Network Security - ISA 656 Review



Similar documents
CSCI 454/554 Computer and Network Security. Final Exam Review

Network Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000

Protocol Security Where?

TIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

Network Access Security. Lesson 10

Securing IP Networks with Implementation of IPv6

WEB APPLICATION FIREWALLS: DO WE NEED THEM?

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats

Security vulnerabilities in the Internet and possible solutions

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

Application Security: Threats and Architecture

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

CSCI 454/554 Computer and Network Security. Topic 8.1 IPsec

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

Network Security. Network Security. Protective and Dependable. > UTM Content Security Gateway. > VPN Security Gateway. > Multi-Homing Security Gateway

The following chart provides the breakdown of exam as to the weight of each section of the exam.

Network Security Fundamentals

Chapter 17. Transport-Level Security

CYBERTRON NETWORK SOLUTIONS

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Business Phone Security. Threats to VoIP and What to do about Them

IPsec Details 1 / 43. IPsec Details

What is Web Security? Motivation

Chapter 7 Transport-Level Security

Firewalls, Tunnels, and Network Intrusion Detection

Network Security Essentials:

Cryptography and network security CNET4523

SHORT MESSAGE SERVICE SECURITY

Build Your Own Security Lab

Security Goals Services

1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding?

12/8/2015. Review. Final Exam. Network Basics. Network Basics. Network Basics. Network Basics. 12/10/2015 Thursday 5:30~6:30pm Science S-3-028

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT

Certified Ethical Hacker Exam Version Comparison. Version Comparison

NETWORK SECURITY (W/LAB) Course Syllabus

Secure Remote Monitoring of the Critical System Infrastructure. An Application Note from the Experts in Business-Critical Continuity

COSC 472 Network Security

Security + Certification (ITSY 1076) Syllabus

Content Teaching Academy at James Madison University

TLS and SRTP for Skype Connect. Technical Datasheet

Department of Computer & Information Sciences. CSCI-445: Computer and Network Security Syllabus

Transport Layer Security Protocols

Security issues with Mobile IP

How To Secure Wireless Networks

Network Security. Marcus Bendtsen Institutionen för Datavetenskap (IDA) Avdelningen för Databas- och Informationsteknik (ADIT)

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Chapter 10. Network Security

Certified Ethical Hacker (CEH)

CS Final Exam

Course Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits)

Networking: EC Council Network Security Administrator NSA

Why Security Matters. Why Security Matters. 00 Overview 03 Sept CSCD27 Computer and Network Security. CSCD27 Computer and Network Security 1

Security in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity

Web and Security 1 / 40

Network Security Part II: Standards

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

Security aspects of e-tailing. Chapter 7

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Defending Against Cyber Attacks with SessionLevel Network Security

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

Implementing Cisco IOS Network Security

TELE 301 Network Management. Lecture 18: Network Security

Special SCADA Overview (aka SCADA-Bowl )

EC-Council. Certified Ethical Hacker. Program Brochure

IP Security. Ola Flygt Växjö University, Sweden

Agenda. Taxonomy of Botnet Threats. Background. Summary. Background. Taxonomy. Trend Micro Inc. Presented by Tushar Ranka

IINS Implementing Cisco Network Security 3.0 (IINS)

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Network Security Essentials Chapter 5

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

Outline. INF3510 Information Security. Lecture 10: Communications Security. Communication Security Analogy. Network Security Concepts

A Network Administrator s Guide to Web App Security

Lecture 10: Communications Security

How To Secure A Voice Over Internet Protocol (Voip) From A Cyber Attack

CS 4803 Computer and Network Security

Securing Cisco Network Devices (SND)

Chap. 1: Introduction

Network Instruments white paper

CS5490/6490: Network Security- Lecture Notes - November 9 th 2015

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Where every interaction matters.

Barracuda Intrusion Detection and Prevention System

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

IBM Protocol Analysis Module

The Information Security Problem

WEBARROW: A CASE STUDY OF SECURE WEB DEPLOYMENT

Frost & Sullivan. Publisher Sample

CNT Computer and Network Security Review/Wrapup

Information Security Threat Trends

13 Ways Through A Firewall

Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

How To Protect Your Network From A Hacker Attack On Zcoo Ip Phx From A Pbx From An Ip Phone From A Cell Phone From An Uniden Ip Pho From A Sim Sims (For A Sims) From A

Transcription:

Network Security - ISA 656 Review Angelos Stavrou December 4, 2007

Material Test Conditions 7:20pm - 9:30pm, Thursday, Dec 11th, in the Lab (STI-128) Same style of questions as the midterm I m not asking you to write programs 2 / 31

Material Material Test Conditions If it s in my slides or I said it in class, you re responsible for it There may be some questions based on the Labs You re responsible for the assigned Labs and Homeworks at about the level of class coverage. 3 / 31

Test Conditions Material Test Conditions Open book Open notes, posted code, manuals, Labs... You can bring a calculator but save your energy; you won t need it No laptops, IM, Chatting, or phones... 4 / 31

Terminology Terminology Kinds of Threats Assets Confidentiality, integrity, availability Threats, attacks, and vulnerabilities 5 / 31

Kinds of Threats Terminology Kinds of Threats Assets Joy hackers Criminals Competitors Nation states Insiders 6 / 31

Assets Terminology Kinds of Threats Assets Protect what? Bandwidth, CPU, data, identity Attacker powers? 7 / 31

Ciphers Ciphers Public Key Certificates What is a cryptosystem? What is a block cipher? What are generic properties of block ciphers? What are the different modes of operation? What are their properties? When would you use each mode? What is a stream cipher? 8 / 31

Public Key Ciphers Public Key Certificates What is it? What is it good for? Limitations? How are public key systems used? Random numbers and where they come from Digital signatures 9 / 31

Certificates Ciphers Public Key Certificates Trust properties CAs Authorization versus identity certificates Web of trust Types of certificates Revocation 10 / 31

SSL SSL Web Certificates Browser Security Continuing Authentication Web Server Security Email Security Phishing Defenses What is SSL? Client authentication types Properties and requirements Uses Trust model 11 / 31

Web Certificates SSL Web Certificates Browser Security Continuing Authentication Web Server Security Email Security Phishing Defenses Root certificates The browser vendor s role Bindings Human factors 12 / 31

Browser Security SSL Web Certificates Browser Security Continuing Authentication Web Server Security Email Security Phishing Defenses Why is it a problem? Active content Javascript ActiveX 13 / 31

Continuing Authentication SSL Web Certificates Browser Security Continuing Authentication Web Server Security Email Security Phishing Defenses Cookies Embedded values Cryptographically sealing data 14 / 31

Web Server Security SSL Web Certificates Browser Security Continuing Authentication Web Server Security Email Security Phishing Defenses Why? Trust model Scripts and their dangers Injection attacks Permissions 15 / 31

Email Security SSL Web Certificates Browser Security Continuing Authentication Web Server Security Email Security Phishing Defenses Usual evaluation How to sign and encrypt? Details Threats: eavesdropping, password theft, spool file 16 / 31

Phishing SSL Web Certificates Browser Security Continuing Authentication Web Server Security Email Security Phishing Defenses What is it? How it s done Tracing 17 / 31

Defenses SSL Web Certificates Browser Security Continuing Authentication Web Server Security Email Security Phishing Defenses Mutual authentication Personalization DKIM Non-reusable credentials (MITM attacks; human factors) 18 / 31

Packet Processing Attacking What is, and why? ESP and AH SPI SAs Tunnel and transport mode 19 / 31

Packet Processing Packet Processing Attacking Outbound and inbound SPD and SADB Rule characteristics 20 / 31

Attacking Packet Processing Attacking Cut-and-paste attacks Probable plaintext Interactions with other layers 21 / 31

SSH SIP SSH SIP Networked storage 22 / 31

SSH SSH SIP Features Security model Client authentication Connection-forwarding SSH Agent 23 / 31

SIP SSH SIP SIP architecture What s at risk? Protecting voice versus signaling What type of crypto is used where Complex scenarios 24 / 31

What is IDS? What is IDS? Limits of Network IDS IDS Architecture Purpose Host versus network IDS Logs and traces 25 / 31

Limits of Network IDS What is IDS? Limits of Network IDS IDS Architecture Insertion and evasion attack Checksum errors TTLs TCP normalization 26 / 31

IDS Architecture What is IDS? Limits of Network IDS IDS Architecture Detector Database Analyzer Countermeasure Signature versus anomaly 27 / 31

Worms Worms Denial Routing Attacks Wireless Security Worms versus viruses Spread: program versus social engineering Payloads Spam Detection 28 / 31

Denial Worms Denial Routing Attacks Wireless Security Types of DOS attack TCP attacks DDoS Defenses 29 / 31

Routing Attacks Worms Denial Routing Attacks Wireless Security Why they happen Goals SBGP, SO-BGP 30 / 31

Wireless Security Worms Denial Routing Attacks Wireless Security Evil twin Battery lifetime WEP why the crypto is bad War-driving Access control 31 / 31

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information