Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Network Security

Published byRodney McDaniel Modified over 6 years ago

Similar presentations

Presentation on theme: "Introduction to Network Security"— Presentation transcript:

1 Introduction to Network Security
Source: Chapter 1 Computer Security Fundamentals Chuck Easttom, Prentice Hall, 2006 Modified by: C F Yung

2 Objectives Identify top threats to a computer network
Assess the likelihood of an attack Define key terms like cracker, sneaker, firewall, and authentication (證明) Compare and contrast perimeter and layered approaches to network security Use online resources Identify the top threats to a computer network: malware, intrusion, Denial of service attacks Assess the likelihood of an attack on your personal computer and network Define key terms such as cracker, sneaker, firewall and authentication Compare and contrast perimeter and layered approaches to network security Use online resources to secure your network

3 Introduction Computer systems and networks are all around us
Online banking Automated supermarket checkouts Online classes Online shopping Online travel resources Computer systems are everywhere. Online banking, ATMs, debit cards E-Bay, Amazon, Half.com for textbooks Expedia, Travelocity, airplane e-tickets

4 Introduction (cont.) How is personal information safeguarded (維護)?
What are the vulnerabilities (弱點)? What secures these systems? How is my online personal information safeguarded? Passwords, account numbers, etc. What are the vulnerabilities to these systems? Web site security What steps are taken to ensure that these systems and data are safe? SSL, Encryption, etc.

5 How Seriously Should You Take Threats to Network Security?
Which group do you belong to? “No one is coming after my computer.” Assumes there is no real threat (威脅) Reactive approach to security “The sky is falling!” Overestimate the dangers Middle ground Which group do you belong to?: “No one is coming after me/my computer.” Prove to me that I am at risk Ostrich Theory “The sky is falling!!” Prove to me that I am not at risk Paranoia Middle Ground An educated awareness of true risk

6 Identifying Types of Threats
Malware – MALicious (懷惡意的) softWARE Intrusions DoS – Denial of Service attacks Malware – MALicious softWARE, the most common threat to your system Intrusions – an attempt to gain unauthorized access to your system DoS – Denial of Service attacks, attempts to deny authorized users access to the system

7 Malware Software with a malicious purpose Virus Trojan horse Worm
Spyware Hoax/Phishing Reference: Virus – “a small program that replicates itself and hides itself inside other programs, usually without your knowledge” (Symantec, 2003) Trojan horse - a malicious program disguised as something desirable or harmless Spyware – the fastest-growing category of malware

8 Malware (cont.) Must execute itself Must replicate itself
Virus A small program that replicates (複製) and hides itself inside other programs, usually without the knowledge of the user. Two criteria: Must execute itself Must replicate itself Usually spreads through Using victim’s account to spread the virus to everyone in their address book. Uses system resources, causing slowdown or stoppage. Heavy network traffic caused by the virus replication. One of the two most common types of malware Usually spreads itself through unsuspecting user’s Even without malicious payload, rapid replication uses system resources, causing slow down or stoppage

9 Malware (cont.) Trojan Horse The other most common kind of malware.
Named after the wooden horse of ancient history. Appears to be benign (良好) software but secretly downloading a virus or other malware. For a Trojan horse to spread, you must invite these programs onto your computers. For example, by opening an attachment or downloading and running a file from the Internet. The other most common kind of malware Named after the famous wooden horse of ancient history It disguises itself as something benign, something you need or want, i.e. a game, screen saver, account logon, etc It captures your information and returns it to the intruder

10 Malware (cont.) Trojan Horse
Some may cause immediate damage, others might be designed to provide remote access to the system via a “back door”. Some may sit and wait to perform actions as instructed remotely, such as collecting and sending keystrokes captured by a keylogger program running in the background. The other most common kind of malware Named after the famous wooden horse of ancient history It disguises itself as something benign, something you need or want, i.e. a game, screen saver, account logon, etc It captures your information and returns it to the intruder

11 Malware (cont.) Worm Worms are programs that replicate themselves from system to system without the use of a host file. This is in contrast to viruses, which requires the spreading of an infected host file. Use and network facilities to spread to other resources.

12 Malware (cont.) Spyware
Software that literally spies on what you do on your computer. The most rapidly growing type of malware Cookies Key logger Unlike viruses and worms, spyware does not usually self-replicate. Exploits infected computers for commercial gain. Typical tactics include delivery of unsolicited (未經請求) pop-up advertisements, theft of personal information (including financial information such as credit card numbers) Monitoring of Web-browsing activity for marketing purposes, and routing of HTTP requests to advertising sites. Spyware is the most rapidly growing type of malware. Cookies: initially a good idea to help users surf the Web, now misused to spy on users Key logger: both in software and hardware, captures all the user’s typing and logs it, capturing passwords, account numbers, credit card numbers, etc.

13 Malware (cont.) Hoax (惡作劇) Phishing
Do not contain any code, instead relying on the gullibility of the users to spread. Often use emotional subjects such as a child's last wish. Any message that asks you to forward copies to everyone you know is almost certainly a hoax. Phishing Phishing scams are targeted to gather personal information in order to hijack your assets or steal your identity to open credit accounts in your name. Sample: Spyware is the most rapidly growing type of malware. Cookies: initially a good idea to help users surf the Web, now misused to spy on users Key logger: both in software and hardware, captures all the user’s typing and logs it, capturing passwords, account numbers, credit card numbers, etc.

14 Compromising System Security 損害系統安全
Intrusions Attacks attempt to gain unauthorized access to your system resources. Hackers Crackers Social engineering War-driving (wireless networks) Ref: Intrusions are attacks that break through your system’s resources without authorization Hackers – early internet joy riders, by intent not malevolent Crackers – system intruders, with malevolent intent Social Engineering – intruding into a system using human nature, not technology War driving – driving around looking for unprotected wireless networks

15 Denial of Service Attacks (DoS)
The attacker does not intrude into the system, just blocks access by authorized users. To flood the targeted system with so many false connection requests that the system cannot respond to legitimate requests. Reference: The attacker does not actually intrude into the system, just blocks access from authorized users Keeps your customers from purchasing on your Web site, denying you sales Keeps your employees from purchasing e-tickets to a trade show, making them use a travel agent, which costs more money than you had planned Keeps you from transferring the money from your business Line of Credit to your business account to pay for the tickets, causing your account to be overdrawn

16 Common Attacks on Your Network
Viruses Catch up on new and refurbished viruses Unauthorized use of systems DoS attacks Intrusions Employee misuse Insider attacks Viruses are most common network attacks Check any AV vendor Web site to catch up on new and refurbished viruses Unauthorized use of systems is the next most common attack DoS attacks Intrusions Employee misuse, either deliberate or accidental

17 Basic Security Terminology
People Hackers (Experts on a particular system) White hats Upon finding a vulnerability in a system, will report the vulnerability to the vendor of the system. Black hats (Crackers) Once gain access to a system, their goal is to cause some type of harm. Gray hats Conduct illegal activities for reasons they feel are ethical, such as hacking into a system belonging to a corporation that the hacker feels is engaged in unethical activities. Script kiddies Download utilities and scripts to perform some hacking tasks. Ethical hackers (Sneakers) Employed to legally breaks into a system in order to assess security deficiencies. People Hackers – anyone who studies a system through analyzing its flaws White hats – consider themselves the “good guys” Black hats – or “crackers” are definitely the “bad guys” Gray hats – not a common term; refers to individuals who operate out side of the law on occasion Script kiddies – inexperienced; consider themselves hackers, but only copy the work of others Ethical hackers – consultants who are hired to do vulnerability assessments on company systems

18 Basic Security Terminology (cont.)
Devices Firewall Filters network traffic Proxy server Hides IP address of internal host Improve performance and filter requests Intrusion Detection System (IDS) Monitors traffic, looking for attempted attacks (e.g. scanning all ports of a system) Firewalls – Found in a router or a server or as a stand-alone device, it filters ingress and egress network traffic. Proxy server – This sits between a client and an application, acting as the host on your network, disguising the IP address of your internal host. Intrusion Detection System – IDS monitors traffic, looking for attempted attacks.

19 Basic Security Terminology (cont.)
Activities Phreaking (盜用電話線路) Involves breaking into telephone systems, say to make free long distance calls. Authentication Determine if the credentials (username, password) are authorized to access the resource. Auditing (審核) Reviewing logs and records Procedures to determine if these items meet standards Phreaking – a sub-specialty of hacking, breaking into telephone systems, it gave Kevin Mitnick his start down the road to prison. Authentication – process of determining if the credentials given by a user are authorized to access system resources. Auditing – process of reviewing logs, records, and procedures to ensure established standards are being met; tedious but critical.

20 Network Security Paradigms 網路安全範例
How will we protect our network? Perimeter security approach Any technology or procedure to prevent unauthorized access of the network. Little or no effort is put into securing the systems within the network. Adequate for small organizations. Firewalls, proxy servers, password policies. Layered security approach Not only is perimeter secured, but individual systems within the network are also secured. Divide the network into segments and secure each segment. Proactive versus reactive Hybrid security method How will we protect our network? Perimeter security approach Perimeter Defense is the most popular because it used to be clearly defined, but as companies hire mobile workers, home workers, and contract workers, the perimeter is becoming less and less clearly defined. Layered security approach Not only the perimeter but separate sections of the network are protected to the security level assigned to them. Proactive vs Reactive Are your security measures active or passive? Do you have a security plan, or are you part of someone else’s plan to intrude on you? Hybrid Security Method Only a thorough and ongoing risk assessment and vulnerability can keep you informed about what combination of postures will benefit your network the most.

21 Online Security Resources
CERT (Computer Emergency Response Team) The first computer incident-response team. Microsoft Security Advisor A portal to all Microsoft security information, tools, and updates. F-Secure A repository for detailed information on viruses, tools for cleaning infected system. SANS A repository of security-related documentation. (ISC)2 A not-for-profit leader in educating and certifying information security professionals CERT Computer Emergency Response Team, sponsored by Carnegie- Mellon University, the first computer incident response team Microsoft Security Advisor Microsoft security information, tools, and updates F-Secure Information on virus outbreaks SANS Documentation on computer security issues

22 Analysis Tools Nmap (Network Mapper) Snort Nessus
Free security scanner Snort Open source network intrusion prevention and detection system. Nessus Network vulnerability scanner Microsoft Baseline Security Analyzer (MBSA) Free security and vulnerability assessment scan tool.

23 Analysis Tools (cont.) Microsoft Baseline Security Analyzer (MBSA)
Free security and vulnerability assessment scan tool. Knoppix STD A Live CD Linux distribution based on Knoppix that focuses on computer security tools.

24 Summary Network security is a constantly changing field.
You will require three levels of knowledge. First, take the courses necessary to train yourself in the basic techniques. Second, learn your enterprise system intimately, with all its strengths and vulnerabilities. Finally, keep current in the ever-changing world of threats and exploits.

Download ppt "Introduction to Network Security"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Computer Viruses.

Computer Viruses.
Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.

Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.
Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.
Hands-On Ethical Hacking and Network Defense

Hands-On Ethical Hacking and Network Defense
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS 4600 - © Abdou Illia.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.

S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.

Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.
COMPUTER TERMS PART 2. NETWORK When you have two or more computers connected to each other, you have a network. The purpose of a network is to enable.

COMPUTER TERMS PART 2. NETWORK When you have two or more computers connected to each other, you have a network. The purpose of a network is to enable.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security.

Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security.

Similar presentations

Ads by Google