"Internet Security - Weaknesses and Targets" is based on "Internet- & WWW-Technologies" and gives a detailed introduction on problems concerning Internet and Intranet security. After starting with some remarks on risk analysis and computer crimes, security weaknesses and targets are discussed in detail. Beside others the following topics are discussed in detail: human factor and technical failures, attacks on accounts and passwords, attacks on Internet protocol, misuse of design and programming errors, weaknesses in common operating systems, targets in the WWW, and viruses. The lecture course concludes with a discussion about the possibilities to detect attacks and intrusions and also describes ethical issues.
| Introduction and Table of Content | 00:11:15 | |
|---|---|---|
| Content of Lecture Course Internet Security | 00:11:15 |
| Internet Security - An Overview | 00:51:46 | |
|---|---|---|
| Internet Security - A First Example | 00:11:40 | |
| Nowadays' Internet | 00:04:58 | |
| Risks When Using Internet-based Information Systems | 00:16:16 | |
| Complexity of Internet | 00:04:37 | |
| Most Common Attacks | 00:05:15 | |
| General Risks of Interconnected IT-Systems | 00:05:01 | |
| Course Content | 00:03:59 |
| First Understanding of Internet and WWW | 01:27:34 | |
|---|---|---|
| Introduction | 00:09:42 | |
| Classification of Computer Networks | 00:10:33 | |
| Internet and Internet Protocols | 00:19:31 | |
| TCP/IP Protocol Stack | 00:16:14 | |
| WWW - World Wide Web | 00:11:52 | |
| WWW-Browser and WWW-Server | 00:19:35 |
| Risk Analysis | 01:09:16 | |
|---|---|---|
| Introduction | 00:04:16 | |
| Risks in Interconnecting IT-Systems | 00:11:36 | |
| Risk Definition | 00:10:07 | |
| Evaluation of Risks | 00:24:07 | |
| Basic Risks of Internet | 00:19:10 |
| Potential Attackers | 00:19:20 | |
|---|---|---|
| Potential Attackers | 00:19:20 |
| Hackers and Viruses | 01:04:29 | |
|---|---|---|
| First Generation of Hackers | 00:13:31 | |
| Viruses, Worms, Trojan Horses | 00:12:09 | |
| Some Famous Security Incidents in History | 00:19:18 | |
| More Attacks | 00:16:38 | |
| Huge Financial Losses by Cyber Crime | 00:02:53 |
| Human Factor and Technical Failures | 00:33:32 | |
|---|---|---|
| Technical Failures | 00:06:36 | |
| Defective Design | 00:06:47 | |
| Lack of Knowledge, Awerenes and Carelessness | 00:05:03 | |
| Social Hacking | 00:15:06 |
| (Online) Reconnaissance | 00:28:19 | |
|---|---|---|
| Introduction | 00:05:44 | |
| Passive Recon | 00:09:43 | |
| Web Recon | 00:08:56 | |
| Active Recon | 00:03:56 |
| OS Fingerprinting | 00:26:07 | |
|---|---|---|
| Introduction | 00:03:09 | |
| Telnet Session Negotiation | 00:14:09 | |
| TCP/IP Timeout Detection | 00:04:37 | |
| Fuzzy OS-Fingerprinting | 00:04:12 |
| Attacks on Accounts and Passwords | 01:02:34 | |
|---|---|---|
| Introduction | 00:09:02 | |
| Password Guessing | 00:09:51 | |
| Password Cracking | 00:10:49 | |
| Password Cracking with Rainbow Tables | 00:15:08 | |
| Password Sniffing and Monitoring | 00:03:47 | |
| Phishing - Password Fishing | 00:10:56 | |
| Protection Against Password Theft | 00:03:10 |
| Weaknesses of Internet Protocols 1/2 | 01:27:55 | |
|---|---|---|
| Introduction | 00:14:00 | |
| ARP-Attacks | 00:18:14 | |
| IP-Address Spoofing | 00:05:59 | |
| ICMP-Attack | 00:20:59 | |
| Internet Routing-Attacks | 00:11:46 | |
| IP-Fragmentaton Attack | 00:09:56 | |
| IP-Bombing | 00:06:33 |
| Weaknesses of Internet Protocols 2/2 | 01:26:02 | |
|---|---|---|
| Introduction | 00:09:46 | |
| Attack Scenarios | 00:11:13 | |
| TCP-Sequence Number Attack | 00:15:21 | |
| Cancel / Hijak TCP-Connections | 00:07:26 | |
| Attacks on TLS/SSL | 00:14:37 | |
| DNS-Attacks | 00:12:56 | |
| FTP-Attacks | 00:14:43 |
| Design and Programming Errors | 00:27:41 | |
|---|---|---|
| Introduction | 00:01:58 | |
| Buffer Overflow | 00:14:33 | |
| Insufficient Input Validation | 00:04:45 | |
| Race Conditions | 00:06:25 |
| Weaknesses of Unix / Linux - Attacks and Exploits | 01:05:02 | |
|---|---|---|
| Security Architecture of Unix | 00:10:08 | |
| Password Attacks in Unix | 00:05:58 | |
| Abuse of Symbolic Links | 00:07:15 | |
| Network and Aoolication Attacks | 00:16:06 | |
| DNS/ BIND Vulnerabilities | 00:04:49 | |
| Strategies to protect unix systems | 00:20:46 |
| Weaknesses of MS Windows and MacOS X - Attacks and Exploits | 01:14:46 | |
|---|---|---|
| Introduction | 00:08:14 | |
| SMB Protocol | 00:13:27 | |
| UPnP Attacks | 00:09:07 | |
| Remote Desktop Attacks | 00:06:20 | |
| MS Windows Server | 00:22:00 | |
| Defeating Buffer Overflow Prevventions | 00:15:38 |
| Weaknesses of the World Wide Web 1/2 | 01:30:00 | |
|---|---|---|
| Introduction | 00:12:00 | |
| Spying Out Personal Data | 00:14:56 | |
| Java | 00:16:31 | |
| JavaScript | 00:10:52 | |
| ActiveX | 00:09:11 |
| Weaknesses of the World Wide Web 2/2 | 01:23:58 | |
|---|---|---|
| Introduction | 00:04:37 | |
| Break into Web-Servers | 00:15:07 | |
| SQL-Injection | 00:14:20 | |
| Cross-Site-Scripting | 00:20:12 | |
| Current Challenges of Web Services and SOA Security | 00:05:19 | |
| WS-Security Standard | 00:20:02 |
| Wireless Security | 01:15:51 | |
|---|---|---|
| Introduction | 00:03:13 | |
| IEEE 802.11 Wireless LAN - WLAN | 00:11:18 | |
| WLAN Parameters | 00:03:59 | |
| Basic WLAN Security Methods | 00:03:52 | |
| WLAN Security Weaknesses | 00:09:09 | |
| WLAN Security with IEEE 802.1x | 00:07:56 | |
| Extended WLAN Security | 00:13:12 | |
| WLAN in Practice | 00:07:04 | |
| Cellular Phone Technologies | 00:07:32 | |
| Secure Connection with Mobile Devices | 00:03:18 | |
| Weaknesses of GSM Technology | 00:02:52 | |
| Summary | 00:02:26 |
| Detection of Attacks and Intrusions | 01:30:37 | |
|---|---|---|
| Introduction | 00:14:13 | |
| Anomalies and Attack Signature | 00:22:28 | |
| Anti-Virus Software and Implementation of IDS | 00:18:28 | |
| Reactions on Detected Attacks | 00:10:22 | |
| Event Correlation | 00:10:42 | |
| Existing Solutions: IDS/IPS and SIEM | 00:14:24 |
| Law and Ethics | 01:03:10 | |
|---|---|---|
| Introduction | 00:06:32 | |
| Legal Systems | 00:07:46 | |
| Example | 00:08:55 | |
| Case Studies | 00:12:26 | |
| Ethical Issues | 00:11:41 | |
| Code of Ethics | 00:15:50 |
