Network Security Onno W. Purbo Buku Keamanan Jaringan Internet Toko Buku Gramedia.

Slides:

Advertisements

Similar presentations

Presented by Nikita Shah 5th IT ( )

Advertisements

FIREWALLS Chapter 11.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

Module 5: Configuring Access to Internal Resources.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

System and Network Security Practices COEN 351 E-Commerce Security.

Chapter 7 HARDENING SERVERS.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

EECS Presentation Web Tap: Intelligent Intrusion Detection Kevin Borders.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

Data Security in Local Networks using Distributed Firewalls

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Payment Card Industry (PCI) Data Security Standard

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

Installing and Configuring a Secure Web Server COEN 351 David Papay.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

Chapter 4: Security Baselines Security+ Guide to Network Security Fundamentals Second Edition.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Being an Intermediary for Another Attack Prepared By : Muhammad Majali Supervised By : Dr. Lo’ai Tawalbeh New York Institute of Technology (winter 2007)

Csci5233 Computer Security1 Bishop: Chapter 27 System Security.

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.

CERN’s Computer Security Challenge

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

SECURITY ZONES. Security Zones  A security zone is a logical grouping of resources, such as systems, networks, or processes, that are similar in the.

Copyright © 2004 Pearson Education, Inc. Slide 5-1 Securing Channels of Communication Secure Sockets Layer (SSL): Most common form of securing channels.

CSU - DCE Internet Security... Privacy Overview - Fort Collins, CO Copyright © XTR Systems, LLC Setting Up & Using a Site Security Policy Instructor:

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.

2  Supervisor : MENG Sreymom  SNA 2012_Group4  Group Member  CHAN SaratYUN Sinot  PRING SithaPOV Sopheap  CHUT MattaTHAN Vibol  LON SichoeumBEN.

Note1 (Admi1) Overview of administering security.

Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.

Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

4061 Session 26 (4/19). Today Network security Sockets: building a server.

Security fundamentals Topic 10 Securing the network perimeter.

Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Security Environment Assessment. Outline  Overview  Key Sources and Participants  General Findings  Policy / Procedures  Host Systems  Network Components.

Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.

Computer Security By Duncan Hall.

IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.

Role Of Network IDS in Network Perimeter Defense.

Web Server Security: Protecting Your Pages NOAA OAR WebShop 2001 August 2 nd, 2001 Jeremy Warren.

Security Operations Chapter 11 Part 3 Pages 1279 to 1309.

By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

15-Jun-04D.P.Kelsey, LCG-GDB-Security1 LCG/GDB Security Update (Report from the LCG Security Group) CERN 15 June 2004 David Kelsey CCLRC/RAL, UK

Security fundamentals

Chapter 7. Identifying Assets and Activities to Be Protected

Securing the Network Perimeter with ISA 2004

Onno W. Purbo Cracking Techniques Onno W. Purbo

Information Security Session October 24, 2005

Chapter 27: System Security

IS4680 Security Auditing for Compliance

Professional Network Services

IS4680 Security Auditing for Compliance

6. Application Software Security

Presentation transcript:

Network Security Onno W. Purbo

Buku Keamanan Jaringan Internet Toko Buku Gramedia

Overview Roadmap SANS Integrating Security Into Your Site How to Get the Work Done Where to Find the Right Information Pitfalls and Vulnerabilities

Integrating Security Into Your Site

How do you justify the security infrastructure investment? How do you determine your site's security mission statement? What are the key elements of a successful security awareness training program? What are the key elements of a good security infrastructure? What are some common security problems which continue to plague many sites?

How to Get the Work Done

duties of security support personnel? ensure or document security infrastructure? types of security tools and the most popular tools in use today? Where can you find some consolidated information security vulnerabilities? find vendor-specific security patches? find many of the public domain security tools? seven items when responding to incident? five low-cost security improvements?

7 items to remember? Follow your organization’s policies and procedures. Contact incident response agencies. Communication via out-of-band (e.g., a phone call). Document your actions. Make copies of files the intruders may have left or touched & store them off-line. If you are unsure of what actions to take, seek additional help and guidance. Contact law enforcement officials.

5 low-cost improvements Document and publish what you expect. Configure your routers to deny all unnecessary incoming traffic. Keep sendmail properly configured and updated. Use freeware vulnerability assessment tools. Publish the results. Install freeware host and network based auditing and traffic analysis tools on critical hosts.

Where to Find the Right Information

What are some incident response centers? Where can you find vendor-specific security information? What are some of the good security web sites? What are some good security books? What are some good security mailing lists?

Good security web sites? ftp://ciac.llnl.gov/pub/ciac/sectools/unix / ftp://ftp.cerias.purdue.edu ftp://ftp.cert.org/pub/tools/ ftp://ftp.win.tue.nl/pub/security/ ftp://ftp.funet.fi/pub/unix/security/

Pitfalls and Vulnerabilities

What are some of the frequently targeted system binaries and directories? What are some common Internet attack methods in use today? What are some common problems with security perimeter implementations?

targeted system binaries & directories? /bin/login /usr/etc/in.telnetd /usr/etc/in.ftpd /usr/etc/in.tftpd /usr/ucb/netstat /bin/ps /bin/ls /usr/sbin/ifconfig /bin/df /usr/lib/libc.a /usr/ucb/cc /.rhosts /etc/hosts.equiv /bin/.rhosts /etc/passwd /etc/group /var/yp/* (nis maps) root environment files (.login,.cshrc,.profile,.forward)

Common Internet attack? Exploitation vulnerabilities in vendor programs. Exploitation of cgi-bin vulnerabilities. bombing, spamming & relaying. Exploitation anon-FTP & web servers. Exploitation of named/BIND vulnerabilities. Exploitation of MTA & mail readers. Denial of Services (DoS) attacks. Sending hostile code & attack programs as mail attachments.

Security perimeter implementations? Further security checks & controls are needed on internal network. Members can request analog lines at workspace & bypassing the security perimeter. Some network services (e.g., ftp, tftp, http, sendmail) destined for internal hosts are passed through the security perimeter control points unscreened.

Security perimeter implementations? The firewall hosts or routers accept connections from multiple hosts on the internal network and from hosts on the DMZ network Access lists are often configured incorrectly, allowing unknown and dangerous services to pass through freely.

Security perimeter implementations? Logging of connections through the security perimeter is either insufficient or not reviewed on a regular basis. People frequently implement encrypted tunnels through their security perimeter without fully considering the security of the endpoints of the tunnel.