Other Security Issues Multi-Layer Security Firewalls Total Security Intrusion Detection Trust.

Slides:



Advertisements
Similar presentations
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Advertisements

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Firewalls and Intrusion Detection Systems
Chapter 12 Network Security.
IS Network and Telecommunications Risks
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.
Guide to Computer Network Security
Internet Relay Chat Chandrea Dungy Derek Garrett #29.
By: Colby Shifflett Dr. Grossman Computer Science /01/2009.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Lecture 24 Secure Communications CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Ian Goldberg.
FIREWALL Mạng máy tính nâng cao-V1.
Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
1 Guide to Network Defense and Countermeasures Chapter 2.
Chapter 13 – Network Security
C8- Securing Information Systems
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
BY OLIVIA WILSON AND BRITTANY MCDONALD Up Your Shields with Shields Up!
Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.
Lecture 24 Secure Communications CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Ian Goldberg.
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.
Firewalls  Firewall sits between the corporate network and the Internet Prevents unauthorized access from the InternetPrevents unauthorized access from.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Network Security Technologies CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Network Security Chapter 11 powered by DJ 1. Chapter Objectives  Describe today's increasing network security threats and explain the need to implement.
Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.
Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:
Secure  Message interception (confidentiality)  Message interception (blocked delivery)  Message interception and subsequent replay  Message.
1 Firewalls Chapter 5 Copyright Prentice-Hall 2003.
Web Application (In)security Note: Unless noted differently, all scanned figures were from the textbook, Stuttard & Pinto, 2011.
Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.
Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
Chapter 40 Internet Security.
Network Security (the Internet Security)
The Linux Operating System
Computer Data Security & Privacy
Host of Troubles : Multiple Host Ambiguities in HTTP Implementations
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
Firewalls.
Security in Networking
Guide to Computer Network Security
Firewalls (March 2, 2016) © Abdou Illia – Spring 2016.
Firewalls and Security
Intrusion Detection system
Introduction to Network Security
Presentation transcript:

Other Security Issues Multi-Layer Security Firewalls Total Security Intrusion Detection Trust

2 Multi-Layer Security zSecurity Can be Applied at Multiple Layers Simultaneously yApplication layer security for database, e- mail, etc. yTransport layer: SSL yInternet layer: IPsec (Chapter 9, Module F) yData link layer: PPTP, L2TP (Module F) yPhysical layer: locks

3 Multi-Layer Security zApplying security at 2 or more layers is good yIf security is broken at one layer, the communication will still be secure zHowever, ySecurity slows down processing yMulti-Layer security slows down processing at each layer

4 Firewalls zFirewall sits between the corporate network and the Internet yPrevents unauthorized access from the Internet yFacilitates internal users’ access to the Internet OK No Firewall Access only if Authenticated

5 Firewalls zPacket Filter Firewalls yExamine each incoming IP packet yExamine IP and TCP header fields yIf bad behavior is detected, reject the packet yNo sense of previous communication: analyzes each packet in isolation IP Firewall IP Packet

6 Firewalls zApplication (Proxy) Firewalls yFilter based on application behavior yDo not examine packets in isolation: use history xIn HTTP, for example, do not accept a response unless an HTTP request has just gone out to that site Application

7 Firewalls zApplication (Proxy) Firewalls yHide internal internet addresses yInternal user sends an HTTP request yHTTP proxy program replaces user internet address with proxy server’s IP address, sends to the webserver HTTP Request Request with Proxy Server’s IP Address

8 Firewalls zApplication (Proxy) Firewalls yWebserver sends response to proxy server, to proxy server IP address yHTTP proxy server sends the IP packet to the originating host yOverall, proxy program acts on behalf of the internal user Response to Proxy Server’s IP Address HTTP Response

9 Firewalls zWhy Hide Internal IP Addresses? yThe first step in an attack usually is to find potential victim hosts ySniffer programs read IP packet streams for IP addresses of potential target hosts yWith proxy server, sniffers will not learn IP addresses of internal hosts False IP Address Host IP Address Sniffer

10 Firewalls zApplication Firewalls yNeed a separate program (proxy) for each application yNot all applications have rules that allow filtering

11 Total Security zNetwork Security is Only Part zServer Security yHackers can take down servers with denial- of-service attack yHacker can log in as root user and take over the server ySteal data, lock out legitimate users, etc.

12 Total Security zServer Security yOccasionally, weakness are discovered in server operating systems yThis knowledge is quickly disseminated yKnown security weaknesses

13 Total Security zServer Security yServer operating system (SOS) vendors create patches yMany firms do not download patches yThis makes them vulnerable to hackers, who quickly develop tools to probe for and then exploit known weaknesses

14 Total Security zClient PC Security yKnown security weaknesses exist but patches are rarely downloaded yUsers often have no passwords or weak passwords on their computer yAdversaries take over client PCs and can therefore take over control over SSL, other secure communication protocols

15 Total Security zApplication Software yMay contain viruses xMust filter incoming messages yDatabase and other applications can add their own security with passwords and other protections

16 Total Security zManaging Users yOften violate security procedures, making technical security worthless ySocial engineering: attacker tricks user into violating security procedures

17 Intrusion Detection zIntrusion detection software to detect and report intrusions as they are occurring zNeeded yLets organization stop intruders so that intruders do not have unlimited time to probe for weaknesses yHelps organization assess security threats yAudit logs list where intruder has been: vital in legal prosecution

18 Trust zSystem A may trust System B yNot check closely for security problems yThis reduces security processing costs yIf trusted system is taken over, disaster xCan exploit systems that trust it System A System B No Close Check Trust

19 Trust zIf System A trusts System B and System B trusts System C, System A often trusts system C yExtreme disaster if highly trusted system is taken over xCan exploit many trusting systems A B C Trust

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.