Information and Security

Security DemoPort ScannerPort ScanningUnzip WinStrobe.zipCopy ports.ini to c:\windowsRun WinstrobeFile / Start / Server-1Run against your PCFile / Start / 127.0.0.1Analyzing The ResultsWhat ports were open?What services are running?Do you need those services?How can a hacker use this information?Did MBSA give us this infomation?Probing PortsOpen a command tooltelnet host portTo turn on local echoCTRL+]set localechoTelnet to ports 21, 23, 25, 110What can you find out about theseports?Case StudyCost of SecurityCase StudyStolen Computers Contain Wells FargoCustomer Data (5 November 2004)Four computers stolen from RegulusIntegrated Solutions LLS's Atlanta officecontain names, addresses, social securityand account numbers belonging tothousands of Wells Fargo student loan andmortgage customers. Wells Fargo hasnotified affected customers by mail and isoffering a free year of its credit monitoringservice.Some NumbersIf 5,000 accounts were compromised and500 of those offered took Wells Fargo up onthe free credit reporting for a year.Let's also assume there were 10 PCs (vs.just the 4 that were stolen) in the office.The cost of this incident is at least $125,000.The cost of having encryption software onthose 10 PCs would be well under $10,000.Security+Domain 2: WirelessConceptsWireless Application ProtocolWireless Local Area NetworksWired Equivalent PrivacyWireless Zero Configuration