Definition : Computer Virus A computer program with the characteristic feature of being able to generate copies of itself, and thereby spread. Additionally.

Slides:



Advertisements
Similar presentations
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Advertisements

FIREWALLS Chapter 11.
HTTP Cookies. CPSC Application Layer 2 User-server state: cookies Many major Web sites use cookies Four components: 1) cookie header line of HTTP.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Winter CMPE 155 Week 7. Winter Assignment 6: Firewalls What is a firewall? –Security at the network level. Wide-area network access makes.
Firewall Lalitha Jammalamadaka. Agenda 1. Introduction 2.Types of firewalls 3.How a software firewall works 4.Methods to control traffic 5.Making the.
Firewalls and Intrusion Detection Systems
HyperText Transfer Protocol (HTTP)
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP  FTP  SMTP / POP3 / IMAP  Focus on client-server.
Security (Part 2) School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 13, Thursday 4/5/2007)
Chapter 2: Application Layer
HyperText Transfer Protocol (HTTP) Computer Networks Computer Networks Spring 2012 Spring 2012.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP  FTP  SMTP / POP3 / IMAP  Focus on client-server.
2/9/2004 Web and HTTP February 9, /9/2004 Assignments Due – Reading and Warmup Work on Message of the Day.
Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Internet Basics.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Network Security (Firewall) Instructor: Professor Morteza Anvari Student: Xiuxian Chen ID: Term: Spring 2001.
A Brief Taxonomy of Firewalls
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Intranet, Extranet, Firewall. Intranet and Extranet.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Being an Intermediary for Another Attack Prepared By : Muhammad Majali Supervised By : Dr. Lo’ai Tawalbeh New York Institute of Technology (winter 2007)
Chapter 6: Packet Filtering
2: Application Layer1 CS 4244: Internet Software Development Dr. Eli Tilevich.
20-1 Last time □ NAT □ Application layer ♦ Intro ♦ Web / HTTP.
Week 11: Application Layer1 Web and HTTP First some jargon r Web page consists of objects r Object can be HTML file, JPEG image, Java applet, audio file,…
2: Application Layer1 Web and HTTP First some jargon Web page consists of base HTML-file which includes several referenced objects Object can be HTML file,
CONTENTS  INTRODUCTION.  KEYWORDS  WHAT IS FIREWALL ?  WHY WE NEED FIREWALL ?  WHY NOT OTHER SECURITY MECHANISM ?  HOW FIREWALL WORKS ?  WHAT IT.
Firewalls. Intro to Firewalls Basically a firewall is a __________to keep destructive forces away from your ________ ____________.
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
2: Application Layer 1 Chapter 2 Application Layer Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April.
ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.
Cookies By: Kendra Alvarez. Concepts of Cookies Cookies are pieces of information generated by a Web server and stored in the user's computer, ready for.
Firewalls. Intro to Firewalls Basically a firewall is a barrier to keep destructive forces away from your computer network.
Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.
Networking Components Assignment 3 Corbin Watkins.
Week 11: Application Layer 1 Web and HTTP r Web page consists of objects r Object can be HTML file, JPEG image, Java applet, audio file,… r Web page consists.
27.1 Chapter 27 WWW and HTTP Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.
I NTRODUCTION TO F IREWALLS. O VERVIEW OF F IREWALLS As the name implies, a firewall acts to provide secured access between two networks A firewall may.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.
Important of Firewall Security in LAN Presented by: Guo Chean Ooi.
Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos
Block 5: An application layer protocol: HTTP
HTTP request message: general format
Network Security Marshall Leitem 11/30/04
Computer Data Security & Privacy
Client / Session Identification Cookies
Firewalls.
* Essential Network Security Book Slides.
Client / Session Identification Cookies
FIREWALL By Abhishar Baloni I.D
Fire-wall.
Firewalls.
AbbottLink™ - IP Address Overview
FIREWALL.
Firewall Installation
Presentation transcript:

Definition : Computer Virus A computer program with the characteristic feature of being able to generate copies of itself, and thereby spread. Additionally most computer viruses have a destructive payload that is activated under certain conditions. Example: The Chernobyl virus overwrites the beginning of the hard disk on certain dates.

large amount of ICMP echo (ping) traffic is sent at IP broadcast addresses (all having a spoofed source address of a victim) If the routing device delivering traffic to those broadcast addresses performs the IP broadcast to layer 2 broadcast function, most hosts on that IP network will take the ICMP echo request and reply to it with an echo reply each This will multiply the traffic by the number of hosts responding. Smurf Attack (D-O-S)

On a multi-access broadcast network, there could potentially be hundreds of machines to reply to each packet. Example : –Assume a co-location switched network with 100 hosts, and the attacker has a T1. –The attacker sends, say, a 768kb/s stream ofICMP echo (ping) packets, with a spoofed source address of the victim, to the broadcast address of the "bounce site".

–These ping packets hit the bounce site's broadcast network of 100 hosts; each of them takes the packet and responds to it, creating 100 ping replies out-bound. –If you multiply the bandwidth, you'll see that 76.8 Mbps is used outbound from the "bouncesite" after the traffic is multiplied.

Firewall A firewall is simply a program or hardware device that filters the information coming through the Internet connection into your private network or computer system. network computer system If an incoming packet of information is flagged by the filters, it is not allowed through.

Example: –Let’s say a company has 500 computers connected to the Internet using T1 or T3 connection. –Every computer is ‘visible’ on the Internet. –A person outside with the right knowledge maybe able to access these computers using FTP, Telnet or other security loop holes left by an employee. –With firewall security rules can be implemented: example only one computer allowed to receive public FTP

Three types of firewalls: Network layer: make their decisions based on the source, destination addresses and ports in individual IP packets. Network layer firewalls tend to be very fast and tend to be very transparent to users. Application layer: typically are hosts running proxy servers, which permit no traffic directly between networks, and which perform elaborate logging and auditing of traffic passing through them. Application layer firewalls tend to provide more detailed audit reports and tend to enforce more conservative security models than network layer firewalls. Hybrids: most firewalls fall into the ``hybrid'' category, which do network filtering as well as some amount of application inspection. The amount changes depending on the vendor, product, protocol and version, so some level of digging and/or testing is often necessary.

Firewalls use one or more of three methods to control traffic flowing in and out of the network: –Packet filtering - Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded. –Proxy service - Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa. –Stateful inspection - A newer method that doesn't examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.

Cookies are pieces of information generated by a Web server and stored in the user's computer, ready for future access. are embedded in the HTML information flowing back and forth between the user's computer and the servers. –Cookies were implemented to allow user-side customization of Web information. For example, cookies are used to personalize Web search engines, to allow users to participate in WWW-wide contests (but only once!), and to store shopping lists of items a user has selected while browsing through a virtual shopping mall.

Essentially, cookies make use of user- specific information transmitted by the Web server onto the user's computer so that the information might be available for later access by itself or other servers. In most cases, not only does the storage of personal information into a cookie go unnoticed, so does access to it. Web servers automatically gain access to relevant cookies whenever the user establishes a connection to them, usually in the form of Web requests. Now go to: And try the cookie program!

User-server state: cookies Many major Web sites use cookies Four components: 1) cookie header line of HTTP response message 2) cookie header line in HTTP request message 3) cookie file kept on user’s host, managed by user’s browser 4) back-end database at Web site Example: –Susan access Internet always from same PC –She visits a specific e- commerce site for first time –When initial HTTP requests arrives at site, site creates a unique ID and creates an entry in backend database for ID

Cookies: keeping “state” (cont.) client server usual http request msg usual http response + Set-cookie: 1678 usual http request msg cookie: 1678 usual http response msg usual http request msg cookie: 1678 usual http response msg cookie- specific action cookie- spectific action server creates ID 1678 for user entry in backend database access Cookie file amazon: 1678 ebay: 8734 Cookie file ebay: 8734 Cookie file amazon: 1678 ebay: 8734 one week later:

Cookies (continued) What cookies can bring: authorization shopping carts recommendations user session state (Web e- mail) Cookies and privacy: cookies permit sites to learn a lot about you you may supply name and to sites aside How to keep “state”: Protocol endpoints: maintain state at sender/receiver over multiple transactions cookies: http messages carry state

Source: – – – – – –

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.