1. © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8

2. ITE PC v4.0 Chapter 1 2 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Networking Threats  Information Theft – Obtain confidential information – Gather valuable research data  Data Loss/Manipulation – Destroying or altering data records

3. ITE PC v4.0 Chapter 1 3 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Networking Threats  Identity Theft – Personal information stolen  Disruption of Service – prevents legitimate users from accessing services

4. ITE PC v4.0 Chapter 1 4 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Networking Threats  External Threats – done by individuals outside of the organization – do no have authorized access  Internal Threats – hacker may have access to equipment – knows what information is valuable or vulnerable – 70% of security breaches are internal

5. ITE PC v4.0 Chapter 1 5 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Social Engineering  The ability of someone or something to influence behavior of a group of people  Used to deceive internal users to get confidential information  Hacker takes advantage of legitimate users

6. ITE PC v4.0 Chapter 1 6 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Forms of Social Engineering  Pretexting – typically accomplished over the phone – scenario used on the victim to get them to release confidential information – gaining access to your social security number  Phishing – typically contacted via email – attacker pretends to represent legitimate organization  Vishing/Phone Phising – user sends a voice mail instructing them to call a number which appears to be legitimate – call intercepted by thief

7. ITE PC v4.0 Chapter 1 7 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Methods of Attack  Virus – runs or spreads by modifying other programs or files – needs to be activitated – cannot start by itself  Worms – similar to virus – does not attach itself to an existing program – no human activation needed  Trojan Horse – appears harmless – deceives the victim into initiating the program

8. ITE PC v4.0 Chapter 1 8 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public DoS (Denial of Service) Attacks  Intended to deny services to users – floods network with traffic – disrupts connections between client and server  Types of DoS Attacks – SYN (synchronous) Flooding packets sent with invalid IP addresses server tries to respond – Ping of Death larger packet size sent than allowed leads to system crashing

9. ITE PC v4.0 Chapter 1 9 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public More Attacks  DDoS (Distributed Denial of Service) Attack – more sophisticated than DoS – overwhelms networks with useless data simultaneously  Brute Force – fast PC used to try and guess passwords or decipher data – attacker tries a large number of possibilities rapidly

10. ITE PC v4.0 Chapter 1 10 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Spyware  Program that gathers personal information from your PC without permission  Information sent to advertisers  Usually installed unknowingly when downloading a file  Can slow down performance of the PC

11. ITE PC v4.0 Chapter 1 11 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Cookies, Etc.  Not always bad..  Used to record information about the user when visiting web sites.  Adware – collects information based on sites visited – useful for target advertising  Pop- Ups – additional ads displayed when visiting a site – pop-ups – open in front of browser – pop-under – open behind browser

12. ITE PC v4.0 Chapter 1 12 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Spam  Unwanted bulk e-mail  Information sent to as many end users as possible  Can overload servers, ISPs, etc.  Estimated every Internet user receives over 3000 email per year

13. ITE PC v4.0 Chapter 1 13 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Security Policy  Statement of rules users must follow when using technology  Identification and Authentication Policies – only authorized persons should have access to network and its resources (including access to physical devices)  Password Policies – must meet minimum requirements – change passwords regularly  Acceptable Use Policies – determine which applications are acceptable

14. ITE PC v4.0 Chapter 1 14 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Security Policy  Remote Access Policies – explanation of how remote users can access the network  Network Maintenance Procedures – explanation of update procedures  Incident Handling Procedures – how incidents involving security will be handled

15. ITE PC v4.0 Chapter 1 15 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Updates & Patches  Use of updates and patches makes it harder for the hacker to gain access.  Updates – includes additional functionality  Patches – small piece of “code” used to fix the problem

16. ITE PC v4.0 Chapter 1 16 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Anti-Virus Software  Any device connected to a network is susceptible to viruses  Warning signs of a virus: – computer acts abnormal – sends out large quantities of email – high CPU usage  Some Anti-virus programs – Email checking – Dynamic scanning checks files when accessed – Scheduled scans – Automatic updates

17. ITE PC v4.0 Chapter 1 17 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public SPAM Prevention  Spam is an annoying problem, can... – overload servers – carry potential viruses  Anti-spam software – identifies the spam and performs an action deletes the file places it into the “junk mail” folder  Common spam occurrence – warning of virus from another user – not always true

18. ITE PC v4.0 Chapter 1 18 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Firewall  Used to control traffic between networks  Methods of a Firewall – Packet filtering based on IP or MAC address – Application/Web site filtering based on the application or website being used – SPIC (Stateful Packet Inspection) incoming packets must be legitimate responses to requests from hosts

19. ITE PC v4.0 Chapter 1 19 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Firewall Types  Appliance-based firewall – built into the hardware – no peripherals needed  Server-based firewall – firewall run on a NOS (Network Operating System)  Integrated firewall – adds firewall functionality to an existing device  Personal firewall – resides on a host PC

20. ITE PC v4.0 Chapter 1 20 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Firewall Features and How to Use them to Protect Against an Attack  Use of a DMZ (Demilitarized Zone)  Area of the network which is accessible to both internal and external users  Web servers for public access typically located here

21. ITE PC v4.0 Chapter 1 21 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Single or Dual Firewalls??  Single Firewall – appropriate for smaller networks – all external traffic sent to firewall  Dual Firewall – appropriate for larger businesses – internal and external firewall

22. ITE PC v4.0 Chapter 1 22 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Firewall Features and How to Use them to Protect Against an Attack  Vulnerability Analysis – determine what part(s) of your network may be vulnerable to attacks  Security Scanners – helps identify where attack can occur – may help identify missing updates

23. ITE PC v4.0 Chapter 1 23 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Summary  Networks can be open to intrusion through vulnerabilities in software, hardware attacks, or the weaknesses of individuals.  Effective network security is based on a variety of products and services, combined with a thorough security policy.  A firewall controls traffic between networks and helps prevent unauthorized access.

24. ITE PC v4.0 Chapter 1 24 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public