Presentation is loading. Please wait.

Presentation is loading. Please wait.

Research of the IP-Telephony for the Czech Armed Forces Zburníková Lucie Lt. Bc. Zburníková Lucie.

Published byGwendolyn Barrett Modified over 9 years ago

Similar presentations

Presentation on theme: "Research of the IP-Telephony for the Czech Armed Forces Zburníková Lucie Lt. Bc. Zburníková Lucie."— Presentation transcript:

1 Research of the IP-Telephony for the Czech Armed Forces Zburníková Lucie Lt. Bc. Zburníková Lucie

2 Main points of presentation characteristic of IP-telephony aims of the scientific work DoS attacks prevention and response overall summary 2

3 3 Aims of the scientific work to create a possible network diagram to categorize the DoS attacks to make the total and actual list of them to make the total and actual list of them to propose the form of detection and counteraction against them

4 Network diagram 4

5 5 Categories and types of Denial of Service attacks Direct Denial of Service attacks: Direct Denial of Service attacks: Single-tier attacks Single-tier attacks Dual-tier attacks Dual-tier attacks Triple-tier ‘distributed’ attacks Triple-tier ‘distributed’ attacks Indirect Denial of Service attacks: Indirect Denial of Service attacks: The LoveBug virus The LoveBug virus Code Red and Nimda worms Code Red and Nimda worms

6 6 Direct Denial of Service attacks  Single-tier DoS Attacks (1990-1997) Examples: Ping of Death, SYN floods, other malformed packet attacks  Dual-tier DoS Attacks (late 1997)‏ Example: Smurf  Triple-tier DDoS Attacks (1998-2000)‏ Examples: TFN2K, Stacheldraht, Mstream

7 7 Compare of the attacks  Older attacks are ineffective or of low danger.  The attempts that use new vulnerabilities of systems have low lifetime.  Flood attacks are simple, but dangerous.  DDoS flood attacks cause serious problems which can shift of any server.  Some new attempts can combine number of different simple attacks and can use DDos.

8 8 Prevention and Response Intrusion detection system (IDS) Intrusion detection system (IDS) network intrusion detection system network intrusion detection system protocol-based intrusion detection system (Example: Snort)‏ protocol-based intrusion detection system (Example: Snort)‏ application protocol-based intrusion detection system application protocol-based intrusion detection system host-based intrusion detection system host-based intrusion detection system hybrid intrusion detection system (Example: Prelude)‏ hybrid intrusion detection system (Example: Prelude)‏ Intrusion prevention system Intrusion prevention system (Self)defence against DoS attacks (Self)defence against DoS attacks

9 - Network -Based Host- Based + It's able to verify if attack was succesful or not. The functionality isn't affected by transmission or using the encryption. It's able to prevent the attack. It uses server as a source. The possibility of usage depends on OS. The extensibility - requires installation of one agent / server. It protects all terminal station on the monitoring net. It has no influence on function of the terminal stations / servers. It's able to detect DoS attacks. There are more difficult implement. in the environment of the switching LAN. Monitoring above 1Gb/s is the problem for now. Generally it can't for-actively stop the attack. Network-based vs. host- based system

10 10 Solution Set Router Sensor Host Sensor Firewall Sensor Mgmt Network Sensor 421042354250 Standard Edition Web Server Edition 170026003600 7xxx Secure Command Line Web UI Embedded Mgr CiscoWorks VMS Switch Sensor Catalyst 6500 IDS Module 3700 501506E515E525535 IDS on platforms of Cisco

11 11 General defence The systems for detection (and prevention) unauthorized intersection get past accessories for security nets by the firewalls. We obtain high level of defence in the face of unauthorized activities by the combination of net IDS and IDS for servers. The correct function of IDS has to be supported by regular plotting the adventitious information and upgrade of the system.

12 Overall summary VoIP telephony has a great potential to bring considerable advantages into telecommunications in comparison with standard technologies. The main advantage is cost reduction especially in the case of long distance calls. It offers quality phone services including secure voice and development prevention and response. 12

13

Download ppt "Research of the IP-Telephony for the Czech Armed Forces Zburníková Lucie Lt. Bc. Zburníková Lucie."

Similar presentations

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Network Basics.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Network Basics.
Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.

Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.
1 MITP 458 : Information Security and Assurance VOIP Xeon Group Rohit Bhat Ryan Hannan Alan Mui Irfan Siddiqui.

1 MITP 458 : Information Security and Assurance VOIP Xeon Group Rohit Bhat Ryan Hannan Alan Mui Irfan Siddiqui.
Intrusion Detection Systems By: William Pinkerton and Sean Burnside.

Intrusion Detection Systems By: William Pinkerton and Sean Burnside.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.

Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.
2 3856_10_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Security Technologies.

2 3856_10_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Security Technologies.
Student : Wilson Hidalgo Ramirez Supervisor: Udaya Tupakula Filtering Techniques for Counteracting DDoS Attacks.

Student : Wilson Hidalgo Ramirez Supervisor: Udaya Tupakula Filtering Techniques for Counteracting DDoS Attacks.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Business Data Communications, Fourth Edition Chapter 10: Network Security.

Business Data Communications, Fourth Edition Chapter 10: Network Security.
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.

Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Similar presentations

Ads by Google