How To Protect A Database From Attack
|
|
- Ashley Murphy
- 3 years ago
- Views:
Transcription
1 Database Security in Assets of Companies Tianmin Qu Department of Computer Science Helsinki University of Technology The most sensitive data for commercial web sites will usually reside in databases that exist behind the corporate firewall. Clearly, the database holds the jewels in the Web site s vault. For this reason access to the database must be carefully controlled. Anup Ghosh E-Commerce Security; Weak Links, Best Defenses Abstract Due to the rapid development of computer and Internet technology, more and more assets of a company is stored in digital format in database, especially in the E-commerce company. Databases are also widely used in every person s daily life. This article concentrates on the common threats to an open database system, the strategies to be considered when securing a database, and how to secure a database in four most important layers. 1. Introduction It is becoming more evident that, the assets of a company are mostly stored in digital data format. The assets may include the intellectual property products of the company, classified information about business partners and customers. More likely than not, this data sources are relational database. It is extremely the case regarding an E-commerce company. Most of those assets are opened on-line to administrators and customers. Commonly used database systems are Oracle, Sybase, and MS SQL Server. Internetworking technology not only greatly facilitates the cooperation to manage its assets flexibly, but also gives a chance to criminals or hackers to access corporation s digital assets. Therefore, all companies are spending more and more effort to secure their database against malicious intrusions. At the same time they have to make their data available at any time to any authorized users. Security of the relational database should be a principal part of business-to-business security strategy [7]. 1
2 The basic and most popular schema of database in E-commerce system is that, web applications access the database for information retrieval and exchange. There are many layers involved when a web application accesses a database. To secure those layers will strength the security of the database. We will examine each layer in detail and introduce how to secure the database on those layers in latter chapters. 2. Why we need database security All companies use database management systems to house their information assets. E-commerce companies allow applications to share information and resource to be accessed by business partners and customers. In the Internet wrold and the information economy, databases hold the valuable assets of a company which is always kept online. The company must make the information available for use at any time to any authorized users, such as customers, employees or business partners. Companies by no means leave a single chance to intruders. Cooperations and governments also use database to mangage personnel information, employee payment, which should be kept privacy and confidential even to certain unautherized insiders. Sensitive financial data, such as trading records, business transactions etc, must be prevented form disclosure by business competitiors, even unauthorized internal access. detailed customer information including financial accounts, credit card numbers. Information is money. Hackers target on the database more frequently. In building the security infrastructure of a company, database security should not be overlooked. Not properly protecting the database will cause a corporation s most valuable assets left exposed to malicious persons. Database is so critical to most enterprise nowadays, that destruction of database can have catastrophic impact on it. Insecure of a companies system can harm both the company itself and the customers. The following report depicts severeness of an insecure database. According to the advisory of American National Infrastructure Protection Center (NIPC) in 2000, there were increasingly attacks on U.S. e-commerce system. " The majority of the intrusions have occurred on Microsoft Windows NT systems, although Unix based operating systems have been victimized as well. The hackers are exploiting at least three known system vulnerabilities to gain unauthorized access and download propriety information. Although these vulnerabilities are not new, this recent activity warrants additional attention by system administrators. In most cases, the hacker activity had been ongoing for several months before the victim became aware of the intrusion " [8]. Another important reason for database security is that an insecure database will not only compromise the database itself, but the operating system and other trusted systems running on it. The intruder can first get access to the poor secured database, then use powerful buit-in database features to access the local operating system. If the databse have relationship with other trusted systems, the intruder can attack all other systems as well. 3. Security Threats on database Basically there are four kinds of threats on database system; they are denial of service, sniff attack, spoofing attack and Trojan Horse. 2
3 3.1 Denial of service attack Denial of service attack (DoS) is to make a database server greatly slower or even not available to legitimate user at all. Even though DoS attack does not result in the disclosure or loss of the database information, it can cost the victims much time and money. Common Dos attacks on databases are: Ping of death attack Pings are used to test a network to see if an Internet address is valid by sending ICMP (Internet Control Message Protocol) request ping to the destination host. However the attacker can send oversized ICMP requests at very high frequency. The victim s reply to these requests will cost much of CPU load. The system will slow to provide service to other process and even crash finally. Ping of death happens not only on Unix system and other PC operating system, but also on mainframes and some specialized operating systems [1]. Syn attack For an application server to transmit data with database, a connection oriented and reliable service is needed. Therefore TCP is used as transmission protocol. Before the transmission of data, connection has to be established by TCP three-way-handshake. First, the attacker sends SYN packets the target host with its spoofed IP address, which is unreachable. Then the target host respond with SYN/ACK packets, and waits for the final ACK to complete the three-way-handshake. However, ACK will never come [1]. Another kind of syn attack is that, when TCP connection is established in database side, a buffer is reserved for three-way-handshaking. The attacker sends a large amount of connection requests rapidly but don not reply the respond. This will cause the buffer get full and legitimate request cannot get the service. Even though the packets in the buffer will be dropped after some timeout, the legitimate user cannot get the service on time. 3.2 Sniff attack To accommodate the e-commerce and advantage of distributed systems, database is designed to be distributed and in a client server mode. Attackers can use sniffer software to monitor data streams from the database, and acquire some confidential information, for instance the credit card number of a customer. Legitimate user's IP address login name and password can be figured out, and this information can be used for later spoofing [6]. 3.3 Spoofing attack Attackers forge a legal web application to access the database, and then retrieve data from the database and doing some evil transactions. The most common spoofing attacks are TCP spoofing and DNS (Domain Name System) spoofing. In TCP spoofing, the IP addresses in the packets are forged. While DNS spoofing is to forge the mapping between IP address and DNS name or machine name [2]. 3
4 3.4 Trojan Horse A Trojan Horse is a malicious program that embeds into the system. They are commonly reside in operating systems. Trojan Horse can modify the database, security labels or user roles without being noticed by the administrator. The intruder or even malicious insiders can place a torjan horse in the database system. One kind of torjan horse can modifies the procedure of changing and storing passowrd. When the password is changed, the password is stored in a log file or written to an external file. 3.5 Other pitfalls of database security Bad account and password settings: Databases with less or even poor user settings are often vulnerable. There is no control mechanism to control quality of a password, so that bad password can be used. Moreover, passwords are not obliged to change frequently. Login time is not restricted and "well known" user name and password are used [7]. Inadequate audit mechanism: Database operation can generate a large amount of audit files. To save disk space, Operator sometimes disables the function of auditing. This will harm the accountability of the system. Even insider can do something maliciously and ca not be traced for responsibility. Audit trails are critical for analysis the operation on the database. They cannot be ignored in any case. The following table is a reference to some pitfalls of database systems: [7] MS SQL Server Sybase Oracle 7 Oracle 8 Account Lockout Facility No No No Yes Rename Admin Account No No No No Require Strong Passwords No No No Yes Stale Accounts No No No No Password Expiration No Yes No Yes Login Hours Restrictions No No No No 4
5 Default Ports Many modern database systems have some features that can facilitate intrusion. One common feature is some default ports. For example, most relational database systems have default ports which can be accessed directly. Accessing to those ports can bypass the security mechanism of the operating system. Intruders can just utilize trivial query tools to make connection to those ports directly. For instance, Oracle 8 can be accessed via TCP/IP on their default ports of 1521 and 1526 [12]. One thing should be kept in mind, no matter how secure the database is, it still has vulnerabilities, which are quite hard to find out. If attackers identify new vulnerability before administrators notice it, the database subject to reveal to attackers. 4. Strategies to secure databases 4.1 Authentication Access to a relational database is a matter of authentication. Database is accessed by its interior network or visited as an object by remote client. Every access process, whether successful or not should be monitored, and corresponding actions, such as disable the account which has several successive unsuccessful login. However, one closing account will also disable large number of legitimate uses, this features can be used as denial of service attack. One solution is sending notice information to the real party. The password of the account should be changed periodically, and use above strong authentication method will reduce the chance to attackers [4]. 4.2 Auditing and analytical Tools In addition to strong authentication and authorization controls, another strategy is maintaining the audit trails at the database level. Even though some third party software applications have built-in auditing functions, but they only record events that take place through the application. That information is incomplete to detect possible intrusions [11]. A database auditing strategy should also include checks to validate the integrity of the business rules within an application. This should also be performed on any application security tables that are maintained within the database in order to ensure that manipulation of security or business rules is not taking place via the back door [11]. Some databases also have built-in audit utilities, however, they are complex and cannot provide enough information for auditing requirements. Sometimes, native database auditing utilities are disabled. Another shortcoming is the audit log files are in huge amount and are hard to understand. There is no sufficient tool to filter out the suspicious log. The problem became even worse if multiple database audit trails must be maintained. Therefore, develop a helpful and efficient audit analytical tool is highly recommended. 5
6 5. How to secure an E-commerce database As the other technologies, database system is not an isolated entity. It depends on many other systems. Therefore, database security is a cooperation of many other related systems as well. The following picture (Figure 1) is a normal schema of E-commerce Company. As depicted in the picture, there are four basic layers to defend a database system. These systems are the operating system on which the database system run. Firewall, a commonly used mechanism to block the intrusion from the outside network. Web server and web application, which provide multiple services to the end user by accessing the database. Network layer, the medium in which the data is transferred. Figure 1 E-enterprise Architecture 5.1 Operating system layer Security of operating system is a very important aspect in database administrations. Some powerful features of database systems might be a hole for the underlying operating system. Therefore, one should very carefully examine the relations between a feature of database and it is operating system. 6
7 Application Services Operating System OS Kernel Hardware Figure 2 Layers of IT system According to the IT system layers stated by Gollmann, there are five layers in IT system. As depicted in Figure 2, each layers is structured on top of other underlying ones [5]. Database systems is at the service and application layer, it is reside above the operating system layer. If the attack is destined for the operating system layer, the upper layer is threatened. Since if the operating system is compromised, all the upper layer security mechanism can be easily changed. Weaknesses of the operating system platforms must be identified. Those weaknesses may lead to unauthorized database access or manipulation. Database configuration files and scripts, which are server level resources, should be protected strictly to ensure the integrity of the database environment [9]. It also should be noticed that, in many database environment, membership in Operating system group is allowed full control over the database. To avoid misuse of the membership, those users' membership and access to the database should be justified regularly. Administrator should configure the operating system settings or adjust the size of the buffer and the timeout period, thus will avoid the denial of service attack stated previously. Most operating system vendors provide system patches freely and quickly if any vulnerability has been found on the system. So, another thing, which is often ignored by the administrator, is to update the operating system with the latest patches to eliminate the latest discovered holes of the system. 5.2 Network layer When web applications communicate with database or other distributed components, data has to be transmitted through the network, including local LAN and Internet. There are two main network transmissions, from user to the web server and from web application to web database server. Both of these communications must be made secure. Unfortunately the administrator can ensure the security of the network in local domain, but global Internet is out of his control. How to secure the communication on insecure network? One powerful technology is encryption. The encrypted data is unreadable and extremely hard to guess or decrypt even if it is intercepted by the attacker. The cipher text can only be decrypted by corresponding key. There are two ways to apply encryption in database system. One is to use the encryption options provided by database products, the other way is purchase encryption products form trusted vendors. One solution for a secured connection is using secured protocols above TCP/IP, for instance, Ipsec and VPN (Virtual Private Network) technology [10]. Especially, VPN can provide private traffic through the public Internet by using encryption technology. Another commonly used cryptography on top of TCP/IP is SSL (secure sockets layer). It was developed by Netscape to provide secure web sessions. It gets support of many other Internet application developers, including Microsoft. It is embedded in most web browser and web server 7
8 products. SSL has become the de facto standard. Recently, SSL has evolved into Transport Layer Security (TLS). TLS ensures that no third party may eavesdrop or tamper with any message [9]. One thing should remember that, SSL is used to authenticate and secure web sessions, not to secure the computer itself. 5.3 Web servers Web applications program is quite different from common application programs in the domain of security, Common programs do not need security features, while the web application program concerns about security greatly. The flaw in the web applications is difficult to detect. Web server is situated between the application server and firewall, which protect outside intrusions. It is used as mediator to access data we allowed to be accessed. CGI (common gateway Interface) is widely used software in web applications at present. It is a simple way to enable web server perform a diverse function [3]. CGI can be as simple as a web page counter. It can also be complex such as reading the input form the remote user, the input can be processed as a query to a local database, after retrieving the database, CGI returns the result to the user. However, it is dangerous because CGI scripts allow software applications to be executed within the web server [3]. Perl is a popular language for CGI scripts because it is easy to construct applications and parse the input form the user. However, Perl also provide some powerful system commands, which can be used by malicious users. If one web server has a poorly implemented CGI, there will be a great threat to the system, because the attacker can destroy the system easily. They can remove files from the Web server, access confidential files or even add a Trojan Horse into the system. Some practice can be used to eliminate the threats of CGI somehow. The user is forbidden to write CGI scripts as the input to the web server. The web server should also be configured that the CGI program can be executed in a single directory. Great care should be taken when writing CGI script. Remove any CGI applications that no longer in use, especially sample CGI applications that may come with your Web server. Many of the older CGI samples had security holes and are a common target for attack [3]. If the database system interacts with CGI, great care must be taken, Web application server's default settings may be a great flaw of the system. If a use logs into the database, the system should check what operation is not granted to the user. The best way is use web serve with authentication mechanism built in CGI. That means to write a CGI script with login name and password to protect the document. The document can only be read from the server, but not accessible from the web. All CGI scripts, no matter they are self-developed, downloaded or purchased, should be tested fro security holes strictly. 5.4 Firewalls Firewalls are the most important layer to block the intrusion outside of the system. There are two kind of firewall mechanism, packet filter and proxy server. The data being transmitted between the application and database are split into packets. Those packets include many information in it is headers, such as source and destination address, protocol being used. Some packets with source address which are not supposed to reach the database are filtered out [4]. The firewall should be configured to only allow one or few protocol that is useful for application queries, for instance TCP, while the packets of other protocols are blocked out strictly. Thus the vulnerable of the system is reduced to the minimum level. If the firewall is configured t discard the out coming ICMP request, the ping of death threats will be avoided thoroughly. 8
9 The firewall also should reserve log files to trace the suspicious attackers. Proxy server is composed of two connections, the connection between cooperation's database and proxy server, and the connection between proxy servers also provide the log and audit files. However, powerful firewalls are difficult to configure and audit trails are also too large and hard to analysis. 5.5 Database server Database servers are the foundation of virtually every Electronic Business, Financial, and Enterprise Resource Planning (ERP) system, and frequently include sensitive information from business partners and customers. Database server functions by using the service provided by the operating systems. Some good security practices are: Use multiple passwords to access a server. For example, using one password to access the system for administration. Use a different password for other operation. Every transaction of the database server should be audited. Use application specific user name and password. Never use a default user name or password. Back up the system properly for later recovery in case of system accidentally crash. It is useless for an end user to know the name and location of the database; moreover, it is a great threat to expose physical location and name of every database in the system. We should use service names and aliases to mask them. The file which manages the access to database service should be maintained in multiple copies. Each copy corresponds to a particular user group. The member of each group only can get the files, which contains the resource they can access. 6. Conclusion A company or an organization's assets are largely stored as digital format in online relational databases. Database security is a crucial element in the assets management of nowadays enterprise. To protect database is to protect access to a company's sensitive information and digital assets. Database is a complex system and very difficult to manage and hard to secure. Like other secure systems, database security also ensures Confidentiality, availability, integrity. Database security can be controlled at different layers. Auditing is critical, but analysis is hard. Future analytical tools will be a great help. There are many layers to protect an on line relational database. Those layers should cooperate together to get secure strengthened. Authentication and encryption play a very important role in database security. 9
10 References: [1] CIAC, IBM AIX(r) 'SYN Flood' and 'Ping o' Death' Vulnerabilities, December 10, 1996 < [2] Felten Edward W., Balfanz Dirk, Dean Drew. Web Spoofing: An Internet Con Game Feb < [3] Gardner Keith, Is your web server secure? 1999 < [4] Ghosh Anup K., Why Firewalls May Not Protect Your Corporate Assets, 1997 < [5] Gollmann Dieter, Computer security, 1999, p13, [6] Hillebrand Mary, New security tool aims to sniff out hackers E-Commerce Times July 1999 < [7] Internet Security Systems, Securing Database Servers, < [8] NIPC, E-Commerce Vulnerabilities, 2000, < [9] Pruitt Paul, Cours Steven, Securing the Web Server: Windows NT vs. Unix, 1997 < [10] Stein Lincoln D. & Stewart John N., Version 3.1.1, September 12, 2001 < [11] White B.Gregory, computer system and network security, 1996 [12] ISSEL, Oracle installation guide < 10
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More information1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained
home Network Vulnerabilities Detail Report Grouped by Vulnerability Report Generated by: Symantec NetRecon 3.5 Licensed to: X Serial Number: 0182037567 Machine Scanned from: ZEUS (192.168.1.100) Scan Date:
More informationSecuring Database Servers. Database security for enterprise information systems and security professionals
Securing Database Servers Database security for enterprise information systems and security professionals Introduction: Database servers are the foundation of virtually every Electronic Business, Financial,
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationSession Hijacking Exploiting TCP, UDP and HTTP Sessions
Session Hijacking Exploiting TCP, UDP and HTTP Sessions Shray Kapoor shray.kapoor@gmail.com Preface With the emerging fields in e-commerce, financial and identity information are at a higher risk of being
More informationSecurity vulnerabilities in the Internet and possible solutions
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
More informationCS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module
CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human
More information20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7
20-CS-6053-00X Network Security Spring, 2014 An Introduction To Network Security Week 1 January 7 Attacks Criminal: fraud, scams, destruction; IP, ID, brand theft Privacy: surveillance, databases, traffic
More informationCMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis
CMSC 421, Operating Systems. Fall 2008 Security Dr. Kalpakis URL: http://www.csee.umbc.edu/~kalpakis/courses/421 Outline The Security Problem Authentication Program Threats System Threats Securing Systems
More informationNetwork Security. by David G. Messerschmitt. Secure and Insecure Authentication. Security Flaws in Public Servers. Firewalls and Packet Filtering
Network Security by David G. Messerschmitt Supplementary section for Understanding Networked Applications: A First Course, Morgan Kaufmann, 1999. Copyright notice: Permission is granted to copy and distribute
More informationOverview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP
Overview Securing TCP/IP Chapter 6 TCP/IP Open Systems Interconnection Model Anatomy of a Packet Internet Protocol Security (IPSec) Web Security (HTTP over TLS, Secure-HTTP) Lecturer: Pei-yih Ting 1 2
More informationAbstract. Introduction. Section I. What is Denial of Service Attack?
Abstract In this report, I am describing the main types of DoS attacks and their effect on computer and network environment. This report will form the basis of my forthcoming report which will discuss
More informationFirewalls and Intrusion Detection
Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall
More informationSY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.
system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Technical and Operational Requirements for Approved Scanning Vendors (ASVs) Version 1.1 Release: September 2006 Table of Contents Introduction...1-1 Naming
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationTopics in Network Security
Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Part 1: Firewall as a Technique to create a virtual security wall separating your organization from the wild west of the public internet 2 1 Firewalls
More informationCYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE
CYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE Due to the encouraging feedback this series of articles has received, we decided to explore yet another type of cyber intrusionthe Man In The Middle (MITM)
More informationChapter 8 Security Pt 2
Chapter 8 Security Pt 2 IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross,
More informationFrequent Denial of Service Attacks
Frequent Denial of Service Attacks Aditya Vutukuri Science Department University of Auckland E-mail:avut001@ec.auckland.ac.nz Abstract Denial of Service is a well known term in network security world as
More information1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding?
Page 1 of 5 1. Introduction The present document explains about common attack scenarios to computer networks and describes with some examples the following features of the MilsGates: Protection against
More informationFirewalls. Chapter 3
Firewalls Chapter 3 1 Border Firewall Passed Packet (Ingress) Passed Packet (Egress) Attack Packet Hardened Client PC Internet (Not Trusted) Hardened Server Dropped Packet (Ingress) Log File Internet Border
More informationAbout Firewall Protection
1. This guide describes how to configure basic firewall rules in the UTM to protect your network. The firewall then can provide secure, encrypted communications between your local network and a remote
More informationHow To Protect Your Network From Attack From Outside From Inside And Outside
IT 4823 Information Security Administration Firewalls and Intrusion Prevention October 7 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles
More informationCS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24
Introduction to Computer Networks Lecture24 Network security (continued) Key distribution Secure Shell Overview Authentication Practical issues Firewalls Denial of Service Attacks Definition Examples Key
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationFirewalls, Tunnels, and Network Intrusion Detection. Firewalls
Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationNetwork Security Fundamentals
APNIC elearning: Network Security Fundamentals 27 November 2013 04:30 pm Brisbane Time (GMT+10) Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security IPv6
More informationSecurity Technology White Paper
Security Technology White Paper Issue 01 Date 2012-10-30 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without
More informationA43. Modern Hacking Techniques and IP Security. By Shawn Mullen. Las Vegas, NV IBM TRAINING. IBM Corporation 2006
IBM TRAINING A43 Modern Hacking Techniques and IP Security By Shawn Mullen Las Vegas, NV 2005 CSI/FBI US Computer Crime and Computer Security Survey 9 out of 10 experienced computer security incident in
More informationMy FreeScan Vulnerabilities Report
Page 1 of 6 My FreeScan Vulnerabilities Report Print Help For 66.40.6.179 on Feb 07, 008 Thank you for trying FreeScan. Below you'll find the complete results of your scan, including whether or not the
More informationDenial Of Service. Types of attacks
Denial Of Service The goal of a denial of service attack is to deny legitimate users access to a particular resource. An incident is considered an attack if a malicious user intentionally disrupts service
More informationAPNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10)
APNIC elearning: Network Security Fundamentals 20 March 2013 10:30 pm Brisbane Time (GMT+10) Introduction Presenter/s Nurul Islam Roman Senior Training Specialist nurul@apnic.net Specialties: Routing &
More informationNetwork and Host-based Vulnerability Assessment
Network and Host-based Vulnerability Assessment A guide for information systems and network security professionals 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free:
More informationGeneral Network Security
4 CHAPTER FOUR General Network Security Objectives This chapter covers the following Cisco-specific objectives for the Identify security threats to a network and describe general methods to mitigate those
More informationFirewalls. Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49. Firewall Design Principles
Firewalls Ola Flygt Växjö University, Sweden http://w3.msi.vxu.se/users/ofl/ Ola.Flygt@vxu.se +46 470 70 86 49 1 Firewall Design Principles Firewall Characteristics Types of Firewalls Firewall Configurations
More informationIS TEST 3 - TIPS FOUR (4) levels of detective controls offered by intrusion detection system (IDS) methodologies. First layer is typically responsible for monitoring the network and network devices. NIDS
More informationFirewalls, IDS and IPS
Session 9 Firewalls, IDS and IPS Prepared By: Dr. Mohamed Abd-Eldayem Ref.: Corporate Computer and Network Security By: Raymond Panko Basic Firewall Operation 2. Internet Border Firewall 1. Internet (Not
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationE-BUSINESS THREATS AND SOLUTIONS
E-BUSINESS THREATS AND SOLUTIONS E-BUSINESS THREATS AND SOLUTIONS E-business has forever revolutionized the way business is done. Retail has now a long way from the days of physical transactions that were
More informationNetwork Security: Introduction
Network Security: Introduction 1. Network security models 2. Vulnerabilities, threats and attacks 3. Basic types of attacks 4. Managing network security 1. Network security models Security Security has
More informationFirewalls. Test your Firewall knowledge. Test your Firewall knowledge (cont) (March 4, 2015)
s (March 4, 2015) Abdou Illia Spring 2015 Test your knowledge Which of the following is true about firewalls? a) A firewall is a hardware device b) A firewall is a software program c) s could be hardware
More informationWindows Remote Access
Windows Remote Access A newsletter for IT Professionals Education Sector Updates Issue 1 I. Background of Remote Desktop for Windows Remote Desktop Protocol (RDP) is a proprietary protocol developed by
More informationHow To Classify A Dnet Attack
Analysis of Computer Network Attacks Nenad Stojanovski 1, Marjan Gusev 2 1 Bul. AVNOJ 88-1/6, 1000 Skopje, Macedonia Nenad.stojanovski@gmail.com 2 Faculty of Natural Sciences and Mathematics, Ss. Cyril
More informationCMS Operational Policy for Firewall Administration
Chief Information Officer Office of Information Services Centers for Medicare & Medicaid Services CMS Operational Policy for Firewall Administration July 16, 2008 Document Number: CMS-CIO-POL-INF11-01
More informationChapter 4 Firewall Protection and Content Filtering
Chapter 4 Firewall Protection and Content Filtering This chapter describes how to use the content filtering features of the ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN to protect your network.
More informationBasics of Internet Security
Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational
More informationCornerstones of Security
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
More informationTHREAT MODELLING FOR SQL SERVERS Designing a Secure Database in a Web Application
THREAT MODELLING FOR SQL SERVERS Designing a Secure Database in a Web Application E.Bertino 1, D.Bruschi 2, S.Franzoni 2, I.Nai-Fovino 2, S.Valtolina 2 1 CERIAS, Purdue University, West Lafayette, IN,
More informationThick Client Application Security
Thick Client Application Security Arindam Mandal (arindam.mandal@paladion.net) (http://www.paladion.net) January 2005 This paper discusses the critical vulnerabilities and corresponding risks in a two
More informationGetting a Secure Intranet
61-04-69 Getting a Secure Intranet Stewart S. Miller The Internet and World Wide Web are storehouses of information for many new and legitimate purposes. Unfortunately, they also appeal to people who like
More informationThis chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How
This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How Network Security Is Breached Network Security Policy
More informationGlobal Partner Management Notice
Global Partner Management Notice Subject: Critical Vulnerabilities Identified to Alert Payment System Participants of Data Compromise Trends Dated: May 4, 2009 Announcement: To support compliance with
More informationIntro to Firewalls. Summary
Topic 3: Lesson 2 Intro to Firewalls Summary Basic questions What is a firewall? What can a firewall do? What is packet filtering? What is proxying? What is stateful packet filtering? Compare network layer
More informationHow To Secure An Rsa Authentication Agent
RSA Authentication Agents Security Best Practices Guide Version 3 Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com. Trademarks RSA,
More informationSecurity Type of attacks Firewalls Protocols Packet filter
Overview Security Type of attacks Firewalls Protocols Packet filter Computer Net Lab/Praktikum Datenverarbeitung 2 1 Security Security means, protect information (during and after processing) against impairment
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Security Scanning Procedures Version 1.1 Release: September 2006 Table of Contents Purpose...1 Introduction...1 Scope of PCI Security Scanning...1 Scanning
More informationBarracuda Web Site Firewall Ensures PCI DSS Compliance
Barracuda Web Site Firewall Ensures PCI DSS Compliance E-commerce sales are estimated to reach $259.1 billion in 2007, up from the $219.9 billion earned in 2006, according to The State of Retailing Online
More informationWhat is Web Security? Motivation
brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web
More informationGuide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst
INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO Guide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst This Center for Internet Security
More informationE-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)
E-Commerce Security An e-commerce security system has four fronts: LECTURE 7 (SECURITY) Web Client Security Data Transport Security Web Server Security Operating System Security A safe e-commerce system
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationSecurity Goals Services
1 2 Lecture #8 2008 Freedom from danger, risk, etc.; safety. Something that secures or makes safe; protection; defense. Precautions taken to guard against crime, attack, sabotage, espionage, etc. An assurance;
More informationBy David G. Holmberg, Ph.D., Member ASHRAE
The following article was published in ASHRAE Journal, November 2003. Copyright 2003 American Society of Heating, Refrigerating and Air-Conditioning Engineers, Inc. It is presented for educational purposes
More informationinformation security and its Describe what drives the need for information security.
Computer Information Systems (Forensics Classes) Objectives for Course Challenges CIS 200 Intro to Info Security: Includes managerial and Describe information security and its critical role in business.
More informationPort Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology
Port Scanning and Vulnerability Assessment ECE4893 Internetwork Security Georgia Institute of Technology Agenda Reconnaissance Scanning Network Mapping OS detection Vulnerability assessment Reconnaissance
More informationLinux Network Security
Linux Network Security Course ID SEC220 Course Description This extremely popular class focuses on network security, and makes an excellent companion class to the GL550: Host Security course. Protocols
More informationOverview. Packet filter
Computer Network Lab 2015 Fachgebiet Technische h Informatik, Joachim Zumbrägel Overview Security Type of attacks Firewalls Protocols Packet filter Security Security means, protect information (during
More informationDenial of Service (DoS)
Intrusion Detection, Denial of Service (DoS) Prepared By:Murad M. Ali Supervised By: Dr. Lo'ai Tawalbeh New York Institute of Technology (NYIT), Amman s campus-2006 Denial of Service (DoS) What is DoS
More informationIntrusion Detection. Overview. Intrusion vs. Extrusion Detection. Concepts. Raj Jain. Washington University in St. Louis
Intrusion Detection Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationWHITE PAPER. FortiGate DoS Protection Block Malicious Traffic Before It Affects Critical Applications and Systems
WHITE PAPER FortiGate DoS Protection Block Malicious Traffic Before It Affects Critical Applications and Systems Abstract: Denial of Service (DoS) attacks have been a part of the internet landscape for
More informationChapter 12. Security Policy Life Cycle. Network Security 8/19/2010. Network Security
Chapter 12 Network Security Security Policy Life Cycle A method for the development of a comprehensive network security policy is known as the security policy development life cycle (SPDLC). Network Security
More informationFinal exam review, Fall 2005 FSU (CIS-5357) Network Security
Final exam review, Fall 2005 FSU (CIS-5357) Network Security Instructor: Breno de Medeiros 1. What is an insertion attack against a NIDS? Answer: An insertion attack against a network intrusion detection
More informationChapter 4 Firewall Protection and Content Filtering
Chapter 4 Firewall Protection and Content Filtering The ProSafe VPN Firewall 50 provides you with Web content filtering options such as Block Sites and Keyword Blocking. Parents and network administrators
More informationSECURITY FLAWS IN INTERNET VOTING SYSTEM
SECURITY FLAWS IN INTERNET VOTING SYSTEM Sandeep Mudana Computer Science Department University of Auckland Email: smud022@ec.auckland.ac.nz Abstract With the rapid growth in computer networks and internet,
More informationSecure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Operations and Denial of Service Secure Software Programming 2 Overview
More informationWHITE PAPER. An Introduction to Network- Vulnerability Testing
An Introduction to Network- Vulnerability Testing C ONTENTS + Introduction 3 + Penetration-Testing Overview 3 Step 1: Defining the Scope 4 Step 2: Performing the Penetration Test 5 Step 3: Reporting and
More informationWeb Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability
Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability WWW Based upon HTTP and HTML Runs in TCP s application layer Runs on top of the Internet Used to exchange
More informationNetwork Security. 1 Pass the course => Pass Written exam week 11 Pass Labs
Network Security Ola Lundh ola.lundh@hh.se Schedule/ time-table: landris.hh.se/ (NetwoSec) Course home-page: hh.se/english/ide/education/student/coursewebp ages/networksecurity cisco.netacad.net Packet
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationOverview. Firewall Security. Perimeter Security Devices. Routers
Overview Firewall Security Chapter 8 Perimeter Security Devices H/W vs. S/W Packet Filtering vs. Stateful Inspection Firewall Topologies Firewall Rulebases Lecturer: Pei-yih Ting 1 2 Perimeter Security
More informationVirtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN
Virtual private network Network security protocols COMP347 2006 Len Hamey Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Public internet Security protocol encrypts
More informationFirewalls Overview and Best Practices. White Paper
Firewalls Overview and Best Practices White Paper Copyright Decipher Information Systems, 2005. All rights reserved. The information in this publication is furnished for information use only, does not
More informationAn Introduction to Network Vulnerability Testing
CONTENTS Introduction 3 Penetration Testing Overview 4 Step 1: Defining the Scope 4 Step 2: Performing the Penetration Test 5 Step 3: Reporting and Delivering Results 6 VeriSign SecureTEST 7 Common Vulnerability
More informationA Decision Maker s Guide to Securing an IT Infrastructure
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose
More informationCS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013
CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationMedical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.
Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0 Page 1 of 9 Table of Contents Table of Contents... 2 Executive Summary...
More informationAchieving PCI Compliance Using F5 Products
Achieving PCI Compliance Using F5 Products Overview In April 2000, Visa launched its Cardholder Information Security Program (CISP) -- a set of mandates designed to protect its cardholders from identity
More informationHow To Secure Network Threads, Network Security, And The Universal Security Model
BUILDING AN UNIVERSAL NETWORK SECURITY MODEL Zahari Todorov Slavov, Valentin Panchev Hristov Department of Computer Systems and Technology, South-West University Neofit Rilski, Blagoevgrad, Bulgaria, e-mail:
More informationREPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB
REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB Conducted: 29 th March 5 th April 2007 Prepared By: Pankaj Kohli (200607011) Chandan Kumar (200607003) Aamil Farooq (200505001) Network Audit Table of
More informationNetwork Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion
Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann
More informationPayment Card Industry (PCI) Executive Report. Pukka Software
Payment Card Industry (PCI) Executive Report For Pukka Software Primary Contact: Brian Ghidinelli none Los Gatos, California United States of America 415.462.5603 Payment Card Industry (PCI) Executive
More informationPCI Security Scan Procedures. Version 1.0 December 2004
PCI Security Scan Procedures Version 1.0 December 2004 Disclaimer The Payment Card Industry (PCI) is to be used as a guideline for all entities that store, process, or transmit Visa cardholder data conducting
More informationKeyword: Cloud computing, service model, deployment model, network layer security.
Volume 4, Issue 2, February 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Emerging
More informationPayment Card Industry (PCI) Executive Report 08/04/2014
Payment Card Industry (PCI) Executive Report 08/04/2014 ASV Scan Report Attestation of Scan Compliance Scan Customer Information Approved Scanning Vendor Information Company: A.B. Yazamut Company: Qualys
More informationCOORDINATED THREAT CONTROL
APPLICATION NOTE COORDINATED THREAT CONTROL Interoperability of Juniper Networks IDP Series Intrusion Detection and Prevention Appliances and SA Series SSL VPN Appliances Copyright 2010, Juniper Networks,
More information