1 OS Security. 2 Introduction Network/OS security represents a hot topic in the IT world. Security: warranty/steps that must be taken to protect a computer.

Slides:

Advertisements

Similar presentations

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Advertisements

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Firewall Configuration Strategies

Chapter 12 Network Security.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

1 Pertemuan 05 Firewall Matakuliah: H0451/Praktikum Jaringan Komputer Tahun: 2006 Versi: 1/0.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Department Of Computer Engineering

Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

Firewall Slides by John Rouda

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Intranet, Extranet, Firewall. Intranet and Extranet.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Using Windows Firewall and Windows Defender

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

BUSINESS B1 Information Security.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.

Windows 7 Firewall.

Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.

Firewall Technologies Prepared by: Dalia Al Dabbagh Manar Abd Al- Rhman University of Palestine

Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

Chapter 01: Introduction to Network Security. Network  A Network is the inter-connection of communications media, connectivity equipment, and electronic.

CS460 Final Project Service Provider Scenario David Bergman Dong Jin Richard Bae Scott Greene Suraj Nellikar Wee Hong Yeo Virtual Customer: Mark Scifres.

Intro to Firewalls. A firewall is hardware, software, or a combination of both that is used to prevent unauthorized programs or Internet users from accessing.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Security fundamentals Topic 10 Securing the network perimeter.

A Network Security -Firewall Bruce Turin.

Network Security Terms. Perimeter is the fortified boundary of the network that might include the following aspects: 1.Border routers 2.Firewalls 3.IDSs.

CPT 123 Internet Skills Class Notes Internet Security Session B.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

IS3220 Information Technology Infrastructure Security

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Security fundamentals

Top 5 Open Source Firewall Software for Linux User

Working at a Small-to-Medium Business or ISP – Chapter 8

Instructor Materials Chapter 7 Network Security

Click to edit Master subtitle style

INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.

Introduction to Networking

Security in Networking

Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek

Firewalls Routers, Switches, Hubs VPNs

Firewalls Jiang Long Spring 2002.

Chapter # 3 COMPUTER AND INTERNET CRIME

G061 - Network Security.

Presentation transcript:

1 OS Security

2 Introduction Network/OS security represents a hot topic in the IT world. Security: warranty/steps that must be taken to protect a computer and the information stored on it The need is for a balance between accessibility and security The users prefer the first notion, administrators the second one!

3 Introduction The security level depends on multiple factors: The business type of the company - Governmental, juridical institutions, etc. - Educational institutions (the students information is stored – marks, etc.) - Hospitals, other medical institutions - Companies in the military domain/ other institutions involved in state’s security - Diverse companies/organizations which are gathering data under the confidentiality warranty, etc. Types of data stored in the network/in the company’s computers - Records about payment/personal information of the clients/customers - Information about accountancy, taxes, etc. - Commercial secrets (plans, drawings, sketches, recipes, business strategies, etc.) Company’s management philosophy - The company is considered as a big, happy, family... - Information accessible only when is needed, only for the ones interested

4 Attacks’ characteristic evolution

5 Evolution of the attacker tools in the last years

6 Usernames and passwords Normally, the system administrator will define a convention to establish usernames in a network (to access the OS). Password rules are important, the control level will be accordingly with the necessary protection level. A good security policy will contain the following: - Passwords must expire after a specified time period. - Passwords must contain letters, digits and special characters in order to not be easily broken. - The standard rule for passwords says that users must not write down the passwords on paper (or other support) and leave it with no supervision, or make it public. - There must be defined rules concerning password expiry and account blocking (in the moment when an unsuccessful connection attempt was made).

7 Other standard security measures Protection against viruses Protection against spam (example -

8 Evolution of Security Threats “Necessity is the mother of invention.” As network security became an integral part of everyday operations, devices dedicated to particular network security functions emerged. One of the first network security tools was the intrusion detection system (IDS), first developed by SRI International in An IDS provides real-time detection of certain types of attacks while they are in progress. This detection allows network security professionals to more quickly mitigate the negative impact of these attacks on network devices and users. In the late 1990s, the intrusion prevention system (IPS) began to replace the IDS solution. IPS devices enable the detection of malicious activity and have the ability to automatically block the attack in real-time.

9 Evolution of Security Threats In addition to IDS and IPS solutions, firewalls were developed to prevent undesirable traffic from entering prescribed areas within a network, thereby providing perimeter security. In 1988, Digital Equipment Corporation (DEC) created the first network firewall in the form of a packet filter. These early firewalls inspected packets to see if they matched sets of predefined rules, with the option of forwarding or dropping the packets accordingly. Packet filtering firewalls inspect each packet in isolation without examining whether a packet is part of an existing connection. In 1989, AT&T Bell Laboratories developed the first stateful firewall. Like packet filtering firewalls, stateful firewalls use predefined rules for permitting or denying traffic. Unlike packet filtering firewalls, stateful firewalls keep track of established connections and determine if a packet belongs to an existing flow of data, providing greater security and more rapid processing.

10 Virtual Private Network (VPN) Link encryption can be used in the sense that users have the “illusion” they are in a private network even when they actually use a public network. This approach is called virtual private network - VPN. A firewall represents a device (hardware or software) for access control between two networks or network segments. The firewall is filtering all the traffic between the internal network (more protected) and the external network which is less protected. The data transmission mode in a VPN is called encrypted communication channel or, for short, tunnel.

11 VPN Basic architecture

12 Windows 10 firewall

13 Linux firewalls There are several firewalls we may install on Linux. The most well-known firewall is IPtables. Several characteristics are implemented. Some of the features of IPtables: It lists the contents of the packet filter ruleset. It’s lightning fast because it inspects only the packet headers. You can Add/Remove/Modify rules according to your needs in the packet filter rulesets. Supports Backup and restoration with files. IPcop is another Linux firewall, for home and SOHO users. More details at:

14 Conclusions The OS security represents an important part of the network security. When we must implement the OS security we must take into consideration the following: Defining an acceptable security policy for the company’s network; here is defined what is permitted and what is not permitted in the company’s network. The security policies regarding passwords must be enforced and respected, including an expiration date, blocking rules and using a combination of letters, digits and special characters, imposing a minimum length for these. The security threats form the Internet are including hackers, crackers, viruses and worms. Although a hacker can produce damage, by definition a cracker is the one who enters a system to produce a damage or to steal information. A virus or a worm can also create substantial damages. A worm is not attaching to files but remains active in memory auto-replicating. Good security policies help minimizing threats. The employees and trust users have access to critical information about the network (including passwords) and can facilitate commercial espionage.

15 Conclusions (2) System administrators must protect the computers against data theft and destruction and “denial of service” attacks. Moreover, the “Distributed Denial of Service (DDoS)” attacks, originating from multiple sources, can be extremely difficult to counter attack. In order to keep the OS updated, the security patches and upgrades must be installed permanently as soon as they are available. An Internet firewall represents a good protection against the exterior attacks. Other important security instruments are the VPNs, IPSs (IPS - Intrusion Prevention System) that can be used in combination with a firewall solution.