Network Security 1. Overview What is security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures Firewalls & Intrusion.

Slides:



Advertisements
Similar presentations
Module X Session Hijacking
Advertisements

CISCO NETWORKING ACADEMY PROGRAM (CNAP)
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Firewalls and Intrusion Detection Systems
IP Spoofing, CS2651 IP Spoofing Bao Ho ToanTai Vu CS Security Engineering Spring 2003 San Jose State University.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World
8-1 Internet security threats Mapping: m before attacking: gather information – find out what services are implemented on network  Use ping to determine.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Lab #2 CT1406 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,
IIT Indore © Neminath Hubballi
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
1 Semester 2 Module 10 Intermediate TCP/IP Yuda college of business James Chen
1 Defining Network Security Security is prevention of unwanted information transfer What are the components? –...Physical Security –…Operational Security.
Network security Further protocols and issues. Protocols: recap There are a few main protocols that govern the internet: – Internet Protocol: IP – Transmission.
1 Network Security 2 nd Lec. BSIT 4C - Finals. The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness.
Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Secure Wired Local Area Network( LAN ) By Sentuya Francis Derrick ID Module code:CT3P50N BSc Computer Networking London Metropolitan University.
Chapter 7 Denial-of-Service Attacks Denial-of-Service (DoS) Attack The NIST Computer Security Incident Handling Guide defines a DoS attack as: “An action.
Network Security Part III: Security Appliances Firewalls.
TCP Security Vulnerabilities Phil Cayton CSE
Network Security 1. Overview What is security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures Firewalls & Intrusion.
Understand Internet Security LESSON Security Fundamentals.
1/23/2016 Network Security By S K Satapathy clicktechsolution.com.
Network Security Threats KAMI VANIEA 18 JANUARY KAMI VANIEA 1.
Networks Fall Network Security Networks Fall A Brief History of the World.
Lecture 17 Page 1 Advanced Network Security Network Denial of Service Attacks Advanced Network Security Peter Reiher August, 2014.
Lab #2 NET332 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,
DOS Attacks Lyle YapDiangco COEN 150 5/21/04. Background DOS attacks have been around for decades Usually intentional and malicious Can cost a target.
1 Network Security TTC MOBILE Overview What is security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Network Security SUBMITTED BY:- HARENDRA KUMAR IT-3 RD YR. 1.
By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.
Comparison of Network Attacks COSC 356 Kyler Rhoades.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Chapter 40 Internet Security.
Lab #2 NET332 By Asma AlOsaimi.
An Introduction To ARP Spoofing & Other Attacks
Network Security Networks Fall 2002.
Network Security Justin Weisz Networks Fall 2002.
Domain 4 – Communication and Network Security
Outline Basics of network security Definitions Sample attacks
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
Introduction to Networking
Security in Networking
Firewalls Purpose of a Firewall Characteristic of a firewall
Outline Basics of network security Definitions Sample attacks
Justin Weisz Network Security Justin Weisz Networks Fall 2002.
Network Security Networks Fall 2002.
Security.
Justin Weisz Network Security Justin Weisz Networks Fall 2002.
Justin Weisz Network Security Justin Weisz Networks Fall 2002.
Justin Weisz Network Security Justin Weisz Networks Fall 2002.
Outline Basics of network security Definitions Sample attacks
Presentation transcript:

Network Security 1

Overview What is security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures Firewalls & Intrusion Detection Systems Denial of Service Attacks TCP Attacks Packet Sniffing Social Problems 2

What is “Security” Dictionary.com says: Freedom from risk or danger; safety. Something that gives or assures safety, as: 1. A group or department of private guards: Call building security if a visitor acts suspicious. …etc. 3

Why do we need security? Protect vital information while still allowing access to those who need it Trade secrets, medical records, etc. Provide authentication and access control for resources Ex: AFS Guarantee availability of resources Ex: 5 9’s (99.999% reliability) 4

Who is vulnerable? Financial institutions and banks Internet service providers Pharmaceutical companies Government and defense agencies Contractors to various government agencies Multinational corporations ANYONE ON THE NETWORK 5

Common security attacks and their countermeasures Finding a way into the network Firewalls Exploiting software bugs, buffer overflows Intrusion Detection Systems Denial of Service Ingress filtering, IDS TCP hijacking IPSec Packet sniffing Encryption (SSH, SSL, HTTPS) Social problems Education 6

Firewalls Basic problem: many network applications and protocols have security problems that are fixed over time Difficult for users to keep up with changes and keep host secure Solution Administrators limit access to end hosts by using a firewall Firewall is kept up-to-date by administrators A firewall is like a castle with a drawbridge Only one point of access into the network This can be good or bad Can be hardware or software Ex. Some routers come with firewall functionality ipfw, ipchains, pf on Unix systems, Windows XP and Mac OS X have built in firewalls 7

Firewalls 8 Intranet DMZ Internet Firewall Web server, server, web proxy, etc

Firewalls Used to filter packets based on a combination of features These are called packet filtering firewalls There are other types too, but they will not be discussed 9

Intrusion Detection Used to monitor for “suspicious activity” on a network Can protect against known software exploits, like buffer overflows Example: Open Source IDS: Snort, However, IDS is only useful if contingency plans are in place to curb attacks as they are occurring 10

Dictionary Attack We can run a dictionary attack on the passwords The passwords in /etc/passwd are encrypted with the crypt(3) function (one-way hash) Can take a dictionary of words, crypt() them all, and compare with the hashed passwords This is why your passwords should be meaningless random junk! For example, “sdfo839f” is a good password That is not my andrew password 11

Denial of Service Purpose: Make a network service unusable, usually by overloading the server or network Many different kinds of DoS attacks SYN flooding SMURF Distributed attacks 12

Denial of Service SYN flooding attack Send SYN packets with bogus source address.. Why? Server responds with SYN ACK and keeps state about TCP half-open connection Eventually, server memory is exhausted with this state Solution: use “SYN cookies” In response to a SYN, create a special “cookie” for the connection, and forget everything else Then, can recreate the forgotten information when the ACK comes in from a legitimate connection SMURF Source IP address of a broadcast ping is forged Large number of machines respond back to victim, overloading it 13

Denial of Service 14

Denial of Service How can we protect ourselves? Ingress filtering If the source IP of a packet comes in on an interface which does not have a route to that packet, then drop it 15

TCP Attacks Recall how IP works… End hosts create IP packets and routers process them purely based on destination address alone Problem: End hosts may lie about other fields which do not affect delivery Source address – host may trick destination into believing that the packet is from a trusted source Especially applications which use IP addresses as a simple authentication method Solution – use better authentication methods 16

TCP Attacks TCP connections have associated state Starting sequence numbers, port numbers Problem – what if an attacker learns these values? Port numbers are sometimes well known to begin with (ex. HTTP uses port 80) Sequence numbers are sometimes chosen in very predictable ways 17

TCP Attacks If an attacker learns the associated TCP state for the connection, then the connection can be hijacked! Attacker can insert malicious data into the TCP stream, and the recipient will believe it came from the original source Ex. Instead of downloading and running new program, you download a virus and execute it 18

TCP Attacks Say hello to Alice, Bob and Mr. Big Ears 19

TCP Attacks Alice and Bob have an established TCP connection 20

TCP Attacks Mr. Big Ears lies on the path between Alice and Bob on the network He can intercept all of their packets 21

TCP Attacks First, Mr. Big Ears must drop all of Alice’s packets since they must not be delivered to Bob (why?) 22 Packets The Void

TCP Attacks Then, Mr. Big Ears sends his malicious packet with the next ISN (sniffed from the network) 23 ISN, SRC=Alice

TCP Attacks How do we prevent this? IPSec Provides source authentication, so Mr. Big Ears cannot pretend to be Alice Encrypts data before transport, so Mr. Big Ears cannot talk to Bob without knowing what the session key is 24

Packet Sniffing Recall how Ethernet works … When someone wants to send a packet to some else … They put the bits on the wire with the destination MAC address … And remember that other hosts are listening on the wire to detect for collisions … It couldn’t get any easier to figure out what data is being transmitted over the network! This works for wireless too! In fact, it works for any broadcast-based medium What kinds of data can we get? Answer: Anything in plain text Passwords are the most popular 25

Social Problems People can be just as dangerous as unprotected computer systems People can be lied to, manipulated, bribed, threatened, harmed, tortured, etc. to give up valuable information Most humans will breakdown once they are at the “harmed” stage, unless they have been specially trained Think government here… 26

Social Problems There aren’t always solutions to all of these problems Humans will continue to be tricked into giving out information they shouldn’t Educating them may help a little here, but, depending on how bad you want the information, there are a lot of bad things you can do to get it 27

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.