Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security SUBMITTED BY:- HARENDRA KUMAR IT-3 RD YR. 1.

Published byEsther Snow Modified over 8 years ago

Similar presentations

Presentation on theme: "Network Security SUBMITTED BY:- HARENDRA KUMAR IT-3 RD YR. 1."— Presentation transcript:

1 Network Security SUBMITTED BY:- HARENDRA KUMAR IT-3 RD YR. 1

2 Overview What is security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures – Firewalls & Intrusion Detection Systems – Denial of Service Attacks – TCP Attacks 2

3 DEFINITION Security is concerned with the confidentiality, integrity and availability of data regardless of the form the data. Security means protecting from unauthorized access, use, disclosure, disruption, modification, or destruction.

4 Why do we need security? Protect vital information while still allowing access to those who need it – Trade secrets, medical records, etc. Provide authentication and access control for resources – Ex: AFS Guarantee availability of resources – Ex: 5 9’s (99.999% reliability) 4

5 Who is vulnerable? Financial institutions and banks Internet service providers Pharmaceutical companies Government and defense agencies Contractors to various government agencies Multinational corporations ANYONE ON THE NETWORK 5

6 Common security attacks and their countermeasures Finding a way into the network – Firewalls Exploiting software bugs, buffer overflows – Intrusion Detection Systems Denial of Service – Ingress filtering, IDS TCP hijacking – IPSec 6

7 Firewalls Basic problem – many network applications and protocols have security problems that are fixed over time – Difficult for users to keep up with changes and keep host secure – Solution Administrators limit access to end hosts by using a firewall Firewall is kept up-to-date by administrators 7

8 Firewalls 8 Intranet DMZ Internet Firewall Web server, email server, web proxy, etc

9 Intrusion Detection Used to monitor for “suspicious activity” on a network – Can protect against known software exploits, like buffer overflows Open Source IDS: Snort, www.snort.org 9

10 Denial of Service Purpose: Make a network service unusable, usually by overloading the server or network Many different kinds of DoS attacks – SYN flooding – SMURF – Distributed attacks – Mini Case Study: Code-Red 10

11 Denial of Service 11

12 Denial of Service 12

13 TCP Attacks Say hello to Alice, Bob and Mr. Big Ears 13

14 TCP Attacks Alice and Bob have an established TCP connection 14

15 TCP Attacks Mr. Big Ears lies on the path between Alice and Bob on the network – He can intercept all of their packets 15

16 TCP Attacks First, Mr. Big Ears must drop all of Alice’s packets since they must not be delivered to Bob (why?) 16 Packets The Void

17 TCP Attacks Then, Mr. Big Ears sends his malicious packet with the next ISN (sniffed from the network) 17 ISN, SRC=Alice

18 TCP Attacks Why are these types of TCP attacks so dangerous? 18 Web server Malicious user Trusting web client

19 Conclusions The Internet works only because we implicitly trust one another It is very easy to exploit this trust The same holds true for software It is important to stay on top of the latest CERT security advisories to know how to patch any security holes 19

20 20

Download ppt "Network Security SUBMITTED BY:- HARENDRA KUMAR IT-3 RD YR. 1."

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.

Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.
ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.

ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.

Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.

1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.

Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.

Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
TCP/IP Vulnerabilities. Outline Security Vulnerabilities Denial of Service Worms Countermeasures: Firewalls/IDS.

TCP/IP Vulnerabilities. Outline Security Vulnerabilities Denial of Service Worms Countermeasures: Firewalls/IDS.

Similar presentations

Ads by Google