"Internet Security - Weaknesses and Targets" is based on "Internet- & WWW-Technologies" and gives a detailed introduction on problems concerning Internet and Intranet security. After starting with some remarks on risk analysis and computer crimes, security weaknesses and targets are discussed in detail. Beside others the following topics are discussed in detail: human factor and technical failures, attacks on accounts and passwords, attacks on Internet protocol, misuse of design and programming errors, weaknesses in common operating systems, targets in the WWW, and viruses. The lecture course concludes with a discussion about the possibilities to detect attacks and intrusions and also describes ethical issues.
| Introduction and Table of Content | 00:11:53 | |
|---|---|---|
| Content of the Lecture Course | 00:02:43 | |
| Table of Contents | 00:02:45 | |
| Preconditions for Attending the Course | 00:03:38 | |
| Evaluation Criteria | 00:02:47 |
| Internet Security - An Overview | 01:07:14 | |
|---|---|---|
| Nowadays' Internet | 00:09:41 | |
| Risks and Threats | 00:21:16 | |
| Complexity of Internet | 00:09:11 | |
| Most Common Attacks | 00:14:09 | |
| General Risks of Interconnected IT-Systems | 00:07:25 | |
| Internet Security - Course Content | 00:05:32 |
| First Understanding of Internet and WWW | 01:27:27 | |
|---|---|---|
| Introduction | 00:09:42 | |
| Classification of Computer Networks | 00:10:33 | |
| Internet and Internet Protocols | 00:19:31 | |
| TCP/IP Protocol Stack | 00:16:14 | |
| WWW - World Wide Web | 00:11:52 | |
| WWW-Browser and WWW-Server | 00:19:35 |
| Risk Analysis | 01:11:57 | |
|---|---|---|
| Introduction | 00:04:18 | |
| Risks in Internetworking IT-Systems | 00:11:08 | |
| Why Risk Analysis is needed | 00:13:32 | |
| Definition of Analysis Domain | 00:02:18 | |
| Acquisition of Risks | 00:08:43 | |
| Evaluation of Risks | 00:18:35 | |
| Basic Risks of Internet | 00:13:23 |
| Cyber Crime: Potential Attackers | 00:18:41 | |
|---|---|---|
| Potential Attackers | 00:18:41 |
| Hackers and Viruses | 01:08:48 | |
|---|---|---|
| First Generation of Hackers | 00:12:13 | |
| Viruses, Worms, Trojan Horses | 00:11:39 | |
| Well-known security Incidents in History | 00:39:48 | |
| Financial Losses by Cyber Crime | 00:05:08 |
| Human Factor and Technical Failures | 00:32:27 | |
|---|---|---|
| Technical Failure | 00:06:49 | |
| Defective Design | 00:04:38 | |
| Lack of Knowledge, Awareness and Carelessness | 00:04:14 | |
| Social Hacking | 00:03:49 | |
| Personalized Phishing | 00:07:41 | |
| Most Typical Break-in Methods | 00:05:16 |
| (Online) Reconnaissance | 00:19:25 | |
|---|---|---|
| Introduction | 00:04:14 | |
| Passive Recon | 00:06:02 | |
| Web Recon | 00:06:10 | |
| Active Recon | 00:02:59 |
| OS Fingerprinting | 00:26:05 | |
|---|---|---|
| Introduction | 00:07:09 | |
| TCP Stack Fingerprinting | 00:11:27 | |
| Passive Fingerprinting | 00:07:29 |
| Attacks on Accounts and Passwords | 01:01:28 | |
|---|---|---|
| Introduction | 00:09:35 | |
| Hash Functions | 00:07:55 | |
| Password Guessing | 00:10:06 | |
| Password Cracking | 00:22:17 | |
| Phishing | 00:11:35 |
| Weaknesses of Internet Protocols (1) | 01:19:04 | |
|---|---|---|
| Introduction | 00:14:29 | |
| ARP-Attacks | 00:14:12 | |
| IP Adress Spoofing | 00:05:56 | |
| ICMP-Attacks | 00:17:21 | |
| Internet-Routing-Attacks | 00:10:09 | |
| FTP-Attacks | 00:09:43 |
| Weaknesses of Internet Protocols (2) | 01:23:31 | |
|---|---|---|
| Introduction | 00:12:54 | |
| TCP Attacks | 00:28:24 | |
| Attacks on TLS/SSL | 00:14:00 | |
| DNS-Attacks | 00:07:07 | |
| SMTP-Attacks | 00:06:56 | |
| FTP-Attacks | 00:14:10 |
| Design and Programming Errors | 00:30:41 | |
|---|---|---|
| Buffer Overflow | 00:19:06 | |
| Insufficient Input Validation | 00:06:23 | |
| Race Conditions | 00:05:12 |
| Weaknesses of Unix / Linux - Attacks and Exploits | 01:00:06 | |
|---|---|---|
| Security Architecture of Unix | 00:11:12 | |
| Password Attacks in Unix | 00:05:04 | |
| Abuse of Symbolic Links | 00:03:54 | |
| Breaking Out of Runtime Environments | 00:03:49 | |
| Network and Application Attacks in Unix | 00:21:39 | |
| Strategies to Protect Unix-Systems | 00:14:28 |
| Weaknesses of MS Windows and Mac OS X - Attacks and Exploits | 01:16:16 | |
|---|---|---|
| Introduction | 00:09:42 | |
| SMB Attacks | 00:07:20 | |
| RPC Attacks | 00:03:04 | |
| UPnP Attacks | 00:08:57 | |
| Remote Desktop Attacks | 00:10:42 | |
| Kerberos | 00:18:23 | |
| Defeating Buffer Overflow Prevention | 00:04:54 | |
| Weaknesses in Mac OS | 00:13:14 |
| Weaknesses of the World Wide Web - Web-Browser as the Target | 00:59:49 | |
|---|---|---|
| Introduction | 00:10:46 | |
| Spying Out Personal Data | 00:12:15 | |
| Java | 00:15:40 | |
| JavaScript | 00:08:43 | |
| ActiveX | 00:03:17 | |
| PDF and Adobe Flash | 00:04:25 | |
| Protective Measures for Web-Browsers | 00:04:43 |
| Weaknesses of the World Wide Web (2) | 01:03:22 | |
|---|---|---|
| Introduction | 00:10:30 | |
| URL-Attacks | 00:17:16 | |
| Cross-Site Scripting | 00:14:35 | |
| Challenges of Web Services | 00:21:01 |
| Wireless Security | 01:24:20 | |
|---|---|---|
| Introduction | 00:16:28 | |
| WLAN Parameters | 00:18:47 | |
| WLAN Security with IEEE 802.1x | 00:26:43 | |
| Wi-Fi Security in Practice | 00:20:31 | |
| Summary | 00:01:51 |
| Detection of Attacks and Intrusions | 01:29:43 | |
|---|---|---|
| Introduction | 00:11:29 | |
| Anomalies and Attack Signatures | 00:15:39 | |
| Intrusion Detection Systems | 00:16:07 | |
| Reactions on Detected Attacks | 00:07:48 | |
| Event Correlation | 00:20:02 | |
| Limitations of Intrusion Detection Systems | 00:18:38 |
| Legal and Ethical Issues | 01:14:24 | |
|---|---|---|
| Introduction | 00:07:26 | |
| Legal Systems | 00:31:55 | |
| Ethical Issues | 00:26:01 | |
| Famous Discovered Insights | 00:09:02 |