7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 1/36

2/24/15 Dr. Enis Karaarslan 1

Network Security

Philosophy & Introduction

Dr. Enis Karaarslan

Muğla University

Computer Engineering

Department

Netseclab.mu.edu.tr

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 2/36

2/24/15 Ar. Gör. Enis Karaaslan 2

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 3/36

SECURITY

PHILOSPHY

2/24/15 Ar. Gör. Enis Karaaslan 3

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 4/36

C!"#$%r & '%$(r) S%*#ri$+ ,assi!ilari$i%s (i$, $,% s%*#ri$+ innr!al li-%.

2/24/15 Ar. Gör. Enis Karaaslan 4

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 5/36

There is no such thing as

%100 Security

2/24/15 Ar. Gör. Enis Karaaslan 5

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 6/36

Security at the gates only,

is not enough

2/24/15 Ar. Gör. Enis Karaaslan

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 7/36

2/24/15 Ar. Gör. Enis Karaaslan

A chain is only as strong as

its weaest lin

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 8/36

As there is no %100 security …

So give up?

A possible solution:

Use more than one chain

2/24/15 Ar. Gör. Enis Karaaslan 0

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 9/36

MULTI LAY! S"U!ITY

2/24/15 Ar. Gör. Enis Karaaslan

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 10/36

2/24/15 Ar. Gör. Enis Karaaslan 1

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 11/36

Security # Usa$ility

2/24/15 Ar. Gör. Enis Karaaslan 11

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 12/36

%alue o Assets and

#penditures ,a$ is $,% ALUE - +#r ass%$6a$a7 "r%s$i8% 9:;

K%%" in !in6 $,a$ S%*#ri$+ %<"%n6i$#r%s s,#l6 n$ =%

8r%a$%r $,an $,% >al#% - $,% ass%$s

2/24/15Ar. Gör. Enis Karaaslan

12

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 13/36

!isk Analysis

Ris) anal+sis is %ss%n$ial I- $,% ris) is $ l(7 $,a$/s!%

"r%*a#$ins: *an =% *an*%ll%6 9

2/24/15Ar. Gör. Enis Karaaslan

13

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 14/36

'alse Sense o Security

A ?-als% s%ns% - s%*#ri$+@ is (rs%$,an ?a $r#% s%ns% - ins%*#ri$+@.

Sl#$in

'%>%r $,in) +#r s+s$%! is s%*#r%.

2/24/15Ar. Gör. Enis Karaaslan

14

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 15/36

No Te(plate )hich Suits All

 T,%r% is n $%!"la$%s (,i*, s#i$s all. T,%r% is a 6iB%r%n$ sl#$in -r

6iB%r%n$ r8ania$ins• DiB%r%n$ n%%6s

• DiB%r%n$ ass%$s

2/24/15 Ar. Gör. Enis Karaaslan 15

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 16/36

2/24/15 Ar. Gör. Enis Karaaslan 1

To win a war,

one (ust know the

 way

Sun T*u

The Art o )ar

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 17/36

S%*#ri$+ is a "r*%ss7 n$ a "r6#*$.r#*% S*,n%i%r

2/24/15 Ar. Gör. Enis Karaaslan 1

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 18/36

M+NIT+!

 T,% s+s$%! s,#l6 =% !ni$r%6 -rin$r#sins

An6 i!!%6ia$% a*$in s,#l6 =%$a)%n a$ a$$a*)s

2/24/15 Ar. Gör. Enis Karaaslan 10

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 19/36

)arn The Attacker

2/24/15 Ar. Gör. Enis Karaaslan 1

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 20/36

Try to uy ti(e or -

a)% a$$a*)in8 6iF*#l$ -r 9• Dis*>%r+ - $,% a$$a*)

•  Ta)% !%as#r%s

a)% 6%*r+"$in 6iF*#l$ s $,a$•  T,% 6a$a is n$ >ali6 r >al#a=l% an+

!r%.

2/24/15 Ar. Gör. Enis Karaaslan 2

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 21/36

Network Awareness

Kn( +#r %n%!+ ;: Kn( +#rs%l-7

• )n( +#r ass%$s

• )n( (,a$ $ "r$%*$

Kn( +#r s+s$%!s !r% $,an $,%a$$a*)%r

2/24/15 Ar. Gör. Enis Karaaslan 21

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 22/36

U'DAE'TALS

2/24/15 Ar. Gör. Enis Karaaslan 22

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 23/36

IN'+!MATI+N SYSTM

Inor(ation Syste( and

Security

ATTA".!

%ULN!AILITY

ATTA".

US!S

S"U!ITYMASU!S

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 24/36

%ulnera$le Syste(s

 T,% s+s$%!s ar% >#ln%ra=l%• ainl+ =%*a#s% - =a6 *6in8

• #s$ =% "a$*,%6 =#$ *an n$ =% 6n%

ra"i6l+ as $,%+ s,#l6:• als% s%ns% - s%*#ri$+

2/24/15 Ar. Gör. Enis Karaaslan 24

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 25/36

A /ulnera$ility ti(eline -

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 26/36

The Attacker0Intruder

 T,% a$$a*)%r *an =% *all%6 as

La!%r7 in$r#6%r7 a$$a*)%r 9

(rn8l+ #s%6 as ,a*)%r als: Als s%*r%$ r8ania$ins; Als *!"ani%s

s%ri#s an$i>ir#s/6%-%n*% %*n!+:

2/24/15 Ar. Gör. Enis Karaaslan 2

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 27/36

2/24/15 Ar. Gör. Enis Karaaslan 2

1acker 0La(er 0Attacker -

1acker is used as attacker0la(er, in the (eaning2

The intruder, who gets in your syste( and intends

to use or his0her own ai(s3

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 28/36

2/24/15 Ar. Gör. Enis Karaaslan 20

The Attacker

The attackers strength is 4edication

• )ill not stop until he0she gets in

• "an use the co(puter or days long sleepless

• .nows the /ulnera$ilities o syste(s

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 29/36

2/24/15 Ar. Gör. Enis Karaaslan 2

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 30/36

2/24/15 Ar. Gör. Enis Karaaslan 3

Network Security Assets

Network Security +/erall

• Network Awareness

• 'irewall, Intrusion 4etection Syste(s - etc

•

More - 1ost 5"o(puter0Ser/er0N) 4e/ice6 Security

• Physical Security

• +S and Application Security

•

User Manage(ent ncryption

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 31/36

2/24/15 Ar. Gör. Enis Karaaslan 31

'irewall

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 32/36

2/24/15 Ar. Gör. Enis Karaaslan 32

'irewall asics

R#l% =as%6 a**%ss *n$rl =%$(%%nn%$(r)s.

S-$(ar%/,ar6(ar% =as%6

Ar*,i$%*$#r%• S$a$i* Pa*)%$ il$%rin8

• D+na!i* Pa*)%$ il$%rin8 S$a$%-#llins"%*$in:

• A""li*a$in L%>%l Pr$%*$in

L88in8 an6 al%r$ *a"a=ili$i%s

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 33/36

2/24/15 Ar. Gör. Enis Karaaslan 33

ncryption

ncryption is the con/ersion o data

into a or(, called a cipherte#t, that

cannot $e easily understood $yunauthori*ed people3

5ncryption # 4ecryption6

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 34/36

2/24/15 Ar. Gör. Enis Karaaslan 34

ncryption

Two dierent (ethods 5according to key use6• Conventional! Two keys are the sa(e

• Asymetric 7 5"ublic Key Encryption6 7

.ey pair 5pu$lic, pri/ate6

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 35/36

2/24/15 Ar. Gör. Enis Karaaslan 35

ncryption

To decyrpt an encrypted data

• How much time?

• How much Processing (Computing power)?

The science which deals with encryption is

Cryptology

7/25/2019 01 NetworkSecurity Basics

http://slidepdf.com/reader/full/01-networksecurity-basics 36/36

2/24/15 Ar. Gör. Enis Karaaslan 3

N4 +' T1 SSSI+N

4r3 nis .araaslanenis3karaarslan8(u3edu3tr