Presentation is loading. Please wait.

Presentation is loading. Please wait.

SECURITY ISSUES IN NETWORKS WITH INTERNET ACCESS PRESENTED BY Sri Vallabh Aida Janciragic Sashidhar Reddy.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "SECURITY ISSUES IN NETWORKS WITH INTERNET ACCESS PRESENTED BY Sri Vallabh Aida Janciragic Sashidhar Reddy."— Presentation transcript:

1 SECURITY ISSUES IN NETWORKS WITH INTERNET ACCESS PRESENTED BY Sri Vallabh Aida Janciragic Sashidhar Reddy

2 Topics of Discussion Principles for secure networking Internet Vulnerabilities Security building blocks

3 Internet Security Why do we need to study security in the internet? Here are some reasons … –Computer networks have lots of vulnerabilities and threats –A hacker can log into my machine remotely and destroy the information –A malicious program can wipe out data on hundreds of computers causing huge losses

4 Principles for Secure Networking Questions to consider –What are we trying to protect? –What operations are authorized? –What is security parameter?

5 Principles continued… Know the configuration of the network hardware and software Know the vulnerabilities of the configuration Know the threats and consider it in relation to the vulnerabilities to asses the risk Authenticate and authorize the accessto network resources

6 Principles Continued.. Maintain audit logs Have a plan to detect and respond to security incidents Ensure individual accountability

7 The Networks of TwoHands Corporation TwoHands corporation develops, produces, and markets specialized gloves used in waste disposal and other safety related applications The corporation has a Headquarters,a Research Lab,several factories and warehouses in different parts of the country

8 Continued… Let us discuss the five stages of development in TwoHands Networks and consider in each stage the problems associated with the network and the possible remedies

9 Stage1:Private Networks Only Security Problems 1. Any user can access network traffic 2. Diskette drives on the client workstations 3. PCs with modem connections 4. Insufficient training to authorized users

10 Continued… Possible Countermeasures 1.Introduction of an authentication system for each user 2.Installation of virus detection software and configuration monitors 3.Installation of temper resistant hardware 4.Security awareness training for authorized users

11 Stage 2:Private Networks plus Read-only Web Server Security Problems 1.All the problems in stage 1 2.Denial of service attack 3.Unauthorized change to data on web server 4.Web address spoofing

12 Continued… Possible Countermeasures 1.Use a reliable web server package 2.Keep abreast of the advisories provided by CERT(Computer Emergency Response Team), FIRST(Forum of Incident Response Teams) 3.Proper maintenance of web server

13 Stage 3:Private Nets Plus Forms-Based WWW Server Security Problems 1.Compromise of order information 2.Spoofing of order information 3.Loss of control over the web site 4.Customer information stored on ISP host.

14 Continued… Possible Countermeasures 1.Using a secure web server like HTTP 2.Double checking the CGI scripts 3.Customer authentication

15 Stage 4:Internet Service through Firewall with Forms-Based WWW Server Security Problems 1.Attacks on internal systems via misconfigured firewalls 2.Importing of malicious software or exporting of sensitive information via properly configured firewall 3.Compromise of identity of correspondents 4.Back doors into internal networks

16 Continued… Possible Countermeasures 1.Proper firewall configuration 2.Vigilant management of firewall and the website 3. Provide proper awareness of security to the internal users

17 Stage 5:Virtual Private Networks Security Problems 1.Contamination of internal database via actions of cooperating companies 2.Service delays/denial for intranet traffic due to Internet/ISP problems 3.Compromise or delay of intranet traffic due to crypto mismanagement 4.Compromise of internal traffic patterns

18 Continued… Possible Countermeasures 1.Using proper encryption methodology 2.Avoid same company as ISP all the sites

19 Network Security Policy and Services For any level of network security to be established and maintained we need to understand: what assets we need to protect against what threats to what degree identify the elements of security policies appropriate for networks construct a security policy to meet the needs of network decide on means for enforcing the policy

20 Network security services confidentiality (protection against eavesdropping) integrity (protection against data modification) authentication (assurance that the source of the data is accurately identified to the recipient) non-repudiation (inability of the sender to disavow data the recipient receives)

21 Vulnerabilities Network Sniffing War Dialing Protocol Data-link-layer security Network-layer security Transport-layer security IP origin forgery

22 Above the application layer System access control and authorization data structures Malicious Software Hidden Application Features

23 Types of Encryption Algorithms  Symmetric DES ( Digital Encryption Standard)  Asymmetric ( Public Key Cryptography) RSA (Rivest Shamir Adleman)

24 DES

25 RSA

26 Authentication  Cryptographic Hash Functions  MAC (Message Authentication Code)  Digital Signatures

27 Security in TCP/IP Protocol Stack  Application Layer Encryption  Session Encryption  IP Layer Encryption

28 Relative Location of Security in TCP/IP Protocol Stack

29 SSL Protocol Operation

30 IP Security Scenario

31 The Kerberos Architecture Kerberos Client Ticket Granting Service Server (1) request/receive TGS ticket (2) request/receive server ticket (3) request service

32 Intrusion Detection  Network Based Network Security Monitor, Network IDS, Net Ranger, Tripwire etc…  Host Based Probes of host ports, password guessing etc…

33 Taxonomy of Malicious Programs

34 Security Management Tools  SATAN (Security Analysis Tool for Auditing Networks)  ISS (Internet Security Scanner)  Tiger  Crack  Snoop

35 Firewall Firewall : a method used to prevent unauthorized access to a private network Internet Trust

36 Types of Firewalls

37 SOCKS Target of communication sends information back through SOCKS daemon, which routes it to the user desktop. Protected Network Internet Firewall SOCKS daemon on firewall parses request, checks access control rules, and makes connection (proxy); copy data back in through firewall. Socksified user app asks SOCKS daemon for circuit

Download ppt "SECURITY ISSUES IN NETWORKS WITH INTERNET ACCESS PRESENTED BY Sri Vallabh Aida Janciragic Sashidhar Reddy."

Similar presentations

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Chapter 19 Security.

Chapter 19 Security.
NETWORK SECURITY.

NETWORK SECURITY.
Web services security I

Web services security I
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Similar presentations

Ads by Google