Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT246 introduction to networkS Network Security

Published byFelicia Paul Modified over 6 years ago

Similar presentations

Presentation on theme: "IT246 introduction to networkS Network Security"— Presentation transcript:

1 IT246 introduction to networkS Network Security
Prof. Alfred J Bird, Ph.D., NBCT Office – Science, 3rd floor, S Office Hours – Monday and Thursday 3:00 to 4:00

2 Some Postulates about Network Security
You can never prove something perfect, all you can do is fail to prove that it has some faults! Keep looking! If a lot of smart people have failed to solve the problem, then it probably won’t be solved (soon!) Security people need to remember that most people regard security as a nuisance rather than as needed protection and left to their own devices they often carelessly give up the security that someone worked so hard to provide.

3 Introduction to Network Security
Security threats Malware: Virus, worm, spyware, ransomware Spam Botnet DoS, DDoS attacks Phishing Buffer overflows Cross-site scripting (XSS) Theft and/or Whistleblowers Disgruntled employees and ex-employees.

4 Security Objectives (CIA)

5 Security Objectives (CIA)
Confidentiality — Prevent/detect/deter improper disclosure of information Integrity — Prevent/detect/deter improper modification of information Availability — Prevent/detect/deter improper denial of access to services provided by the system These three concepts form what is often referred to as the CIA triad (Figure 1.1). The three concepts embody the fundamental security objectives for both data and for information and computing services. FIPS PUB 199 provides a useful characterization of these three objectives in terms of requirements and the definition of a loss of security in each category: • Confidentiality (covers both data confidentiality and privacy): preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. A loss of confidentiality is the unauthorized disclosure of information. • Integrity (covers both data and system integrity): Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity. A loss of integrity is the unauthorized modification or destruction of information. • Availability: Ensuring timely and reliable access to and use of information. A loss of availability is the disruption of access to or use of information or an information system. Although the use of the CIA triad to define security objectives is well established, some in the security field feel that additional concepts are needed to present a complete picture. Two of the most commonly mentioned are: • Authenticity: The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. • Accountability: The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity.

6 Internet Security Mechanisms
Prevent: Firewall, IPsec, SSL Detect: Intrusion Detection Survive/ Response: Recovery, Forensics Goal: prevent if possible; detect quickly otherwise; and confine the damage

7 Important Terms Social Engineering Password Cracking Packet Sniffing
Dictionary Attack Brute Force Attack Packet Sniffing Vulnerable Software SSL/TLS IPsec Buffer Overflow Spoof

8 netstat -a

9 netstat -a

10 nmap /24

11 Recon & Info Gathering Social Engineering: “the weakest link”,
Physical or automated (e.g., phishing) Defenses: user awareness Physical Security Physical access, theft, dumpster diving Defenses: locks, policies (access, screen savers, etc.), encrypted file systems, paper shredders Web Searching and Online Recon Check company website, get contact names, look for comments in html, etc. Use Search Engines: Google!, Usenet to discover technologies in use, employee names, etc. Defenses: “Security Through Obscurity”, Policies

12 Security Software Anti-Virus Anti-Malware Firewalls
Symantec, McAfee, many others Anti-Malware Malwarebytes Firewalls IDS (Intrusion Detection System)

13 Password Guidelines Don’t use dictionary words Don’t use names
Limit number of login attempts Make a strong password More than 8 characters Combination of upper and lower case letters, numbers and special characters Change passwords often

14 Password Cracking Guessing Passwords via Login Scripting
Better: Obtain Windows SAM or UNIX /etc/password (/etc/shadow, /etc/secure) Crackers: L0phtCrack (Win), John the Ripper (UNIX), Cain Dictionary vs Brute-Force vs Hybrid methods Defenses: Strong password policy, password-filtering Conduct your own audits Protect encrypted files (shadowing, get rid of MS LM reps, etc.)

15 Encryption Symmetric (Secret Key) Asymmetric (Public, Private Key)
DES, 3DES, AES ... Asymmetric (Public, Private Key) rsa, dsa Hash (One Way) MD5, SHA-1, SHA-256 Diffee-Hellman

16 Important Terms Private Network VPN (Virtual Private Network)
IP Tunnel GRE (Generic Routing Encapsulation) PPP (Point to Point Protocol) PAP (Password Authentication Protocol) CHAP (Challenge Handshake Authentication Protocol) EAP (Extensible Authentication Protocol)

Download ppt "IT246 introduction to networkS Network Security"

Similar presentations

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.

CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Topics in Information Security Prof. JoAnne Holliday Santa Clara University.

Topics in Information Security Prof. JoAnne Holliday Santa Clara University.
C OMPUTER S ECURITY C ONCEPTS By: Qubilah D’souza 411109 TE computer.

C OMPUTER S ECURITY C ONCEPTS By: Qubilah D’souza TE computer.
Securing Information Systems

Securing Information Systems
CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.

CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
CIS 450 – Network Security Chapter 8 – Password Security.

CIS 450 – Network Security Chapter 8 – Password Security.
IT443 – Network Security Administration Week 1 – Introduction Instructor: Alfred J Bird, Ph.D., NBCT

IT443 – Network Security Administration Week 1 – Introduction Instructor: Alfred J Bird, Ph.D., NBCT
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,

SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.

Similar presentations

Ads by Google