Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security Onno W. Purbo Buku Keamanan Jaringan Internet Toko Buku Gramedia.

Published byValerie Kelly Modified over 9 years ago

Similar presentations

Presentation on theme: "Network Security Onno W. Purbo Buku Keamanan Jaringan Internet Toko Buku Gramedia."— Presentation transcript:

1 Network Security Onno W. Purbo onno@indo.net.id

2 Buku Keamanan Jaringan Internet Toko Buku Gramedia

3 http://www.sans.org

4

5

6

7

8 http://www.rootshell.com

9

10

11 Overview Roadmap SANS Integrating Security Into Your Site How to Get the Work Done Where to Find the Right Information Pitfalls and Vulnerabilities

12 Integrating Security Into Your Site

13 How do you justify the security infrastructure investment? How do you determine your site's security mission statement? What are the key elements of a successful security awareness training program? What are the key elements of a good security infrastructure? What are some common security problems which continue to plague many sites?

14 How to Get the Work Done

15 duties of security support personnel? ensure or document security infrastructure? types of security tools and the most popular tools in use today? Where can you find some consolidated information security vulnerabilities? find vendor-specific security patches? find many of the public domain security tools? seven items when responding to incident? five low-cost security improvements?

16 7 items to remember? Follow your organization’s policies and procedures. Contact incident response agencies. Communication via out-of-band (e.g., a phone call). Document your actions. Make copies of files the intruders may have left or touched & store them off-line. If you are unsure of what actions to take, seek additional help and guidance. Contact law enforcement officials.

17 5 low-cost improvements Document and publish what you expect. Configure your routers to deny all unnecessary incoming traffic. Keep sendmail properly configured and updated. Use freeware vulnerability assessment tools. Publish the results. Install freeware host and network based auditing and traffic analysis tools on critical hosts.

18 Where to Find the Right Information

19 What are some incident response centers? Where can you find vendor-specific security information? What are some of the good security web sites? What are some good security books? What are some good security mailing lists?

20 Good security web sites? ftp://ciac.llnl.gov/pub/ciac/sectools/unix / ftp://ftp.cerias.purdue.edu ftp://ftp.cert.org/pub/tools/ ftp://ftp.win.tue.nl/pub/security/ ftp://ftp.funet.fi/pub/unix/security/

21 Pitfalls and Vulnerabilities

22 What are some of the frequently targeted system binaries and directories? What are some common Internet attack methods in use today? What are some common problems with security perimeter implementations?

23 targeted system binaries & directories? /bin/login /usr/etc/in.telnetd /usr/etc/in.ftpd /usr/etc/in.tftpd /usr/ucb/netstat /bin/ps /bin/ls /usr/sbin/ifconfig /bin/df /usr/lib/libc.a /usr/ucb/cc /.rhosts /etc/hosts.equiv /bin/.rhosts /etc/passwd /etc/group /var/yp/* (nis maps) root environment files (.login,.cshrc,.profile,.forward)

24 Common Internet attack? Exploitation vulnerabilities in vendor programs. Exploitation of cgi-bin vulnerabilities. Email bombing, spamming & relaying. Exploitation anon-FTP & web servers. Exploitation of named/BIND vulnerabilities. Exploitation of MTA & mail readers. Denial of Services (DoS) attacks. Sending hostile code & attack programs as mail attachments.

25 Security perimeter implementations? Further security checks & controls are needed on internal network. Members can request analog lines at workspace & bypassing the security perimeter. Some network services (e.g., ftp, tftp, http, sendmail) destined for internal hosts are passed through the security perimeter control points unscreened.

26 Security perimeter implementations? The firewall hosts or routers accept connections from multiple hosts on the internal network and from hosts on the DMZ network Access lists are often configured incorrectly, allowing unknown and dangerous services to pass through freely.

27 Security perimeter implementations? Logging of connections through the security perimeter is either insufficient or not reviewed on a regular basis. People frequently implement encrypted tunnels through their security perimeter without fully considering the security of the endpoints of the tunnel.

Download ppt "Network Security Onno W. Purbo Buku Keamanan Jaringan Internet Toko Buku Gramedia."

Similar presentations

Presented by Nikita Shah 5th IT ( )

Presented by Nikita Shah 5th IT ( )
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Module 5: Configuring Access to Internal Resources.

Module 5: Configuring Access to Internal Resources.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
EECS 598-2 Presentation Web Tap: Intelligent Intrusion Detection Kevin Borders.

EECS Presentation Web Tap: Intelligent Intrusion Detection Kevin Borders.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Data Security in Local Networks using Distributed Firewalls

Data Security in Local Networks using Distributed Firewalls
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Installing and Configuring a Secure Web Server COEN 351 David Papay.

Installing and Configuring a Secure Web Server COEN 351 David Papay.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Similar presentations

Ads by Google