"Internet Security - Weaknesses and Targets" is based on "Internet- & WWW-Technologies" and gives a detailed introduction on problems concerning Internet and Intranet security. After starting with some remarks on risk analysis and computer crimes, security weaknesses and targets are discussed in detail. Beside others the following topics are discussed in detail: human factor and technical failures, attacks on accounts and passwords, attacks on Internet protocol, misuse of design and programming errors, weaknesses in common operating systems, targets in the WWW, and viruses. The lecture course concludes with a discussion about the possibilities to detect attacks and intrusions and also describes ethical issuses.
| Weaknesses and Targets - An Overview | 01:06:50 | |
|---|---|---|
| Table of Content | 00:12:45 | |
| Nowadays Internet | 00:15:03 | |
| Changing Nature of the Threats | 00:18:22 | |
| Most Common Attacks | 00:07:32 | |
| General Risks | 00:13:04 |
| First Understanding of Internet and WWW | 01:23:38 | |
|---|---|---|
| Computer Networks | 00:21:41 | |
| Internets and Internet Protocols | 00:15:24 | |
| TCP/IP Protocol Stack | 00:13:31 | |
| WWW - World Wide Web | 00:13:47 | |
| Who-is-Who in Internet and WWW | 00:19:15 |
| Risk Analysis | 01:02:21 | |
|---|---|---|
| Introduction | 00:05:19 | |
| Risks in Internetworking IT-Systems | 00:11:14 | |
| Risk Definition and Analysis | 00:09:15 | |
| Evaluation of Risks | 00:22:17 | |
| Basic Risks of Internet | 00:14:16 |
| Cyber Crime: Potential Attackers | 00:22:38 | |
|---|---|---|
| Potential Attackers | 00:08:41 | |
| Hackers from High-Schools and Universities | 00:06:45 | |
| Professional Hacker Criminals | 00:07:12 |
| Hackers and Viruses | 01:08:12 | |
|---|---|---|
| First Generation of Hackers | 00:12:29 | |
| Underground Mailboxes | 00:15:27 | |
| Well-Known Security Incidents 1973-2001 | 00:21:29 | |
| Well-Known Security Incidents 2001-2012 | 00:18:45 |
| Weaknesses of the World Wide Web 1/2 | 01:13:49 | |
|---|---|---|
| Introduction | 00:10:59 | |
| Spying out Personal Data | 00:15:05 | |
| Java | 00:19:49 | |
| JavaScript | 00:15:23 | |
| 00:12:33 |
| Weaknesses of the World Wide Web 2/2 | 01:03:41 | |
|---|---|---|
| Introduction | 00:18:57 | |
| SQL-Injection | 00:11:26 | |
| Cross-Site-Scripting | 00:11:25 | |
| Cross-Site Request Forgery | 00:11:59 | |
| WS-Security - Security Tokens | 00:09:54 |
| Human Factor and Technical Failures | 00:29:39 | |
|---|---|---|
| Introduction | 00:16:39 | |
| Social Hacking | 00:13:00 |
| (Online) Reconnaissance | 00:29:53 | |
|---|---|---|
| Introduction | 00:16:04 | |
| Web Recon | 00:13:48 |
| OS Fingerprinting | 00:30:20 | |
|---|---|---|
| Introduction | 00:16:39 | |
| TCP/IP Timeout Detection | 00:13:41 |
| Attacks on Accounts and Passwords | 01:02:34 | |
|---|---|---|
| Introduction | 00:09:02 | |
| Password Guessing | 00:09:51 | |
| Password Cracking | 00:10:49 | |
| Password Cracking with Rainbow Tables | 00:15:08 | |
| Password Sniffing and Monitoring | 00:03:47 | |
| Phishing - Password Fishing | 00:10:56 | |
| Protection Against Password Theft | 00:03:10 |
| Weaknesses of Internet Protocols 1/2 | 01:28:41 | |
|---|---|---|
| Introduction | 00:10:35 | |
| Attack Scenarios | 00:10:09 | |
| ICMP-Attacks | 00:20:47 | |
| Internet-Routing-Attacks | 00:11:40 | |
| ARP-Attacks | 00:11:32 | |
| IP-Fragmentation Attacks | 00:15:39 |
| Weaknesses of Internet Protocols 2/2 | 01:20:22 | |
|---|---|---|
| Introduction | 00:11:00 | |
| Attack Scenarios | 00:09:41 | |
| TCP-Sequence-Number Attack | 00:14:21 | |
| Cancel/Hijack TCP-Connections | 00:16:49 | |
| DNS-Attacks | 00:08:37 | |
| Telnet Attacks | 00:21:54 |
| Design and Programming Errors | 00:32:42 | |
|---|---|---|
| Introduction | 00:20:05 | |
| Defective Syntax Check | 00:12:37 |
| Weaknesses of Unix/Linux - Attacks and Exploits | 01:12:38 | |
|---|---|---|
| Introduction | 00:10:46 | |
| Attacks at Boot-Time | 00:11:49 | |
| Breaking out of Runtime Enviroments | 00:15:15 | |
| Network Attacks in Unix via NFS | 00:14:34 | |
| Strategies to Protect Unix-Systems | 00:20:14 |
| Weaknesses of MS Windows and Mac OS X - Attacks and Exploits | 01:17:32 | |
|---|---|---|
| Introduction | 00:12:46 | |
| SMB Relay Attack | 00:19:34 | |
| Remote Desktop Attacks | 00:11:35 | |
| Kerberos Authentification Review | 00:17:15 | |
| Defeating Buffer Overflow Prevention | 00:16:22 |
| Wireless Security | 01:29:01 | |
|---|---|---|
| WLAN Parameters | 00:20:38 | |
| WLAN Security with IEEE 802.1x | 00:08:51 | |
| Extended WLAN Security | 00:16:20 | |
| WLAN Security in Practice | 00:15:21 | |
| Cellular Phone - Authentication | 00:11:26 | |
| Introduction | 00:16:25 |
| Detection of Attacks and Intrusions | 01:24:32 | |
|---|---|---|
| Introduction | 00:15:40 | |
| Anomalies | 00:15:59 | |
| Anti-Virus Software | 00:12:34 | |
| Implementation of IDS | 00:16:42 | |
| Event Correlation | 00:14:09 | |
| Limits of IDS | 00:09:27 |
| Law and Ethics | 01:08:49 | |
|---|---|---|
| Introduction | 00:13:38 | |
| German Criminal Law | 00:17:21 | |
| Case Study: Publishing Hacker Tools | 00:11:58 | |
| Ethical Issues | 00:13:56 | |
| Ownership of Programs | 00:11:56 |
