Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Chapter 9 Copyright 2004 Prentice-Hall Panko’s Business Data Networks and Telecommunications, 5th edition.

Published byMarlene Cooper Modified over 6 years ago

Similar presentations

Presentation on theme: "Security Chapter 9 Copyright 2004 Prentice-Hall Panko’s Business Data Networks and Telecommunications, 5th edition."— Presentation transcript:

1 Security Chapter 9 Copyright 2004 Prentice-Hall Panko’s Business Data Networks and Telecommunications, 5th edition

2 Trends in Computer and Network Security

3 Figure 9-1: CSI/FBI Survey
Survey conducted by the Computer Security Institute ( Based on replies from 530 U.S. Computer Security Professionals. If fewer than twenty firms reported quantified dollar losses, data for the threat are not shown.

4 Figure 9-1: CSI/FBI Survey
Had at Least One Security Incident in This Category (May Have Had Several) Percent Reporting an Incident in 1997 Percent Reporting an Incident in 2003 Number Reporting Quantified Losses in 2003 Average Reported Annual Loss Per Firm (1000s) in 1997 Average Reported Annual Loss Per Firm (1000s) in 2003 Viruses 82% 82% 254 $76 $200 Insider Abuse of Net Access Not Asked 80% 180 Not Asked $136

5 Figure 9-1: CSI/FBI Survey
Had at Least One Security Incident in This Category (May Have Had Several) Percent Reporting an Incident in 1997 Percent Reporting an Incident in 2003 Number Reporting Quantified Losses in 2003 Average Reported Annual Loss Per Firm (1000s) in 1997 Average Reported Annual Loss Per Firm (1000s) in 2003 Laptop Theft 58% 59% 250 $38 $47 Unauthorized Access by Insiders 40% 45% 72 Not Asked $31

6 Figure 9-1: CSI/FBI Survey
Had at Least One Security Incident in This Category (May Have Had Several) Percent Reporting an Incident in 1997 Percent Reporting an Incident in 2003 Number Reporting Quantified Losses in 2003 Average Reported Annual Loss Per Firm (1000s) in 1997 Average Reported Annual Loss Per Firm (1000s) in 2003 Denial of Service 24% 42% 111 $77 $1,427 System Penetration 20% 36% 88 $132 $56 Sabotage 14% 21% 61 $164 $215

7 Figure 9-1: CSI/FBI Survey
Had at Least One Security Incident in This Category (May Have Had Several) Percent Reporting an Incident in 1997 Percent Reporting an Incident in 2003 Number Reporting Quantified Losses in 2003 Average Reported Annual Loss Per Firm (1000s) in 1997 Average Reported Annual Loss Per Firm (1000s) in 2003 Theft of Proprietary Information 20% 21% 61 $954 $2,700 Financial Fraud 12% 15% 61 $958 $329

8 Figure 9-1: CSI/FBI Survey
Had at Least One Security Incident in This Category (May Have Had Several) Percent Reporting an Incident in 1997 Percent Reporting an Incident in 2003 Number Reporting Quantified Losses in 2003 Average Reported Annual Loss Per Firm (1000s) in 1997 Average Reported Annual Loss Per Firm (1000s) in 2003 Telecom Fraud 27% 10% 34 Not Asked $50 Telecom Eavesdropping 11% 6% Not Asked Not Asked Active Wiretap 3% 1% Not Asked Not Asked

9 Figure 9-1: CSI/FBI Survey
Conclusion Attacks are like multiple poisons Several of them are fatal Defense is difficult

10 Viruses and Worms Human Hacking (Break-Ins) Denial-of-Service Attacks
Major Attacks Viruses and Worms Human Hacking (Break-Ins) Denial-of-Service Attacks

11 Figure 9-2: Viruses and Worms
Pieces of code that attach to other programs Virus code executes when infected programs execute Infect other programs on the computer Spread to other computers by attachments, webpage downloads, etc.

12 Figure 9-2: Viruses and Worms
Many viruses spread themselves by sending fake e- mail messages with infected attachments Antivirus programs are needed to scan arriving files Users often fail to keep their computer antivirus programs up to date Antivirus filtering on the server works even if users are negligent

13 Figure 9-2: Viruses and Worms
Complete programs Self-propagating worms identify victim hosts, jump to them, and install themselves Can do this because hosts have vulnerabilities Vendors develop patches for vulnerabilities but companies often fail to apply them

14 Figure 9-2: Viruses and Worms
Worms take advantage of specific vulnerabilities Firewalls can stop many worms by forbidding access to most ports worms can get around antivirus filtering

15 Figure 9-2: Viruses and Worms
Blended Threats Combine the spreading characteristics of viruses and worms Payloads Programs that can do damage to infected hosts Erase hard disks, send users to pornography sites if they mistype a URL Trojan horses: exploitation programs disguise themselves as system files

16 Figure 9-3: Human Break-Ins (Hacking)
Viruses and worms rely on one main attack method Humans can keep trying different approaches until they succeed Hacking Breaking into a computer Hacking is intentionally using a computer resource without authorization or in excess of authorization Prosecutable if do a certain amount of damage

17 Figure 9-3: Human Break-Ins (Hacking)
Scanning Phase Send attack probes to map the network and identify possible victim hosts Like a robber casing a neighborhood Finds active IP addresses Identifies type of computer at that address via open ports, etc. Nmap program is popular (Figure 9-4)

18 Figure 9-4: Nmap Scanning Output
IP Range to Scan Type of Scan Identified Host and Open Ports

19 Figure 9-3: Human Break-Ins (Hacking)
The Exploit The Term “Exploit” is Used in Two Ways The actual break-in Exploit is the program used to make the break-in Super user accounts (administrator and root) can do anything If application running with super user privileges is compromised, the attacker gains super user privileges

20 Figure 9-3: Human Break-Ins (Hacking)
After the Break-In Become invisible by deleting log files Create a backdoor (way to get back into the computer) Backdoor account—account with a known password and super user privileges Backdoor program—program to allow reentry; usually Trojanized Do damage at leisure

21 Denial-of-Service (DoS) Attacks
Make a computer or network unavailable to users An exploding threat Rarely: sending a single message to bring down a computer Usually: overload a victim with a flood of messages

22 Figure 9-5: Distributed Denial-of-Service (DDoS) Flooding Attack
Zombie Handler Attack Command Attack Packet Attack Command Attack Packet Attacker Attack Command Victim Attack Command Zombie Attack Packet Handler Attack Command Zombie

23 Attackers

24 Figure 9-6: Types of Attackers
Traditional attackers: Curious hackers Disgruntled employees and ex-employees Growing number of criminal attackers Potential for far more massive attacks Cyberterror attacks by terrorists Cyberwar by nations

25 Security Management

26 Figure 9-7: Planning Principles
Security is a Management Issue, Not a Technical Issue Without good management, technology cannot be effective. Like a car. If you don’t know how to drive, not likely to be able to use effectively. Soldiers are not just given weapons. Must be trained extensively in tactics, etc.

27 Figure 9-7: Planning Principles
Plan-Protect-Respond Cycle Three phases endlessly repeating Planning: preparing for defense Protecting: implementing planned protections Responding: stopping attacks and repairing damage when protections fail

28 Figure 9-7: Planning Principles
Risk Analysis Cost of protections should not exceed probable damage Annual probability of damage Damage from a successful incident (Say, $50,000) Times the annual probability of success (say 10%) Gives the probable annual loss ($5,000)

29 Figure 9-7: Planning Principles
Risk Analysis Cost of protection If a protection can reduce the annual probability of damage by a certain amount, up to this amount can be spent on the protection Example Protection A can reduce the annual probability of damage by 50% ($2,500) If Protection A costs $1,000 per year, use it. If Protection A costs $4,000 per year, don’t use it.

30 Figure 9-7: Planning Principles
Comprehensive Security Attacker is intelligent Attacker only has to find one weakness Firm needs comprehensive security to close all avenues of attack

31 Figure 9-7: Planning Principles
Defense in Depth Every protection breaks down sometimes Attacker should have to break through several lines of defense to succeed Providing this protection is called defense in depth Defense 1 (fails) Defense 2

32 Authentication

33 Figure 9-8: Authentication and Authorization
Server 1. Credentials (Password, etc.) Verifier Applicant Verifier Applicant

34 Figure 9-8: Authentication and Authorization
Server Verifier 2. OK? Applicant Verifier Applicant

35 Figure 9-8: Authentication and Authorization
Server Verifier 3. OK and Authorizations Applicant Verifier Applicant

36 Figure 9-8: Authentication and Authorization
Server Verifier 4. Welcome Applicant Verifier Applicant

37 Figure 9-9: Password Authentication
Passwords Strings of characters Typed to authenticate use of a username (account) on a computer Benefits Ease of use for users (familiar) Inexpensive because built into operating systems

38 Figure 9-9: Password Authentication
Often weak (easy to crack) Word and name passwords are common Can be cracked quickly with dictionary attack Passwords should be complex Mix case, digits, and other keyboard characters ($, #, etc.) Can only be cracked with brute force attacks (trying all possibilities)

39 Figure 9-9: Password Authentication
Passwords should be long Six to eight characters minimum Each added character increases the brute force search time by a factor of up to 75

40 Figure 9-10: Digital Certificate Authentication
User gets secret private key and non-secret public key Digital certificates give the name of a true party and his or her public key

41 Figure 9-10: Digital Certificate Authentication
Testing a Digital Signature Applicant performs a calculation with his or her private key Verifier tests calculation using the public key found in the true party’s digital certificate If the test succeeds, the applicant must be the true party

42 Figure 9-11: Testing a Digital Signature
Digital Certificate Name of True Party Public Key of True Party Digital Signature Created with Private Key of Applicant. Added to each Message. Authentication

43 Figure 9-10: Digital Certificate Authentication
Strong Authentication The strongest method today Expensive and Time-Consuming to Implement Software must be added to clients and servers, and each computer must be configured Expensive because there are so many clients in a firm

44 Figure 9-10: Digital Certificate Authentication
Client Weaknesses Sometimes, only server gets digital certificate Client uses passwords or something else

45 Figure 9-11: Testing a Digital Signature
Verifier must test the digital signature with the public key of the true party. If the test succeeds, the applicant must have the true party’s private key. Only the true party should know this private key; so the applicant must be the true party.

46 Figure 9-12: Biometric Authentication
Based on bodily measurements Promises to dramatically simplify authentication

47 Figure 9-12: Biometric Authentication
Fingerprint Scanning Simple and inexpensive Substantial error rate (misidentification) Often can be fooled fairly easily by impostors Dominates biometrics today

48 Figure 9-12: Biometric Authentication
Iris Scanners Scan the iris (colored part of the eye) Irises are complex, so strong authentication Expensive (Do NOT shine light in your eyes; scanner is a camera.)

49 Figure 9-12: Biometric Authentication
Face Recognition Camera allows analysis of facial structure Can be done surreptitiously— without the knowledge or consent of person being scanned Very high error rate and easy to fool

50 Figure 9-12: Biometric Authentication
Error Rates and Deception Error and deception rates are higher than vendors claim Usefulness of biometrics is uncertain

51 Firewalls, IDSs, and IPSs

52 Figure 9-13: Firewall Operation
Corporate Network The Internet Permit (Pass) Legitimate Packet IP-H TCP-H Application Message IP-H UDP-H Application Message Deny (Drop) Attack Packet IP-H ICMP Message Arriving Packets Static Packet Filter Firewall Log File

53 Figure 9-14: Access Control List (ACL) for a Packet Filter Firewall
1. If destination IP address = AND TCP destination port = 80 OR 443, PASS [connection to a public webserver] 2. If ICMP Type = 0, PASS [allow incoming echo reply messages] 3. If TCP destination port = AND 65535, PASS [allow incoming packets to ephemeral TCP port numbers]

54 Figure 9-14: Access Control List (ACL) for a Packet Filter Firewall
4. If UDP destination port = AND , PASS [allow incoming packets to ephemeral UDP port numbers] 5. DENY ALL [deny all other packets]

55 Figure 9-15: Stateful Firewall Default Operation
Internally initiated communication is allowed. X Internal Host Externally initiated communication is stopped. External Host

56 Figure 9-16: Application Firewalls
Examine application layer messages in packets Packet filter firewalls and stateful firewalls do not look at application messages at all This makes them vulnerable to certain attacks

57 Figure 9-16: Application Firewalls
Application Fidelity Requiring the application using a well-known port to be the application that is supposed to use that port For instance, if an application uses Port 80, application firewall requires it to be HTTP, not a peer-to-peer file transfer program or something else This is called enforcing application fidelity

58 Figure 9-16: Application Firewalls
Limited Content Filtering Allow FTP Get commands but stop FTP Put commands Do not allow HTTP connections to black-listed (banned) websites application server may delete all attachments

59 Figure 9-16: Application Firewalls
Antivirus Scanning Few application firewalls do antivirus filtering Packets also must be passed through separate antivirus filtering programs

60 Figure 9-17: Defense in Depth with Firewalls
Internet Screening Border Router with Packet Filter Firewall Software Application Firewall , HTTP, etc. Client with Host Firewall Software Main Firewall: Stateful Inspection Firewall Site

61 Figure 9-18: Firewalls Hardened Server Internet Firewall
Allowed Legitimate Packet Attacker IDS Legitimate Packet Hardened Client PC Internal Corporate Network Log File Legitimate Host Network Management Console

62 Figure 9-18: Firewall Hardened Server Internet Firewall IDS Attack
Packet Attacker Denied Attack Packet Hardened Client PC Internal Corporate Network Log File Legitimate Host Network Management Console

63 Figure 9-18: Intrusion Detection System (IDS)
Hardened Server Suspicious Packet Suspicious Packet IDS IDS Attacker Alarm About Suspicious Packet Hardened Client PC Internal Corporate Network Log File Legitimate Host Network Management Console

64 Figure 9-18: Intrusion Prevention Systems (IPSs)
Firewalls stop simple attacks IDSs can identify complex attacks involving multiple packets But many false positives (false alarms) Intrusion prevention systems (IPSs) Like IDSs, can identify complex attacks Unlike IDSs, also stop these attacks Only allowed to stop clearer complex attacks

65 Figure 9-19: Cryptographic System (SSL/TLS)
Applicant (Customer Client) without Digital Certificate Verifier (Merchant Webserver) with Digital Certificate Provides Protection at Transport Layer Protects all Application Traffic That is SSL/TLS-Aware (Mostly HTTP)

66 Figure 9-19: Cryptographic System (SSL/TLS)
Applicant (Customer Client) without Digital Certificate Verifier (Merchant Webserver) with Digital Certificate 1. Negotiation of Security Options (Brief) 2. Merchant Authenticates Self to Customer Uses a Digital Certificate Customer Authentication Is Optional and Uncommon

67 Figure 9-19: Cryptographic System (SSL/TLS)
Applicant (Customer Client) without Digital Certificate Verifier (Merchant Webserver) with Digital Certificate 3. Client Generates Random Session Key Client Sends to Server Encrypted by Merchant’s Public Key 4. Ongoing Communication with Confidentiality and Merchant Digital Signatures

68 Figure 9-19: Cryptographic System (SSL/TLS)
Perspective Initial Hand-Shaking Phases are Very Brief (Milliseconds) The Last Phase (Ongoing Communication) Is Almost All Total Communication

69 Encryption for Confidentiality

70 Figure 9-20: Symmetric Key Encryption and Public Key Encryption
Symmetric Key Encryption for Confidentiality Symmetric Key Message “Hello” Encryption Method & Key Encrypted Message Interceptor Network Party A Party B Encryption uses a non-secret encryption method and a secret key

71 Figure 9-20: Symmetric Key Encryption and Public Key Encryption
Symmetric Key Encryption for Confidentiality Symmetric Key Encrypted Message Interceptor Network Party A Encrypted Message Interceptor cannot read encrypted messages Party B

72 Figure 9-20: Symmetric Key Encryption and Public Key Encryption
Symmetric Key Encryption for Confidentiality Symmetric Key Message “Hello” Encryption Method & Key Encrypted Message Interceptor Same Symmetric Key Network Party A Encrypted Message Decryption Method & Key Message “Hello” Receiver decrypts the message Using the same encryption message And the same symmetric key Party B

73 Figure 9-20: Symmetric Key Encryption and Public Key Encryption
Public Key Encryption for Confidentiality Encrypt with Party B’s Public Key Decrypt with Party B’s Private Key Encrypted Message Note: Four keys are used to encrypt and decrypt in both directions Party A Party B Decrypt with Party A’s Private Key Encrypted Message Encrypt with Party A’s Public Key

74 Figure 9-21: Other Aspects of Protection
Hardening Servers and Client PCs Setting up computers to protect themselves Server Hardening Patch vulnerabilities Minimize applications running on each server Use host firewalls Backup so that restoration is possible

75 Figure 9-21: Other Aspects of Protection
Hardening Servers and Client PCs Client PC Hardening As with servers, patching vulnerabilities, minimizing applications, having a firewall, and implementing backup Also, a good antivirus program that is updated regularly Client PC users often make errors or sabotage hardening techniques

76 Figure 9-21: Other Aspects of Protection
Vulnerability Testing Protections are difficult to set up correctly Vulnerability testing is attacking your system yourself or through a consultant There must be follow-up to fix vulnerabilities that are discovered

77 Dealing with attacks that succeed
Incident Response Dealing with attacks that succeed

78 Figure 9-22: Incident Response
Response Phases Detecting the attack If not detected, damage will continue unabated IDS or employee reports are common ways to detect attacks Stopping the attack Depends on the attack Reconfiguring firewalls may work

79 Figure 9-22: Incident Response
Response Phase Repairing the damage Sometimes as simple as running a cleanup utility Sometimes, must reformat a server disk and reinstall software Can be very expensive if the attacker has done much damage

80 Figure 9-22: Incident Response
Response Phase Punishing the attackers Easier to punish employees than remote attackers Forensic tools collect data in a manner suitable for legal proceedings

81 Figure 9-22: Incident Response
Major Attacks and CSIRTs Major attacks cannot be handled by the on-duty staff On-duty staff convenes the computer security incident response team (CSIRT) CSIRT has people from security, IT, functional departments, and the legal department

82 Figure 9-22: Incident Response
Disasters Natural and attacker-created disasters Can stop business continuity (operation) Data backup and recovery are crucial for disaster response Dedicated backup facilities versus real-time backup between different sites

83 Figure 9-22: Incident Response
Disasters Business continuity recovery is broader Protecting employees Maintaining or reestablishing communication Providing exact procedures to get the most crucial operations working again in correct order

84 Topics Covered

85 Topics Covered A Wide Variety of Attacks Viruses and Worms
Hacking (Break-in) Scanning Break-In Exploitation (delete log files, create backdoors, do damage) Denial-of-Service (DoS) Attacks Employee misuse of the Internet Growing in frequency (and viciousness)

86 Topics Covered A Wide Variety of Attackers Traditional Attackers
Wizard attackers Employees and Ex-Employees Criminals (Exploding) Cyberterrorists and National Governments

87 Topics Covered A Management Issue, not a Technical Issue Planning
Technology does not work automatically Planning Risk analysis Comprehensive security Defense in depth

88 Topics Covered Authentication and Authorization
Authentication servers give consistency Passwords (weak) Digital signatures and digital certificates High security but difficult to implement Biometric authentication Could eliminate passwords Error rates and deception

89 Topics Covered Firewalls Drop and log packets
Packet filter firewalls and ACLs Stateful firewalls (dominate for main firewalls today) Application firewalls filter application content Usually do NOT provide antivirus filtering Defense in depth with multiple firewalls IDSs to detect complex attacks IPSs to stop some complex attacks

90 Topics Covered Cryptographic Systems SSL/TLS
Negotiate security parameters Authentication Key exchange Ongoing communication (dominates) SSL/TLS Cryptographic system used in e-commerce Protects HTTP communication

91 Topics Covered Encryption for Confidentiality Symmetric key encryption
Both sides use the same symmetric key Dominates because fast and efficient Public key encryption Each side has a secret private key and a non-secret public key

92 Topics Covered Hardening Servers and Client PCs Vulnerability Testing
Patching vulnerabilities Minimize applications Host firewalls Backup Clients: antivirus filtering (users may sabotage) Vulnerability Testing

93 Topics Covered Incident Response
Detection, stopping, repair, punishment CSIRTs for major attacks to big for the on-duty staff to handle Disaster response and business continuity recovery

Download ppt "Security Chapter 9 Copyright 2004 Prentice-Hall Panko’s Business Data Networks and Telecommunications, 5th edition."

Similar presentations

Computer Viruses.

Computer Viruses.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
COS 338 Day 18. DAY 18 Agenda Second capstone progress report over due Lab 5 graded 1 A, 2 B’s, 2 F’s and 1 non-submits Assignment 5 Graded 2 A’s, 2 B’s.

COS 338 Day 18. DAY 18 Agenda Second capstone progress report over due Lab 5 graded 1 A, 2 B’s, 2 F’s and 1 non-submits Assignment 5 Graded 2 A’s, 2 B’s.
Security Chapter 9 Copyright 2004 Prentice-Hall Panko’s Business Data Networks and Telecommunications, 5 th edition.

Security Chapter 9 Copyright 2004 Prentice-Hall Panko’s Business Data Networks and Telecommunications, 5 th edition.
COS 338 Day 16. DAY 16 Agenda Capstone Proposals Overdue 3 accepted, 3 in mediation Capstone progress reports still overdue I forgot to mark in calendar.

COS 338 Day 16. DAY 16 Agenda Capstone Proposals Overdue 3 accepted, 3 in mediation Capstone progress reports still overdue I forgot to mark in calendar.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Chapter 9 Security. The Threat Environment 3 Figure 9-1: CSI/FBI Survey Companies Face Many Attacks –Viruses (and other malware) –Insider abuse of net.

Chapter 9 Security. The Threat Environment 3 Figure 9-1: CSI/FBI Survey Companies Face Many Attacks –Viruses (and other malware) –Insider abuse of net.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) =.00625 * 5,349.44 = $33.434 What happens to the.004?.004+.004+.004=.012.004.

Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
© 2013 Pearson.  Controlling Access to Resources ◦ If criminals cannot get access, they cannot do harm.  Authentication ◦ Proving one’s identity ◦ Cannot.

© 2013 Pearson.  Controlling Access to Resources ◦ If criminals cannot get access, they cannot do harm.  Authentication ◦ Proving one’s identity ◦ Cannot.
© 2009 Pearson Education, Inc. Publishing as Prentice Hall Chapter 9 Updated January 2009 Raymond Panko’s Business Data Networks and Telecommunications,

© 2009 Pearson Education, Inc. Publishing as Prentice Hall Chapter 9 Updated January 2009 Raymond Panko’s Business Data Networks and Telecommunications,
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Chapter 9 Updated January 2009 XU Zhengchuan Fudan University Security.

Chapter 9 Updated January 2009 XU Zhengchuan Fudan University Security.
Security Copyright 2003 Prentice-Hall Panko’s Business Data Networking and Telecommunications, 4 th edition.

Security Copyright 2003 Prentice-Hall Panko’s Business Data Networking and Telecommunications, 4 th edition.
AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.

Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.

Similar presentations

Ads by Google