Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT246 introduction to networkS Network Security

Similar presentations


Presentation on theme: "IT246 introduction to networkS Network Security"— Presentation transcript:

1 IT246 introduction to networkS Network Security
Prof. Alfred J Bird, Ph.D., NBCT Office – Science, 3rd floor, S Office Hours – Monday and Thursday 3:00 to 4:00

2 Some Postulates about Network Security
You can never prove something perfect, all you can do is fail to prove that it has some faults! Keep looking! If a lot of smart people have failed to solve the problem, then it probably won’t be solved (soon!) Security people need to remember that most people regard security as a nuisance rather than as needed protection and left to their own devices they often carelessly give up the security that someone worked so hard to provide.

3 Introduction to Network Security
Security threats Malware: Virus, worm, spyware, ransomware Spam Botnet DoS, DDoS attacks Phishing Buffer overflows Cross-site scripting (XSS) Theft and/or Whistleblowers Disgruntled employees and ex-employees.

4 Security Objectives (CIA)

5 Security Objectives (CIA)
Confidentiality — Prevent/detect/deter improper disclosure of information Integrity — Prevent/detect/deter improper modification of information Availability — Prevent/detect/deter improper denial of access to services provided by the system These three concepts form what is often referred to as the CIA triad (Figure 1.1). The three concepts embody the fundamental security objectives for both data and for information and computing services. FIPS PUB 199 provides a useful characterization of these three objectives in terms of requirements and the definition of a loss of security in each category: • Confidentiality (covers both data confidentiality and privacy): preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. A loss of confidentiality is the unauthorized disclosure of information. • Integrity (covers both data and system integrity): Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity. A loss of integrity is the unauthorized modification or destruction of information. • Availability: Ensuring timely and reliable access to and use of information. A loss of availability is the disruption of access to or use of information or an information system. Although the use of the CIA triad to define security objectives is well established, some in the security field feel that additional concepts are needed to present a complete picture. Two of the most commonly mentioned are: • Authenticity: The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. • Accountability: The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity.

6 Internet Security Mechanisms
Prevent: Firewall, IPsec, SSL Detect: Intrusion Detection Survive/ Response: Recovery, Forensics Goal: prevent if possible; detect quickly otherwise; and confine the damage

7 Important Terms Social Engineering Password Cracking Packet Sniffing
Dictionary Attack Brute Force Attack Packet Sniffing Vulnerable Software SSL/TLS IPsec Buffer Overflow Spoof

8 netstat -a

9 netstat -a

10 nmap /24

11 Recon & Info Gathering Social Engineering: “the weakest link”,
Physical or automated (e.g., phishing) Defenses: user awareness Physical Security Physical access, theft, dumpster diving Defenses: locks, policies (access, screen savers, etc.), encrypted file systems, paper shredders Web Searching and Online Recon Check company website, get contact names, look for comments in html, etc. Use Search Engines: Google!, Usenet to discover technologies in use, employee names, etc. Defenses: “Security Through Obscurity”, Policies

12 Security Software Anti-Virus Anti-Malware Firewalls
Symantec, McAfee, many others Anti-Malware Malwarebytes Firewalls IDS (Intrusion Detection System)

13 Password Guidelines Don’t use dictionary words Don’t use names
Limit number of login attempts Make a strong password More than 8 characters Combination of upper and lower case letters, numbers and special characters Change passwords often

14 Password Cracking Guessing Passwords via Login Scripting
Better: Obtain Windows SAM or UNIX /etc/password (/etc/shadow, /etc/secure) Crackers: L0phtCrack (Win), John the Ripper (UNIX), Cain Dictionary vs Brute-Force vs Hybrid methods Defenses: Strong password policy, password-filtering Conduct your own audits Protect encrypted files (shadowing, get rid of MS LM reps, etc.)

15 Encryption Symmetric (Secret Key) Asymmetric (Public, Private Key)
DES, 3DES, AES ... Asymmetric (Public, Private Key) rsa, dsa Hash (One Way) MD5, SHA-1, SHA-256 Diffee-Hellman

16 Important Terms Private Network VPN (Virtual Private Network)
IP Tunnel GRE (Generic Routing Encapsulation) PPP (Point to Point Protocol) PAP (Password Authentication Protocol) CHAP (Challenge Handshake Authentication Protocol) EAP (Extensible Authentication Protocol)


Download ppt "IT246 introduction to networkS Network Security"

Similar presentations


Ads by Google