Fundamentals of Networking Discovery 1, Chapter 8 Basic Security.
8: Basic Security
description
Transcript of 8: Basic Security
![Page 1: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/1.jpg)
8: Basic SecurityNetworking for Home & Small Business
![Page 2: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/2.jpg)
![Page 3: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/3.jpg)
![Page 4: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/4.jpg)
What’s Ahead…• Networking Threats
• Methods of Attack
• Security Policy
• Using Firewalls
![Page 5: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/5.jpg)
Networking
Threats
![Page 6: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/6.jpg)
Network Intrusion• Attacks can be
devastating– Cost money, time, theft of
files, etc
• HACKERS– Intruders who gain
access by modifying software or exploiting software vulnerabilities
![Page 7: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/7.jpg)
4 Threats from Hacker• Information theft
• Identity theft
• Data loss / manipulation
• Disruption of service
![Page 8: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/8.jpg)
4 Threats from the Hacker• Stealing Confidential Info
– Credit card #’s– Private Company info such as a project in
development– Could be sold
![Page 9: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/9.jpg)
4 Threats from the Hacker• Destroy or Alter Records
– Send a virus that reformats HD– Changing your grades– Change store prices
![Page 10: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/10.jpg)
4 Threats from the Hacker• Identity Theft
– Stealing info to take on identity– Applying for credit cards & buying stuff– Obtain DL’s
![Page 11: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/11.jpg)
4 Threats from the Hacker• Disrupting Service
– Preventing user from accessing services such as Internet
![Page 12: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/12.jpg)
Activity
![Page 13: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/13.jpg)
Where’d He Come From?• External Threat
– Outside attacker– Internet or Wireless
![Page 14: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/14.jpg)
Where’d He Come From?• Internal Threat
– Has authorized access• Knows people & network• Knows what info is valuable
– OR someone may have just picked up a virus
• According to the FBI, internal access and misuse of computers systems account for approximately 70% of reported incidents of security breaches.
![Page 15: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/15.jpg)
Social Engineering• Easiest way to gain access…• Deceiving internal users into performing
actions or revealing confidential info– Takes advantage of them– Usually don’t meet them face-to-face
![Page 16: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/16.jpg)
Fight Intrusion
• http://www.us-cert.gov/reading_room/before_you_plug_in.html
• http://www.us-cert.gov/reading_room/distributable.html
• Example 1
• Example 2
![Page 17: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/17.jpg)
3 Types of Social Engineering• Pretexting, Phishing, and Vishing
![Page 18: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/18.jpg)
Phishing
![Page 19: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/19.jpg)
Review
![Page 20: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/20.jpg)
Let’s Try This…• Cyber Security Awareness Quiz
![Page 21: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/21.jpg)
Methods of
Attack
![Page 22: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/22.jpg)
Other Attacks• Viruses, Worms and Trojan horses
– Malicious software put on hosts– Damage system, destroy data, deny access– They can forward data to thieves– Can replicate to other hosts
![Page 23: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/23.jpg)
3 Evil Things• Viruses, Worms and Trojan horses
– Go to 8.2.1.2
![Page 24: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/24.jpg)
Simplified
Virus Attaches to a program
Can reproduce Causes havoc!
Worm Self-replicating Sends copies of itself to other comp. w/ security holes
Cause harm to network; ties up bandwidth
Trojan Horse
Computer program disguised
Does damage when run
Can’t replicate
![Page 25: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/25.jpg)
Let’s See…• GCIT
• Who wants to play…– ID Theft Faceoff?– Invasion of the Wireless Hackers?– Phishing Scams?
• Quiz Time for all!– http://www.sonicwall.com/phishing/
![Page 26: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/26.jpg)
Activity• Virus, Worm or Trojan Horse???
![Page 27: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/27.jpg)
Just Being Evil!• Sometimes the goal is to shut a network
down & disrupt the organization– Can cost a business lots of money!!
![Page 28: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/28.jpg)
Denial of Service (DoS)• In general, DoS attacks seek to:
– Flood a system or network with traffic to prevent legitimate network traffic from flowing
– Disrupt connections between a client and server to prevent access to a service
– Some are not used much anymore, but can be
• SYN flooding• Ping of Death
![Page 29: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/29.jpg)
DoS- SYN Flooding
![Page 30: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/30.jpg)
DoS- Ping of Death!• Sending SO MANY LARGE pings, the
server can’t respond to anyone else!
![Page 31: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/31.jpg)
DDoS• DDoS
– Attack by multiple systems infected with DDoS code
– Sends useless data to server– Overwhelms system & it crashes
![Page 32: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/32.jpg)
Brute Force• Fast computer used to guess passwords or
decipher encryption code• Brute force attacks can cause a denial of
service due to excessive traffic to a specific resource or by locking out user accounts
• Try 8.2.2.3
![Page 33: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/33.jpg)
Review• Name 3 types of social engineering.
– Pretexting, Phishing, Vishing• How are you targeted in a pretexting
attack?– Over the phone
• You click on a pop-up window to claim a “prize.” A program was installed w/out you knowing & now an attacker has access to your system. What is this called?– Trojan Horse
![Page 34: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/34.jpg)
Review• Which attack doesn’t need activation and
copies itself across the network?– Worm
• A server is busy responding to a SYN with an invalid source IP address. What’s the attack?– SYN Flooding
![Page 35: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/35.jpg)
Other Threats• Not all threats do damage
– Some collect info
• Collecting Info/Invading Privacy– Spyware– Tracking Cookies– Adware– Pop-ups
![Page 36: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/36.jpg)
Spyware• Program that gathers personal
info w/out your permission– Info sent to advertisers
• Usually installed unknowingly– Downloaded, installing a
program, click on pop-up• Can slow computer down or
make settings changes• Can be difficult to remove
Toolbars
Keyloggers
Bundled Software
![Page 37: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/37.jpg)
Tracking Cookies• Form of spyware
– Not always bad• Records info about user
when they visit web sites– Allows personalization– Many sites require them
![Page 38: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/38.jpg)
Adware• Form of spyware• Records info about user when they visit
web sites• For advertising purposes
– Pop-ups & pop-ups of ads
![Page 39: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/39.jpg)
Pop-Ups (and Pop-Unders)• Adware EXCEPT doesn’t collect any info
• Pop-ups– Open in front of the current browser window
• Pop-unders– Open behind the current browser window
![Page 40: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/40.jpg)
What’s This?
![Page 41: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/41.jpg)
Spam• Unwanted bulk mail from advertisers• Spammer sends
– Often sent through unsecured servers– Can take control of computers– Then sent from that computer to others
• On average, how many spam emails are sent to a person per year?– 3000
![Page 42: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/42.jpg)
Review• You visit a web site and see this annoying
advertising tactic that appears in a new window. What is it?– Pop-up
• This type of advertising is sent to many, many people. The advertiser uses no marketing scheme.– Spam
• This form of spyware is not always bad & can be used for personalization of a site.– Cookies
![Page 43: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/43.jpg)
Security
Policy
![Page 44: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/44.jpg)
Security Measures• You can’t eliminate security breaches
– You can minimize the risks
• Policy• Procedures• Tools & Applications
![Page 45: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/45.jpg)
Security Policy• Formal statement of rules when using tech
– Acceptable use policy– Detailed handbook
• What should be included?
![Page 46: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/46.jpg)
Activity• Let’s review some policies…
• GCIT• Klondike Middle School• Clearview High School
![Page 47: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/47.jpg)
More Security Procedures• The procedures help implement the policies• Some of the security tools and applications
used in securing a network include:
![Page 48: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/48.jpg)
Rut Roh!• Computer starts acting abnormally• Program does not respond to mouse and
keystrokes.• Programs starting or shutting down on their own. • Email program begins sending out large
quantities of email• CPU usage is very high • There are unidentifiable, or a large number of,
processes running. • Computer slows down significantly or crashes
![Page 49: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/49.jpg)
Anti-Virus Software• Preventive & Reactive tool• Features
– Email checker– Dynamic Scanning (checks files when
accessed)– Scheduled scans– Auto update
• When a virus is known, they will update it
![Page 50: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/50.jpg)
Anti-Spam• Spam sends unwanted emails
– Code takes over PC to send more• The software ID’s it & places it in junk
folder or deletes it• On PC or on email server
– ISP may have a spam filter
![Page 51: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/51.jpg)
Other ways to prevent spam• Keep anti-virus up to date• Don’t forward suspect emails• Ignore the virus warning email• Report spam to admin to be blocked• Don’t open attachment from people you
don’t know
![Page 52: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/52.jpg)
Anti-Spyware• Spyware & Adware cause virus-like
symptoms– Use computer resources
• This software can detect & delete them
• Pop-Up Blockers
![Page 53: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/53.jpg)
Activity
![Page 54: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/54.jpg)
Review• This policy says what you can & can’t do
on a network or computer.– Acceptable use policy
• T or F. A-V companies like McAfee can protect you against every known virus & future viruses.– False
• T or F. It is possible for legitimate emails to be marked as spam.– True
![Page 55: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/55.jpg)
Review• T or F. With A-V & anti-spyware installed,
you need not worry about opening email attachments. You are completely safe!– False…why?
• Other than on your PC, Google’s Gmail servers have this security software installed.– Spam Filter
![Page 56: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/56.jpg)
Firewalls
![Page 57: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/57.jpg)
What’s a firewall?• Controls traffic between networks & helps prevent
unauthorized access– Permits or denies data
![Page 58: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/58.jpg)
4 Types of Firewalls
![Page 59: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/59.jpg)
Firewall Decisions Based On• Packet Filtering
– Based on IP or MAC addresses
• Application / Web Site Filtering– Based on the application.– Websites can be blocked by URL or keywords
• Stateful Packet Inspection (SPI) – Must be responses from internal host– DoS saver
![Page 60: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/60.jpg)
Firewall Placement & DMZ
![Page 61: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/61.jpg)
GCIT & DMZ• Web Server (has GCIT web site)• Email Server (allows outside access)• File Server (allows file access from outside)• DRAW DMZ
![Page 62: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/62.jpg)
Firewall & DMZ at home/ Port Forwarding/ Wireless AP internal
• Let’s say you have a web server• It needs to handle web request while you
still protect you internal network• Create a DMZ with the Linksys
![Page 63: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/63.jpg)
Lab 8.4.2.4• DMZ Setup Lab
– Set up DMZ– Set up port forwarding– You can even set up time/day access (will not
do in the lab)
![Page 64: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/64.jpg)
Review• Which type of firewall…
– Is dedicated hardware & the best?• Appliance
– Is on a single computer?• Personal
• What is an area that is accessible to internal PC’s & outside PC’s?– DMZ
• What 3 security measures can be set up for a server on your network that needs public access?– DMZ, port forward, time/day
![Page 65: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/65.jpg)
Review• How many firewalls would a big business use?
– Two firewalls• What of these can you setup in a wireless access
point for security? – Popup stopper, Change the default IP address, Update
the antivirus software, Tighten the cable between the AP and PC• Change the AP default IP from 192.168.1.1 to 192.168.x.x
• Which process allows firewall entrance into the network ONLY IF it was requested from an internal PC?– SPI
![Page 66: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/66.jpg)
Is Your Network Vulnerable?• Tools to help identify where attacks can
occur– Number of hosts on a network– The services hosts are offering– The OS and update versions on hosts– Packet filters and firewalls in use
• Lab 8.4.3.2?– Vulnerability Analysis
![Page 67: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/67.jpg)
Lab 8.4.3.2• Vulnerability Analysis
![Page 68: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/68.jpg)
Review
![Page 69: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/69.jpg)
Review
![Page 70: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/70.jpg)
Review
![Page 71: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/71.jpg)
Review
![Page 72: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/72.jpg)
Review
![Page 73: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/73.jpg)
Review
![Page 74: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/74.jpg)
Review
![Page 75: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/75.jpg)
Review
![Page 76: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/76.jpg)
Review
![Page 77: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/77.jpg)
Review
![Page 78: 8: Basic Security](https://reader031.fdocuments.in/reader031/viewer/2022020308/56816892550346895ddf1d03/html5/thumbnails/78.jpg)
8: Basic SecurityNetworking for Home & Small Business