Network Security
-
Upload
manoj-singh -
Category
Technology
-
view
51 -
download
0
Transcript of Network Security
OVERVIEW
• What is security?
• Why do we need security?
• Who is vulnerable?
• Types of network
• Threats
• Areas of Security Weakness
• Hackers & methods of attack
2
OVERVIEW
• Backups, Encryption & Virus protection
• Common security attacks and countermeasures
– Firewalls
– Intrusion Detection Systems
– IP Sec
– Packet Sniffing
– Social Problems
3
What is “Security”
• Definition says:
– Freedom from risk or danger; something that gives or assures SAFETY.
– Freedom from doubt, anxiety, or fear; CONFIDENCE.
4
What is “Security”
• Security Attack: Any action that compromises the security of information.
• Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.
• Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.
5
Why do we need security?
• Protect vital info while still allowing access to those who need it
• Provide authentication and access control for resources
• Guarantee privacy and correct access
6
Who is vulnerable?
• Govt and defense agencies
• Contractors to various govt agencies
• Financial institutions and banks
• Internet service providers
• Multinational corporations
• ANYONE ON THE NETWORK
7
Types of Networks
• LAN
• Interconnected Networks
• Heterogeneous Networks
• Campus Metropolitan & WANs8
Areas of Weakness
• Easily guessed/leaked passwords
• Poor login settings
• Data with viruses
• Poorly Implemented Firewalls
• Loss of sys having imp data/info
• Honey-trap or compromise
9
Hackers
• One who seeks and exploits
weaknesses in a sys or network
• An electronic sport
• Use sophisticated tech to break into sys
• Info useful for others
10
Hacker Motivations
Money, profit
Access to addn resources
Experimentation and desire to learn
“Gang” mentality
Psychological needs
Self-gratification
Personal vengeance
Desire to embarrass the tgt
11
Common security attacks and their countermeasures
• Finding a way into the network : FIREWALLS
• Exploiting software bugs, buffer overflows : IDS
• TCP hijacking : IP SEC
• Packet sniffing : ENCRYPTION
• Social problems : EDUCATION
15
Firewalls
• A gp of components that collectively form a barrier between two networks.
• A firewall is like a castle with a drawbridge
– Only one point of access into the network
– This can be good or bad
• Solution
– Admin limits access to end hosts by using a firewall
– Firewall is kept up-to-date by admin16
Intrusion Detection Sys
• Monitors network or sys activities for malicious activities or policy violations and produces reports to mgt stn.
• Used to monitor for “suspicious activity” on a network
– Can protect against known software exploits
• Uses “intrusion signatures”
– Well known patterns of behaviour18
IP Sec
• Internet Protocol Security (IP Sec) is a protocol suite for securing Internet Protocol (IP) comn by authenticating and encrypting each IP packet of a comn session.
• IP Sec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session.
Packet Sniffing
• A packet sniffer simply captures all of the packets of data that pass through a given network interface.
• Typically, it would only capture packets that were intended for the machine in question.
• However, if placed into random mode, the packet sniffer is also capable of capturing ALL packets traversing the network regardless of destination.
20
Social Problems
• People/Users can be just as dangerous as unprotected computer systems
• People can be lied to, manipulated, bribed, threatened, harmed, tortured, etc. to give up valuable info
• Most humans will breakdown once they are at the “harmed” stage, unless they have been specially trained
21
Social Problems
• Humans will continue to be tricked into giving out information they shouldn’t
• Educating them may help a little here, but, depending on how bad you want the info, there are a lot of bad things you can do to get it
• Implement a wide variety of solutions and more closely monitor who has access to what network resources and info
22
Countermeasures
• Identification & authentication
• Access Cont
• Accountability & auditing
• Accuracy
• Reliabilty
• Data Exchange
23
Countermeasures
• Identification & authentication
• Access Cont
• Accountability & auditing
• Accuracy
• Reliabilty
• Data Exchange
24
Backups
• Physical loss of sys
• Sys crash
• Virus attack
• Ensure non-corrupted backup
• Reg backups
• Safety of backups as well
25
Encryption
• Cryptographic tech/the process of encoding messages (or info) in such a way that others (hackers) cannot read it, but that authorized indl can.
• Data remains pvt even after compromised
• Encryption sys/software is protected & secure
26
Virus Protection
• Threat to network
• Contact & spread
• Monitor the telltale signs in network
• Trg of users in handling antivirus
• Re-infect capability
• Ensure backups
27
Elements of a comprehensive
security program
Have Good Passwords
Use Good Antiviral Products
Use Good Cryptography
Have Good Firewalls
Have a Backup System
Audit and Monitor Systems and Networks
Have Training and Awareness Programs
Test Your Security Frequently
28
Conclusion
• The Internet was not created with security in mind. • Comn can be altered, examined and exploited. • There is a growing need to protect private info
crossing the public networks that make up the Internet infrastructure.
• A network security policy, an auditing procedure, and a violation response plan must all be in place to deal with any breach or breakdown of network security before it occurs.
•