Computer Security Basics

Computer Security Basics

• David Khan (The Code-breakers) divide the problem of information safety measure into two groups: securitydan intelligence.

• Security is associated with the company securing data 

• Intelligence is associated with search (burglary, wiretapping) data  military and intel

Steganography

• Steganography (steganography): the art of hiding messages in other messages so that other people do not realize there's something in the message

• The word steganography (steganography) is derived from the Greek Steganos, which means 'hidden / covert' and graphein, 'write' that roughly translates to "write (written) in disguise".

• Techniques used to hide secret messages:

Invisible-ink

-Microdots

-Arrangement of words

Digital signatures

Hidden-line

Broad-spectrum communications

The format used to hide messages are:

-Image formats: bmp, gif, PCX, jpeg, etc..

-Audio formats: wav, voc, mp3, etc..

-Other formats: text files, html, pdf, avi, etc..

• Applications can be used:

-StegoMagic  to hide messages and text files in a text file, wav, image (*. Bmp)

-MSU Stego Video  to hide the text in the video file

-To detect whether there is a message in a jpg image file can be used StegDetect

2. Cryptography

• Cryptography comes from the Greek

• Kriptoberarti "secret" (secret) and "Graphia" means "writing" (writing).

• Cryptography (cryptography): science and art to keep the message to be safe. (Cryptography is the art and science of keeping messages secure.)

• The perpetrator or practitioners of cryptography called cryptographers.

• A cryptographic algorithms (cryptographic algorithm), called a cipher, is a mathematical equation that is used for encryption and decryption.

• The process for securing a message (called plaintext) into the hidden message (called ciphertext) is encrypted (encryption).

• Ciphertext is the message that it can not be read easily. According to ISO 7498-2, "encipher".

• The process of reversing the message to change ciphertext into plaintext is called decryption (decryption). According to ISO 7498-2 "decipher".

• cryptanalysis: the art and science to help solve the ciphertext without the key.

• cryptanalyst: actors or practitioner who runs cryptanalysis.

• Cryptology is a combination of cryptography and cryptanalysis.

History of Cryptography

• complete history of cryptography can be found in David Kahn's book, "The codebreakers"

• Four groups of people who use and contribute to cryptography:

1. Military (including intelligence and spy)

2. Diplomatic Corps

3. Diarist

4. Lovers

• Cryptography is also used for religious reasons

• to maintain the religious writings of interference or political authority of the dominant culture at the time.

• Example: "666" or "the Ugly Numbers (Number of the Beast) in the New Testament.

22Steganography vs Cryptography

Steganography vs. Cryptography

• Cryptography scrambles a message so it does not understand, while steganography hides the message so it is not visible.

• Messages in the ciphertext (cryptography) dapatmenimbulkan suspicion while the message created with steganographic not.

4.Intrusion Detection Techniques

• misuse detection

-Using the known attacks (requiring an attack model)

• Sequences of system calls, patterns of network traffic, etc.

-Must know in advance what will be done and how the attacker

-It can only detect known attacks

• Anomaly detection

Using pattern-normal system to determine the rarity / abnormality that occurs

• Turn on the alarm, as something that rarely / never happened

-Potential for unknown attacks mendeksi

-Traffic / activities that are not in accordance with the policy:

• Access from / to host the forbidden

• has a forbidden content (virus)

• run the program off-limits (web directory traversal:

GET .. / ..;

cmd.exe)

Rootkit

• A rootkit is a set of software that allows you to hide the traces (processes, files, network connections) and allow someone to still be able gain access to a system (backdoor).

• Usually installed by hackers after the hackers managed to gain access to the root / administrator to the server through a vulnerability that is still owned by the server (eg, a hole in the old software or an old version of the OS kernel diupdaet yet).

• Rootkit malware is classified in this category.

• Tool rootkit detection on Linux:

-Chkrootkit

-Rkhunter

Host-based IDS

Nuke Nabber

• Nuke Nabber is designed to "catch" as well as providing information about the uninvited guests (hackeratau cracker) that goes into a computer that aims to attack, disrupt or retrieve data without permission. • IP addresshackeratau crackeryang

come automatically displayed by Nuke Nabber

Portsentry

• PortSentry is part of the Abacus Poject security system that is reliable and affordable (free) which is based on a community intrusion detection software internet

• PortSentry is a software designed to detect port scanning & meresponds be activated if there is port scanning