Professional Documents
Culture Documents
Student Number:-000539491
MSc programme: - Computer Security Forensics & Risk Management
Submission Date:-30/04/2010
Project Supervisor:-Mr.Dimitrios Frangiskatos
Table of Content
Acknowledgement...03
Abstract....04
Chapter 1 Introduction
1.0 Introduction to the project...05
1.1 Objectives of the project..06
1.2 Limitation06
Chapter 2
Project Methodology
Chapter 6 Conclusion
6.0 Introduction .....52
6.1 Overall view of the project......52
6.2 Conclusion reached..... 53
6.3 Further research...........................................................................................53
6.4 Summary of the chapter...54
Reference. 55
Glossary............................................................................................................................57
Abbreviation.....59
Appendix...60
Acknowledgement
I sincerely wish to thanks my supervisor Mr.Dimitrios Frangiskatos for his valuable
guidance and supports throughout my project. I appreciate all his helps to make my
project success, despite his busy schedules. Thank you to all the staff from the University
of Greenwich for the encouragement and patient guidance during my studies, I have spent
some wonderful days in my life with the university.
I would also like to thanks my family for their financial and emotional helps and they are
the pillar of all my achievements throughout my life and I dedicate this project for my
family. I would also like to extent my sincerer gratitude my uncle family during my stay
in the United Kingdom for my studies and they provide all the aids to make my studies
success.
Finally I also thanks to all my friends to make my project success, because they are the
people who motivate me in all the ways throughout my studies.
Plagiarism Declaration
I hereby certify that the work submitted for my masters dissertation is original and my
own work, except where acknowledged in the submission.
Sign: - S.Thevapriyan
Date: - 20/03/2010
Abstract
This project is focusing on computer security Risk management subject studied for the
post graduate programme. The scope of the project can be further define as The risk
evaluation of enterprise networking system .The problems I am going to investigate in
this project are related to networking system and its security. Enterprise networking
system are vulnerable to several malicious attacks by the hackers, thus this project
attempt to evaluate the security level of the network system and helping to mitigate the
threads to the networking system.
The survey shows computer related crimes are increasing day by day and the business are
losing huge sum due to these computer crimes. As the result security auditing is
becoming important for an organization, however the security assessment is not one time
action it is continues process throughout the years. We can observe most of the
companies are now spending lots of money to keep their system security level high to
prevent these intrusion attempts. This project suggests a feasible solution to these security
issues, so the system administrates can make a simple evaluation of their system with
cost effective manner.
Chapter 1
Introduction
1.0 Introduction to the project
Computer security is becoming increasingly important in todays IT world. Threads to
computer network system also increasing day by day. The organizations heavily rely on
enterprise networking systems to do their business transaction successfully throughout
the world; therefore security in networking system is a big concern for the business
organization nowadays.
The recent report shows the large portion of security lapses happening due to system
administrators careless in their works. The system administrators are the responsible
People to looking after their networking system and have an obligation to update the
software patches to their application, however due their work load some time they fail to
do the updating of the system. This may lead the networking system vulnerable to
malicious attacks by the hackers. More and more complex systems in nowadays required
system administrators must be skill enough in various technology to handles these
security breaches.
The computer world required more development and security strategies to prevent these
kinds of security breaches. Making periodically security audit and installing patches and
updates could prevent the networking system from the harming attacks. Usually
organization are outsourcing their security maintains to security firms however this will
cost high and some time only small network will be targeted for the auditing purpose, but
by using some automated security tools we can make a simple security evaluation of a
networking system .Based on the result we can make a decision regarding our system
security stage and can make necessary activities to improve the system..
The final output of this is to make a practical security evaluation in a real enterprise
networking system with acceptable finding and make decision regarding the security
level of the system. The testing methodology conforms to international standards and the
United Kingdom standards as well. The concept for this project gets from IEEE research
white papers and practically tested in the university if Greenwich network for exploring
them.
Chapter 2
Project Methodology
2.0 Introduction to the chapter
The chapter illustrates the methods used for this research project. Here I will discuss
about the various research strategies and technologies used for this project to achieve its
objectives.
Chapter 3
3. Availability
Make sure organizational IT infrastructure has facility for recovery and protection from
natural disasters and intrusion which may cause system failures.
Eg:-load balancing, business continuity plan
4. Authentication
Make sure users have enough privileges before gain access to organizational information
assets.
Eg: - passwords, Biometrics.
9
5 Authorizations
Make sure only authenticated user can access the IT resource, the user must have enough
privileges from information owners to access this information.
Eg :- ACL access Controls list
6. Non repudiation
Make sure both sender and receiver obtain the same message while transferring the
information over network.
Eg :- Digital signature
7. Privacy
Make sure information get from its customers and employees are protected and the
information is only used for intended purpose only. The organization should make sure
they are compliance with international standards
E.g.:- security policies and international standards
The IT manager has the responsibility to make a theory based security policy for the
organization, which is going to help the manager to effectively deal with his organization
security administration and mitigate the risk. The security policy usually consist of
following three things
1) The security risk mitigation planning model
2) Education to the staff about the security awareness
3) Countermeasures to security risk
It has been observed that the effective implementation of security policy could prevent
Insider attacks or attacks from the staff to the organization networking systems. For an
example limitation of usage in the email, internet to the staff and restriction to use the
portable devices in the working environment could helps to reduce the security breaches
for an organization.
10
11
3) Asset Management
Organizations must identify its assets. It can be anything like software, hardware
or information etc. organization must have developed a method to protect these
assets.
Accountability for assets:-maintain the organizational assets in appropriate
way.
Information classification: - make sure that the information assets received a
proper level of protection
12
4) HR security
The errors happen in an organization mostly due to human errors therefore proper
procedure is required for the employees to eliminate these kinds of errors. Employee
must be advice regarding these issues.
Some of the main aspects in the domains are
User training: - provide awareness to employee regarding information security
threads and its concern in the organization.
Incident response: - minimize the organizational impact to incident and
malfunction. Learn and improve controls to avoid such an incident.
5) Physical and environmental security
Maintain the security of the promises where only authorized people can access the
place. Physical and environmental domain covers following main aspects and
providing the security to the organizational assets.
Secure areas: - prevent unauthorized access to business premises
Equipment Security: - protection of all equipment (software/hardware/data
cable)
General controls: - Concession information processes facilities.
6) Communication and operational management
The organization should maintain documented procedures for information
management. The main reason for this domain is to ensure the information
management is done in correct way.
Operational procedures and responsibilities: - document and maintain
procedures for all organizational operations.
Network management: - Establish network security controls
Exchange of information: - create procedures for inter-organizational data
exchanges.
Media handling and security: - establish procedures for backup of
information.
7) Access control
Access control is one of the important domain and its deals with regulation of
information access. This domain includes the document creation for policy and
norms, user access management etc.
Some of the main domain areas are
User accounts: - To restricted access to an information system.
User responsibility: - Prevent unauthorized user access.
Network access controls: - Protection of networked services.
Measure to protect mobile and teleworking assets: - make sure the information
security while using the mobile computing and wireless facilities.
13
14
3) Identification: - most of the information system uses user name and passwords to
identify its users, but this methodology has inherent problem. But today there is a
technical solution available for this problem such as symmetric key encryption and
good security policies. The most advanced technical solutions also available today it
uses biometric features such as finger print, retina patterns to recognize the users.
4) Programming errors: - The most common security risk todays IT world due to bugs
in the software applications. It is almost impossible to build a system that is
absolutely free from bugs, as the result some of these exploitable programming errors
can help hackers to access the system unauthorized. There is a solution for this
problem, the programme called patches is release to fix these security hole. But
most of the system administers fails to update their systems to protect from malicious
attacks.
5) Weakest client security: - majority of the organization are capable of handling their
internal risks but their often fail to manage their client side security issues such as
customers systems. If the customers dont update their system then there is a
possibility of vulnerable attacks.
Deterrence
Prevention
Detection
Recovery
15
If computer black hats penetrated successfully in all the defence mechanism then
system administers needs to detect the attempts. The detective countermeasures
include system audit trails helping administers to gather evidence to identify the
abusers of the networking system.
Corrective controls or recovery strategies helping to recover from the risk situation to
normal situation and trying to punish the abusers.
16
The scale of internet based virus has been increased rapidly over the years. According to
recent CSI study point out the cost of virus attacks in networking system around the
world has reached more them US $ 16.8 billion in 2005.
Virus attacks causing expense to the organization in two ways, there are cost of cleaning
the system and lost of productivity. The cleaning up cost involve patching the system and
inspecting the servers if they need any patches to protect from networking vulnerabilities
and make sure smooth running of the system in future as well. Lost productivity can be
time spend by system support staff on virus issues and takes them away to do their
regular work
17
18
Chapter 4
Penetration Testing & Risk Evaluation
19
20
22
5. OWASP
Open Web Application Security project is helping to develop open source software for
securing the web application and web service. It provides complete reference to
developers, vendors, system architect and security professionals to design develop and
deploy a security enhanced web application and web services. The key area under is
community development project provides guides to makes the web application more
secure by using the testing tools.
4.6.1 Reconnaissance
The first phase of the external ethical hacking is to know the selected targeted
information such much as possible for penetration testing. The reconnaissance denotes a
kind of an investigation and collecting the information before making the attack. The
basic idea behind this process is to collect information regarding the target place which
might valuable for us later on. To achieve this steps different source of publicly available
information need to be searched and extract the relevant company details for the purpose.
The useful information for the penetration testing can be technical information or nontechnical information. The technical information can be IP address range, internal
network infrastructure of the company, used hardware or useful information to guess the
passwords. Mapping the target is absolutely important for the penetration testing and its
required the relevant IP address. The non-technical information such social structure or
localities also provides vital contribution to pen testing. The information like phone
number or name can be used to make some social engineering attacks.
Reconnaissance Tools
Reconnection usually begins with searching of internet databases such as DNS registries,
Google, WHOIS databases and any other online resource that would be useful for testing.
23
The enumeration is little bit deep investigation of the target network by using active
scanning methods. In this phase tester trying to find more technical details of the target
network by querying the operating system and application services. The penetration tester
trying to find following typical informations such as routers, IDS (Intrusion detection
systems, Firewall are some of them.
After doing the basic enumeration the tester will use further techniques to obtain more
details about the target network such as usernames, account groups, password policy etc.
This information is going to help for further attacks to the tester
Port Scanner
Port scanner tools are used for the information gathering about the target network from
the remote location. Port scanners specially attempt to locate the network services
available for the connection on chosen target host networks. The port scanner doing this
by probing the designated network port or network services on the targeted system.
Mostly the ports scanners can scan both TCP and UDP ports as well. The ports scanner
can perform different kind of port probes.
Eg:-Nmap is the most popular tools for port scanning
24
can detect the unpatched software on your target networking system servers. The
traditional vulnerability scanners are only able to scan the target network hosts and its
network components and also the operating system weakness, however they do not probe
any general purpose application it is a drawback of these scanners. There are several
vulnerability scanning tools are available now on the internet for download, but the most
popular tools used by the testers for vulnerability detection is Nussus.
Eg :- Nussues,Internet Scanners,QualysGuard
4.6.4 Exploitation
This is a challenging phase for the penetration tester because in phase he is tried to gain
access to the system by various direct attacks and indirect attacks. The penetration tester
is going take advantages of target network drawbacks such as poor configuration issues
or software bug etc, he is going to utilize them as a door to the system and makes
vulnerabilities.
In this phase the penetration tester experience and knowledge is very important to make
exploitation to the system. The testing can take long time to make the exploitation, testers
using their own methods and scripts for breaking into the system. Penetration tester
abilities are different to each others some of them are expert on code writing which cause
zero day exploitation some others are expert on utilizing the security tools and
techniques. Finally they have to submit report to the management regarding their work
and finding and illustrate them about the security situation of the organization.
Exploitation Tools
Exploitation tools are used by penetration tester to verify that an actual vulnerability exist
in the network and exploiting them. Some of the tools under category are used by both
penetration tester and the hackers. Most of the exploiting tools are single purpose tools
that are specially design to exploit one vulnerability for the particular version of the
system; however few tools have ability to exploit numerous vulnerabilities on different
hardware and software platform.
Eg: - Metasploit Framework
25
4.6.8 Cleaning Up
The main purpose of doing this process is to cleaning any mess that has been created as a
result of penetration testing. The detail list of all the action performed during the pen
testing must be documented; therefore it is going to help this process. The cleaning up of
host must be done carefully and also not affecting the normal operation of the
organization. Cleaning up process must be verified by organization staffs to make sure it
has been done correctly. Improper documentation during the penetration testing will
result that the cleaning up process only can be done by backup and restore facility,
however this will affect the normal operation of the organization. It is always
responsibility for the penetration tester to information the organization about the changes
that will result as conducting the penetration testing and also the cleaning up process.
26
4.7.2 Hydra
Hydra software developed by German organization and used to crack poorly chosen
passwords in system. Security study shows passwords security is the biggest security
holes in a system and hydra uses a dictionary attacks mechanism to test weak or simple
password on target remote network. Hydra can do parallel logging cracking and it is easy
to use and flexible. Currently the hydra tools support following services and protocols
Telnet, TP,HTTP,HTTP-PROXY,SMB,MS SQL,MYSQL,REXEC,RSH,RLOGIN,CVS,
SNMP,SMTP-AUTH, SOCKS5,VNC,POP3,IMAP,NNTP,PCNFS,ICQ,SAP/R3,LDAP,
Cisco auth, Cisco enable
Security professional often use hydra tool for penetration testing and how easy to access a
target system from remotely.
27
4.7.3 Netstumbler
Netstumbler is a window based tool and used to detect Wireless LAN using 802.11b,
8.2.11a, 802.11g .It is easy to use for the purpose and having nice interface as well.
The software commonly use for the following security audit purpose
Find the location of poor coverage in your WLAN
Detect any other network that may be causing interfering on your WLAN
Detect unauthorized access points in your working environment
Can be used for war-driving
Verify the networking configuration
Help aiming directional antenna for long haul Wireless LAN link
4.7.4 Nmap
Nmap is one of the most popular port scanning tool used by security professionals in the
penetration testing .Nmap has been used to discover the hosts and services of target
network and its provide the mapping of the network. Nmap capable of discover
services on the remote network and give details information about target hosts of
particular network.
Nmap typically used for the following purpose
Network inventory, network asset, management, network mapping
Identify the open port on target hosts and preparing for network auditing
Auditing the security of the network
Security audit of a device by identifying it network connections to the host
Nmap include the following features for network audit
1. OS detection Used to determine the operating system and some hardware
devices
2. Version detection- Able to determine the application name and version numbers
of services in target remote services
3. Port scanning- Enumerate open ports on target network
4. Host discovery able to list the hosts in the network by ping response from target
network.
28
Super Scan
Super scan is highly popular windows TCP port scanner, pinger and hostname resolve.
This programme work extremely fast and versatile because of multithreading and
asynchronous techniques.
These are some of the key features of superscan
Can perform ping Scan and port scan by using any IP range
Scan any port range from given list
Fast hostname revolver
View response from connected host
Extensive banner grabbing
Ip and port Scan randomization
Windows host enumeration capability
Assign a custom help application to any of the port
Merge port list to build a new one
29
Chapter 5
Introduction
This chapter provides the report of the simulation conducted for the project. In this
chapter I am going to describe about background context of organization, where I have
made my penetration testing and how I did the practical and the finding of the project. I
have followed British standards for this risk analysis process.
30
Explanation
I have observed there are two website containing the gre.ac.uk domain. One website
belongs to university main website and another one is belongs to staff web mail. These
details are helpful for further analysis of this university of Greenwich networks.
31
1) www.gre.ac.uk
Explanation
The above figures show you the details of university sever. I can get some important
detail form this analysis such as the IP Address of this web server is 193.60.68.99 and it
is running in CentOS with Apache version 2.2.3. We can utilize those information for
further attacks if these versions having any bugs. You can also observe the system
administrators are regally updating their web server which a good security practices.
32
2) staffweb.cms.gre.ac.uk
Explanation
Mail servers also provide important details to intruders. In the above figures show you
the details of university staff mail server you can observe it IP address 193.60.76.168 and
they are running in UNIX platm with Appache version 3.33 and PHP 4.3.1. The server
has been regularly updated by the admin of the university.
3 ) www.cms.gre.ac.uk
Explanation
This is the server for the Computing and mathematical school and its IP address is
193.60.77.235 the platform is windows servers 2003 and its MS II server 6.0 version. It
also regularly gets updated.
33
There are various methods are available for the information gathering for the penetration
testing the simple way to searching through the web of the organization and find some
useful information that can be utilize for active hacking
Explanation
Google is a good reconnaissance tools for information gathering of the target
organization network. By using site :cms.gre.ac.uk in the Google will display the whole
pages related to the organization. Using these links you can able to find some relevant
organization servers details, version details etc.
34
1) By using johnny.ihackstuff.com
Explanation
http://johnny.ihackstuff.com/ is a website it will provide some source codes that can be
used for active enumeration for target organization they have Google hacking database
which provide all the necessary code for active information gathering.
Explanation
The above figures show you that the searching query for IIS server 4.0 version it will
display detail of organization having IIS Version 4.0 as a server.
35
Using super Scan we can able to collect some important details as well.
1) Using Whois tools
Explanation
The whois look tools is not showing the details of the domain name registration for the
University of Greenwich. The university has protecting the details of his domain name
details which is a good security practice.
36
Explanation
The IP ranges I have scanned for purpose is (193.60.73.150- 193.73.254) and try to
identify the some important host that might be harmful for the attacks. There are few host
important in this range, there are yoda, SQL SERVER, KTPSERVERS because they
might have sensitive information.
37
Explanation
The above figures show you some of the important hosts details analysis of Local area
network. You see SQL server port number 80 is open there for intruders can try to make
some brutal force attacks for access to the server. The figures also explain you
KTPSEVER ftp servers open at the moment and also the port 1433 can be useful for the
intruders as well. The web server 193.60.72.239 also has port 21 (ftp) open thus it can be
harmful. By using Advanced LAN scanner we can able get the NetBIOS details of the
target host.
38
Explanation
Nmap is an excellent tool for penetration testing and it is most popular among security
professional .The above figures shows you that operating system scanning actively going
to targeted web server for pen testing enumeration process. The scanning result showing
you above what the ports are open for targeted host and its operating system details. By
scanning various details we can enumerate more and more details and make active
intrusion to the web server.
39
2) Dictionary attacks
Instead of trying to guess your password by trying every single combination of characters
as in a brute force attacks the hackers may try every words in a dictionary until the
passwords is found. This method is very popular because it is known that many people
using common words as their passwords. Dictionary of words are easily available on the
internet and they also include some of the specialist words place name, technical jargon,
first name as well.
3) Hybrid Attack
A Hybrid attacks is combination of a brute force attacks and a dictionary attacks. There
are several ways a hybrid attack can be performed, in it is simplest form a hybrid attacks
may simply add some number to the end of dictionary word and tried. This will increase
the test combination with having to resort a true brute force attacks.
Cracking the system passwords will often use a combination of these three methods and
try to find the correct password.
40
2) Using unsecure
Unsecure is an excellent tool for security exploitation testing and it is specially design for
the FTP attacks.The unsecure tools is capable of doing dictionary attacks and brute force
attacks to target host ftp port.
Explanation:In this dictionary attacks I am targeting the CMS web servers (193.60.77.235) ftp for the
exploitation .The above figures show you the active attacks going to the web server ftp
port continuously. Finally the attempt was not successful; therefore the password didnt
matching none of words in the dictionary list. The university maintaining a good
password security policy for their network hosts.
41
2) Using Brutus
Brutus is exploitation tools it can support many protocol such as FTP, HTTP,
NetBIOS,Tnetnet ,POP3 etc. They can make brutal force attacks, dictionary attacks to the
targeted networks.
Explanation
The above figures show you that the active brute attacks going to the web server HTTP
port (80) and the result show you that the user name is admin and the passwords for that
is administrator, this information is useful can be utilize by black hats for further
enumeration and more attacks to down the server. The university password security
policy must be followed strictly to avoid these kinds of attacks.
.
42
Explanation
The figures show you hybrid attacks going to the web server Ftp port by using hydra
tools. The hydra tools will try for every combination passwords to crack the host ftp
password .In the final the brute force attacks was not successful, as the result the
password is very complex one and not responding to hybrid attacks. The universities
maintaining a good password security policy to protect from hybrid attacks.
43
Explanation
The university actively has two wireless networks in the environment. One network is
GreenNET work which is especially available for the student and staff of the university
and the next wireless is eduroam this is available for the student. There is another
network also available in that working environment that is Panasonic Display, how ever
it is not belongs to university network its called as peer networks.
44
Explanation
In the practical approach I am going to evaluate the security of the wireless network. I
have used the filter facility in the network stumper to which are the networks are
encrypted and which are not encrypted and open to the networks for the attacks. The
results shows that the both university networks (GreenNET, eduroam ) are encrypted
with WEP encryption. Another network Panasonic Display1 is not encrypted as the result
its might targeted by the attackers, however as it is peer network it wont influence to
university security in any way. The GreenNET and Eduroam wireless network SSID is in
broadcast, therefore the hacker can utilize this facility for his attacks with a valid
username.
45
Explanation
In the above figures show you that the McAfee 8.7 is protecting the host in the
University of Greenwich network. There are in on access scanning mode as the result
they can actively scan your pen drive when you have plug in to your USPs. They can
automatically update for the new plug-ins, if not the system administrators manually
doing the updating this is a good security best practices.
46
Explanation
Port no 139 is a very important port for the intruders which is NetBIOS (Network Basic
Input/Output System).NetBIOS provide three important services to host they are name
service , session service , datagram distribution services, therefore intruders utilise these
ports and get useful information for unauthorized access to the resource. The above
figure explain the university of Greenwich network hosts all port 139 not open for the
intrusion attempt, they all are state in filtered mode. This is a good security precaution to
protect the university network from malicious attacks.
47
The windows host allows users to login remotely to a machine running server services.
The user login their connection to remote machine is called as session by using
computer Management facility we can able to explore the open session of the hosts.
Usually MS windows server running many service and program and it is communicating
to other windows servers remotely with blank username and password to do some
specific task. This is mechanism called as Null Session
But hackers also trying to logging to remote servers in unethical way to get the NetBIOS
information from the machine indented for malicious purpose. This way of exploitation
to the machine is called as Null session attacks. By using valid target network IP address
I made a Null session attacks to University of Greenwich network host.
Explanation
The figure show you the Null session attacks to IP address 172.16.18.148 one of the
Greenwich university host, however the result shows you that I couldnt unable to
logging to the machine using null session attacks. The university has security mechanism
to protect it hosts from Null session attacks.
48
49
50
51
Chapter 6
Conclusion
6.0 Introduction
This chapter provides summarization of this project. The report includes the project
details, the findings of the project and the final conclusion reached for the project;
moreover I have added the suggestion for further research in this field to improve the
security management of enterprise networking systems.
52
53
54
Reference
1) http://www.darknet.org.uk/2006/04/top-15-securityhacking-tools-utilities/
2) http://www.itgovernance.co.uk/iso27001.aspx
3) http://nmap.org/
4) http://www.darknet.org.uk/2007/07/learn-to-use-metasploit-tutorials-docs-videos/
5) http://www.foundstone.com/us/resources/proddesc/superscan.htm
6) http://www.penetration-testing.com/
7) http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
8) http://www.sans.org/security-training/network-penetration-testing-ethical-hacking937-mid
9) http://www.infosecurity-magazine.com/
10) http://searchsecurity.techtarget.com
11) http://www.nessus.org/nessus/
12) http://www.ethicalhacker.net/content/view/16/24/
13) http://www.vtc.com/
14) http://www.cms.gre.ac.uk/
15) http://www.cms.gre.ac.uk/prospective/facilities.asp
16) http://searchnetworking.techtarget.com/generic/0,295582,sid7_gci1083724,00.html
17) http://www.penetrationtests.com/Methodology/
18) http://www.sans.org/reading_room/whitepapers/auditing/conducting-penetration-testorganization_67
19) http://www.sersc.org/journals/IJGDC/vol2_no2/5.pdf
20) http://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard
55
21) http://freeworld.thc.org/thc-hydra/
22) http://www.ism-journal.com/ITToday/ITRM.htm
23) http://www.isaca.org/
24) http://www.windowsecurity.com/pages/security-policy.pdf
25) http://netsecurity.about.com/
26) http://www.darknet.org.uk/2006/09/remote-network-penetration-via-netbioshackhacking/
27)http://searchenterprisedesktop.techtarget.com/tip/0,289483,sid192_gci1012676,00.ht
ml
28) http://www.offensive-security.com/backtrack4-guide-tutorial.pdf
29) http://www.darknet.org.uk/category/wireless-hacking/
Books
Network Security Essential by Staling, Williams
IT Audit By Davis 2007
Hacking Exposed by Joel Scambry 2nd Edition
Certified Ethical Hacker Review by Deniel V.Hoffman
Nmap Network Scanning by Gordon Fyodor Lyon 2008
56
Glossary
Network: - Two or more computers interconnecting between them for
communication
Host: - A single computer, that can be connected to a networking system
Hacking: - Unauthorized access to information system
Risk management: - The structured process to identify, control and trying to
minimize the harmful impact to system due to unexpected event
Vulnerability: - A weakness in system security, therefore it can be used to gain
unauthorized access to information system.
Risk Assessment: - Security measuring of threads, likelihood and lost impact to
the system
Hacker: - person who breaks into the computer system for malicious intention
Virus: - a computer progamme it can infect other progamme and modify them
they are self replicable.
Intrusion :- Any illegal actions to access the networking resource
Firewall :- A system that can function as boundary between networks
Network scanning: - Enumerating the available live host of the target network.
Protocols:-A standards that enable communication and data transfer between two
hosts.
Server: - computer system in an enterprise networking system which provides
services to its client computers.
Threads: - An intentional or unintentional action that can cause harm to the
information system.
War dialer: - A malicious computer application that can randomly calls to phone
numbers and trying to detect the response computer modems.
57
Web server :- The computer that delivers web pages to the browsers and other
files to application via HTTP protocols
Steganography: - The methods of hiding a message within an image, audio or
video.
Patch: A simple set of instruction to correct a vulnerability in a computer
progamme.
Physical security: - A mechanism to prevent attackers from getting access to
information store in physical media. (Eg :- Lock, Security Guard )
Port scan: - A techniques to identify the services running on the system by
probing ports and indicate the weakness in the computer.
Network scan :- enumerating the available live host on a network
Malicious :- deliberate harmful attacks
Tracerote :- A method to trace a path to a destination in a computer networking
system
Passwords crack; - A computer progamme designed to decode password.
58
Abbreviation
FIP File Transfer protocols
ISO International standards organization
IDS intrusion Detection System
IP Internet protocol
IT Information technology
BS British Standards
IS information System
DMZ De Militarized Zone
FBI Federal bureau of Investigation
WEP Wired Equivalent Privacy
SSID Service Set Identifier
FTP File Transfer protocols
ICMP Internet Control Message protocol
59
60
61
62
63
64
65
66