Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security in Computing Security in Networks. I.Threats in networks A. Vulnerabilities 1.Anonymity 2.Shared resources 3.Size (many points of attack) 4.Complexity.

Published byConrad McDowell Modified over 9 years ago

Similar presentations

Presentation on theme: "Security in Computing Security in Networks. I.Threats in networks A. Vulnerabilities 1.Anonymity 2.Shared resources 3.Size (many points of attack) 4.Complexity."— Presentation transcript:

1 Security in Computing Security in Networks

2 I.Threats in networks A. Vulnerabilities 1.Anonymity 2.Shared resources 3.Size (many points of attack) 4.Complexity 5.Unknown perimeter 6.Unknown path

3 I.Threats in networks B. Attackers 1.for the challenge 2.for money, reward, espionage; organised crime because of reward 3.for ideology

4 I.Threats in networks C. Steps in an attack 1.reconnaissance a)port scan b)social engineering 2.attacking the network itself: eavesdropping and active wiretapping 3.attacking the infrastructure: protocol attacks

5 I.Threats in networks 4.attacking an endpoint a)defeating authentication 1)guessing (spoofing); masquerade, phishing, hijacking; man-in-the middle attack b)defeating confidentiality 1)delivery problems c)defeating integrity 1)message forgery 2)noise

6 I.Threats in networks d)website attacks 1)defacement 2)buffer overflow on a host of server 3)compromising applications on a host server, e.g.: http:// www.CDs-r-us.com/buy.asp?i 1 =459012&p 1 =1599 http:// www.CDs-r-us.com/buy.asp?i 1 =459012&p 1 =1599 &i2=365217&p2=1499

7 I.Threats in networks e)denial of service 1)flooding 2)distributed denial of service

8 I.Threats in networks f)hostile code 1)active code (or mobile code) 2)bots (or robots) – similar to Distributed denial of Service 3)script kiddies – people who download and run attack scripts – simple scripts for many of the popular attacks

9 II.Network controls A.Architecture 1)segmented (idea similar to OS) – one server to handle Http, another for application code, another to handle DB request 2)redundant – function to run on more than one node 3)protected against single points of failure – fault tolerance 4)segment controlled by firewall

10 II.Network controls A.Encryption 1.link – encryption at layer 1 and 2 of the OSI model 2.end-to-end – security from one end of transmission to the other 3.“virtual” private network – a sense of a “private” although part of public network 4.IPSEc (IP Layer) - similar to SSL

11 II.Network controls C.Content integrity check (detect, not prevent) 1.error codes, checksums, cryptographic checksums D.Authentication E.Wireless security protocols 1.WEP (Wired Equivalent Privacy) 2.WPA - WPA2 extends WPA (WiFi Protected Access) – alternative to WEP

12 III.Other A.Firewalls B.Intrusion detection systems C.Secure email

Download ppt "Security in Computing Security in Networks. I.Threats in networks A. Vulnerabilities 1.Anonymity 2.Shared resources 3.Size (many points of attack) 4.Complexity."

Similar presentations

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Security and Systems. Three tenets of security Confidentiality Integrity Availability.

Security and Systems. Three tenets of security Confidentiality Integrity Availability.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.

Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
7.3 Network Security Controls 1Network Security / G.Steffen.

7.3 Network Security Controls 1Network Security / G.Steffen.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Networks— Their design, development, usage… Barbara Endicott-Popovsky CSSE592/491 In collaboration with: Deborah Frincke, Ph.D. Director, Center.

Security in Networks— Their design, development, usage… Barbara Endicott-Popovsky CSSE592/491 In collaboration with: Deborah Frincke, Ph.D. Director, Center.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Chapter 7 7.2 Threats in Networks Network Security / G. Steffen.

Chapter Threats in Networks Network Security / G. Steffen.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
G53SEC 1 Network Security Hijacking, flooding, spoofing and some honey.

G53SEC 1 Network Security Hijacking, flooding, spoofing and some honey.
Week 10 - Wednesday.  What did we talk about last time?  Network basics.

Week 10 - Wednesday.  What did we talk about last time?  Network basics.
8: Network Security8-1 Security in the layers. 8: Network Security8-2 Secure sockets layer (SSL) r Transport layer security to any TCP- based app using.

8: Network Security8-1 Security in the layers. 8: Network Security8-2 Secure sockets layer (SSL) r Transport layer security to any TCP- based app using.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.

ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.

Similar presentations

Ads by Google