Rootkits can be detected using programs that compare file contents with original files Rootkits that operate at operating systems lower levels: May be difficult to beyond tv 4 keygen detect Removal of a rootkit can be difficult Rootkit must be erased Original operating system files must be restored Reformat.
Method for adding annotations to text html Uses tags surrounded by brackets Instructs browser to display text in specific format XML Carries data instead of indicating how to display it No predefined set of tags Users define their own tags Security Guide to Network Security.
Security Guide to Network Security Fundamentals, Fourth Edition 19 Malware That Profits (contd.) Botnets Computer is infected with program that allows it to be remotely controlled by attacker Often payload of Trojans, worms, and viruses Infected computer called a zombie Groups of zombie computers together.Chapter 3 Application and Network Attacks 2, objectives List and explain the different types of Web application attacks Define client-side attacks Explain how a buffer overflow attack works List different types of denial of service attacks Describe interception and poisoning attacks Security Guide to Network.table 3-1 SQL injection statements Security Guide to Network Security Fundamentals, Fourth Edition.List the types of malware that conceals its appearance Identify different kinds of malware that is designed for profit Describe the types of social engineering psychological attacks Explain physical social engineering attacks Security Guide to Network Security Fundamentals, Fourth Edition 3, attacks Using Malware Malicious.Cross-Site Scripting (XSS injecting scripts into a Web application server Directs attacks at clients Figure 3-3 XSS attacks Cengage Learning 2012 Security Guide to Network Security Fundamentals, Fourth Edition 9, cross-Site Scripting (contd.Malicious computer code that reproduces itself on the same computer Virus infection methods Appender infection Virus appends itself to end of a file Moves first three bytes of original file to virus code Replaces them with a jump instruction pointing to the virus code Security.xML attack Similar to SQL injection attack Attacker discovers Web site that does not filter user data Injects XML tags and data into the database Xpath injection Specific type of XML injection attack Attempts to exploit XML Path Language queries Security Guide to Network Security.Presentation on theme: "Security Guide to Network Security Fundamentals, Fourth Edition" Presentation transcript: 1, security Guide to Network Security Fundamentals, Fourth Edition.Rootkits Software tools used by an attacker to hide actions or presence of other types of malicious software naruto shippuden episode 205 Hide or remove traces of log-in records, log entries May alter or replace operating system files with modified versions: Specifically designed to ignore malicious activity Security Guide.XML Injection Markup language html XML.Category continues to grow Web application attacks Client-side attacks Buffer overflow attacks Zero day attacks Exploit previously unknown vulnerabilities Victims have no time to prepare or defend Security Guide to Network Security Fundamentals, Fourth Edition 4, web Application Attacks, web applications an essential element.Figure 3-4 Bookmark page that accepts user input without validating and provides unencoded response Cengage Learning 2012 Security Guide to Network Security Fundamentals, Fourth Edition 11, figure 3-5 Input used as response.when victim visits injected Web site: Malicious instructions sent to victims browser Browser cannot distinguish between valid code and malicious script Requirements of the targeted Web site Accepts user input without validation Uses input in a response without encoding it Some XSS attacks designed.Web Application Attacks (contd.Worm Malicious program Exploits application or operating system vulnerability Sends copies of itself to other network devices Worms may: Consume resources or Leave behind a payload to harm infected systems Examples of worm actions Deleting computer files Allowing remote control of a computer.forgotten password example (contd.) Attacker enters field in SQL statement Statement processed by the database Example statement: select fieldlist from table where field whatever or aa Result: All user addresses will be displayed Security Guide to Network Security Fundamentals, Fourth Edition 14, sQL Injection (contd.
Chapter 2 Malware and Social Engineering Attacks 2, objectives Describe the differences between a virus and a worm.
virus infection methods (contd.) Swiss cheese infection Viruses inject themselves into executable code Original code transferred and stored inside virus code Host code executes properly after the infection Split infection Virus splits into several parts Parts placed at random positions in host program Head.
Enters a computer system: Without the owners knowledge or consent Refers to a wide variety of damaging or annoying software Primary objectives of malware Infecting systems Concealing its purpose Making profit Security Guide to Network Security Fundamentals, Fourth Edition 4, malware That Spreads Viruses Virus.virus cannot automatically spread to another computer Relies on user action to spread Viruses are attached to files Viruses are spread by transferring infected files Security Guide to Network Security Fundamentals, Fourth Edition 9, malware That Spreads (contd.Exe can be used to enter text-based commands Passwd (Linux) contains user account information Security Guide to Network Security Fundamentals, Fourth Edition 18 Command Injection / Directory Traversal (contd.) Directory traversal attack Takes advantage of software vulnerability Attacker moves from root directory to restricted directories.Logic bomb: eg: Michelangelo Virus (March 6) Computer code that lies dormant Triggered by a specific logical event Then performs malicious activities Difficult to detect before it is triggered Backdoor Software code that circumvents normal security to give program access Common practice by developers Intent.When infected program is launched: Virus replicates itself by spreading to another file on same computer Virus activates its malicious payload Viruses may display an annoying message: Or be much more harmful Examples of virus actions Cause a computer to repeatedly crash Erase files from.table 2-1 Difference between viruses and worms Security Guide to Network Security Fundamentals, Fourth Edition 13, malware That Conceals Trojans, program that does something other than advertised Typically executable programs Contain hidden code that launches an attack Typically created using Visual Basic scripting language Sometimes.types of computer viruses Program Infects executable files Macro Executes a script Resident Virus infects files opened by user or operating system Boot virus Infects the Master Boot Record Companion virus Adds malicious copycat program to operating system Security Guide to Network Security Fundamentals, Fourth.Cengage Learning 2012 Security Guide to Network Security Fundamentals, Fourth Edition 12, sQL Injection Targets SQL servers by injecting commands.types of computer viruses (contd.) Tunneling virus Installs under anti-virus system intercepts OS calls Armored virus Thwarts attempts to examine its code Multipartite virus Can infect exe files boot sectors Polymorphic virus Changes tis virus signature Security Guide to Network Security Fundamentals, Fourth Edition.
figure 2-4 Annoying virus message Cengage Learning 2012 Security Guide to Network Security Fundamentals, Fourth Edition 8, malware That Spreads (contd.