attacker Since the attacker believes that they are attacking a production system, they will open up their bag of tricks and reveal their ... State In State it offers “Password” and if the password matches the list with root or guest spelled backwards, the system “logs them in” and gives them a prompt We move to State Here we are looking ... system They are very bold and free with what they The honeypots deployed by Lance illustrate just how effective this is, because the attackers assume no one can monitor them If there were another...

17
366
0

Tài liệu Risk Management The Big Picture – Part VI ppt

Danh mục: An ninh - Bảo mật

... than the example that we looked at with the Mitnick attack Therefore we will disable this On the next slide you see the Local Security Policy after rebooting - 16 Risk Management: The Big Picture ... can show them the organization was in a measurable degree of risk they will be uncomfortable with that information The more specific and clear that information is, the more they squirm The idea ... advising them of the risk and potential loss and of their potential countermeasures, with a recommendation that the organization invest the time to further evaluate the solutions - 28 Threat Assessment...

61
424
0

Tài liệu Information Security: The Big Picture – Part VI pptx

Danh mục: An ninh - Bảo mật

... certificate Without knowing what algorithm was used to sign the certificate there is no way of verifying the signature A certificate also contains validation dates These are the dates that the certificate ... to the Company B person that the certificate is legitimate Certificate Issues • Certificate chaining • Certificate revocation • The Public Key Infrastructure Information Security: The Big Picture ... The device takes this information and generates the response In other cases, the user looks up the challenge in a table or database to determine what the appropriate response should be In either...

37
496
0