REPORT

KNOWING ME, KNOWING YOU

Onwutalobi Ogonna Barbara 0907IT00988 COMPUTER ENGINEERING TECHNOLOGY 400 Level

Lecturer: Mr Rodrigue Alahassa Course: Computer Network and Security Deadline: 28th February 2014

ABSTRACT
The aim of the report is to harness the natural ability of people to recognise their family and friends so as to eliminate identity fraud. It uses digital media, smartphones or webcams, and carefully choreographed social collaboration. The promise is not only that identity fraud be systemically eliminated, the rigmarole of "proving who you are" through documents, devices, PINs, passwords and pet names also becomes redundant, thereby neutralising the value of such items to fraudsters and making life easier and safer for the honest majority.

TABLE OF CONTENTS
1. Introduction 2. Knowing Me 3. Knowing You (Enemy) 4. Weaknesses needed against cyber criminals 5. What companies need to know about data protection 6. Conclusion 7. References 1 2 3 4 5 7 7

1. INTRODUCTION
Knowing me, knowing you is all about understanding the security threats and organisations risk profile and understanding this, theres need to know your enemy and also need to know yourself. So, how much do we know about our adversary and how also, how much much do we know about our organisation. This focuses on how you can detect these threats, identify what tools they are using and what vulnerabilities they are looking for, focuses on what happens once they gain root. Specifically, how they cover their tracks and what they do next. It covers how you can analyse such an attack, uncovers the motives and psychology of some members of the black-hat community by capturing their communications amongst each other.

2. KNOWING ME
Knowing me is about securing your network; an unprotected network could allow malicious hackers -- known as crackers -- access to your data. It might even allow someone to take control of your computers and use them to commit crimes like a distributed denial of service attack (DDoS). Even if no one snoops on your information or controls your computer, someone might use your network to access the Internet. As more ISPs begin to place caps on how much data you can download, it becomes even more important to control your network. You don't want to get slapped with a huge bill for Internet services you didn't even use. With the right tools and knowledge, you can minimize your chances of having your security compromised by malicious hackers or computer viruses. Such as; Protecting our system from viruses. Setting up a simple back up system. Keeping personal information safe and secure (e.g. having strong passwords, avoiding public Wi-Fi etc.)

For organizations, it about know your network before an intruder does." But knowing your network is a difficult proposition. Most network owners wish they could buy a magic box to identify and protect all their information assets. This approach has never worked and will never work because the modern enterprise is too complicated for any machine to make these decisions. Since products can't do the job, many organizations assign tasks to individuals and expect them to maintain inventories of networks, hosts and information. But manually maintained inventories are prone to error and omission. They consider the following ways to identify live hosts:

Conduct network-based scans that send ICMP, UDP or TCP traffic to various subnets. Advantages of this approach include simple operation, but the disadvantages can be numerous. More systems these days run host-based firewalls that might block network scans; the network owner must know where to look; hosts might be down at the time of the scan; scans might crash the target and so on. Despite these challenges, broad network scanning should still be an important component of network discovery programs. Conduct passive assessments that listen for any traffic traversing a monitored transit point. The advantage of this network security monitoring approach is that it doesn't affect the observed hosts. The passive approach can also build a profile of observed traffic, and its continuous nature means any traffic whatsoever from the target can populate an asset database. Disadvantages include monitoring a multitude of transit points and possibly obscuring source addresses due to network address translation. 2

3. KNOWING YOU (ENEMY)

This is more about the threat; it is this random selection of targets that make the script kiddie such a dangerous threat. Sooner or later your systems and networks will be probed, you cannot hide from them. I know of admins who were amazed to have their systems scanned when they had been up for only two days, and no one knew about them. There is nothing amazing here. Most likely, their systems were scanned by a script kiddie who happened to be sweeping that network block. If this was limited to several individual scans, statistics would be in your favor. With millions of systems on the Internet, odds are that no one would find you. However, this is not the case. Most of these tools are easy to use and widely distributed, anyone can use them. A rapidly growing number of people are obtaining these tools at an alarming rate. As the Internet knows no geographic bounds, this threat has quickly spread throughout the world. Suddenly, the law of numbers is turning against us. With so many users on the Internet using these tools, it is no longer a question of if, but when you will be probed. This is an excellent example of why security through obscurity can fail you. You may believe that if no one knows about your systems, you are secure. Others believe that their systems are of no value, so why would anyone probe them? It is these very systems that the script kiddies are searching for, the unprotected system that is easy to exploit, the easy kill. The tools used are extremely simple in use. Most are limited to a single purpose with few options. First come the tools used to build an IP database. These tools are truly random, as they indiscriminately scan the Internet. For example, one tool has a single option, A, B, or C. The letter you select determines the size of the network to be scanned. The tool then randomly selects which IP network to scan. Another tool uses a domain name (zone is an excellent example of this). The tool builds an IP database by conducting zone transfers of the domain name and all sub-domains. Users have built databases with over 2 million IPs by scanning the entire .com or .edu domain. Once discovered, the IPs is then scanned by tools to determine vulnerabilities, such as the version of named, operating system, or services running on the system. Once the vulnerable systems have been identified, the black-hat strikes

4. WEAKNESSES NEEDED AGAINST CYBER CRIMINALS

1) Their biggest threat is you as odd as that may seem, lets revisit the crossing the road scenario. If you have cars speeding towards you whilst making that dash across the highway, then obviously, speeding cars and their drivers are your greatest threat, but have you considered that you crossing he road is a threat to drivers? What if they do hit you? That could mean damage to their vehicle, possibility of death if collision with you, or to avoid you, results in a multi vehicle pile-up, shock, being late for an appointment, impact on insurance, and many other inconveniences. You are as much a threat to drivers, as drivers are to you when crossing a road. Similarly, cyber criminals see you as a threat because they do not know for certain if you are watching them. You may have watched their every move for 4 months when you decide to pull the plug for them, thats a loss of 4 months of time down the drain; for you thats a victory. 2) There is very little love in the underground though the cyber underground may be thriving and involve black markets for selling of stolen data and exploitation tools, there is very little trust among cyber criminals. As a result a number of them may be going after the same target. A year of work exercised by one cyber-criminal outfit may be thwarted when a less experienced and less stealthy outfit marches in with guns blazing at the last minute, being noticed and causing security measures to be stepped up. 3) Cyber criminals are generally lazy they may be very well organized, very well-funded and have brilliant minds, but just like typical organizations, they do not reinvent the wheel this means that a lot of the tools that are bought and sold, swapped or bartered in the cyber underground are based on the same fundamental code and will likely show similarities to known threats. This should make it simpler to detect many new threats.

5. WHAT COMPANIES NEED TO KNOW ABOUT DATA PROTECTION

personal data is any personal data relating to a living individual. Failure to comply with the DPA can lead to complaints, investigations, prosecution and adverse publicity. It can also lead to orders directing the destruction of valuable databases and the loss of contracts with large customers. Data Controllers Under the DPA (Data Protection Acts), any business which processes personal data may be considered a data controller if it controls the content and use of personal data. This means a business is likely to be a data controller where its website users can create personal accounts and profiles, buy goods online, subscribe for newsletters and provide contact details. Registration In most cases, businesses will not need to register as a data controller or a data processor with the Data Protection Commissioner (DPC). However, this should be checked on an individual basis, as it is a criminal offence to process personal data without registering with the DPC, when required by law to do so. Processing Data Fairly In broad terms, a data controller is obliged to obtain personal data fairly. This means the reason for collecting the data and the purpose for which it will be used must be clearly explained to individuals whose data is being collected. The data collected should not be excessive and should be used only for the purpose(s) for which consent was obtained. Also, there must be appropriate security measures in place to protect personal data from unauthorized access, disclosure, destruction or accidental loss or destruction. Personal data should be stored for as long as is necessary only. It cannot be retained merely because it might prove useful at a later date. Data controllers that do not have a reason for keeping the data, which falls within the purposes originally disclosed, should delete it. Transfers Abroad The general rule is that if you are transferring personal data abroad you must either ensure it is to an approved list country or introduce, normally in a contract, an appropriate level of protection. A transfer abroad takes place where the personal data is simply collected and held on a server, or is sent to a third party, outside of the European Economic Area (EEA).

Websites, Apps and Cookies Businesses should check whether their use of website cookies is in compliance with the EC (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011. These Regulations require websites to go further than the previous practice of providing a brief description of what cookies are and how to disable them. Direct Marketing Strict rules apply to the use of personal data for direct marketing via email and phone. Prior consent from individuals is generally necessary to use their personal data for direct marketing purposes. Failure to comply with the rules can lead to hefty financial penalties ranging between 5,000 and 250,000 for each direct marketing message. Data Breaches Generally, all incidents of loss of control of personal data by a data controller must be reported to the DPC within two days unless certain criteria apply. This is the case except when the data can be considered inaccessible due to proper encryption, remote memory wipe or password security. Companies need to have a plan in place to deal with security breaches. The secret to avoiding data protection issues is planning. Businesses should ensure at the design and roll-out stage that their product complies with privacy laws.

6. CONCLUSION
Knowing me knowing you poses a threat to all systems. They show no bias and scan all systems, regardless of location and value. Sooner or later, your system will be probed. By understanding their motives and methods, you can better protect your systems against this threat.

7. REFERENCES http://old.honeynet.org/papers/enemy/ http://informationsecuritybuzz.com/knowing-knowing/ http://electronics.howstuffworks.com/how-to-tech/how-to-secure-home-network.html/ http://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/