1 / 24

Web security - Sniper Corporation

Web Security, also known as “Cyber security” involves protecting that information by preventing, detecting, and responding to attacks. <br>

sharmaakash
Download Presentation

Web security - Sniper Corporation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Web Security Website: www.snipercorporation.com

  2. What is web security? Web Security, also known as “Cyber security” involves protecting that information by preventing, detecting, and responding to attacks. Website: www.snipercorporation.com

  3. Web Security: Terminologies • Hacker – people who seek to exploit weaknesses in software and computer systems for their own gain. • Viruses - A piece of code has a detrimental effect, such as corrupting the system or destroying data. Website: www.snipercorporation.com

  4. Web Security: Terminologies • Worms - Worms propagate without user intervention. Once the victim computer has been infected the worm will attempt to find and infect other computers. • Trojan horses - A Trojan horse program is software that claims to be one thing while in fact doing something different behind the scenes. Website: www.snipercorporation.com

  5. Web Security: Terminologies Ransomware • A form of trojan that has been around since 1989 (as the “PC CYBORG” trojan) • It infects the target computer by encrypting the owner's personal files. • The victim is then contacted and offered a key to decrypt the files in exchange for cash Website: www.snipercorporation.com

  6. Web Security: Terminologies Firewalls: Mechanism for content regulation and data filtering • Blocking unwanted traffic from entering the sub-network (inbound) • Preventing subnet users' use of unauthorised material/sites (outbound) Website:: www.snipercorporation.com

  7. Web Security Issues • Malicious websites • Email Viruses • Phishing • DDOS Website: www.snipercorporation.com

  8. Malicious websites • Malicious Websites are those which contains Malwares, viruses, trojans etc. and effects your System. • More than 3 million Web pages on the Internet are malicious. • According to Google, the percent is one in 1,000. • The experts call these attacks "drive-by downloads" Malicious websites China - 67% US - 15% Russia - 4% Malaysia - 2.2% Korea - 2% Website: www.snipercorporation.com

  9. Malicious websites Preventive measures • Use latest browser software • Internet Explorer version 9+ • Mozilla Firefox • Opera Internet Explorer 6 is the most vulnerable as well as the most widely used browser. It is highly recommended to upgrade from IE 6 Website: www.snipercorporation.com

  10. Email Viruses It is unsolicited e-mail on the Internet. A virus that comes within an attached file in an e-mail message. When that file is opened, the virus does its damage. Macro viruses can come in Microsoft Word documents that are sent as e-mail attachments. Website: www.snipercorporation.com

  11. Email Viruses • It has the ability to scan the complete address book in the email client program and it is regular problem of outlook users. • Once the virus enters your system, it starts sending out emails to your friends and colleagues or to the random list of recipients and forward the same virus. • Such emails are better known as No-reply emails which pass a message where you cannot send the message back to them. Website: www.snipercorporation.com

  12. Email Viruses - Corporate employees are reported to accrue a loss of productivity of 3.1%. - Nucleus Research Analysis - To increase the effectiveness of SPAM detection, always report any SPAM mail to your SPAM filter. Website: www.snipercorporation.com

  13. Phishing This is a method of luring an unsuspecting user into giving out their username and password for a secure web resource, usually a bank, credit card account, login information etc. Website: www.snipercorporation.com

  14. Phishing • Usually achieved by creating a website identical to the secure site • User is sent email requesting them to log in, and providing a link to the bogus site • When user logs in, password is stored and used to access the account by the attacker • Difficult to guard against, particularly if using HTML email Website: www.snipercorporation.com

  15. Phishing Phishing Email sample: Subject: Verify your E-mail with Citibank This email was sent by the Citibank server to verify your E-mail address. You must complete this process by clicking on the link below and entering in the small window your Citibank ATM/Debit Card number and PIN that you use on ATM. This is done for your protection - because some of our members no longer have access to their email addresses and we must verify it. To verify your E-mail address and access your bank account, click on the link below: https://web.da-us.citibank.com/signin/citifi/scripts/email_verify.jsp Thank you for using Citibank Website: www.snipercorporation.com

  16. Phishing The link uses an anchor text, and the actual website opens as, http://citibusinessonline.da.us.citibank.com.citionline.ru/... Instead of, http://www.citibank.com/us/index.htm

  17. Phishing Landing Page Website: www.snipercorporation.com

  18. Phishing - Unwitting users submit the data, and the data is captured by scammers and all the money in their account will be stolen immediately. - This method is the main reason for loss of email passwords also. Website: www.snipercorporation.com

  19. Denial of Service It is an attack to make a computer resource unavailable to its intended users. Resources: - Bandwidth & CPU Website: www.snipercorporation.com

  20. How it Works? • One way to attack a company’s network or website is to flood its systems with information. • Web and e-mail servers can only handle a finite amount of traffic and an attacker overloads the targeted system with packets of data. Website: www.snipercorporation.com

  21. How to prevent? • Simple special-purpose high-speed firewalls being deployed in the core of the Internet at inter-domain boundaries to serve as a filter of sorts • Gives Upstream access control to a server under stress • Middle wall or Firewall Website: www.snipercorporation.com

  22. Take Action If everyone keep their systems secure, such threats can never happen. Small gestures can avoid gigantic problems in our context. Website: www.snipercorporation.com

  23. Action Plan • Use Anti-virus • Use Anti-Spyware • Use Total Security Software • Be aware not to fall for scams and phishing attacks • Report SPAM Website: www.snipercorporation.com

  24. Thank You Website: www.snipercorporation.com

More Related