Presentation is loading. Please wait.

Presentation is loading. Please wait.

EN Lecture Notes Spring 2016

Published byStephany Lindsey Modified over 6 years ago

Similar presentations

Presentation on theme: "EN Lecture Notes Spring 2016"— Presentation transcript:

1 EN.600.424 Lecture Notes Spring 2016
Secure Network Design EN Lecture Notes Spring 2016

2 Security! But How? Everyone wants a secure network. But how?
“Whoever thinks his problem can be solved using cryptography, doesn’t understand his problem and doesn’t understand cryptography. — Attributed by Roger Needham and Butler Lampson to Each Other Let’s start our discussion by finding “vectors” Remember, Delivery/Vector Payload

3 How Are Networks Attacked?
Automated attack vectors: Servers, services on TCP/UDP ports Vulnerabilities Misconfiguration Mobile code Compromised local machines Compromised third-party code/servers (e.g., Google hacking, DNS, update) Human attack vectors: Honeypot websites/downloads

4 Attacks On Local Networks
Eavesdropping Many local protocols are still “in the clear” Masquerade as a machine with higher privileges Abuse shared resources The common problem is we generally have to assume trust locally Can’t be so “secure” that work doesn’t get done.

5 Protocol Attacks (Remote)
Syn Flooding Principle: Perverse Incentives (see, e.g., spam) Smurfing (Fixed in 2007) Send packet to broadcast domain from target address Principle: Force Multiplier DDoS Principle: Brute Force? Spam (especially malicious/malware) TCP hijacking

6 Malware Attacks Virus, Worm, Trojan Horse
Fred Cohen: Viruses can’t be stopped (Halting problem) Viruses work by corrupting real executables Virus polymorphism Worms spread using a known vulnerability Trojan horses look “useful” but aren’t Rootkit Especially used for botnets, etc Spyware and Adware

7 Approaches to Network Defenses
Management Filtering Intrusion Detection Encryption (at rest and in motion) and protocols

8 Configuration Management
Patches Updates Misc, such as disabling unsafe defaults, etc Disable unnecessary services Topology, architecture, network defense programs, etc Operational security: Training

9 Filtering Firewalls Only allow traffic that you know you need
Packet Filters Application Firewalls (mostly obsolete) Deperimeterism Spam Filters Censoreware Don’t allow secrets out Wiretaps Maintain logs

10 AntiVirus/Malware Defenses
Scanners Static Heuristics Emulation Checksummers System hardening Only allow writes to specific directories Block driver modifications, etc Anti-keylogging

11 Host/Network Deployments
Antivirus can run on hosts Can also run on the network Mail server, especially Firewall, if it does content scanning Nowadays: Cloud See also Intrusion Detection Software (host-based, network based)

12 Intrusion Detection Use rules, heuristics to detect “anomalies”
Generally, detects after the fact! Useful for generating subsequent signatures Often combined into firewalls now

13 Limitations for IDS Internet is “noisy”, see also, halting problem
Too few attacks Software/version specific Encrypted, tunneled traffic Intelligent design

14 Cryptography SSH WiFi As you all know, WEP is broken. You should try it some time WPA is fairly safe in the right mode with the right config Homeplug (I used this…) IPSec TLS PKI Biggest problem with all of these? KEY MANAGEMENT

15 Side Bar: Data In Motion
Protecting data as it moves from one node to another. Generally, this is done with network protocols, but can be “in the mail” Assumption is that the endpoints are secure Biggest issue is generally key management and authentication (of people and data)

16 Side Bar: Data At Rest Data stored at an endpoint, or in a temporary location Interesting issues with third parties: Insiders? Reliability/Availability Secure Fail? (fail open or fail closed?) Long term keys, passwords? Survivorship of access?

Download ppt "EN Lecture Notes Spring 2016"

Similar presentations

12-1 Last time Security in Networks Threats in Networks.

12-1 Last time Security in Networks Threats in Networks.
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.

ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
G53SEC 1 Network Security Hijacking, flooding, spoofing and some honey.

G53SEC 1 Network Security Hijacking, flooding, spoofing and some honey.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
TCP/IP Vulnerabilities. Outline Security Vulnerabilities Denial of Service Worms Countermeasures: Firewalls/IDS.

TCP/IP Vulnerabilities. Outline Security Vulnerabilities Denial of Service Worms Countermeasures: Firewalls/IDS.
Network security Further protocols and issues. Protocols: recap There are a few main protocols that govern the internet: – Internet Protocol: IP – Transmission.

Network security Further protocols and issues. Protocols: recap There are a few main protocols that govern the internet: – Internet Protocol: IP – Transmission.
Chapter Fifteen Working with Network Security. Objectives To discover what dangers lurk in that great big world To examine the basic concepts of security.

Chapter Fifteen Working with Network Security. Objectives To discover what dangers lurk in that great big world To examine the basic concepts of security.
OV 12 - 1 Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV 12 - 1 Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.

Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
1 CHAPTER 2 LAWS OF SECURITY. 2 What Are the Laws of Security Client side security doesn’t work Client side security doesn’t work You can’t exchange encryption.

1 CHAPTER 2 LAWS OF SECURITY. 2 What Are the Laws of Security Client side security doesn’t work Client side security doesn’t work You can’t exchange encryption.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.

1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
Security fundamentals Topic 10 Securing the network perimeter.

Security fundamentals Topic 10 Securing the network perimeter.
Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.

Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.

Similar presentations

Ads by Google