Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet and Intranet Fundamentals Class 8 Session A.

Published byErica Edwards Modified over 9 years ago

Similar presentations

Presentation on theme: "Internet and Intranet Fundamentals Class 8 Session A."— Presentation transcript:

1 Internet and Intranet Fundamentals Class 8 Session A

2 Intranet Security Assets Needing Protection Threats Firewalls –Overview –Various Architectures –Ref: ref: Building Internet Firewalls, Chapman & Zwicky ISBN: 1565921240

3 Assets Needing Protection Data –stored on computers Resources –the computers themselves Reputation

4 Protecting Data Secrecy / Privacy Integrity Availability

5 Protecting Data Secrecy / Privacy Trade Secrets –obligations to shareholders Competitive Intelligence –competition sensitive Examples –national defense –patient medical records –student records

6 Protecting Data Integrity Keeping Data from Being Modified –tampering Loss of Confidence –consumer –customer –investor –employee

7 Protecting Data Availability Is your data accessible? Related to computing resource availability

8 Protecting Resources Computer Resources –disk space –CPU cycles –memory Labor Resources –$$$ spent in … tracking down intruders performing re-installing software

9 Protecting Reputation Confidence Intruders Masquerade as You –identity theft Business/Technical Competence Example –professor and racist hate mail

10 Threats Types of Attacks Types of Attackers Stupidity and Accidents

11 Types of Attacks Intrusion Denial of Service Information Theft

12 Intrusion People Gain Access to Your Network and Computers How? –social engineering –guesswork crack program child/dog’s name

13 Denial of Service Preventing you (and others) from using your own computers Mail Bombs Flooding a Systems Queues, Processes, etc. –Internet Worm –Distributed denial of service (CNN/Ebay/Yahoo) Limited Number of Login Attempts –they either get in, or they can force denial of service to everyone else!

14 Information Theft Stealing Password Files –download for offline cracking Packet Sniffers –Ethernet is a party line –A switch is your friend.

15 Types of Attackers Joyriders –bored, looking for amusement Vandals –like destroying things, or don’t like you Score Keepers –bragging rights Spies –industrial and international

16 Stupidity and Accidents 55% of all incidents result from naivete or lack of training Apple’s buggy mail server –hundreds of thousands of error messages Any system which doesn’t not assign passwords. Hard to Protect Against!

17 Firewalls Overview Various Firewall Architectures

18 Overview How to Protect Your Intranet Assets? –no security –security through obscurity –host security –network security Your home is an intranet?

19 Overview No Security Security Through Obscurity –nobody knows about it –people figure a small company or home machine isn’t of interest –“obscurity” impossible on Internet InterNIC –examples with Telnet

20 Overview Host Security –geared to particular host –scalability issue –admin nightmare sheer numbers different OS, OS config, etc. –OK for small sites or sites with extreme requirements

21 Overview Network Security –control network access –kill lots of birds with one stone –firewalls Security Technology Can’t Do It All –policing internal time wasting, pranks, etc. –no model is perfect –Who watches the watcher?

22 Overview Internet Firewalls –concept: containment choke point –prevents dangers of Internet from spreading to your Intranet –restricts people to entering at carefully controlled point(s) can only leave that point too

23 Overview Firewall –prevents attackers from getting close to internal defenses –adequate if interactions conform to security policy (tight vs. loose) Consists of –hardware routers, computers, networks –software proxy servers, monitors

24

25 Firewall System Exterior Router & Bastion Host may be combined.

26

27 Overview Firewall Limitations –malicious insiders –people going around it (e.g., modems) –completely new threats designed to protect against known threats –viruses Make vs. Buy –lots of offerings (see Internet)

28 Various Firewall Architectures Screening Router Packet Filtering Proxy Services –application level gateways Dual-Home Host Screened Host Screened Subnet

29 Various Firewall Architectures IP Packet Filtering IP source address IP destination address Transport Layer Protocol TCP / UDP source port TCP / UDP destination port ICMP message type

30 Various Firewall Architectures IP Packet Filtering Also Knows … –inbound and outbound interfaces Examples –block all incoming connection from outside except SMTP –block all connections to or from untrusted systems –allow SMTP, FTP, but block TFTP, X Windows, RPC, rlogin, rsh, etc.

31 Various Firewall Architectures Dual-Homed Host One Computer, Two Networks –must proxy services –can examine data coming in from app level on down

32

33 Various Firewall Architectures Screened Host Bastion Host –controls connections to outside world –If broken, your interior network is open. Packet Filtering by Router –incoming

34

35 Various Firewall Architectures Screened Subnet Bastion Host –controls connections to outside world –on perimeter network Packet Filtering –two routers –incoming

36

Download ppt "Internet and Intranet Fundamentals Class 8 Session A."

Similar presentations

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
Computer Network Research Group ITB Security Issues Onno W. Purbo Computer Network Research Group Institute of Technology Bandung

Computer Network Research Group ITB Security Issues Onno W. Purbo Computer Network Research Group Institute of Technology Bandung
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University

Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
Personal Info 1 Prepared by: Mr. NHEAN Sophan  Presenter: Mr. NHEAN Sophan  Position: Desktop Support  Company: Khalibre Co,. Ltd 

Personal Info 1 Prepared by: Mr. NHEAN Sophan  Presenter: Mr. NHEAN Sophan  Position: Desktop Support  Company: Khalibre Co,. Ltd 
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.

Fall 2008CS 334: Computer Security1 Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for.
Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.

Cosc 4765 Network Security: Routers, Firewall, filtering, NAT, and VPN.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Survey of Information Assurance FIREWALLS. The term firewall originally meant a wall to confine a fire or potential fire within a building. Later uses.

Survey of Information Assurance FIREWALLS. The term "firewall" originally meant a wall to confine a fire or potential fire within a building. Later uses.
HIPAA Security Standards What’s happening in your office?

HIPAA Security Standards What’s happening in your office?
Security Firewall Firewall design principle. Firewall Characteristics.

Security Firewall Firewall design principle. Firewall Characteristics.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
How (not) to use your firewall Jurjen N.E. Bos Information Security Consultant.

How (not) to use your firewall Jurjen N.E. Bos Information Security Consultant.
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.

Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems

Similar presentations

Ads by Google