Domain 4 – Communication and Network Security

Slides:



Advertisements
Similar presentations
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Advertisements

Lecture slides for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 9 “Firewalls and Intrusion Prevention.
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Computer Security: Principles and Practice Chapter 9 – Firewalls and Intrusion Prevention Systems.
IUT– Network Security Course 1 Network Security Firewalls.
FIREWALLS Chapter 11.
CISCO NETWORKING ACADEMY PROGRAM (CNAP)
1 Reading Log Files. 2 Segment Format
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Firewalls and Intrusion Detection Systems
Computer Security and Penetration Testing
Security Awareness: Applying Practical Security in Your World
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Chapter 2 Networking Overview. Figure 2.1 Generic protocol layers move data between systems.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
FIREWALL Mạng máy tính nâng cao-V1.
1/28/2010 Network Plus Security Review Identify and Describe Security Risks People –Phishing –Passwords Transmissions –Man in middle –Packet sniffing.
Firewalls. Evil Hackers FirewallYour network Firewalls mitigate risk Block many threats They have vulnerabilities.
Chapter 6: Packet Filtering
Part 2  Access Control 1 CAPTCHA Part 2  Access Control 2 Turing Test Proposed by Alan Turing in 1950 Human asks questions to another human and a computer,
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
EC-Council Copyright © by EC-Council All Rights reserved. Reproduction is strictly prohibited Security News Source Courtesy:
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Verify that timestamps for debugging and logging messages has been enabled. Verify the severity level of events that are being captured. Verify that the.
Networking Basics CCNA 1 Chapter 11.
Karlstad University Firewall Ge Zhang. Karlstad University A typical network topology Threats example –Back door –Port scanning –…–…
Security fundamentals Topic 10 Securing the network perimeter.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 25 November 16, 2004.
Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:
Attacking on IPv6 W.lilakiatsakun Ref: ipv6-attack-defense-33904http://
DoS/DDoS attack and defense
ITP 457 Network Security Networking Technologies III IP, Subnets & NAT.
SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.
Presentation on ip spoofing BY
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
Security fundamentals
CompTIA Security+ Study Guide (SY0-401)
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
Introduction to Networking
CompTIA Security+ Study Guide (SY0-401)
ITIS 6167/8167: Network Security
Network Security: IP Spoofing and Firewall
Topic 5: Communication and the Internet
Intro to Denial of Serice Attacks
* Essential Network Security Book Slides.
Firewalls (March 2, 2016) © Abdou Illia – Spring 2016.
POOJA Programmer, CSE Department
Lecture 2: Overview of TCP/IP protocol
Lecture 3: Secure Network Architecture
Firewalls Chapter 8.
Session 20 INST 346 Technologies, Infrastructure and Architecture
Transport Layer 9/22/2019.
Presentation transcript:

Domain 4 – Communication and Network Security Secure network architecture design (IP and non-IP protocols, segmentation) – Firewall and DMZ questions appear on the test Secure network components Secure communication channels – Encrytion like TLS vs SSL all the way to which way to point satellite dishes Network attacks – know of ping of death, tear drop, and every other DOS attack

Secure Network Design and Components Bastion host Exposed to the internet Hardened – You expect an attack, it’s your front line Screened subnet A bastion host between an internal and an external firewall MOST SECURE Proxy Server Can be used outbound or inbound to mask a client’s identity

Secure Network Design and Components Honeypots Lure bad people into doing bad things Lets you watch or monitor them Entice: Attract by temptation Does not mean someone downloads a file Entrap: Catch someone in a trap Downloads a payroll file

Firewalls Stateless: Stateful: Stateless firewalls watch network traffic and restrict or block packets based on source and destination addresses or other static values. They are not aware of traffic patterns or data flows. A stateless firewall uses simple rule- sets that do not account for the possibility that a packet might be received by the firewall “pretending” to be something you asked for. Typically faster and perform better under heavy loads. Stateful: Stateful firewalls can watch traffic streams from end to end. They are aware of the communication paths and can implement various IP security (IPSec) functions such as tunnels and encryption. In technical terms, this means that stateful firewalls can tell what stage a TCP connection is in (Open, Open sent, synchronized, synchronization acknowledge or established), it can tell if the MTU has changed, whether packets have fragmented, etc. Better at identifying unauthorized and forged communications.

Firewalls Stateless: Stateful: Stateless firewalls watch network traffic and restrict or block packets based on source and destination addresses or other static values. They are not aware of traffic patterns or data flows. A stateless firewall uses simple rule- sets that do not account for the possibility that a packet might be received by the firewall “pretending” to be something you asked for. Typically faster and perform better under heavy loads. Stateful: Stateful firewalls can watch traffic streams from end to end. They are aware of the communication paths and can implement various IP security (IPSec) functions such as tunnels and encryption. In technical terms, this means that stateful firewalls can tell what stage a TCP connection is in (Open, Open sent, synchronized, synchronization acknowledge or established), it can tell if the MTU has changed, whether packets have fragmented, etc. Better at identifying unauthorized and forged communications.

IDS/IPS Intrusion Detection Intrusion Prevention A device or application that analyzes whole packets looking for known events. A log is generated detailing these events. Intrusion Prevention A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected the packet is rejected (inline mode only).

Secure Communication channels TLS/SSL – TLS is newer Resource for satellite dish technology: http://resources.infosecinstitute.com/hacking-satellite-look-up-to- the-sky/

Satellite Principle Threats Tracking – Tracking over web data and software Listening – Listening with the right equipment, frequencies, and locations. Interacting – Protocols and authentication used, radio transmissions need official license. Using – Take over a bird or a TT&C [Use payloads, make pictures, transmit something] Scanning/Attacking – Anonymous proof of concept in 2010, scanning, DOS, spoofing possible Breaking – Old technologies used (x.25, GRE) Jamming- jamming well known frequencies for satellites Mispositioning/Control – transponder spoofing, direct commanding, command reply, insertion after confirmation but prior to execution Grilling – activating all solar panels when exposed to sun, overcharging energy system Collision

Network Attacks SYN Flood Fraggle Attack Land Attack Teardrop attack A SYN flood is a form of DOS attack in which an attacker sends a succession of SYN requests to a target’s system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic. Fraggle Attack A fraggle attack is a DOS attack that involves sending large amount of spoofed UDP traffic to a router’s broadcast address within a network. It is very similar to a smurf attack, which uses spoofed ICMP traffic rather than UDP traffic to achieve the same goal. Land Attack A land attack is a layer 4 DOS attack in which the attacker sets the source and destination of a TCP segment to be the same. A vulnerable machine will crash or freeze due to the packet being repeatedly processed by the TCP stack. Teardrop attack A teardrop attack is a DOS attack that involves sending fragmented packets to a target machine. Since the machine receiving such packets cannot reassemble them due to a bug in the TCP/IP fragmentation reassembly, the packets overlap one another, crashing the target network device.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.