Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security. Reasons to attack Steal information Modify information Deny service (DoS)

Published byLeon Gallagher Modified over 9 years ago

Similar presentations

Presentation on theme: "Network Security. Reasons to attack Steal information Modify information Deny service (DoS)"— Presentation transcript:

1 Network Security

2 Reasons to attack Steal information Modify information Deny service (DoS)

3 Targets DB Servers Traffic Workstations Bandwidth

4 Types of attack Snooping: listening to data Corrupting: modifying data Spoofing: generate traffic that will be perceived as legitimate traffic Denial of service

5 DoS methods Ping of death: offset in packet causes buffer overflow => memory corruption Tear drop: misfragmented packet => OS crashes trying to reconstruct Land: SYN w/ identical src and dest => loop SYN attack/flood: massive number of SYNs

6 IP Sec Encryption + authentication Authentication header (AH): authenticates non-variable part of frame (MD5 hash) Encapsulation Security Payload (ESP): Encrypts payload (DES)

7 Modes of operation: Tunnel GW to GW GWs need to be IPSEC enabled ESP encrypts initial frame AH authenticates non variable parts

8 Modes of operation: Transport Host to host Hosts need to IPSEC enabled ESP encrypts payload AH authenticates non-variable part

9 Encapsulation

10 Security Associations One-way connections => a communications requires 2 SA Negotiation managed by IKE (Internet Key Exchange) => Dynamic and secure establishment of SA IKE authenticates each peer in an IPSec transaction, negotiates security policy, and handles the exchange of session keys.

11 Firewalls Inside devices are not directly accessible from the outside Filters traffic based on defined RULES (rules can apply to addresses, ports, protocols, etc… ) Can be either software or hardware Can not protect from everything

12 DMZ DeMilitarized zone Private area that can be accessed from the outside (FTP or Web servers for example) Different or no rules

13 Firewall with DMZ

14 + NAT

Download ppt "Network Security. Reasons to attack Steal information Modify information Deny service (DoS)"

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Secure Mobile IP Communication

Secure Mobile IP Communication
CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT 09.11.2005.

NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
SCSC 455 Computer Security Virtual Private Network (VPN)

SCSC 455 Computer Security Virtual Private Network (VPN)
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.

1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.

IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.

1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
By Rod Lykins.  Background  Benefits  Security Advantages ◦ Address Space ◦ IPSec  Remaining Security Issues  Conclusion.

By Rod Lykins.  Background  Benefits  Security Advantages ◦ Address Space ◦ IPSec  Remaining Security Issues  Conclusion.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
K. Salah1 Security Protocols in the Internet IPSec.

K. Salah1 Security Protocols in the Internet IPSec.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Security Data Transmission and Authentication

Security Data Transmission and Authentication
What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.

What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.
Protocol Basics. IPSec Provides two modes of protection –Tunnel Mode –Transport Mode Authentication and Integrity Confidentiality Replay Protection.

Protocol Basics. IPSec Provides two modes of protection –Tunnel Mode –Transport Mode Authentication and Integrity Confidentiality Replay Protection.

Similar presentations

Ads by Google