1 Network Security 2 nd Lec. BSIT 4C - Finals. The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness.

Slides:



Advertisements
Similar presentations
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Advertisements

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.
Chapter 1 – Introduction
Chapter 12 Network Security.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
IIT Indore © Neminath Hubballi
Web Server Administration Chapter 10 Securing the Web Environment.
Cryptography and Network Security
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
Honeypot and Intrusion Detection System
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Security in Computer System 491 CS-G(172) By Manesh T
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Firewall Security.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Network Security Part III: Security Appliances Firewalls.
Network Security 1. Overview What is security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures Firewalls & Intrusion.
CTC228 Nov Today... Catching up with group projects URLs and DNS Nmap Review for Test.
Understand Internet Security LESSON Security Fundamentals.
1/23/2016 Network Security By S K Satapathy clicktechsolution.com.
Networks Fall Network Security Networks Fall A Brief History of the World.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Lab #2 NET332 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,
By Steve Shenfield COSC 480.  Definition  Incidents  Damages  Defense Mechanisms Firewalls/Switches/Routers Routing Techniques (Blackholing/Sinkholing)
1 Network Security TTC MOBILE Overview What is security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures.
Network Security 1. Overview What is security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures Firewalls & Intrusion.
General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Network Security SUBMITTED BY:- HARENDRA KUMAR IT-3 RD YR. 1.
By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Security Issues in Information Technology
Lab #2 NET332 By Asma AlOsaimi.
An Introduction To ARP Spoofing & Other Attacks
CSCE 548 Student Presentation By Manasa Suthram
Network Security Networks Fall 2002.
Network Security Justin Weisz Networks Fall 2002.
Unit 32 – Networked Systems Security
Domain 4 – Communication and Network Security
Click to edit Master subtitle style
Introduction to Networking
Security in Networking
Network Security: IP Spoofing and Firewall
Justin Weisz Network Security Justin Weisz Networks Fall 2002.
Network Security Networks Fall 2002.
Justin Weisz Network Security Justin Weisz Networks Fall 2002.
Justin Weisz Network Security Justin Weisz Networks Fall 2002.
Justin Weisz Network Security Justin Weisz Networks Fall 2002.
Presentation transcript:

1 Network Security 2 nd Lec. BSIT 4C - Finals

The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable. —The Art of War, Sun Tzu 2

3 A Brief History of the World BSIT 4C - Finals

4 Overview What is security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures –Firewalls & Intrusion Detection Systems –Denial of Service Attacks –TCP Attacks –Packet Sniffing –Social Problems BSIT 4C - Finals

5 What is “Security” Dictionary.com says: –1. Freedom from risk or danger; safety. –2. Freedom from doubt, anxiety, or fear; confidence. –3. Something that gives or assures safety, as: 1. A group or department of private guards: Call building security if a visitor acts suspicious. 2. Measures adopted by a government to prevent espionage, sabotage, or attack. 3. Measures adopted, as by a business or homeowner, to prevent a crime such as burglary or assault: Security was lax at the firm's smaller plant. …etc. BSIT 4C - Finals

6 What is “Security” Dictionary.com says: –1. Freedom from risk or danger; safety. –2. Freedom from doubt, anxiety, or fear; confidence. –3. Something that gives or assures safety, as: 1. A group or department of private guards: Call building security if a visitor acts suspicious. 2. Measures adopted by a government to prevent espionage, sabotage, or attack. 3. Measures adopted, as by a business or homeowner, to prevent a crime such as burglary or assault: Security was lax at the firm's smaller plant. …etc. BSIT 4C - Finals

7 What is “Security” Dictionary.com says: –1. Freedom from risk or danger; safety. –2. Freedom from doubt, anxiety, or fear; confidence. –3. Something that gives or assures safety, as: 1. A group or department of private guards: Call building security if a visitor acts suspicious. 2. Measures adopted by a government to prevent espionage, sabotage, or attack. 3. Measures adopted, as by a business or homeowner, to prevent a crime such as burglary or assault: Security was lax at the firm's smaller plant. …etc. BSIT 4C - Finals

8 What is “Security” Dictionary.com says: –1. Freedom from risk or danger; safety. –2. Freedom from doubt, anxiety, or fear; confidence. –3. Something that gives or assures safety, as: 1. A group or department of private guards: Call building security if a visitor acts suspicious. 2. Measures adopted by a government to prevent espionage, sabotage, or attack. 3. Measures adopted, as by a business or homeowner, to prevent a crime such as burglary or assault. BSIT 4C - Finals

9 Why do we need security? Protect vital information while still allowing access to those who need it –Trade secrets, medical records, etc. Provide authentication and access control for resources Guarantee availability of resources BSIT 4C - Finals

10 Who is vulnerable? Financial institutions and banks Internet service providers Pharmaceutical companies Government and defense agencies Contractors to various government agencies Multinational corporations ANYONE ON THE NETWORK BSIT 4C - Finals

11 Common security attacks and their countermeasures Finding a way into the network –Firewalls Exploiting software bugs, buffer overflows –Intrusion Detection Systems Denial of Service –Ingress filtering Packet sniffing –Encryption (SSH, SSL, HTTPS) Social problems –Education BSIT 4C - Finals

Security Categories Computer Security - generic name for the collection of tools designed to protect data and to thwart hackers Network Security - measures to protect data during their transmission Internet Security - measures to protect data during their transmission over a collection of interconnected networks BSIT 4C - Finals12

Aspects of Security consider 3 aspects of information security: –security attack –security mechanisms –security services BSIT 4C - Finals13

Generic types of attacks PASSIVE BSIT 4C - Finals14

BSIT 4C - Finals15 ACTIVE

BSIT 4C - Finals16 Firewalls A firewall is like a castle with a drawbridge –Only one point of access into the network –This can be good or bad Can be hardware or software –Ex. Some routers come with firewall functionality –ipfw, ipchains, pf on Unix systems, Windows XP and Mac OS X have built in firewalls

BSIT 4C - Finals17

BSIT 4C - Finals18 Firewalls Intranet Internet Firewall Web server, server, web proxy, etc

BSIT 4C - Finals19 Firewalls Used to filter packets based on a combination of features –These are called packet filtering firewalls There are other types too, but they will not be discussed –Ex. Drop packets with destination port of 23.

BSIT 4C - Finals20 Firewalls Here is what a computer with a default Windows XP install looks like: –135/tcp open loc-srv –139/tcp open netbios-ssn –445/tcp open microsoft-ds –1025/tcp open NFS-or-IIS –3389/tcp open ms-term-serv –5000/tcp open UPnP Might need some of these services, or might not be able to control all the machines on the network

BSIT 4C - Finals21 Firewalls What does a firewall rule look like? –Depends on the firewall used Example: ipfw –/sbin/ipfw add deny tcp from cracker.evil.org to wolf.tambov.su telnet Other examples: WinXP & Mac OS X have built in and third party firewalls –Different graphical user interfaces –Varying amounts of complexity and power

BSIT 4C - Finals22 Intrusion Detection Used to monitor for “suspicious activity” on a network –Can protect against known software exploits, like buffer overflows Open Source IDS: Snort,

BSIT 4C - Finals23 Intrusion Detection Uses “intrusion signatures” –Well known patterns of behavior Ping sweeps, port scanning, web server indexing, OS fingerprinting, DoS attempts, etc. Example –IRIX vulnerability in webdist.cgi –Can make a rule to drop packets containing the line “/cgi-bin/webdist.cgi?distloc=?;cat%20/etc/passwd” However, IDS is only useful if contingency plans are in place to curb attacks as they are occurring

BSIT 4C - Finals24 Denial of Service Purpose: Make a network service unusable, usually by overloading the server or network

BSIT 4C - Finals25 Denial of Service

BSIT 4C - Finals26 Denial of Service SMURF –Source IP address of a broadcast ping is forged –Large number of machines respond back to victim, overloading it.

BSIT 4C - Finals27 Denial of Service

BSIT 4C - Finals28 TCP Attacks If an attacker learns the associated TCP state for the connection, then the connection can be hijacked! Attacker can insert malicious data into the TCP stream, and the recipient will believe it came from the original source –Ex. Instead of downloading and running new program, you download a virus and execute it

BSIT 4C - Finals29 TCP Attacks Say hello to Alice, Bob and Mr. Big Ears

BSIT 4C - Finals30 TCP Attacks Alice and Bob have an established TCP connection

BSIT 4C - Finals31 TCP Attacks Mr. Big Ears lies on the path between Alice and Bob on the network –He can intercept all of their packets

BSIT 4C - Finals32 TCP Attacks First, Mr. Big Ears must drop all of Alice’s packets since they must not be delivered to Bob (why?) Packets The Void

BSIT 4C - Finals33 TCP Attacks Then, Mr. Big Ears sends his malicious packet with the next ISN (sniffed from the network) ISN=Alice

BSIT 4C - Finals34 TCP Attacks Why are these types of TCP attacks so dangerous? Web server Malicious user Trusting web client

BSIT 4C - Finals35 TCP Attacks How do we prevent this? IPSec –Provides source authentication, so Mr. Big Ears cannot pretend to be Alice –Encrypts data before transport, so Mr. Big Ears cannot talk to Bob without knowing what the session key is.

BSIT 4C - Finals36 Social Problems People can be just as dangerous as unprotected computer systems –People can be lied to, manipulated, bribed, threatened, harmed, tortured, etc. to give up valuable information –Most humans will breakdown once they are at the “harmed” stage, unless they have been specially trained Think government here…

BSIT 4C - Finals37 Social Problems Fun Example 1: –“Hi, I’m your AT&T rep, I’m stuck on a pole. I need you to punch a bunch of buttons for me”

BSIT 4C - Finals38 Social Problems Fun Example 2: –Someone calls you in the middle of the night “Have you been calling Egypt for the last six hours?” “No” “Well, we have a call that’s actually active right now, it’s on your calling card and it’s to Egypt and as a matter of fact, you’ve got about $2000 worth of charges on your card and … read off your AT&T card number and PIN and then I’ll get rid of the charge for you”

BSIT 4C - Finals39 Social Problems There aren’t always solutions to all of these problems –Humans will continue to be tricked into giving out information they shouldn’t –Educating them may help a little here, but, depending on how bad you want the information, there are a lot of bad things you can do to get it So, the best that can be done is to implement a wide variety of solutions and more closely monitor who has access to what network resources and information –But, this solution is still not perfect

BSIT 4C - Finals40 Conclusions The Internet works only because we implicitly trust one another It is very easy to exploit this trust The same holds true for software It is important to stay on top of the latest security advisories to know how to patch any security holes