Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.

Slides:



Advertisements
Similar presentations
Data Communications and Computer Networks Chapter 1 CS 3830 Lecture 5 Omar Meqdadi Department of Computer Science and Software Engineering University of.
Advertisements

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.
James Tam Computer Security Concepts covered Malicious computer programs Malicious computer use Security measures.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Firewalls and Intrusion Detection Systems
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.
1 Network Intruders Masquerader: A person who is not authorized to use a computer, but gains access appearing to be someone with authorization (steals.
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
1 Computer System Evolution Central Data Processing System: - with directly attached peripherals (card reader, magnetic tapes, line printer). Local Area.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Henric Johnson1 Intruders and Viruses Henric Johnson Blekinge Institute of Technology, Sweden
After this session, you should be able to:
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
1 Computer Viruses (and other “Malicious Programs) Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
CSCE 815 Network Security Lecture 20 Intruders / Intrusion Detection April 3, 2003.
Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
FIREWALL Mạng máy tính nâng cao-V1.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Network Security Fall Dr. Faisal Kakar Office: 01, FICT Building
CSCE 815 Network Security Lecture 19 Intruders April 1, 2003.
Firewalls A note on the use of these ppt slides:
Introduction of Internet security Sui Wang IS300.
Fundamentals of The Internet Learning outcomes After this session, you should be able to: Identify the threat of intruders in systems and networks and.
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.
CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
IT internet security. The Internet The Internet - a physical collection of many networks worldwide which is referred to in two ways: The internet (lowercase.
Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.
CS 3830 Day 5 Introduction 1-1. Announcements  Program 1 due today at 3pm  Program 2 posted by tonight (due next Friday at 3pm)  Quiz 1 at the end.
Types of Electronic Infection
NS-H /11041 Intruder. NS-H /11042 Intruders Three classes of intruders (hackers or crackers): –Masquerader –Misfeasor –Clandestine user.
ECE-8843 Fall Prof. John A. Copeland fax Office:
Network Security Introduction Light stuff – examples with Alice, Bob and Trudy Serious stuff - Security attacks, mechanisms and services.
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Topic 5: Basic Security.
1 Chapter 9 Intruders. 2 Outline Intruders –Intrusion Techniques –Password Protection –Password Selection Strategies –Intrusion Detection Statistical.
Malicious Software.
Chapter 9 Intruders.
Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:
Network Security and Cryptography
Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.
1 Network Security. 2 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content.
Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos
Chapter 9 Intruders.
ECE Spring also see Prof. John A. Copeland fax Office: Klaus 3362
Operating Systems Services provided on internet
(see also Q1 and Q2 Topics)
Security in Networking
Topic 5: Communication and the Internet
Chap 10 Malicious Software.
Chapter 9 Intruders.
Lecture 3: Secure Network Architecture
Chap 10 Malicious Software.
Network Security 4/21/2019 Raj Rajarajan.
Session 20 INST 346 Technologies, Infrastructure and Architecture
Chapter 9 Intruders and Viruses.
Presentation transcript:

Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized to: Read, edit, add, delete Probably over a network, possibly over the Internet. Objectives of Data Security (relative to unauthorized persons) 1

* Security Attack: Any action that compromises the security of information. * Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. * Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms. Attacks, Services, and Mechanisms 2

33

4

Security Services * Confidentiality (privacy) * Authentication (who created or sent the data) * Integrity (has not been altered) * Non-repudiation (the order is final) * Access control (prevent misuse of resources) * Availability (permanence, non-erasure) - Denial of Service Attacks - Virus that deletes files 5

Virus - code that copies itself into other programs Payload - harmful things it does, after it has had time to spread. Worm - a program that replicates itself across the network (usually riding on messages or attached documents (e.g., macro viruses). Trojan Horse - instructions in an otherwise good program that cause bad things to happen (sending your data or password to an attacker over the net). Logic Bomb - malicious code that activates on an event (e.g., date). Trap Door (or Back Door) - undocumented entry point written into code for debugging that can allow unwanted users. Viruses, Worms, and Trojan Horses 6

Have a well-known virus protection program, configured to scan disks and downloads automatically for known viruses. Do not execute programs (or "macro's") from unknown sources (e.g., PS files, HyperCard files, MS Office documents, Java,...), if you can help it. Avoid the most common operating systems and programs, if possible. Virus Protection 7

8 Password Gathering Look under keyboard, telephone etc. Look in the Rolodex under “X” and “Z” Call up pretending to from “micro-support,” and ask for it. “Snoop” a network and watch the plaintext passwords go by. Tap a phone line - but this requires a very special modem. Use a “Trojan Horse” program to record key stokes.

9 The Stages of a Network Intrusion 1. Scan the network to: locate which IP addresses are in use, what operating system is in use, what TCP or UDP ports are “open” (being listened to by Servers). 2. Run “Exploit” scripts against open ports 3. Get access to Shell program which is “suid” (has “root” privileges). 4. Download from Hacker Web site special versions of systems files that will let Cracker have free access in the future without his cpu time or disk storage space being noticed by auditing programs. 5. Use IRC (Internet Relay Chat) to invite friends to the feast.

10 Application Layer (HTTP) Transport Layer (TCP,UDP) Network Layer (IP) E'net Data Link Layer Ethernet Phys. Layer Network Layer E'net Data Link Layer E'net Phys. Layer Network Layer Web Server Browser Router-Firewall can drop packets based on source or destination, ip address and/or port Application Layer (HTTP) Transport Layer (TCP,UDP) Network Layer (IP) Token Ring Data-Link Layer Token Ring Phys. Layer IP Address IP Address Port 80 Port Segment No. Token Ring Data Link Layer Token Ring Phys. Layer

Policy No outside Web access. Outside connections to Public Web Server Only. Prevent Web-Radios from eating up the available bandwidth. Prevent your network from being used for a Smuft DoS attack. Prevent your network from being tracerouted or scanned. Firewall Setting Drop all outgoing packets to any IP, Port 80 Drop all incoming TCP SYN packets to any IP except 130:207: , port 80 Drop all incoming UDP packets - except DNS and Router Broadcasts. Drop all ICMP packets going to a “broadcast” address ( or ). Drop all incoming ICMP, UDP, or TCP echo- request packets, drop all packets with TTL < 5. 11

From "PGP Freeware for MacOS, User's Guide" Version 6.5, Network Associates, Inc., 12 PGP (Pretty Good Privacy) -> GPG

13 Access Control Today almost all systems are protected only by a simple password that is typed in, or sent over a network in the clear.Techniques for guessing passwords: 1. Try default passwords. 2. Try all short words, 1 to 3 characters long. 3. Try all the words in an electronic dictionary(60,000). 4. Collect information about the user’s hobbies, family names, birthday, etc. 5. Try user’s phone number, social security number, street address, etc. 6. Try all license plate numbers (123XYZ). Prevention: Enforce good password selection (c0p31an6)

14 Kerberos

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.