(see also Q1 and Q2 Topics)

Slides:



Advertisements
Similar presentations
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Advertisements

FIREWALLS Chapter 11.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Web Server Administration TEC 236 Securing the Web Environment.
Firewalls and Intrusion Detection Systems
Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.
Henric Johnson1 Intruders and Viruses Henric Johnson Blekinge Institute of Technology, Sweden
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.
After this session, you should be able to:
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
1 Computer Viruses (and other “Malicious Programs) Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
CSCE 815 Network Security Lecture 20 Intruders / Intrusion Detection April 3, 2003.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Chapter 20 Firewalls.
FIREWALL Mạng máy tính nâng cao-V1.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
1/28/2010 Network Plus Security Review Identify and Describe Security Risks People –Phishing –Passwords Transmissions –Man in middle –Packet sniffing.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Chapter 6: Packet Filtering
ECE6612 Quiz 2 -> Exam Topics (see also Q1 and Q2 Topics) Spring 2015.
Firewalls A note on the use of these ppt slides:
COEN 252 Computer Forensics Collecting Network-based Evidence.
1 Chapter 20: Firewalls Fourth Edition by William Stallings Lecture slides by Lawrie Brown(modified by Prof. M. Singhal, U of Kentucky)
Fundamentals of The Internet Learning outcomes After this session, you should be able to: Identify the threat of intruders in systems and networks and.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.
Course code: ABI 204 Introduction to E-Commerce Chapter 5: Security Threats to Electronic Commerce AMA University 1.
ECE-8843 Fall Prof. John A. Copeland fax Office:
Linux Networking and Security
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Quiz-2 Review ECE Prof. John A. Copeland fax Office:
Security fundamentals Topic 10 Securing the network perimeter.
Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:
I NTRUSION P REVENTION S YSTEM (IPS). O UTLINE Introduction Objectives IPS’s Detection methods Classifications IPS vs. IDS IPS vs. Firewall.
Quiz 2 -> Exam Topics Fall Chapter 10a - Firewalls Simple Firewall - drops packets based on IP, port Stateful - Keeps track of connections, set.
Intro to Network Security. Vocabulary Vulnerability Weakness that can be compromised Threat A method to exploit a vulnerability Attack Use of one or more.
Lab #2 NET332 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
1 Network Security. 2 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Security fundamentals
Chapter 40 Internet Security.
Lab #2 NET332 By Asma AlOsaimi.
or call for office visit, or call
ECE Spring also see Prof. John A. Copeland fax Office: Klaus 3362
Operating Systems Services provided on internet
Working at a Small-to-Medium Business or ISP – Chapter 8
or call for office visit,
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
(see also Quiz 1 and Quiz 2 Topics)
IS3440 Linux Security Unit 6 Using Layered Security for Access Control
Chap 10 Malicious Software.
POOJA Programmer, CSE Department
دیواره ی آتش.
Chap 10 Malicious Software.
Session 20 INST 346 Technologies, Infrastructure and Architecture
Chapter 9 Intruders and Viruses.
Presentation transcript:

(see also Q1 and Q2 Topics) ECE6612 Quiz 2 -> Exam Topics (see also Q1 and Q2 Topics) Fall 2006

Chapter 9 - Viruses, Worms Prevention, Detection, Phases (Dor.,Prop,Trig.,Exec.), Types, How fast can they spread. Virus - code that copies itself into other programs. A Bacteria replicates until it fills all disk space, or CPU cycles. Payload - harmful things the malicious program does, after it has had time to spread. Worm - a program that replicates itself across the network (usually riding on email messages or attached documents (e.g., macro viruses). Email “viruses” are technically “worms”. Trojan Horse - instructions in an otherwise good program that cause bad things to happen (sending your data or password to an attacker over the net). Logic Bomb - malicious code that activates on an event (e.g., date). Trap Door (or Back Door) - undocumented entry point written into code for debugging that can allow unwanted users. Vulnerability - a program defect that permits Intrusions. Easter Egg - extraneous code that does something “cool.” A way for programmers to show that they control the product. 2

Simple Firewall - drops packets based on IP, port Chapter 10a - Firewalls Simple Firewall - drops packets based on IP, port Stateful - Keeps track of connections, set up inside or outside. NAT - Network Address Translation, Private Address ranges (10. ) Proxy Server - checks application header and data. Attacks - how does Firewall protect against scanning, bad-fragments, bad TCP flags, Smuft attack, ... Host-based Firewalls - xinetd (/etc/hosts.allow), iptables, Zone Alarm, Black Ice (now ISS Desktop Proventia) 3

Chapter 10b - Trusted Systems Subject, Object, Access Rights (permissions) Policy - Access matrix or ACL (access control list) Basic Security Rules: No read up (simple security property) No write down (do not widen accessibility) Need to Know. Reference Monitor, audit file, security kernel database. Requirements to be a “Trusted System”: Complete Mediation, Isolation, Verifiability “Common Criteria” Security Specifications - multinational trust ratings 4

Use of bad fragments to crash Operating System (OS). Chapter 11 - TCP/IP Use of bad fragments to crash Operating System (OS). Use of ICMP packets (ping, “unreachable”, “time-out”) Smuft attack (packet multiplication, use of broadcast address). “Spoofed” addresses. TCP Flags - bad combinations to map OS, cause crashes. TCP - Highjacked connection. 5

Chapter 12 - Traffic Visualization Not covered. 6

Chapter 13 - NetSec Utilities What do they do? Tripwire Saint and Satan Nessus Ethereal and “tcpdump” Security Organizations: US-CERT (U.S. Computer Emergency Response Team) SANS NIPC (FBI - Nat. Infrastructure Protection Center) What to do if a host is compromised. Evidence - chain of custody 7

Slide Set 14 - Wireless Security WEP is weak security, but far better than nothing. WPA is better, but needs long passphases (22 characters) Use longest key-length possible. Enable use of “allowed list” of MAC addresses. Use higher-layer security - IPsec or SSL. Use a firewall and IDS to isolate wireless access points (WAP’s) just like you do for the Internet. Search for “Rogue” WAP’s. 8

Hidden Files (on UNIX, name starts with “.”) Slide set 15 - Hidden Data Hidden Files (on UNIX, name starts with “.”) Startup scripts (great place to hide a Trojan Horse) Covert channels (hide in “Ping” packets, SSH, port 80, FTP) Steganography (hiding data in an image file) Watch for new processes ( use 'ps aux')., new files (particularly “suid” files), open Internet TCP and UDP ports ('netstat -lp' or 'sockstat -4') 9

(The 1st rule is "No security without physical security.") Slide Set 16 - Safe Computing Buffer Overflow(what is it, what does it do) How to code to prevent possibility of a “Buffer Overflow” Eliminate unneeded daemons, “suid programs,” open ports, and user accounts (to "harden" the computer). Enforce long, mixed-character passwords. Explain “Once root, always root” (Copeland's 2nd rule*) (The 1st rule is "No security without physical security.") (The 3rd rule is "Layers of protection and detection are needed ... .") Good Luck! and Best Wishes for 2007 10

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.