Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security in network Outline Threats in network Network security controls Firewalls Intrusion detection system Secure E-Mail Networks and Cryptography Example.

Published byPosy Carpenter Modified over 9 years ago

Similar presentations

Presentation on theme: "Security in network Outline Threats in network Network security controls Firewalls Intrusion detection system Secure E-Mail Networks and Cryptography Example."— Presentation transcript:

1 Security in network Outline Threats in network Network security controls Firewalls Intrusion detection system Secure E-Mail Networks and Cryptography Example protocol: PEM, SSL, IPSec Conclusion

2 What makes network vulnerable ? --Anonymity. Attacker can mount attack from thousands of miles away. Therefore attacker is safe behind an electronics shield. – Many point of attack. – Sharing resources. – Complexity of system: (different OS on n/w) – Unknown perimeter: (uncertainty about n/w boundary) – Unknown path.

3 Who attacks Network? Three necessary components of an attack: MOM. We consider motive of an attacker 1.Challenge or power 2.Fame (recognition for attackers activity) 3.Money 4.Ideology (to do harm)

4 Threat Precursors how attackers commit their attack? Port scan: Which service is running or open What OS installed Version of application Social Engineering: Involves using social skills to get someone to reveal security relevant information. Attacker often impersonates someone inside the organization Try to know internal details.

5 Cont…. Reconnaissance: Is a general term for collecting information from various sources. Commonly used technique is called “dumpster diving”: looking at the items that have been discarded in rubbish bins. OS and Application Fingerprints Attacker passes false request to get the type of OS and which version of Application is running as a response

6 Cont… Bulletin boards and chats Supports exchange of information Attacker can post their latest exploits and techniques. Read what others have done and search for additional information.

7 Threats in transit Eavesdropping and wiretapping. Eavesdropping: implies overhearing without expending extra effort. Wiretapping: intercepting communications Passive wiretapping: just listening Active wiretapping: injecting something into the communications. In cable: by the process called inductance an intruder can tap a wire and read radiated signals without making physical contact with cable. A device called packet sniffer can retrieve all packets on the LAN –Solution: Encryption should be applied to all communication

8 Protocol flaws Protocols are publicly available Impersonation: easier than wiretapping Impersonate another person or process. In this, attacker can guess the identity and authentication details of the target. Disable the authentication mechanism at the target. Use a target whose authentication data are known.

9 Cont… Authentication foiled by guessing. –Default password guesses. Well known Authentication Some passwords is used to allow its remote maintenance personnel to access any of its computer any where in the world. Like one system admin account installed on all computers and default password. Spoofing: Impersonation: falsely represents a valid entity in a communication. Spoofing: when an attacker falsely carries on one end of networked interchange. Examples: Masquerading, session hijacking, and man-in- the-middle attack.

10 Cont.. Masquerade: One host pretend to be another. Ex. URL masquerading, IP masquerading Session hijacking: Intercepting and carrying on a session begun by another entity Man in the middle attack:

11 Message confidentiality threat –Eavesdropping and impersonation attack can lead to a confidentiality and integrity failure. Some of the vulnerability that can affect the confidentiality are: Misdelivery: message Lost, flaws in the h/w, s/w. destination IP address modification, etc. Exposure: message may be exposed at switches, routers, gateways and intermediate hosts. Passive wiretapping. Traffic flow analysis: message exists is itself is important and sensitive

12 Message Integrity threat Falsification of messages: attacker may change some or all content of message. Replace, change, redirect, combine pieces of different messages into one, destroy message, etc. Noise: Communication signal are subject to interference from other traffic, lightning, electric motors, animals, etc. These are inevitable.

13 Cont.. Web site defacement Whole HTML code is accessible and downloadable. –The website vulnerability enables attacks known as: –Buffer overflow: On website with excess of data. –Dot-Dot and address problems http://URL/null.htm?dotwebfile==/../../../..wint/syste m32/autoexec.nt.http://URL/null.htm?dotwebfile==/../../../..wint/syste m32/autoexec.nt –Application code Errors: claver attacker can edit the URL in the address window and change the parameter.

14 Denial of service (DOS) That is threat to availability of service. Transmission failure. Connection flooding TCP/UDP ICMP: ping (request Destination Reachability). echo (return same data as a reply) Destination unreachable. Source quench: destination saturated so, source should suspend sending packet for a while.

15 Cont.. We examine how two of these protocols can be used to attack a victim. Echo-chargen: This attack works between two hosts Chargen is a protocol that is used to generate packet and to test the capacity of network. echoA and B puts the replyn/w in endless loop If the attackers makes B both source and destination. B hangs in loop constantly replying to its own messages AB

16 Cont.. Ping to Death attack. If attacker on 100 MB connection and victim is on 10 MB. Attacker easily flood victims network. –Smurf attack: variation the Ping to death attack Attacker select the network of victim, then attacker spoofs the source IP address in the ping packet, so that it appears to come from the victim. Then attacker sends this request to the network in broadcast mode by setting host id to all 1’s.

17 Cont… Syn flood attack. Uses the TCP protocol. Session establised with three way handshake Here, attacker sends many syn packets to victim and never respond with ack. Thereby filling the victims syn-ack queue. Other way is by spoofing non existing source IP address.

18 Distributed DOS

19 Network security controls Design and implementation Architecture encryption

20 Types of Firewalls Packet filter Stateful Inspection firewall Application proxy gateway Guard Personal firewall.

Download ppt "Security in network Outline Threats in network Network security controls Firewalls Intrusion detection system Secure E-Mail Networks and Cryptography Example."

Similar presentations

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
NS-H0503-02/11041 Attacks. NS-H0503-02/11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.

NS-H /11041 Attacks. NS-H /11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.
1 Reading Log Files. 2 Segment Format

1 Reading Log Files. 2 Segment Format
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.

Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
Intrusion Detection and Hackers Exploits IP Spoofing Attack Yousef Yahya & Ahmed Alkhamaisa Prepared for Arab Academy for Banking and Financial Sciences.

Intrusion Detection and Hackers Exploits IP Spoofing Attack Yousef Yahya & Ahmed Alkhamaisa Prepared for Arab Academy for Banking and Financial Sciences.
The secure internet application for business education on the website The 85 th SIEC/ISBE International Conference 2013 in Berlin, Germany, August 5-9,

The secure internet application for business education on the website The 85 th SIEC/ISBE International Conference 2013 in Berlin, Germany, August 5-9,
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
IP Spoofing, CS2651 IP Spoofing Bao Ho ToanTai Vu CS 265 - Security Engineering Spring 2003 San Jose State University.

IP Spoofing, CS2651 IP Spoofing Bao Ho ToanTai Vu CS Security Engineering Spring 2003 San Jose State University.
Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Sponsored by.

Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Security in Networks— Their design, development, usage… Barbara Endicott-Popovsky CSSE592/491 In collaboration with: Deborah Frincke, Ph.D. Director, Center.

Security in Networks— Their design, development, usage… Barbara Endicott-Popovsky CSSE592/491 In collaboration with: Deborah Frincke, Ph.D. Director, Center.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.

Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
Introduction to InfoSec – Recitation 12 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Introduction to InfoSec – Recitation 12 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Similar presentations

Ads by Google