Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security. Announcements Review Assignment - Assessment 3 (due Tuesday, before class) Assessment 3 – Next Thursday Reminders: Network Design Project.

Published byBathsheba Gibbs Modified over 9 years ago

Similar presentations

Presentation on theme: "Network Security. Announcements Review Assignment - Assessment 3 (due Tuesday, before class) Assessment 3 – Next Thursday Reminders: Network Design Project."— Presentation transcript:

1 Network Security

2 Announcements Review Assignment - Assessment 3 (due Tuesday, before class) Assessment 3 – Next Thursday Reminders: Network Design Project No more than 2 per group Proposals due on the day of presentation Sign-ups shortly 2

3 Basics of Network Security Anti-virus / Anti-Spyware Access Controls Firewall Intrusion Protection/Detection Systems Identify fast spreading threats Virtual Private Networks 3

4 Access Controls The four processes of access control

5 Firewalls

6 Example: Packet Filtering Firewalls

7 Intrusion Detection and Prevention Systems (IDPS)

8 Intrusion Detection and Prevention Systems (cont’d.)

9 STUXNET

10 STUXNET – How it Worked

11 Stuxnet What was it? How did it spread and how far? What are the implications?

12 Stuxnet Precursors: What should we do now?

13 Target – What Happened?

14 Target – How did it happen?

15 Target – How could it have been stopped?

16 Target – Modern Day Hacking

17 Security Discussion TJ Maxx RSA Epsilon Gawker Wikileaks HB Gary 17

18 11.1 Corporate Security: TJ Maxx War-Driving to seek vulnerabilities in wireless networks Breaches took place all the way back to 2005 Albert Gonzalez was mastermind 2005 -2007 sold as many as 170 million ATM/Credit Card #s Typically used SQL injection to launch packet sniffing Now serving 20 years in a federal prison

19 11.1 Corporate Security: RSA Security companies are often the target of many hackers. Another case of phishing emails to get into the company Excel Spreadsheet had a Zero-day exploit Exploit took advantage of Adobe Flash allowing them to install a remote administration tool Used remote admin tool to get deeper information

20 11.1 Corporate Security: Epsilon Occurred earlier this year Primary purpose for stealing Phishing – maquerading as a trustworthy entity to gain access to information Form of Social Engineering Carried out by email spoofing

21 11.1 Passwords: Gawker Hack After hack, the Wall Street Journal Examine a number of passwords (188,279) and here are some of the most commonly found: password qwerty letmein trustno1 passw0rd Can anyone guess the most commonly used?

22 11.1 Corporate Security: Higher Ed Threats Mobile Devices Social Media Viruses (hilarious video attack through FB) Virtualization Embedded devices (number of devices connected to the network) Consumerization of IT (personal devices for organizational use)

23 11.1 Corporate Security: Wikileaks Exposed major security flaws in the US government Not standardized across agencies No user restrictions on copying data Minimal monitoring of users accessing sensitive data Recently, new measures are in place to alleviate problems. Bradley Manning trial begins December 16 th

24 11.1 Corporate Security: HB Gary Found a flaw in content management system Used an SQL Injection to gain access Numerous issues with the system allowed hackers to obtain two passwords: the CEO (Aaron Barr) and COO (Ted Vera) Key takeaway: passwords! Don’t use short, easily deciphered Use different passwords for different accounts

Download ppt "Network Security. Announcements Review Assignment - Assessment 3 (due Tuesday, before class) Assessment 3 – Next Thursday Reminders: Network Design Project."

Similar presentations

1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.

Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.

NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
RSA Attack Analysis Karl F. Lutzen, CISSP S&T Information Security Officer.

RSA Attack Analysis Karl F. Lutzen, CISSP S&T Information Security Officer.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
BUSINESS PLUG-IN B6 Information Security.

BUSINESS PLUG-IN B6 Information Security.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.

Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Chapter 13 Network Security. Contents Definition of information security Role of network security Vulnerabilities, threats and controls Network security.

Chapter 13 Network Security. Contents Definition of information security Role of network security Vulnerabilities, threats and controls Network security.

Similar presentations

Ads by Google