NETWORK SECURITY SEARCHING & ANALYSING INFORMATION MAI Xuân Phú mxphu@hui.edu.vn 1... Today 3 Introduction Footprinting Scanning Enumeration... Thanks Some contents of this c
Trang 1NETWORK SECURITY
SEARCHING & ANALYSING
INFORMATION
MAI Xuân Phú mxphu@hui.edu.vn
1
Trang 2Last lecture
Review
o OSI model
o TCP/IP
o Collision domain & broadcast domain
o Well-known protocols
• HTTP, FTP, DNS, SMTP, POP, IMAP, TCP, UDP, IP, ARP…
o Network devices
Overview of network security
o Definitions
o Tasks of Network Security
o Attacks, services and mechanisms
o Security attacks
o Security services
o Methods of Defense
o A model for Internetwork Security
Trang 3Today
3
Introduction
Footprinting
Scanning
Enumeration
Trang 4Thanks
Some contents of this course are referenced from:
o William Stallings, Cryptography and Network Security,
slides by Lawrie Brown
o Henric Johnson, Network Security, Blekinge Institute of
Technology, Sweden
o J Wang, Computer Network Security Theory and Practice,
Springer, 2009
o Security+ Guide to Network Security Fundamentals, Third
Edition
o Jim Kurose & Keith Ross, “Computer Networking: A Top-Down Approach”, 5 th edition, Addison Wesley, 2009
o Jean-Pierre Lips, Sécurité des Sécurité des Systèmes
d'Information, Université de Nice-Sophia Antipolis
o Certified Ethical Hacker (CEH), 7th Version
o Renaud BIDOU, Security Training
Trang 5Contents
5
Introduction
Footprinting
Scanning
Enumeration
Trang 6Information
Information as a concept has numerous
meanings, from everyday usage to technical
settings
Generally speaking, the concept of information is closely related
to notions of constraint, communication, control, data, form,
instruction, knowledge, meaning, mental stimulus, pattern,
perception, and representation (source: wikipedia)
Where are information?
Trang 7Business
Information to banks?
Information to enterprise?
Information to military, to government?
7
Trang 8System
Information to a server?
Information to an administrator?
Trang 9Gathering information
How to gather information?
What will we process these information?
9
Trang 10Contents
Introduction
Footprinting (CEH v7, chapter 2 )
Scanning
Enumeration
Trang 11Contents
11
Introduction
Footprinting
Scanning (CEH v7, chapter 3 )
Enumeration
Trang 12Contents
Introduction
Footprinting
Scanning
Enumeration (CEH v7, chapter 4 )
Trang 13References
William Stallings, Network Security Essentials, 2nd
edition
William Stallings, Cryptography and Network Security,
4th Edition
Mike Pastore & Emmett Dulaney, CompTIA Security+ -
Study guide, 3rd edition, Wiley Publishing, 2006
Cryptography and Network Security Principles and
Practices
Jie Wang, Computer Network Security - Theory and
Practice, Springer
Justin Clarke & Nitesh Dhanjani, Network Security Tools,
O'Reilly, April 2005
Certified Ethical Hacker, 7th version: chapter 2, 3 & 4
ISO 17799
13
Trang 14Discussion
Questions?
Ideas?
Suggestions?
Trang 15Lab 1
List all information of this university network
o Servers
o IPs
o DNS
o Topology
o Sites
o …
Work in group
Send task to mxphu@hui.edu.vn
o Subject: “[DHTH5] – Lab 1 Submission – Group X”
o Attached file: “Lab 1 – Group X.zip”
15