Network Security and Firewall 1



Similar documents
We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

Cornerstones of Security

Firewalls. CEN 448 Security and Internet Protocols Chapter 20 Firewalls

Security Technology: Firewalls and VPNs

Networking: EC Council Network Security Administrator NSA

What is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

What would you like to protect?

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

Firewall Configuration. Firewall Configuration. Solution Firewall Principles

Cryptography and network security

CS5008: Internet Computing

Firewalls. Ola Flygt Växjö University, Sweden Firewall Design Principles

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

NETWORK SECURITY (W/LAB) Course Syllabus

Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Firewall

NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

Internet Security Firewalls

SCP - Strategic Infrastructure Security

Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) :

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Firewall Introduction Several Types of Firewall. Cisco PIX Firewall

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Firewalls. Firewalls. Idea: separate local network from the Internet 2/24/15. Intranet DMZ. Trusted hosts and networks. Firewall.

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

Description: Objective: Attending students will learn:

Network Access Security. Lesson 10

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

Securing Cisco Network Devices (SND)

Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 22 Firewalls.

How To Protect Your Firewall From Attack From A Malicious Computer Or Network Device

Firewalls (IPTABLES)

Security + Certification (ITSY 1076) Syllabus

Chapter 7. Firewalls

12. Firewalls Content

SonicWALL PCI 1.1 Implementation Guide

Network Security Fundamentals

ΕΠΛ 674: Εργαστήριο 5 Firewalls

CMPT 471 Networking II

IINS Implementing Cisco Network Security 3.0 (IINS)

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

Security threats and network. Software firewall. Hardware firewall. Firewalls

Proxy Server, Network Address Translator, Firewall. Proxy Server

Internet Firewall CSIS Internet Firewall. Spring 2012 CSIS net13 1. Firewalls. Stateless Packet Filtering

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

Chapter 15. Firewalls, IDS and IPS

Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA

Linux Network Security

How To Pass A Credit Course At Florida State College At Jacksonville

Network Security Foundations

How To Set Up An Ip Firewall On Linux With Iptables (For Ubuntu) And Iptable (For Windows)

JK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA

Internet Security Firewalls

Network Security Administrator

Chapter 9 Firewalls and Intrusion Prevention Systems

Application Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

Internet infrastructure. Prof. dr. ir. André Mariën

Chapter 10. Network Security

Multi-Homing Dual WAN Firewall Router

Implementing Cisco IOS Network Security

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Intranet, Extranet, Firewall

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας. University of Cyprus Department of Computer Science

CSCE 465 Computer & Network Security

Chapter 4: Security of the architecture, and lower layer security (network security) 1

Implementing Cisco IOS Network Security v2.0 (IINS)

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Achieving PCI-Compliance through Cyberoam

FIREWALLS & CBAC. philip.heimer@hh.se

Network Defense Tools

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

ICANWK406A Install, configure and test network security

Contents Introduction xxvi Chapter 1: Understanding the Threats: Viruses, Trojans, Mail Bombers, Worms, and Illicit Servers

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli

CMSC 421, Operating Systems. Fall Security. URL: Dr. Kalpakis

Overview. Firewall Security. Perimeter Security Devices. Routers

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

How To Protect Your Network From Attack

Firewalls and Intrusion Detection

Prerequisites: Fundamentals of Networking, Knowledge of Operating Systems

Firewalls CSCI 454/554

SonicOS 5.9 / / 6.2 Log Events Reference Guide with Enhanced Logging

What is a Firewall? A choke point of control and monitoring Interconnects networks with differing trust Imposes restrictions on network services

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

Track 2 Workshop PacNOG 7 American Samoa. Firewalling and NAT

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

Transcription:

Department/program: Networking Course Code: CPT 224 Contact Hours: 96 Subject/Course WEB Access & Network Security: Theoretical: 2 Hours/week Year Two Semester: Two Prerequisite: NET304 Practical: 4 Hours/week General Objectives: 1 Explain the need for security. 2 Identify the various elements of an effective security policy. 3 Describe encryption and identify the main encryption methods used in intering. 4 To apply security principles, and identify a security attack. 5 Describe the principles for effective security, and give guidelines to create affective specific solution 6 To understand security issues with communication protocols 7 Identify firewall types and common firewall terminology. 8 Plan a firewall system that incorporates several levels of protection. 9 Deploy a firewall. 10 To Respond appropriately to a security breach, and to Identify security organizations that can help you in case your system is attacked Network Security and Firewall 1

11 111 Theoretical Content Objectives: 1) Explain the need for security. 1 Security concepts and standards. Network Security Background. Different types of Security? Practical Content Week /s Specific Learning Outcome Teachers Activities Resources Specific Learning Outcome Teachers Act ivies Resources TO understand: To Explains : Security concepts and standards The need for security Identify resources that need security. Identify the two general security threat types. List security standards and organization. Hacker Statistics. What is the Risk? Ability to: View and modify the default access control settings in Windows. Create an access control list for a Server. View the effects of hostile JavaScript in Netscape Navigator Configure execution control lists in Windows. Creating an Execution Control list for the SU command in Linux To explain how to modify access control settings in Windows environment default values. Show the student how to create an access control list for apache Server; and Viewing the effects of hostile JavaScript in Netscape Navigator Explaining how to configure execution control lists in Windows. Security Services. Security Mechanisms Additional Security Standards Creating an Execution Control list for the SU command in Linux The Myth of 100Percent Security. Attributes of an Effective Security Matrix. Know what you are trying to Protect. Who is the Threat? Objective: 2) Identify the various elements of an effective security policy. Network Security and Firewall 2

Week/s Specific Learning Outcome Teachers Activities Resources Specific Learning Outcome Teachers Act ivies Resources To understand: To explain: To implement: Set appropriate lab work to Security Concepts and Mechanisms. Elements of Security. address: The Security Policy. Security concept. What encryption does? Security concept, Encryption techniques. Authentication methods authentication methods, and Encryption Categories. access control. Encryption strength 2 Identification & authentication Authentication Methods. Specific authentication Techniques. Access Control List Understand Access Control (ACL) Execution Control List (ECL) Auditing The concept of auditing. Active Auditing Passive auditing Objectives: 3) Describe encryption and identify the main encryption methods used in intering. 3 The Encryption concepts Symmetrickey Encryption. Effective access control Help students in their practical work. Week /s Specific Learning Outcome Teachers Activities Resources Specific Learning Outcome Teachers Act ivies Resources To understand: To explain: The meaning of encryption. Reasons to Use Encryption Know the method to create trust Relationships. Rounds, Parallelization and Strong Encryption. Symmetric Algorithms Symmetric algorithms created by the RSA Security Corporation. Reviewing symmetric encryption algorithms. Using MD5sum to create checksums in Red Hat Linux. Installing PGP in windows 2000. Generating a key pair using PGP for windows 2000. Exporting and signing public keys using PGP for windows 2000. Exchanging encrypted messages using PGP for windows 2000. Explaining how to encrypt a file using Rijndael encryption algorithm. Show how t o use the MD5 utility and to verify if changes have been made to sensitive files and directories. Explain how installing PGP, and generating a key pair using PGP. Explain how trusting Network Security and Firewall 3

Hash Encryption Applied Encryption Processes Hash algorithms Secure Hash Algorithm Encryption Drives Secure Sockets Layer and Secure HTTP. Create a trust relationship using publickey cryptography. A list of specific forms of symmetric, asymmetric and hash encryption. Publickey encryption in windows 2000 and Linux. Encrypting files with PGP in windows 2000. Generating a key pair using gpg for Red Hat Linux. Exchanging and signing public keys in Linux. Encrypting and decrypting files using gpg. Creating a signature file. Signing files with gpg. Creating a key distribution center. relationship established using asymmetrickey encryption. Explaining how using PGP and outlook to send encrypted email, and how to use PGP to encrypt file. Explain how implement publickey cryptography using the GPG including with Red Hat Linux. Describe how exchange publickey with other computer, and how using PGP to encrypt a file to another public key computer. Explain how to create a signature file, then give it to your partner. You will then sign a document. The partner will then use your signature file to verify the document. Explain how export pgp signatures to your instructor s computer using FTP. Your instructor s computer will become a key distribution center. Objectives: 4) To apply security principles, and identify a security attack. To recognize: To describe specific types of Using web Cracker in Linux In this exercise student Network Security and Firewall 4

4 Different types of attacks Attacks categories. A BruteForce and Dictionary Attacks. System Bugs and Back Doors. Social Engineering and Nondirect Attacks. security attacks. To explain how to recognize specific attack incidents. To explain Dictionary base attack. To highlight and state possible system Bugs such as Buffer Overflow Common buffer overflow attacks To explain how social engineering and nondirect attacks function. and Windows 2000. Examining a buffer overflow attack. Sending fake Email. Installing Tribe Flood 2000. Analyzing an attack in progress. will work with a partner together to identify the steps necessary to wage a dictionary attack. Explain how to compile code onto a Linux This code exploits default installations of windows 2000. Explain how sending fake Email to your partner. Describe how to install TFN2K on Linux Explain how to analyze a UDP DOS attack as it occurs. Objectives: 5) To describe the principles for effective security, and give guidelines to create an effective and specific solution. Understand Common Security Describe the universal Exploiting and protecting Explain conducting a Principles. guidelines and principles Red Hat Linux singleboot physical attack against for effective Use an integrated Security strategy. mode. Red Hat Linux. 5 security. Identify Security Business Issues. Demonstrating how to Use universal guidelines Consider Physical Security to create effective specific Conducting a physical attack use the freeware Know Protocol Layers and Security. solutions. against a Windows 2000 windows NT change Server password utility to gain administrative access to a windows 2000 server. 6 Introduction TCP/IP Security Understand TCP/IP and Network Security. Understand the TCP/IP Suite and the OSI Reference Model. Describe the list of protocols that pass through a firewall. Identify potential threats at different layers of the TCP/IP stack. Enabling TCP/IP filtering on Windows 2000. Using a port listener on Windows 2000 to conduct a trace back. Show the student how to configure windows 2000 so that it will not accept connections on ports student specifies. Network Security and Firewall 5

Understand the Physical Layer Network Layer Transport Layer Application Layer Objectives: 6) To understand security issues with communication protocols. Describe how to use a simple port listener to determine the nature of the connections to your Student will work with a partner. Know what Securing Resources is. Explaining consistently Document and Executing arbitrary code in Explain how to Know TCP/IP Security Vulnerabilities. apply security principles. whiteboard Apache Server. manipulate a flawed CGI How implementing Security script into revealing 7 Describe secure TCP/IP Resources and Services. Securing a Windows 2000 sensitive information services, including HTTP Protecting services. and FTP. Web server. about its host. Protect against profiling. Describe how change Coordinate methods and Describe the importance Securing the FTP service. some of the system techniques. of testing and evaluating defaults in IIS. Protect services by changing systems and services. default settings. Remove unnecessary services Protecting TCP/IP Services. Specialized accounts. The Web server. White boar Securing IIS. Securing file Transfer Protocol (FTP) servers. 8 Simple Mail Transfer Protocol (SMTP) The Internet worm. The Melissa virus Email and virus scanning Networklevel email scanning Access control measures. Testing and Evaluating Testing existing systems Implementing New Systems and Settings. Security Testing Software Discuss security management applications, including scanners, system addons and log analysis. Document and whiteboard White boar Deploying simple scanners. Scanning systems using Red Hat Linux. Explain how to alter the default settings for your DTP server. Describe how deploy a simple scanner in windows 2000. Describe how using Red Hat Linux to scan systems. Network Security and Firewall 6

Objectives: 7) Identify firewall types and common firewall terminology. Know firewalls and Virtual Private Installing WinRoute in In this exercise all Networks. Describe the role a firewall Windows 2000. student and the teacher plays in a company s security Introduction to Access Control. will install WinRoute 9 policy. Definition and description of a configuring packet filtering onto their systems. The firewall. rules. teacher will install Role of firewall. Define common firewall WinRoute onto the Implement a company s terms. Using the ipchains command windows 2000 system security policy. Describe packetfiltering to create a personal firewall acting as a multihomed Create a choke point. rules. in Linux. router. Describe circuitlevel Log Internet activity. Explain how to use gateways and their features. Understanding Firewall Terminology WinRoute to restrict Packet Filter. access to ICMP packets Proxy Server and certain TCP and Network Address UDP port. Translation. NAT considerations. NAT and vendor terminology. Bastion host. Operating system hardening Securing and choke routers Demilitarized Zone (DMZ) Know Firewall Configuration Defaults. How creating Packet Filter Rules. Advantages and disadvantages of Packet Filter. Know how configuring proxy Servers. Recommending a proxyoriented firewall. Features and Advantages of Proxy server. 10 Understanding Remote Access and Virtual Private Networks (VPNs) Internet Protocol Security (IPSec) Security associations (SA) and Internet Key Exchange Configure an applicationlevel gateway. Explain Public Key Infrastructure (PKI) Using the iptables command to create a personal firewall in Linux. Configuring a proxy server in Windows 2000. Explain how to use the ipchains command to create packetfiltering rules for the system, and how to use iptables command to create Network Security and Firewall 7

(IKE). The PointToPoint Tunneling Protocol (PPTP). The layer 2 Tunneling Protocol (L2TP). Public Key Infrastructure (PKI) PKI standards. PKI terminology Certificates. Discuss the importance of public keys in regards to a Virtual Private (VPN). Explain the importance of IPSec in regards to IPv4. packetfiltering rules for the Describe how to configure WinRoute as a proxy server. Objectives: 8) Plan a firewall system that incorporates several levels of protection. Introducing Levels of Firewall Describe how to plan a All those Labs should led by Protection. firewall system that teacher Explain how to connect incorporates several Know basic Firewall Concepts. to the WinRoute service levels of protection. Firewall strategies and goals. running on a host, then 11 Building a Firewall. Describe all types of Creating an internal configure the service to Design Principles. firewall system design with WinRoute. create an internal and Types of bastion Hosts and their degrees of external. Singlehomed Bastion host security Establishing a packet filter. Describe how to use Multihomed Bastion host WinRoute to create a Singlepurpose Bastion host packet filter to forbid Internal Bastion host ICMP from being passed Hardware Issues from one to Operating system another. Services and daemons 12 Understanding Common Firewall Design Screening routers Screened host firewall ( singlehomed bastion ) Screened host firewall (dualhomed bastion ) Screened subnet firewall (demilitarized zone) Implement a packetfiltering firewall. Denying HTTP access. Configuring an FTP packetfiltering rule for a specific host. Teacher will create a rule that denies external Web access for all hosts. Teacher will create a rule that disables access for a specific host. 13 Putting It All Together Detecting and Distracting Hackers. Understand Proactive Detection. Explain how to customize a to manage hacker activity. Filtering zone transfers. Hardening the firewall Explain how investigate common packetfiltering issues. Explain how to create a Network Security and Firewall 8

Automated security scans. Login scripts. Automated audit analysis Checksum analysis. Understand how Distracting the Hacker. Dummy accounts. Dummy files Dummy Password files Know security tools Tripwires and automated checksums. Tripwire concerns Jails Understand how punishing the Hacker. Know the Methods Log traffic and send e mail messages. Conduct reverse scans. Drop the connection. Know the tool Sniffers Personal firewalls Route ipchains/iptables Portsentry Port Scan Attack detector (PSAD) Firedaemon Explain how to Implement proactive detection. Describe how distract hackers and contain their activity and how to set traps. Setting a logon tripwire script in Windows 2000. Using tripwire for Linux. tripwire for the administrator account that alerts a designated host every time an interactive logon occurs. Explain how to install and deploy the tripwire program in Linux. Understand what Problems with Retaliation. Objectives: 9) To Respond appropriately to a security breach, and to Identify security organizations that can help you in case your system is attacked. Understanding Incident Response. Subscribing to security Explain how to subscribe Know how planning for response. Explain the respond mailing lists. to respected security appropriately to a security Create a Response Policy. mailing lists. breach. Determining the accounts affected. 14 Identifying which files Subscribe to respected security alerting Network Security and Firewall 9

have been read,altered, or substituted. Tracing the hacker s activities in the Consulting audit logs. Determining if any permission have been reset. 15 Decide Ahead of Time. Document Everything Assess the Situation. Determine the scope of the breach Know Execute the Response Plan. Notify affected individuals. Notify the service provider. Notify Internet agencies organizations. Identify some of the security organizations that can help the student in case the system is attacked. White boar White boar Subscribing to security mailing lists. Explain how to subscribe to respected security mailing lists. Network Security and Firewall 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information