Presentation is loading. Please wait.

Presentation is loading. Please wait.

Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  E-mail Virus  Trojan Horse  Phishing 

Similar presentations


Presentation on theme: "Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  E-mail Virus  Trojan Horse  Phishing "— Presentation transcript:

1 Networks and Security Monday, 10 th Week

2 Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  E-mail Virus  Trojan Horse  Phishing  Spyware  Denial of Service Attacks  Cookies  Spam

3 Viruses and Worms  Virus – a program that can spread to computer to computer by replicating itself –Often malicious –Generally associated with some host program, spreads along with the host.  Worm – Similar to a virus, but able to actively propagate itself without piggy- backing on a host.

4 Common Virus Types  Macro Virus – a virus written in the macro language of a program such as Microsoft word.  E-mail Virus – a virus that disguises itself as a benign attachment. –Spreads by e-mailing copies of itself when the attachment is executed

5 Trojan Horse  Malicious program disguised as something else.

6 Phishing Schemes  Trick users into giving up passwords and other personal information.  Often replicate trusted corporate web-sites.  E.g. set up www.visa-security1.com to look exactly like a visa credit card site.www.visa-security1.com

7 Spyware  Software that collects information about you. –Web browsing habits. –Passwords and account information.  May be installed –by worms, viruses –Through security holes in browsers –Along with other software

8 Denial of Service Attacks  Deluge a web server with meaningless requests.  In a distributed DOS many computers attack at once.  This is accomplished by using personal computers infected with viruses.  IP spoofing – hide the true origin of packets.

9 Cookies  Intended to make web browsers more useful by allowing sites to store a small amount of information on your computer.  Can also be used to track you while browsing.

10 Spam  You know what spam is…

11 Network Security – Intranets and LANs  Network admin creates groups and assigns privileges to each group.  Admin assigns user names to each group.  Highest privilege – administrator group.  Lowest privilege – may just have access to shared network drive, a few printers and email.  Discovering user name and password of user in low-level group does not gain much access to the entire network.

12 Physical Security  Attach system to desk with cable & lock, record serial numbers, attach identifying tag/inscribe name inside case.  Backup files, store in another location.  Controlling access with username & password, biometric devices, or object possession (cards with magnetic strips, devices with antennas and microchips).

13 Security – Internet Connections Methods for blocking intruders from network or individual computers:  Firewall  Proxy server  Browser security settings  Automatic operating system updates

14 Security – Internet Connections Methods for blocking intruders:  Firewall

15 Firewalls  A firewall is software or hardware that monitors and controls data flowing between computers.  Why is it called a firewall?  Firewalls have a set of adjustable filters that detect and block certain types of activities.  Network admins typically configure the firewall to allow only one computer (called a gateway) on the network to interact with the Internet.  Firewalls can control TCP/IP, HTTP, FTP, Telnet, SMTP, and other protocols.

16 Proxy Servers  A proxy server is software that acts as a go-between for computers on the network and Internet web pages. It: 1. Keeps a cache of recently downloaded web pages for quick access. 2. Makes a log of all traffic between user and Internet to help detect and trace attacks.

17 Browser Security Settings  Browsers have certain security settings that can block certain features that pose security risks. Some of these are: 1. Disable Java or ActiveX applets in web pages. 2. Prevent web pages from storing cookies. Unfortunately, high security settings sometimes disable user-friendly features of some web pages.

18 Take 10 minutes or so to examine browser settings on lab computers.

19 Encrypted Communications Kinds of messages we might send/receive:  HTTP requests / responses  E-mail  Instant Messages  Telnet sessions  Transactions (shopping, etc.)

20 Privacy  Any machine (router) along the path of the message can read it. –Message more like a postcard than a letter  Is this good??? –Of course not!  What can we do??? –Encrypt the messages

21 Encryption/Cryptography  Need to figure out a way so that ONLY the recipient can read the message.  Most common techniques today: symmetric key encryption, public key encryption

22 Symmetric Key Encryption  A key is a binary number, typically 40 – 128 bits long.  Use a specific algorithm to combine the key with the message (already translated into binary) to produce an encrypted message.  The same key is used to decrypt the message.  Method is fast, but sender and receiver must have the key – how can the key be passed safely?

23 Public Key Encryption  Each person has a public key and a private key  The two keys ‘un-do’ each other: –Encrypt with public key, decrypt with private key  Public keys are publicly available on Key Servers (anyone can see / get them)  This method is slower, but more secure than symmetric key.

24 Combination of Symmetric and Public Key Encryption  Sender encrypts message using symmetric key  Sender encrypts symmetric key with the public key of the receiver.  Send encrypted key to receiver.  Receiver uses private key to decrypt symmetric key.  Receiver uses symmetric key to decrypt message.

25 Certificate Authority  How do you obtain someone’s public key?  Refer to a Certificate Authority (CA) – a trusted source that maintains a database of user names and their public keys. (similar to a DMV)  The CA may be used to identify merchants when making online purchases, or to verify contents of important documents and their senders.  VeriSign is a CA, charges about $15/year for generating & maintaining public/private key pairs.

26 How does encryption address security concerns? 4 main communication security concerns:  Eavesdropping: If a message is encrypted, it is unreadable by eavesdroppers without a key  Spoofing: Sender uses his or her private key to encrypt part of the message. Receiver uses sender’s public key to decrypt that part – if it decrypts, it confirms sender’s identity.

27 Encryption & Security Concerns cont.  Misrepresentation: Obtain a business’s public key from a CA and encrypt your message. Only the business identified by CA can decrypt the message.  Tampering: Use symmetric key encryption – Word & Excel can encrypt a file and require a password to decrypt it. (Password is used in making the symmetric key.) Weakness? More secure – using a digital signature.

28 Digital Signatures  To create a digital signature, the message is first processed by some algorithm to produce a single number (a 1-way hash).  This algorithm and the 1-way hash are then encrypted with the private key to produce the digital signature.  The message and digital signature are then transmitted.

29 Digital Signatures, cont.  The recipient uses the public key to decrypt the hash and its algorithm.  The recipient uses the algorithm and the transmitted message to produce a new hash. If this new hash matches the decrypted hash, recipient knows the message was not altered.


Download ppt "Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  E-mail Virus  Trojan Horse  Phishing "

Similar presentations


Ads by Google