12/8/2015. Review. Final Exam. Network Basics. Network Basics. Network Basics. Network Basics. 12/10/2015 Thursday 5:30~6:30pm Science S-3-028

Similar documents
CSCI 4250/6250 Fall 2015 Computer and Networks Security

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

Chapter 7 Transport-Level Security

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Firewalls, Tunnels, and Network Intrusion Detection

Chapter 17. Transport-Level Security

Chapter 10. Network Security

CSCI 454/554 Computer and Network Security. Final Exam Review

Security vulnerabilities in the Internet and possible solutions

Network Security Fundamentals

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Session Hijacking Exploiting TCP, UDP and HTTP Sessions

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

Transport Level Security

Network Access Security. Lesson 10

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

Client Server Registration Protocol

Linux Network Security

NETWORK SECURITY (W/LAB) Course Syllabus

Solution of Exercise Sheet 5

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

Protocol Rollback and Network Security

Security in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Chapter 4: Security of the architecture, and lower layer security (network security) 1

CSCI 454/554 Computer and Network Security. Topic 8.4 Firewalls and Intrusion Detection Systems (IDS)

Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP

Computer Networks. Secure Systems

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

CS5008: Internet Computing

Chapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols

Bit Chat: A Peer-to-Peer Instant Messenger

SSL/TLS. What Layer? History. SSL vs. IPsec. SSL Architecture. SSL Architecture. IT443 Network Security Administration Instructor: Bo Sheng

Chapter 8. Network Security

Network Security Essentials Chapter 5

CPS Computer Security Lecture 9: Introduction to Network Security. Xiaowei Yang

CSE/EE 461 Lecture 23

Authenticity of Public Keys

Security: Focus of Control. Authentication

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Computer security Lecture 9

Chapter 8 Network Security. Slides adapted from the book and Tomas Olovsson

Guide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Network Security Part II: Standards

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Real-Time Communication Security: SSL/TLS. Guevara Noubir CSU610

Computer Networks - CS132/EECS148 - Spring

CS 3251: Computer Networking 1 Security Protocols I

FIREWALLS. Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others

ΕΠΛ 674: Εργαστήριο 5 Firewalls

tcpcrypt Andrea Bittau, Dan Boneh, Mike Hamburg, Mark Handley, David Mazières, Quinn Slack Stanford, UCL

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace

True False questions (25 points + 5 points extra credit)

Network Security #10. Overview. Encryption Authentication Message integrity Key distribution & Certificates Secure Socket Layer (SSL) IPsec

Chapter 8 Security. IC322 Fall Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

IP address format: Dotted decimal notation:

Virtual Private Networks

Configuring Personal Firewalls and Understanding IDS. Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA

Midterm. Name: Andrew user id:

20-CS X Network Security Spring, An Introduction To. Network Security. Week 1. January 7

Secure Sockets Layer

8.2 The Internet Protocol

Introduction of Intrusion Detection Systems

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT

Outline. CSc 466/566. Computer Security. 18 : Network Security Introduction. Network Topology. Network Topology. Christian Collberg

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Web Security Considerations

Networking Test 4 Study Guide

1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet

Early Recognition of Encrypted Applications

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

Introduction to Computer Security

Part III-b. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Network-Oriented Software Development. Course: CSc4360/CSc6360 Instructor: Dr. Beyah Sessions: M-W, 3:00 4:40pm Lecture 2

Security Protocols/Standards

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli

ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας. University of Cyprus Department of Computer Science

Lab exercise: Working with Wireshark and Snort for Intrusion Detection

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Secure Socket Layer (SSL) and Transport Layer Security (TLS)

ELEN 689: Topics in Network Security: Firewalls. Ellen Mitchell Computing and Information Services 20 April 2006

General Network Security

OLD VULNERABILITIES IN NEW PROTOCOLS? HEADACHES ABOUT IPV6 FRAGMENTS

TLS and SRTP for Skype Connect. Technical Datasheet

Chapter 32 Internet Security

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

CSCE 465 Computer & Network Security

Internet Security Firewalls

CTS2134 Introduction to Networking. Module Network Security

Computer and Network Security Exercise no. 4

Department of Computer & Information Sciences. CSCI-445: Computer and Network Security Syllabus

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Load Balancing and Sessions. C. Kopparapu, Load Balancing Servers, Firewalls and Caches. Wiley, 2002.

Cornerstones of Security

Lecture 9 - Network Security TDTS (ht1)

Transcription:

Review Final Exam 12/10/2015 Thursday 5:30~6:30pm Science S-3-028 IT443 Network Security Administration Instructor: Bo Sheng True/false Multiple choices Descriptive questions 1 2 Network Layers Application layer Transport layer IP layer Data link layer TCP, UDP, IP, SSH, HTTP IP address, MAC address, TCP address? Port number Headers [ether net header [IP header [TCP header [Payload]]]] TCP / UDP TCP is reliable Acknowledgement, retransmission, discard duplicates, TCP 3-way handshake SYN, ACK, FIN 3 4 IP layer Routing (different paths) IP prefix, e.g., 12.34.158.0/24 Classful Addressing (Class A, B, C) Classless Inter-Domain Routing (CIDR) Private networks 10.0.0.0/8 (255.0.0.0) 172.16.0.0/12 (255.240.0.0) 192.168.0.0/16 (255.255.0.0) DNS Hierarchical name space Local DNS server / caching dig / dig -x Data link layer MAC address ARP messages / ARP table 5 6 1

true/false 192.168.x.x is not globally accessible. multiple choice Which of the following header may not contain destination s information: A. TCP header B. IP header C. Ethernet header D. All of above Encryption/Decryption Plaintext, ciphertext, key Secret key/symmetric key crypto Public key/asymmetric key crypto Hash function Compare TCP and UDP, and briefly describe their difference. 7 8 Secret key crypto Stream cipher (XOR) Block cipher (with padding) File size Public key crypto Public/private key pair Encryption/decryption (different keys) Sign/verify (digital signature) Much slower than secret key operations 9 10 Hash function One way transformation Collision resistance Applications Message digest/checksum File integrity Password In secret key encryption, the encrypted file s size may be smaller than the original file s. Which of the following gives the desired properties of hash functions? a. One-way property, that is, it s easy to reverse the hash computation, but computationally infeasible to compute the hash function itself. b. Collision free, that is, it s computationally infeasible to find two messages that have the same hash value. c. Only authorized parties can perform hash functions. 11 12 2

What s authentication User authentication Allow a user to prove his/her identity to another entity (e.g., a system, a device). Message authentication Verify that a message has not been altered without proper authorization. Threat Eavesdropping Password guessing Server database reading (compromised) 13 14 Challenge/response I m a challenge R H(K -, R) I m R Sig {R} Key Distribution Center If node A wants to communicate with node B A sends a request to the KDC The KDC securely sends to A: E KA (R AB ) and E KB (R AB, A) Certificate How do you know the public key of a node? Certification Authorities (CA) Everybody needs to know the CA public key The CA generates certificates: Signed(A, public-key, validity information) [ s public key is 876234] carol [Carol s public key is 676554] Ted & [ s public key is 876234] carol 15 16 Password guessing Online vs. offline Dictionary attack Password salt Assume and share a secret K -, what is the security flaw when they use the following protocol for to authenticate? I m, H(K - ) 17 18 3

IPsec Which layer Why we need it IP spoofing Payload modification Eavesdropping Two protocols / two modes Transport mode Host-to-host IPsec Tunnel mode Gateway-to-gateway IP header is encrypted 19 20 SSL Which layer Why we need it Think about https Main processes Negotiate cipher suites Authenticate servers Verify certificates IPsec / SSL Applying IPsec and SSL on the same data packet is redundant. Compare IPsec and SSL, and briefly describe their differences. 21 22 What are their roles Prevent vs. detect Firewall / IDS Firewall Packet filtering (stateless) vs. session filtering (stateful) iptables Firewall / IDS IDS Accuracy, e.g., false alarm TPR, FPR, TNR, FNR Misuse detection (signatures) Anomaly detection Host-based (e.g., aide) Network-based (e.g., snort) 23 24 4

Firewall IDS A stateless firewall on a server cannot limit the number of TCP connections per client. Explain the following snort rule and describe how to trigger the alert: alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80 (msg: Test attack"; content:"test_attack"; ) Describe the goal of the following firewall rule: iptables -A INPUT -p icmp -j DROP Compare host-based and network-based IDS, and briefly describe the difference. 25 26 Final Grade 27 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information