Quiz 2 -> Exam Topics Fall 2004. Chapter 10a - Firewalls Simple Firewall - drops packets based on IP, port Stateful - Keeps track of connections, set.

Slides:



Advertisements
Similar presentations
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Advertisements

IUT– Network Security Course 1 Network Security Firewalls.
FIREWALLS Chapter 11.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
FIREWALLS – Chapter 20 network-based threats access to outside world Functionality, Design Security – trusted system.
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
HIPAA Security Standards What’s happening in your office?
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
—On War, Carl Von Clausewitz
Chapter 11 Firewalls.
Firewalls and Intrusion Detection Systems
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Chapter 10 Firewalls. Introduction seen evolution of information systems now everyone want to be on the Internet and to interconnect networks has persistent.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
ECE Prof. John A. Copeland fax Office: Klaus 3362.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Chapter 20 Firewalls.
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
FIREWALL Mạng máy tính nâng cao-V1.
COEN 252 Computer Forensics
Chapter 6: Packet Filtering
ECE6612 Quiz 2 -> Exam Topics (see also Q1 and Q2 Topics) Spring 2015.
Firewalls A note on the use of these ppt slides:
Chapter 11 Firewalls.
COEN 252 Computer Forensics Collecting Network-based Evidence.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Windows 7 Firewall.
1 Chapter 20: Firewalls Fourth Edition by William Stallings Lecture slides by Lawrie Brown(modified by Prof. M. Singhal, U of Kentucky)
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
1 Firewalls G53ACC Chris Greenhalgh. 2 Contents l Attacks l Principles l Simple filters l Full firewall l Books: Comer ch
NETWORK SECURITY USING IPTABLES. TOPICS OF DISCUSSION NETWORK TRAFFIC IN PRESENT SCENARIO !! WHY WE NEED SECURITY ? T TYPE OF ATTACKS & WAYS TO TACKLE.
Linux Networking and Security
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Quiz-2 Review ECE Prof. John A. Copeland fax Office:
Homework 02 NAT 、 DHCP 、 Firewall 、 Proxy. Computer Center, CS, NCTU 2 Basic Knowledge  DHCP Dynamically assigning IPs to clients  NAT Translating addresses.
1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.
8: Network Security 8-1 IPsec: Network Layer Security r network-layer secrecy: m sending host encrypts the data in IP datagram m TCP and UDP segments;
Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:
Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.
or call for office visit,
Lab #2 NET332 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,
Cryptography and Network Security
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Lab #2 NET332 By Asma AlOsaimi.
or call for office visit, or call
NAT、DHCP、Firewall、FTP、Proxy
(see also Q1 and Q2 Topics)
or call for office visit,
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
(see also Quiz 1 and Quiz 2 Topics)
IS3440 Linux Security Unit 6 Using Layered Security for Access Control
Firewalls By conventional definition, a firewall is a partition made
Session 20 INST 346 Technologies, Infrastructure and Architecture
Presentation transcript:

Quiz 2 -> Exam Topics Fall 2004

Chapter 10a - Firewalls Simple Firewall - drops packets based on IP, port Stateful - Keeps track of connections, set up inside or outside. NAT - Network Address Translation, Private Address ranges (10. ) Proxy Server - checks application header and data. Attacks - how does Firewall protect against scanning, bad- fragments, bad TCP flags, Smuft attack,... Host-based Firewalls - xinetd (/etc/hosts.allow), iptables, Zone Alarm, Black Ice (now ISS Desktop Proventia) 2

Chapter 10b - Trusted Systems Subject, Object, Access Rights (permissions) Policy - Access matrix or ACL (access control list) Basic Security Rules: No read up (simple security property) No write down (do not widen accessibility) Need to Know. Reference Monitor, audit file, security kernel database. Requirements to be a “Trusted System”: Complete Mediation, Isolation, Verifiability “Common Criteria” Security Specifications - multinational trust ratings 3

Chapter 11 - TCP/IP Use of bad fragments to crash Operating System (OS). Use of ICMP packets (ping, “unreachable”, “time-out”) Smuft attack (packet multiplication, use of broadcast address). “Spoofed” addresses. TCP Flags - bad combinations to map OS, cause crashes. TCP - Highjacked connection. 4

Chapter 12 - Traffic Visualization Bandwidth versus time (flood attacks). Packets per period - by TCP and UDP port numbers. Therminator - shows unbalance in traffic flow. 5

Chapter 13 - NetSec Utilities What do they do? Tripwire Saint and Satan Nessus Ethereal and “tcpdump” Security Organizations: US-CERT (U.S. Computer Emergency Response Team) SANS NIPC (FBI - Nat. Infrastructure Protection Center) What to do if a host is compromised. Evidence - chain of custody 6

Slide Set 14 - Wireless Security WEP is weak security, but far better than nothing. Use longest key-length possible. Enable use of “allowed list” of MAC addresses. Use higher-layer security - IPsec or SSL. Use a firewall and IDS to isolate wireless access points (WAP’s) just like you do for the Internet. Search for “Rogue” WAP’s. 7

Slide set 15 - Hidden Data Hidden Files (on UNIX, name starts with “.”) Startup scripts (great place to hide a Trojan Horse) Covert channels (hide in “Ping” packets, SSH, port 80 FTP) Steganography (hiding data in an image file) Watch for new processes, files (particularly “suid” files), open Internet TCP and UDP ports. 8

Slide set 16 - Safe Computing Buffer Overflow(what is it, what does it do) How to code to prevent possibility of a “Buffer Overflow” Eliminate unneeded daemons, “suid programs,” open ports, and user accounts. Enforce long, mixed-character passwords. Explain “Once root, always root” 9

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.