Computer Hacking and Intrusion Detection

Presentation slides ( PPT|PDF)

Hacking Patterns

• Stealth Scans
• AMD Hacking
• BIND 8.2 NXT bug hacking
• POP AUTH overflow hacking
• WU-ftp SITE EXEC hacking
• Code Red attack
• Nimda attack
• Man-in-the-Middle Attack
• TFN backdoor
• ICMP Flood DDos attack

Sample Log files

• httpd log showing Nimda attack
• Router log showing RPC scanning
• Viruswall log showing Nimda and Sircan attack
• Router netflow log showing Nimda spreading
• Firewall log
• ARP watch log showing hosts changing MAC addres
• Last acces log showing user login
• System mesages log showing POP Auth,FTP SITE EXEC and AMD attack

• Modem Pool log
• viruswall log

Network Monitoring

• Switch traffic monitoring
• Upstream router traffic monitoring

IDS

• IE and ERG SNORT NIDS
• IE and ERG SNORT NIDS log arachive

• Demo IDS

IE Network Management and System Administration Page