"Internet Security - Weaknesses and Targets" is based on "Internet- & WWW-Technologies" and gives a detailed introduction on problems concerning Internet and Intranet security. After starting with some remarks on risk analysis and computer crimes, security weaknesses and targets are discussed in detail. Beside others the following topics are discussed in detail: human factor and technical failures, attacks on accounts and passwords, attacks on Internet protocol, misuse of design and programming errors, weaknesses in common operating systems, targets in the WWW, and viruses. The lecture course concludes with a discussion about the possibilities to detect attacks and intrusions and also describes ethical issuses.
| Introduction to Internet Security | 01:03:05 | |
|---|---|---|
| Internet Security - An Example | 00:13:23 | |
| Nowaday's Internet | 00:16:37 | |
| Who are the Intruders | 00:16:14 | |
| Most Common Attacks | 00:12:01 | |
| Course Content | 00:04:50 |
| First Understanding of Internet and WWW | 01:26:29 | |
|---|---|---|
| Introduction | 00:11:50 | |
| Classification of Computer Networks | 00:11:31 | |
| Internets and Internet Protocols | 00:20:06 | |
| TCP/IP Protocol Stack | 00:14:04 | |
| WWW - World Wide Web | 00:12:40 | |
| WWW-Browser and WWW-Server | 00:12:28 | |
| Internet Standards | 00:03:49 |
| Risk Analysis | 01:11:31 | |
|---|---|---|
| Introduction | 00:05:23 | |
| Risks in Internetworking IT-Systems | 00:16:55 | |
| Risk Definition | 00:12:06 | |
| Evaluation of Risks | 00:22:53 | |
| Basic Risks of Internet | 00:14:14 |
| Cyber Crime | 00:18:14 | |
|---|---|---|
| Potential Attackers | 00:08:43 | |
| Hackers / Crackers | 00:09:36 |
| Hackers and Viruses | 01:00:26 | |
|---|---|---|
| First Generation of Hackers | 00:10:24 | |
| Viruses, Worms, Trojan Horses | 00:10:50 | |
| Well-Known Security Incidents in History | 00:35:30 | |
| Financial Losses by Cyber Crime | 00:03:42 |
| Human Factor and Technical Failures | 00:29:15 | |
|---|---|---|
| Technical Failures | 00:08:27 | |
| Defective Design | 00:04:27 | |
| Lack of Knowledge, Awareness and Carelessness | 00:04:49 | |
| Social Hacking | 00:07:00 | |
| Most Typical Break-in Methods | 00:05:08 |
| (Online) Reconnaissance | 00:34:20 | |
|---|---|---|
| Introduction | 00:06:08 | |
| Passive Recon | 00:11:48 | |
| Web Recon | 00:10:46 | |
| Active Recon | 00:05:37 |
| OS Fingerprinting | 00:32:29 | |
|---|---|---|
| Introduction | 00:02:45 | |
| Telnet Session Negotiation / Banners | 00:04:40 | |
| TCP Stack Fingerprinting | 00:10:18 | |
| TCP/IP Timeout Detection | 00:02:30 | |
| Passive Fingerprinting | 00:04:19 | |
| Fuzzy OS Fingerprinting | 00:07:57 |
| Attacks on Accounts and Passwords | 01:13:51 | |
|---|---|---|
| Introduction | 00:10:15 | |
| Password Guessing | 00:09:46 | |
| Password Cracking | 00:12:29 | |
| Rainbow Tables | 00:22:24 | |
| Phishing - Password Fishing | 00:14:31 | |
| Protection against Password Theft | 00:04:26 |
| Weaknesses of Internet Protocols 1/2 | 01:28:41 | |
|---|---|---|
| Introduction | 00:14:29 | |
| Attack Scenarios | 00:07:34 | |
| ICMP-Attacks | 00:23:43 | |
| Internet-Routing-Attacks | 00:11:06 | |
| ARP - Attacks | 00:17:10 | |
| IP-Fragmentation Attacks | 00:09:59 | |
| IP-Bombing | 00:04:40 |
| Weaknesses of Internet Protocols 2/2 | 01:39:48 | |
|---|---|---|
| Introduction | 00:09:59 | |
| Attack Scenarios | 00:17:26 | |
| TCP-Sequence-Number Attack | 00:19:51 | |
| Cancel / Hijack TCP-Connections | 00:23:20 | |
| DNS-Attacks | 00:15:12 | |
| FTP-Attacks | 00:14:00 |
| Design and Programming Errors | 00:32:42 | |
|---|---|---|
| Introduction | 00:02:48 | |
| Buffer Overflow | 00:16:02 | |
| Defective Syntax Check | 00:13:52 |
| Weaknesses of Unix / Linux - Attacks and Exploits | 01:17:41 | |
|---|---|---|
| Introduction | 00:02:22 | |
| Security Architecture of Linux | 00:07:39 | |
| Attacks at Boot-Time | 00:09:24 | |
| Abuse of Symbolic Links | 00:11:59 | |
| Network Attacks via rlogin and rsh | 00:13:55 | |
| Network Attacks via NTP | 00:10:57 | |
| Strategies to protect Linux Systems | 00:21:25 |
| Weaknesses of Windows / Mac OS - Attacks and Exploits | 01:30:00 | |
|---|---|---|
| Introduction | 00:08:05 | |
| SMB Relay Attack | 00:09:49 | |
| UPnP Attacks | 00:09:50 | |
| Remote Desktop Attacks | 00:10:16 | |
| Kerberos Authentication Attacks | 00:23:01 | |
| Defeading Buffer Overflow Prevention | 00:05:30 | |
| Weaknesses of Mac OS X | 00:09:27 |
| Weaknesses of the World Wide Web 1/2 | 01:09:41 | |
|---|---|---|
| Introduction | 00:09:40 | |
| Spying Out Personal Data | 00:16:15 | |
| Java | 00:10:27 | |
| Java - Sabotage Attacks | 00:10:36 | |
| JavaScript | 00:16:00 | |
| Protective Measures for Web-Browsers | 00:06:43 |
| Weaknesses of the World Wide Web 2/2 | 01:30:18 | |
|---|---|---|
| Introduction | 00:04:36 | |
| Break into Web-Servers | 00:03:45 | |
| CGI-Attacks | 00:15:41 | |
| SQL-Injection | 00:14:53 | |
| Cross-Site-Scripting | 00:16:05 | |
| Cross-Site Request Forgery | 00:15:35 | |
| WS-Security Standard | 00:02:43 |
| Wireless Security | 01:30:47 | |
|---|---|---|
| Introduction | 00:05:01 | |
| IEEE 802.11 Wireless LAN | 00:19:32 | |
| Basic WLAN Security Methods | 00:17:11 | |
| WLAN Security with IEEE 802.1x | 00:10:19 | |
| Extended WLAN Security | 00:15:44 | |
| WLAN Security in Practise | 00:07:02 | |
| Cellular Phone Technologies | 00:15:58 |
| Detection of Attacks and Intrusions | 01:22:23 | |
|---|---|---|
| Introduction | 00:11:32 | |
| Anomalies | 00:15:49 | |
| Attack Signatures | 00:10:14 | |
| Implementation of IDS | 00:15:23 | |
| Reaction on Attacks | 00:15:24 | |
| Limitation of IDS | 00:14:01 |
| Law and Ethics | 01:14:12 | |
|---|---|---|
| Introduction | 00:07:32 | |
| Legal Systems | 00:19:21 | |
| Case Studies | 00:20:24 | |
| Ethical Issues | 00:17:45 | |
| Code of Ethics | 00:09:10 |
