"Internet Security - Weaknesses and Targets" is based on "Internet- & WWW-Technologies" and gives a detailed introduction on problems concerning Internet and Intranet security. After starting with some remarks on risk analysis and computer crimes, security weaknesses and targets are discussed in detail. Beside others the following topics are discussed in detail: human factor and technical failures, attacks on accounts and passwords, attacks on Internet protocol, misuse of design and programming errors, weaknesses in common operating systems, targets in the WWW, and viruses. The lecture course concludes with a discussion about the possibilities to detect attacks and intrusions and also describes ethical issuses.
| Internet Security | 01:30:00 | |
|---|---|---|
| Nowaday's Internet | 00:18:29 | |
| Internet is an easy Target | 00:17:51 | |
| Evolution of Internet Security | 00:18:05 | |
| Most Common Attacks | 00:13:47 | |
| Basic Risks by Using the Internet | 00:11:42 | |
| Course Content | 00:05:40 |
| First Understanding of Internet and WWW | 01:26:28 | |
|---|---|---|
| Introduction | 00:11:50 | |
| Classification of Computer Networks | 00:11:31 | |
| Internets and Internet Protocols | 00:20:06 | |
| TCP/IP Protocol Stack | 00:14:04 | |
| WWW - World Wide Web | 00:12:40 | |
| WWW-Browser and WWW-Server | 00:12:28 | |
| Internet Standards | 00:03:49 |
| Risk Analysis | 01:12:22 | |
|---|---|---|
| Introduction | 00:15:05 | |
| Risk Definition | 00:13:22 | |
| Evaluation of Risks | 00:25:21 | |
| Basic Risks of Internet | 00:18:34 |
| Cyber Crime: Potential Attackers | 00:22:18 | |
|---|---|---|
| Introduction | 00:00:39 | |
| Potential Attackers | 00:14:18 | |
| Professional Hackers | 00:07:21 |
| Hackers and Viruses | 00:52:51 | |
|---|---|---|
| First Generation of Hackers | 00:10:48 | |
| Viruses, Worms, Trojan Horses | 00:11:26 | |
| Short History of Cyber Crime | 00:12:29 | |
| Financial Losses by Cyber Crime | 00:03:16 | |
| Cyber Crime in this century | 00:14:52 |
| Human Factor and Technical Failures | 00:42:06 | |
|---|---|---|
| Technical Failures | 00:08:32 | |
| Defective Designs | 00:06:55 | |
| Lack of Knowledge and Carelessness | 00:07:13 | |
| Social Hacking | 00:11:25 | |
| Most Typical Break-in Methods | 00:08:01 |
| (Online)Reconnaissance | 00:37:31 | |
|---|---|---|
| Introduction | 00:06:22 | |
| Passive Recon | 00:12:33 | |
| Web Recon | 00:13:20 | |
| Active Recon | 00:05:16 |
| OS Fingerprinting | 00:32:38 | |
|---|---|---|
| Introduction | 00:03:08 | |
| Telnet Session Negotiation | 00:05:44 | |
| TCP Stack Fingerprinting | 00:10:22 | |
| Passive Fingerprinting | 00:04:25 | |
| Fuzzy OS Fingerprinting | 00:08:59 |
| Attacks on Accounts and Passwords | 00:56:29 | |
|---|---|---|
| Introduction | 00:05:04 | |
| Guessing | 00:07:43 | |
| Cracking | 00:12:53 | |
| Cracking with Rainbow Tables | 00:16:42 | |
| Sniffing | 00:08:46 | |
| Protection against Password Theft | 00:05:21 |
| Weaknesses of Internet Protocols 1/2 | 01:30:00 | |
|---|---|---|
| Introduction | 00:15:24 | |
| IP Address Spoofing | 00:07:18 | |
| ICMP-Attacks | 00:26:20 | |
| Internet-Routung-Attacks | 00:13:52 | |
| ARP-Attacks | 00:15:44 | |
| IP-Fragmentation Attacks | 00:09:25 | |
| IP-Bombing | 00:05:51 |
| Weaknesses of Internet Protocols 2/2 | 01:35:59 | |
|---|---|---|
| Introduction | 00:10:26 | |
| Attack Scenarios | 00:12:39 | |
| TCP-Sequence-Number Attack | 00:25:10 | |
| UDP Attacks | 00:17:14 | |
| DNS-Attacks | 00:19:13 | |
| Attacks on VoIP | 00:11:17 |
| Design and Programming Errors | 00:30:00 | |
|---|---|---|
| Buffer Overflow | 00:15:47 | |
| Defective Syntax Check | 00:07:05 | |
| Race Conditions | 00:07:08 |
| Weaknesses of Unix/Linux - Attacks and Exploits | 01:21:58 | |
|---|---|---|
| Security Architecture of Unix | 00:11:17 | |
| Attacks at Boot-Time | 00:08:06 | |
| SUID Abuse | 00:09:07 | |
| Network and Application Attacks in Unix | 00:22:04 | |
| DNS / BIND Vulnerabiliies | 00:07:21 | |
| Strategies to protect Unix-Systems | 00:24:03 |
| Weaknesses of Windows / Mac OS - Attacks and Exploits | 01:15:58 | |
|---|---|---|
| Introduction | 00:08:05 | |
| SMB Relay Attack | 00:09:49 | |
| UPnP Attacks | 00:09:50 | |
| Remote Desktop Attacks | 00:10:16 | |
| Kerberos Authentication Attacks | 00:23:01 | |
| Defeading Buffer Overflow Prevention | 00:05:30 | |
| Weaknesses of Mac OS X | 00:09:27 |
| Weaknesses of the World Wide Web 1/2 | 01:07:59 | |
|---|---|---|
| Introduction | 00:08:25 | |
| Spying Out Personal Data | 00:15:51 | |
| Java | 00:21:19 | |
| JavaScript | 00:16:47 | |
| Protective Measures for Web-Browsers | 00:05:37 |
| Weaknesses of the World Wide Web 2/2 | 01:08:05 | |
|---|---|---|
| Introduction | 00:06:01 | |
| Break into Web-Servers | 00:23:13 | |
| Cross-Site-Scripting | 00:18:09 | |
| Current Challenges in SOA-Security | 00:08:50 | |
| WS-Security | 00:11:52 |
| Wireless Security | 01:26:33 | |
|---|---|---|
| Introduction | 00:03:59 | |
| IEEE 802.11 Wireless Lan | 00:21:15 | |
| WLAN Security Weaknesses | 00:12:44 | |
| WLAN Security with IEEE 802.1x | 00:09:29 | |
| WLAN Security with WPA | 00:12:33 | |
| WLAN Security in Practice | 00:07:28 | |
| Cellular Phone Technologies | 00:19:05 |
| Detection of Attacks and Intrusions | 01:23:25 | |
|---|---|---|
| Introduction | 00:11:18 | |
| Anomalies and Attack Signatures | 00:14:42 | |
| Attack Signatures | 00:08:41 | |
| Anti-Virus Software | 00:14:29 | |
| Implementation of IDS | 00:13:10 | |
| Alert Corelation | 00:21:05 |
| Legal and Ethical Issues in Internet Security | 01:19:52 | |
|---|---|---|
| Introduction | 00:06:06 | |
| Legal Systems | 00:08:10 | |
| Example German Criminal Law | 00:13:06 | |
| Case Studies | 00:17:12 | |
| Responsibility of IT-Managers | 00:23:05 | |
| Code of Ethics | 00:12:13 |
