This note explores possible attacks on a LTE deployment. Attacks on the IMS core are not addressed here.
|
|
- Bonnie Black
- 7 years ago
- Views:
Transcription
1 LTE Threat Analysis 1. Introduction This note explores possible attacks on a LTE deployment. Attacks on the IMS core are not addressed here. Attack Goals: The goals of an attack can include: Malicious disruption of service (DoS). Theft of subscriber s information (address books, financial information, cookies, ). Fraudulent subscriber billing or overcharging. Impersonation of subscriber identity. Analysis of carrier configuration for competitive use. Theft of carrier services (Access to unauthorized services, Billing avoidance, ). Attack Targets: Attacks on DNS servers, servers, etc. are excluded. The main targets for attacks are: LTE Components o Core EPC components (MME, SGW, HSS, ) o enodebs (especially those in non-carrier owned premises, like shopping malls) o Femto enodebs (which are usually on subscriber premises) Subscribers handsets (UEs). o Theft of Data on UE. o Theft of Data in cloud. Attack Sources: Lastly, the sources of potential attacks can be: Other UEs Carrier, by insiders (disgruntled employees) Networks of Roaming partners (via GRX/IPX) SS7 / SIGTRAN gateway Public Internet enodebs, which have been compromised by physical access. Air (Radio) interface Femto enodebs LTE Threat Analysis, Rajaram Pejaver, June 6, 2012 Page 1/9
2 2. Summary of Potential attacks The likely attacks that are summarized below are detailed in the tables that follow. Compromised / rooted UE 1) Attacks on LTE components 2) Attacks on PGW 3) Attacks on other UEs Insider (disgruntled employee) attacks on Carrier 4) Login to EPC hosts (console or web), change LTE configurations 5) Sniff / capture UE's tunneled data 6) Location Privacy: tracking IMSIs & NAIs Networks of Roaming partners 7) Signaling attacks on EPC 8) GTP Echo scanning SS7 / SIGTRAN 9) Signaling attacks from roaming partners Public Internet based attacks 10) PGW is open to Internet 11) Open connections to UE (what ports are open on UE?) An enodeb compromised by unauthorized physical access 12) The same enodeb 13) The S1-U and S1-MME interfaces 14) The X2 interface Air (Radio) interface 15) Jamming, mass DoS 16) Strong signal to attract target UEs to compromised enodeb Femto enodebs 17) Subvert & replace software LTE Threat Analysis, Rajaram Pejaver, June 6, 2012 Page 2/9
3 1. IP based attacks on LTE Core from UE Compromised / rooted UE LTE components Network mapping is the first step to other attacks. Fuzzing and buffer overflows can disrupt service. A UE can be programmed to run a ping scan on the carrier s to discover hosts. The ranges can be guessed by examining the UE s assigned IP address. Both IPv4 and IPv6 scans can be run, using ICMP and UDP packets. If an IP address is found, then Port scanning can be run to identify the host s function (MME vs. PGW, ). The UE can either have a custom Android build or an application that generates these attacks. Subsequent attacks can include: Send fuzzed (malformed) messages to open ports. These messages could cause software crashes and service outages. Buffer overflow attempts. Variable length fields in GTP messages could be made unusually long. Excessive pings or ICMP error responses in tunneled traffic can indicate discovery attempts. There should be no route from a UE to LTE components. If necessary, a firewall can enforce this policy by blocking packets that have been detunneled by a PGW from being forwarded to the LTE hosts. Note that access to the IMS P- CSCF must be permitted. 2. Signaling attacks on the PGW Compromised / rooted UE LTE PGW Service disruption. IP packets from the UE are de-tunneled on a PGW and forwarded to the Internet. If a packet is addressed to the PGW itself, then it may be delivered to the specified port. The attacking UE can construct UDP based GTP-C packets and send it to the PGW on port These packets can be Tunnel Management messages that close tunnels and bearers belonging to other subscribers. The TEIDs can be chosen at random. Alternatively, the TEID can be based on the TEID value assigned to the attacker. Assuming that TEID values are assigned sequentially, the valid values at a Scan tunneled traffic for illegal and restricted destination addresses. There should be no route from a UE to the PGWs. LTE Threat Analysis, Rajaram Pejaver, June 6, 2012 Page 3/9
4 given time will all be closely bunched. The source IP address can be forged to be a valid SGW address. The destination address could be local host (::1 or ) or can be the PGW address that was somehow discovered. The TCP stack on the sending UE would have to be modified to send such packets. 3. Attacks on other UEs Compromised / rooted UE Other UEs Service disruption, spoofed messages. The UE can attempt to send IP packets directly to other UEs. UEs will typically be assigned private (NATted) IPv4 addresses but may have global IPv6 addresses. An attacking UE can guess the IP address of a different UE and open connections to it. For IPv4, the message may be addressed to a private address in the local NAT range, or to a global address. If VoIP service is enabled, then the two communicating UEs will be aware of each other s global addresses. Excessive failed TCP connections in the tunneled traffic. Excessive rejected UDP transmissions. Excessive failed ICMP messages. Attempts to send packets to a private address. The PGW should forward all de-tunneled messages from UEs to a firewall or a router that enforces routing policies. In case on VoIP calls where direct UE to UE communications are permitted between specific pairs, the router must be dynamically updated to allow the communication for the LTE Threat Analysis, Rajaram Pejaver, June 6, 2012 Page 4/9
5 duration of the call. In general, TCP connections or unsolicited UDP messages to UEs should be blocked. 4. Insider (disgruntled employee) attacks on EPC hosts Carrier s staff from Carrier EPC hosts Disruption of service; theft of service It is relatively easy for authorized staff to make unauthorized changes to configurations by logging in to the devices. The attacker could be an administrator, or a representative from the vendor that provides the hardware or software for the LTE component. Instead of causing an obvious outage by crashing the device, the attacker could affect performance by reducing buffer sizes, queue lengths, timer values, etc. Such attacks would be hard to detect and correct, even if audit tracks are maintained. Modifying data in the HSS could provide unauthorized services to subscribers. Audit information that tracks authentication of individual users should be maintained in a secure ed location. Access to sensitive devices via ssh, telnet or ftp should be monitored and recorded. The session can then be reconstructed to determine where the attack originated and what changes were made. 5. Insider (disgruntled employee) attacks on subscriber data Carrier s staff from Carrier Subscriber s tunneled carrier s Theft of user data Authorized operators and administrators could passively sniff and capture data packets between the EPC components. This would give them access to users private s, SMS, and web browsing sessions. Though it would be more difficult, Packet insertion and Man-in-the-middle attacks are also possible. These attacks involve modifying the carrier s components (routers, switches, taps) as opposed to attacking the EPC hosts. <help> LTE Threat Analysis, Rajaram Pejaver, June 6, 2012 Page 5/9
6 6. Insider (disgruntled employee) attacks on signaling data Carrier s staff from Carrier Signaling data on carrier s User location tracking, stalking. It is possible to track a UE s location and movements by monitoring the handoff operations. While a carrier would typically have equipment to report this information to authorized staff, an unauthorized person can also reconstruct this information by sniffing the s and correlating IMSI information. <help> 7. Signaling attacks from roaming partners Networks of other carriers who are roaming partners EPC hosts, HSS Disruption of service; theft of service; theft of competitive information GRX/IPX s allow different carriers to bypass the public Internet while providing service to roaming subscribers. It allows carriers to send GTP packets to other carriers. This opens the door to all sorts of signaling attacks, perhaps by employees of the remote carriers, similar to the signaling attacks by insiders. The remote carrier may not have adequate audit information to trace back the origins of malicious attacks. Monitor and record all requests originating from remote carriers. Application level firewalls to permit granular access. 8. Network mapping by roaming partners Networks of other carriers who are roaming partners EPC hosts, HSS Theft of competitive information GTP Echos can be sent via the GRX/IPX s. This allows a foreign carrier to map out the local and find unadvertised restricted EPC components. Check for excessive Echo requests originating from remote carriers. Firewalls. LTE Threat Analysis, Rajaram Pejaver, June 6, 2012 Page 6/9
7 9. EPC attacks via SS7/SIGTRAN SS7 cloud and the SIGTRAN gateway EPC components Disruption of service SS7/SIGTRAN provides a signaling avenue similar to GRX/IPX and can allow remote carriers to mount signaling attacks. Monitor and record all signaling traffic originating from SIGTRAN. Strict Policy checking. 10. PGW attacks from the Internet Public Internet PDN-GWY (PGW) Disruption of service The PGW is open to Internet via the SGi interface. It acts as the routing anchor for UEs. It is possible to flood this interface from the Internet, thereby disrupting service to UEs. TCP connection requests and UDP packets can be sent. Also, firewall misconfigurations may allow access to other services on the PGW. IDS checking on the SGi interface. Firewalls. 11. Attacks on UE from the Internet Public Internet UEs SPAM, theft of UE data, infect UEs with malware. xxxxxxxxx IDS checking on the SGi interface. Firewalls. LTE Threat Analysis, Rajaram Pejaver, June 6, 2012 Page 7/9
8 12. Physical attacks on enodebs An enodeb compromised by unauthorized physical access The same enodeb Proprietary Device configuration information can be used to deduce capacity limits, performance goals and other competitive information. Some enodebs may be installed at locations that are not controlled by the carrier. For example, an anodeb in a shopping mall may be in a room accessible by mall security staff, a cell site covering a high rise apartment complex bay be accessible by the local janitor, etc. Given physical access to the enodeb s console and front panel, an attacker may be able to reboot it in a service mode and bypass normal security. Removing the device s hard drive will allow access to configuration information. It may also be possible to patch the software to insert back doors for future attacks. <help> Configuration information must be encrypted on disk. Software should be signed and verified. 13. Attacks on the S1 interface An enodeb compromised by unauthorized physical access The S1-U and S1-MME interfaces If the S1 interfaces are not IPsec encrypted, then it would be easy for an attacker to tap in, perhaps using a hub. The tunneled user data is typically not encrypted at this point. Some of the many attacks are: Sniff signaling and user data packets Man in the middle attacks on signaling and user data sessions Spoofing of source addresses 14. Attacks on the X2 interface between enodebs An enodeb compromised by The X2 interface between Forcing hand offs to the compromised Once a enodeb site is compromised, it can send fake signaling messages to neighboring enodebs to grab UEs. These UEs can then be attacked as described above. LTE Threat Analysis, Rajaram Pejaver, June 6, 2012 Page 8/9
9 unauthorized physical access enodebs enodeb, disruption of service, LTE Threat Analysis, Rajaram Pejaver, June 6, 2012 Page 9/9
Practical Security Testing for LTE Networks BlackHat Abu Dhabi December 2012 Martyn Ruks & Nils
Practical Security Testing for LTE Networks BlackHat Abu Dhabi December 2012 Martyn Ruks & Nils 06/11/2012 1 Today s Talk Intro to LTE Networks Technical Details Attacks and Testing Defences Conclusions
More informationSecurity Testing 4G (LTE) Networks 44con 6th September 2012 Martyn Ruks & Nils
Security Testing 4G (LTE) Networks 44con 6th September 2012 Martyn Ruks & Nils 11/09/2012 1 Today s Talk Intro to 4G (LTE) Networks Technical Details Attacks and Testing Defences Conclusions 11/09/2012
More informationSS7 & LTE Stack Attack
SS7 & LTE Stack Attack Ankit Gupta Black Hat USA 2013 akg0x11@gmail.com Introduction With the evolution of IP network, Telecom Industries are using it as their core mode of communication for their network
More informationLTE transport network security Jason S. Boswell Head of Security Sales, NAM Nokia Siemens Networks
LTE transport network security Jason S. Boswell Head of Security Sales, NAM Nokia Siemens Networks 1 Nokia Siemens Networks New evolved Networks - new security needs Walled Garden Transport & Protocols
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationLinux Network Security
Linux Network Security Course ID SEC220 Course Description This extremely popular class focuses on network security, and makes an excellent companion class to the GL550: Host Security course. Protocols
More informationHow To Set Up An Ip Firewall On Linux With Iptables (For Ubuntu) And Iptable (For Windows)
Security principles Firewalls and NAT These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/) Host vs Network
More information1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained
home Network Vulnerabilities Detail Report Grouped by Vulnerability Report Generated by: Symantec NetRecon 3.5 Licensed to: X Serial Number: 0182037567 Machine Scanned from: ZEUS (192.168.1.100) Scan Date:
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationAASTMT Acceptable Use Policy
AASTMT Acceptable Use Policy Classification Information Security Version 1.0 Status Not Active Prepared Department Computer Networks and Data Center Approved Authority AASTMT Presidency Release Date 19/4/2015
More informationBasics of Internet Security
Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational
More informationWorldwide attacks on SS7 network
Worldwide attacks on SS7 network P1 Security Hackito Ergo Sum 26 th April 2014 Pierre-Olivier Vauboin (po@p1sec.com) Alexandre De Oliveira (alex@p1sec.com) Agenda Overall telecom architecture Architecture
More informationTrack 2 Workshop PacNOG 7 American Samoa. Firewalling and NAT
Track 2 Workshop PacNOG 7 American Samoa Firewalling and NAT Core Concepts Host security vs Network security What is a firewall? What does it do? Where does one use it? At what level does it function?
More informationFirewalls and Intrusion Detection
Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall
More informationHow to secure an LTE-network: Just applying the 3GPP security standards and that's it?
How to secure an LTE-network: Just applying the 3GPP security standards and that's it? Telco Security Day @ Troopers 2012 Peter Schneider Nokia Siemens Networks Research 1 Nokia Siemens Networks 2012 Intro
More informationINTRUSION DETECTION SYSTEMS and Network Security
INTRUSION DETECTION SYSTEMS and Network Security Intrusion Detection System IDS A layered network security approach starts with : A well secured system which starts with: Up-to-date application and OS
More informationFinal exam review, Fall 2005 FSU (CIS-5357) Network Security
Final exam review, Fall 2005 FSU (CIS-5357) Network Security Instructor: Breno de Medeiros 1. What is an insertion attack against a NIDS? Answer: An insertion attack against a network intrusion detection
More informationLTE Attach and Default Bearer Setup Messaging
LTE Attach and Default Bearer Setup Messaging 2012 Inc. All Rights Reserved LTE Attach Message Sequence Chart enodeb MME SGW HSS Initial UE Message Update Location Update Location Answer Create Session
More informationIPv6 SECURITY. May 2011. The Government of the Hong Kong Special Administrative Region
IPv6 SECURITY May 2011 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the express
More informationDos & DDoS Attack Signatures (note supplied by Steve Tonkovich of CAPTUS NETWORKS)
Dos & DDoS Attack Signatures (note supplied by Steve Tonkovich of CAPTUS NETWORKS) Signature based IDS systems use these fingerprints to verify that an attack is taking place. The problem with this method
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationSecure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Operations and Denial of Service Secure Software Programming 2 Overview
More informationVirtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN
Virtual private network Network security protocols COMP347 2006 Len Hamey Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Public internet Security protocol encrypts
More informationFirewall Firewall August, 2003
Firewall August, 2003 1 Firewall and Access Control This product also serves as an Internet firewall, not only does it provide a natural firewall function (Network Address Translation, NAT), but it also
More informationTowards Software Defined Cellular Networks
Towards Software Defined Cellular Networks Li Erran Li (Bell Labs, Alcatel-Lucent) Morley Mao (University of Michigan) Jennifer Rexford (Princeton University) 1 Outline Critiques of LTE Architecture CellSDN
More informationLTE - Can SDN paradigm be applied?
LTE - Can SDN paradigm be applied? Source of this presentation: Towards Software Defined Cellular Networks Li Erran Li (Bell Labs, Alcatel-Lucent) Morley Mao (University of Michigan) Jennifer Rexford (Princeton
More informationPotential Targets - Field Devices
Potential Targets - Field Devices Motorola Field Devices: Remote Terminal Units ACE 3600 Front End Devices ACE IP Gateway ACE Field Interface Unit (ACE FIU) 2 Credential Cracking Repeated attempts to
More informationIntroduction of Intrusion Detection Systems
Introduction of Intrusion Detection Systems Why IDS? Inspects all inbound and outbound network activity and identifies a network or system attack from someone attempting to compromise a system. Detection:
More informationVillains and Voice Over IP
Villains and Voice Over IP Heather Bonin ECE 578 March 7, 2004 Table of Contents Introduction... 3 How VOIP Works... 3 Ma Bell and her Babies... 3 VoIP: The New Baby on the Block... 3 Security Issues...
More informationAppendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003
http://technet.microsoft.com/en-us/library/cc757501(ws.10).aspx Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003 Updated: October 7, 2005 Applies To: Windows Server 2003 with
More informationA Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.
A Brief Overview of VoIP Security By John McCarron Voice of Internet Protocol is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money
More informationSY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.
system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped
More informationHow To Protect Your Network From Attack From A Hacker On A University Server
Network Security: A New Perspective NIKSUN Inc. Security: State of the Industry Case Study: Hacker University Questions Dave Supinski VP of Regional Sales Supinski@niksun.com Cell Phone 215-292-4473 www.niksun.com
More informationDetermine if the expectations/goals/strategies of the firewall have been identified and are sound.
Firewall Documentation Develop background information about the firewall(s) in place: Segment diagrams Software Hardware Routers Version levels Host names IP addresses Connections Specific policies for
More informationNetwork Security and Firewall 1
Department/program: Networking Course Code: CPT 224 Contact Hours: 96 Subject/Course WEB Access & Network Security: Theoretical: 2 Hours/week Year Two Semester: Two Prerequisite: NET304 Practical: 4 Hours/week
More informationFIGHTING FRAUD ON 4G. Neutralising threats in the LTE ecosystem
FIGHTING FRAUD ON 4G Neutralising threats in the LTE ecosystem TABLE OF CONTENTS Introduction...3 New and Old Vulnerabilities...4 Identity Management...5 A Unified Response...6 Data Mining...7 An Evolving
More informationVoice over IP Security
Voice over IP Security Patrick Park Cisco Press Cisco Press 800 East 96th Street Indianapolis, Indiana 46240 USA vii Contents Introduction xvii Part I VoIP Security Fundamentals 3 Chapter 1 Working with
More informationThe Trivial Cisco IP Phones Compromise
Security analysis of the implications of deploying Cisco Systems SIP-based IP Phones model 7960 Ofir Arkin Founder The Sys-Security Group ofir@sys-security.com http://www.sys-security.com September 2002
More informationFrequent Denial of Service Attacks
Frequent Denial of Service Attacks Aditya Vutukuri Science Department University of Auckland E-mail:avut001@ec.auckland.ac.nz Abstract Denial of Service is a well known term in network security world as
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationChapter 8 Security Pt 2
Chapter 8 Security Pt 2 IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross,
More informationHughesNet Broadband VPN End-to-End Security Enabled by the HN7700S-R
HughesNet Broadband VPN End-to-End Security Enabled by the HN7700S-R HughesNet Managed Broadband Network Services include a high level of end-toend security utilizing a robust architecture designed by
More informationa) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)
MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file
More informationJK0 015 CompTIA E2C Security+ (2008 Edition) Exam
JK0 015 CompTIA E2C Security+ (2008 Edition) Exam Version 4.1 QUESTION NO: 1 Which of the following devices would be used to gain access to a secure network without affecting network connectivity? A. Router
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall
More informationConfiguring Check Point VPN-1/FireWall-1 and SecuRemote Client with Avaya IP Softphone via NAT - Issue 1.0
Configuring Check Point VPN-1/FireWall-1 and SecuRemote Client with Avaya IP Softphone via NAT - Issue 1.0 Abstract Avaya IP Softphone R3 V2.1 now supports H.323 VoIP applications running over different
More informationRecommended IP Telephony Architecture
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
More informationPublic Safety Communications Research. LTE Demonstration Network Test Plan. Phase 3 Part 1: Network Interoperability & Drive Test. Version 2.
Public Safety Communications Research LTE Demonstration Network Test Plan Phase 3 Part 1: Network Interoperability & Drive Test Version 2.4 May 7, 2013 1 1 Contents 2 List of Tables... 5 3 List of Figures...
More informationNetwork Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting
Network Security: 30 Questions Every Manager Should Ask Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting Network Security: 30 Questions Every Manager/Executive Must Answer in Order
More informationA Very Incomplete Diagram of Network Attacks
A Very Incomplete Diagram of Network Attacks TCP/IP Stack Reconnaissance Spoofing Tamper DoS Internet Transport Application HTTP SMTP DNS TCP UDP IP ICMP Network/Link 1) HTML/JS files 2)Banner Grabbing
More informationOverview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP
Overview Securing TCP/IP Chapter 6 TCP/IP Open Systems Interconnection Model Anatomy of a Packet Internet Protocol Security (IPSec) Web Security (HTTP over TLS, Secure-HTTP) Lecturer: Pei-yih Ting 1 2
More informationImplementing Secure Converged Wide Area Networks (ISCW)
Implementing Secure Converged Wide Area Networks (ISCW) 1 Mitigating Threats and Attacks with Access Lists Lesson 7 Module 5 Cisco Device Hardening 2 Module Introduction The open nature of the Internet
More informationWho is Watching You? Video Conferencing Security
Who is Watching You? Video Conferencing Security Navid Jam Member of Technical Staff March 1, 2007 SAND# 2007-1115C Computer and Network Security Security Systems and Technology Video Conference and Collaborative
More informationDenial of Service. Tom Chen SMU tchen@engr.smu.edu
Denial of Service Tom Chen SMU tchen@engr.smu.edu Outline Introduction Basics of DoS Distributed DoS (DDoS) Defenses Tracing Attacks TC/BUPT/8704 SMU Engineering p. 2 Introduction What is DoS? 4 types
More informationFirewalls (IPTABLES)
Firewalls (IPTABLES) Objectives Understand the technical essentials of firewalls. Realize the limitations and capabilities of firewalls. To be familiar with iptables firewall. Introduction: In the context
More informationNetwork Security Policy
Network Security Policy I. PURPOSE Attacks and security incidents constitute a risk to the University's academic mission. The loss or corruption of data or unauthorized disclosure of information on campus
More informationPROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES
PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute
More informationWanderlust: Enabling roaming in the LTE era. Don Troshynski Vice President, Solutions Architecture
Wanderlust: Enabling roaming in the LTE era Don Troshynski Vice President, Solutions Architecture Acme Packet Trusted, first-class services and applications Apps & services Session delivery network April
More informationChapter 4 Security and Firewall Protection
Chapter 4 Security and Firewall Protection This chapter describes how to use the Security features of the ProSafe Wireless ADSL Modem VPN Firewall Router to protect your network. These features can be
More informationFirewalls P+S Linux Router & Firewall 2013
Firewalls P+S Linux Router & Firewall 2013 Firewall Techniques What is a firewall? A firewall is a hardware or software device which is configured to permit, deny, or proxy data through a computer network
More informationSERVICE DISCOVERY AND MOBILITY MANAGEMENT
Objectives: 1) Understanding some popular service discovery protocols 2) Understanding mobility management in WLAN and cellular networks Readings: 1. Fundamentals of Mobile and Pervasive Computing (chapt7)
More information74% 96 Action Items. Compliance
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated
More informationANNEXURE TO TENDER NO. MRPU/IGCAR/COMP/5239
ANNEXURE TO TENDER NO. MRPU/IGCAR/COMP/5239 Check Point Firewall Software and Management Software I. Description of the Item Up gradation, installation and commissioning of Checkpoint security gateway
More informationNetwork/Internet Forensic and Intrusion Log Analysis
Course Introduction Enterprises all over the globe are compromised remotely by malicious hackers each day. Credit card numbers, proprietary information, account usernames and passwords, and a wealth of
More informationSecuring end devices
Securing end devices Securing the network edge is already covered. Infrastructure devices in the LAN Workstations Servers IP phones Access points Storage area networking (SAN) devices. Endpoint Security
More informationSIP Trunking Configuration with
SIP Trunking Configuration with Microsoft Office Communication Server 2007 R2 A Dell Technical White Paper End-to-End Solutions Team Dell Product Group - Enterprise THIS WHITE PAPER IS FOR INFORMATIONAL
More informationSonicWALL PCI 1.1 Implementation Guide
Compliance SonicWALL PCI 1.1 Implementation Guide A PCI Implementation Guide for SonicWALL SonicOS Standard In conjunction with ControlCase, LLC (PCI Council Approved Auditor) SonicWall SonicOS Standard
More information1. Firewall Configuration
1. Firewall Configuration A firewall is a method of implementing common as well as user defined security policies in an effort to keep intruders out. Firewalls work by analyzing and filtering out IP packets
More informationAn Oracle White Paper December 2013. The Value of Diameter Signaling in Security and Interworking Between 3G and LTE Networks
An Oracle White Paper December 2013 The Value of Diameter Signaling in Security and Interworking Between 3G and LTE Networks Introduction Today s mobile networks are no longer limited to voice calls. With
More informationConfiguring IPSec VPN Tunnel between NetScreen Remote Client and RN300
Configuring IPSec VPN Tunnel between NetScreen Remote Client and RN300 This example explains how to configure pre-shared key based simple IPSec tunnel between NetScreen Remote Client and RN300 VPN Gateway.
More informationConfiguring Personal Firewalls and Understanding IDS. Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA
Configuring Personal Firewalls and Understanding IDS Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA 1 Configuring Personal Firewalls and IDS Learning Objectives Task Statements 1.4 Analyze baseline
More informationInternet Security Firewalls
Overview Internet Security Firewalls Ozalp Babaoglu! Exo-structures " Firewalls " Virtual Private Networks! Cryptography-based technologies " IPSec " Secure Socket Layer ALMA MATER STUDIORUM UNIVERSITA
More informationWhat is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?
What is a Firewall? Computer Security Firewalls fire wall 1 : a wall constructed to prevent the spread of fire 2 usually firewall : a computer or computer software that prevents unauthorized access to
More informationT.38 fax transmission over Internet Security FAQ
August 17, 2011 T.38 fax transmission over Internet Security FAQ Give me a rundown on the basics of T.38 Fax over IP security. Real time faxing using T.38 SIP trunks is just as secure as sending faxes
More informationModule 8. Network Security. Version 2 CSE IIT, Kharagpur
Module 8 Network Security Lesson 3 Firewalls Specific Instructional Objectives On completion of this lesson, the students will be able to answer: What a firewall is? What are the design goals of Firewalls
More informationGeneral Network Security
4 CHAPTER FOUR General Network Security Objectives This chapter covers the following Cisco-specific objectives for the Identify security threats to a network and describe general methods to mitigate those
More informationSecurity of IPv6 and DNSSEC for penetration testers
Security of IPv6 and DNSSEC for penetration testers Vesselin Hadjitodorov Master education System and Network Engineering June 30, 2011 Agenda Introduction DNSSEC security IPv6 security Conclusion Questions
More informationVoice Over IP and Firewalls
Introduction Voice Over IP and Firewalls By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Use of Voice Over IP (VoIP) in enterprises is becoming more and more
More informationCS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24
Introduction to Computer Networks Lecture24 Network security (continued) Key distribution Secure Shell Overview Authentication Practical issues Firewalls Denial of Service Attacks Definition Examples Key
More informationSecurity Technology: Firewalls and VPNs
Security Technology: Firewalls and VPNs 1 Learning Objectives Understand firewall technology and the various approaches to firewall implementation Identify the various approaches to remote and dial-up
More informationNetwork Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion
Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann
More informationFirewall Design Principles Firewall Characteristics Types of Firewalls
Firewall Design Principles Firewall Characteristics Types of Firewalls Special Thanks to our friends at The Blekinge Institute of Technology, Sweden for providing the basis for these slides. Fall 2008
More informationSonicOS 5.9 / 6.0.5 / 6.2 Log Events Reference Guide with Enhanced Logging
SonicOS 5.9 / 6.0.5 / 6.2 Log Events Reference Guide with Enhanced Logging 1 Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION:
More informationNetwork Defense Tools
Network Defense Tools Prepared by Vanjara Ravikant Thakkarbhai Engineering College, Godhra-Tuwa +91-94291-77234 www.cebirds.in, www.facebook.com/cebirds ravikantvanjara@gmail.com What is Firewall? A firewall
More informationDistributed Denial of Service Attack Tools
Distributed Denial of Service Attack Tools Introduction: Distributed Denial of Service Attack Tools Internet Security Systems (ISS) has identified a number of distributed denial of service tools readily
More informationSecurity vulnerabilities in the Internet and possible solutions
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
More informationA1.1.1.11.1.1.2 1.1.1.3S B
CS Computer 640: Network AdityaAkella Lecture Introduction Networks Security 25 to Security DoS Firewalls and The D-DoS Vulnerabilities Road Ahead Security Attacks Protocol IP ICMP Routing TCP Security
More informationDirectory and File Transfer Services. Chapter 7
Directory and File Transfer Services Chapter 7 Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP over traditional authentication systems Identify major
More informationLoad Balance Router R258V
Load Balance Router R258V Specification Hardware Interface WAN - 5 * 10/100M bps Ethernet LAN - 8 * 10/100M bps Switch Reset Switch LED Indicator Power - Push to load factory default value or back to latest
More informationThis Lecture. The Internet and Sockets. The Start 1969. If everyone just sends a small packet of data, they can all use the line at the same.
This Lecture The Internet and Sockets Computer Security Tom Chothia How the Internet works. Some History TCP/IP Some useful network tools: Nmap, WireShark Some common attacks: The attacker controls the
More informationFirewall-Friendly VoIP Secure Gateway and VoIP Security Issues
Firewall-Friendly VoIP Secure Gateway and VoIP Security Issues v Noriyuki Fukuyama v Shingo Fujimoto v Masahiko Takenaka (Manuscript received September 26, 2003) IP telephony services using VoIP (Voice
More informationCTS2134 Introduction to Networking. Module 8.4 8.7 Network Security
CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by
More informationIntrusion Detection Systems. Darren R. Davis Student Computing Labs
Intrusion Detection Systems Darren R. Davis Student Computing Labs Overview Intrusion Detection What is it? Why do I need it? How do I do it? Intrusion Detection Software Network based Host based Intrusion
More informationDDoS Attacks: The Latest Threat to Availability. Dr. Bill Highleyman Managing Editor Availability Digest
DDoS Attacks: The Latest Threat to Availability Dr. Bill Highleyman Managing Editor Availability Digest The Anatomy of a DDoS Attack Sombers Associates, Inc. 2013 2 What is a Distributed Denial of Service
More informationICSA Labs Network Protection Devices Test Specification Version 1.3
Network Protection Devices Test Specification Version 1.3 August 19, 2011 www.icsalabs.com Change Log Version 1.3 August 19, 2011 added general configuration note to default configuration in Firewall section
More informationMy FreeScan Vulnerabilities Report
Page 1 of 6 My FreeScan Vulnerabilities Report Print Help For 66.40.6.179 on Feb 07, 008 Thank you for trying FreeScan. Below you'll find the complete results of your scan, including whether or not the
More informationVoice over IP (VoIP) Vulnerabilities
Voice over IP (VoIP) Vulnerabilities The Technical Presentation Diane Davidowicz NOAA Computer Incident Response Team N-CIRT diane.davidowicz@noaa.gov "Security problems in state of the art IP-Telephony
More informationTECHNICAL WHITE PAPER. Symantec pcanywhere Security Recommendations
TECHNICAL WHITE PAPER Symantec pcanywhere Security Recommendations Technical White Paper Symantec pcanywhere Security Recommendations Introduction... 3 pcanywhere Configuration Recommendations... 4 General
More informationTroubleshooting the Firewall Services Module
CHAPTER 25 This chapter describes how to troubleshoot the FWSM, and includes the following sections: Testing Your Configuration, page 25-1 Reloading the FWSM, page 25-6 Performing Password Recovery, page
More informationInternet Security Firewalls
Internet Security Firewalls Ozalp Babaoglu ALMA MATER STUDIORUM UNIVERSITA DI BOLOGNA Overview Exo-structures Firewalls Virtual Private Networks Cryptography-based technologies IPSec Secure Socket Layer
More information