What is Computer Systems Security?

A chain is only as strong as its weakest link.

Lecture

What is Computer Systems Security?

Hacking Methodology

Steps:

1. Reconnaissance

2. Gaining a foothold

3. Internal reconnaissance

4. Gaining influence in the network

5. Total compromise

6. gLoAtInG

Computer Systems (In)Security

• Modern computer systems are complex. With great complexity comes great vulnerability.

• There is an attack/defense asymmetry:

  • A chain is only as strong as its weakest link.

  • To win, the defender has to block every attack.

  • To win, the attacker has to succeed just once.

• Even good defenses fail!

Ethics

• Don't do anything illegal!

  • NEVER EVER EVER EVER EVER hack into a system that you do not have explicit permission to hack.

  • Never attempt to find vulnerabilities in a system that you do not own or have permission to audit.