Presentation is loading. Please wait.

Presentation is loading. Please wait.

Section 10: Security CSIS 479R Fall 1999 “Network +” George D. Hickman, CNI, CNE.

Published byBrett Rich Modified over 9 years ago

Similar presentations

Presentation on theme: "Section 10: Security CSIS 479R Fall 1999 “Network +” George D. Hickman, CNI, CNE."— Presentation transcript:

1 Section 10: Security CSIS 479R Fall 1999 “Network +” George D. Hickman, CNI, CNE

2 Objectives Describe Network security modelsDescribe Network security models List the elements of secure password and user account policiesList the elements of secure password and user account policies

3 Objectives (Con’t) Describe how encryption worksDescribe how encryption works Describe how firewalls workDescribe how firewalls work Describe how proxy servers workDescribe how proxy servers work

4 Network Security Models Share-level securityShare-level security –Decentralized security –Used on peer-to-peer networks –Resources shared, password protected User-level securityUser-level security –Centrally managed security structure –Used on Client-server networks –Network Administrator manage access to network resources –NetWare, Windows NT, UNIX, Linux

5 Password Security Policies Do not let users use names of their Spouse, Children, birthdatesDo not let users use names of their Spouse, Children, birthdates Use passwords with Alpha and Numeric/punctuation marksUse passwords with Alpha and Numeric/punctuation marks Use MiXeD cAsE (if supported)Use MiXeD cAsE (if supported) Use multi-word passwordUse multi-word password

6 Password Security Policies Require unique passwordsRequire unique passwords Direct users to not share/write down their passwordsDirect users to not share/write down their passwords Require passwordsRequire passwords Force periodic password changesForce periodic password changes Set a minimum length passwordSet a minimum length password

7 User Account Security Default Administrative UsersDefault Administrative Users –NetWare 4.x + AdminAdmin –NetWare 3.x SupervisorSupervisor –Windows NT Server AdministratorAdministrator –UNIX / Linux RootRoot

8 Administrative Users Limit additional accounts with (full) administrative rightsLimit additional accounts with (full) administrative rights Assign only rights needed to perform needed tasksAssign only rights needed to perform needed tasks –Password Management –File System Backups

9 User Accounts Enable intruder detection/lockoutEnable intruder detection/lockout –Prevents guessing passwords Use account expiration dates for temporary workersUse account expiration dates for temporary workers Use time restrictions for loginUse time restrictions for login Set workstation restrictionsSet workstation restrictions –Allows login only from specified computers Limit concurrent loginsLimit concurrent logins

10 Encryption The non-random process of scrambling informationThe non-random process of scrambling information Secret-KeySecret-Key –The same key is used to encrypt/decrypt –DES, 56-bit key, widely used, fast Private-Public KeyPrivate-Public Key –Private Key kept secret, Public key published –Keys are related, but different. Digital EnvelopesDigital Envelopes –Message encrypted with secret-key (faster) –The Secret-key is encrypted using private/public key encryption

11 Digital Signature Electronic signature that cannot be forgedElectronic signature that cannot be forged “A computed summary of the message... Encrypted and sent with message.”“A computed summary of the message... Encrypted and sent with message.” Summary is decrypted and compared.Summary is decrypted and compared. This guarantees the message has not been alteredThis guarantees the message has not been altered

12 Firewalls “hardware or software that keeps a network secure by filtering packets as they pass through the system.”“hardware or software that keeps a network secure by filtering packets as they pass through the system.” Used to allow users Internet access, while protecting the company from outside attacksUsed to allow users Internet access, while protecting the company from outside attacks

13 Firewalls Work by filtering PacketsWork by filtering Packets Filtered by IP AddressFiltered by IP Address –Examines source and destination addresses, accepts or rejects packets based on rules Filtered by Port NumberFiltered by Port Number –HTTP, FTP, TELNET, etc. use different ports –You can allow and disallow traffic by port

14 Proxy Servers A proxy server sends requests for workstations in a company, using the IP address of the proxyA proxy server sends requests for workstations in a company, using the IP address of the proxy –This hides the internal IP addresses from outside users Generally employ Network Address Translation (NAT)Generally employ Network Address Translation (NAT)

15 Proxy Services Proxy servers available for common Internet servicesProxy servers available for common Internet services –HTTP –SMTP –Web Caching Novell BorderManagerNovell BorderManager Microsoft Proxy ServerMicrosoft Proxy Server Netscape Proxy ServerNetscape Proxy Server

Download ppt "Section 10: Security CSIS 479R Fall 1999 “Network +” George D. Hickman, CNI, CNE."

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
(4.4) Internet Protocols Layered approach to Internet Software 1.

(4.4) Internet Protocols Layered approach to Internet Software 1.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Web Server Administration TEC 236 Securing the Web Environment.

Web Server Administration TEC 236 Securing the Web Environment.
1 Guide to Novell NetWare 6.0 Network Administration Chapter 14.

1 Guide to Novell NetWare 6.0 Network Administration Chapter 14.
Part 5:Security Network Security (Access Control, Encryption, Firewalls)

Part 5:Security Network Security (Access Control, Encryption, Firewalls)
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security (Part 2) School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 13, Thursday 4/5/2007)

Security (Part 2) School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 13, Thursday 4/5/2007)
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.

Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.

Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Similar presentations

Ads by Google