"Internet Security - Weaknesses and Targets" gives a detailed introduction on problems concerning Internet and Intranet security. After starting with some remarks on risk analysis and computer crimes, security weaknesses and targets are discussed in detail. Besides, more introductions are provided on: human factor and technical failures, attacks on accounts and passwords, attacks on Internet protocol, misuse of design and programming errors, weaknesses in common operating systems, targets in the WWW, and viruses. The lecture concludes with the discussion on possibilities to detect attacks and intrusions and ethical issuses are introduced as well.
| Introduction and Table of Content | 00:15:21 | |
|---|---|---|
| Content of the Lecture Course | 00:02:44 | |
| Table of Contents | 00:04:30 | |
| Preconditions for Attending the Course | 00:05:40 | |
| Evaluation Criteria | 00:02:27 |
| Internet Security - An Overview | 01:07:33 | |
|---|---|---|
| A First Example: Staatstrojaner | 00:13:36 | |
| Nowaday's Internet | 00:16:30 | |
| Changing Nature of the Threats | 00:19:07 | |
| Most Common Attacks | 00:09:29 | |
| General Risks of Interconnected Systems | 00:04:43 | |
| Internet Security - Weaknesses and Targets: Course Content | 00:04:08 |
| First Understanding of Internet and WWW | 01:27:34 | |
|---|---|---|
| Introduction | 00:09:42 | |
| Classification of Computer Networks | 00:10:33 | |
| Internet and Internet Protocols | 00:19:31 | |
| TCP/IP Protocol Stack | 00:16:14 | |
| WWW - World Wide Web | 00:11:52 | |
| WWW-Browser and WWW-Server | 00:19:35 |
| Risk Analysis | 01:10:51 | |
|---|---|---|
| Introduction | 00:05:29 | |
| Risks in Internetworking IT-Systems | 00:15:36 | |
| Risk Definition | 00:02:22 | |
| Risk Analysis | 00:08:54 | |
| Evaluation of Risk | 00:23:37 | |
| Basic Risks of Internet | 00:14:53 |
| Cybercrime: Potential Attackers | 00:17:28 | |
|---|---|---|
| Potential Attackers | 00:17:28 |
| Hackers and Viruses | 01:00:28 | |
|---|---|---|
| First Generation of Hackers | 00:11:58 | |
| Viruses, Worms, Trojan Horses | 00:10:05 | |
| Well-Known Security Incidents in History | 00:36:32 | |
| Financial Losses by Cyber Crime | 00:01:53 |
| Human Factor and Technical Failures | 00:42:44 | |
|---|---|---|
| Technical Failures | 00:13:18 | |
| Defective Design | 00:11:24 | |
| Social Hacking | 00:10:28 | |
| Most Typical Break-in Methods | 00:07:34 |
| Reconnaissance | 00:23:16 | |
|---|---|---|
| Introduction | 00:16:13 | |
| Web Recon | 00:07:03 |
| OS Fingerprinting | 00:26:05 | |
|---|---|---|
| Introduction | 00:07:09 | |
| TCP Stack Fingerprinting | 00:11:27 | |
| Passive Fingerprinting | 00:07:29 |
| Attacks on Accounts and Passwords | 01:00:52 | |
|---|---|---|
| Introduction | 00:07:53 | |
| Password Guessing | 00:10:53 | |
| Password Cracking | 00:24:53 | |
| Password Sniffing | 00:02:32 | |
| Phishing - Password Fishing | 00:11:45 | |
| Protection Against Password Theft | 00:02:56 |
| Weaknesses of Internet Protocols (1) | 01:19:04 | |
|---|---|---|
| Introduction | 00:14:29 | |
| ARP-Attacks | 00:14:12 | |
| IP Adress Spoofing | 00:05:56 | |
| ICMP-Attacks | 00:17:21 | |
| Internet-Routing-Attacks | 00:10:09 | |
| IP-Fragmentation Attacks | 00:16:57 |
| Weaknesses of Internet Protocols (2) | 01:23:31 | |
|---|---|---|
| Introduction | 00:12:54 | |
| TCP Attacks | 00:28:24 | |
| Attacks on TLS/SSL | 00:14:00 | |
| DNS-Attacks | 00:07:07 | |
| SMTP-Attacks | 00:06:56 | |
| FTP-Attacks | 00:14:10 |
| Design and Programming Errors | 00:27:54 | |
|---|---|---|
| Introduction | 00:02:15 | |
| Buffer Overflow | 00:15:41 | |
| Insufficient Input Validation | 00:04:31 | |
| Race Condition | 00:05:27 |
| Weaknesses of Unix/Linux - Attacks and Exploits | 01:11:58 | |
|---|---|---|
| Introduction | 00:12:00 | |
| Password Attacks in Unix | 00:13:12 | |
| Network and Application Attacks | 00:16:51 | |
| DNS/BIND Vulnerabilities | 00:07:26 | |
| Strategies to Protect Unix-Systems | 00:22:29 |
| Weaknesses of MS Windows and Mac OS X - Attacks and Exploits | 01:13:59 | |
|---|---|---|
| Introduction | 00:08:02 | |
| SMB Protocol | 00:12:52 | |
| UPnP Attack | 00:08:42 | |
| Remote Desktop Attack | 00:08:36 | |
| Kerberos | 00:23:51 | |
| Mac OS X Weaknesses | 00:11:56 |
| Weaknesses of the World Wide Web (1) | 01:09:35 | |
|---|---|---|
| Introduction | 00:10:06 | |
| Spying Out Personal Data | 00:15:26 | |
| Java | 00:16:31 | |
| JavaScript | 00:09:26 | |
| ActiveX | 00:18:06 |
| Weaknesses of the World Wide Web (2) | 01:10:24 | |
|---|---|---|
| Introduction | 00:11:21 | |
| URL-Attacks | 00:15:21 | |
| Cross-Site-Scripting | 00:15:34 | |
| Challenges of Web Services | 00:28:08 |
| Wireless Security | 01:18:01 | |
|---|---|---|
| Introduction | 00:16:22 | |
| WLAN Parameters | 00:18:02 | |
| WLAN Security with IEEE 802.1x | 00:21:15 | |
| WLAN Security in Practice | 00:20:26 | |
| Summary | 00:01:56 |
| Law and Ethics | 01:26:22 | |
|---|---|---|
| Introduction | 00:06:18 | |
| Legal Systems | 00:23:55 | |
| Case Studies | 00:15:57 | |
| Ethical Issues | 00:14:53 | |
| Code of Ethics | 00:25:19 |
| Detection of Attacks and Intrusions | 01:19:40 | |
|---|---|---|
| Introduction | 00:11:40 | |
| Anomalies and Attack Signatures | 00:24:18 | |
| Host-based IDS | 00:11:55 | |
| Intrusion Response | 00:15:16 | |
| Existing Solutions | 00:16:31 |
