CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module



Similar documents
CS5008: Internet Computing

Network Concepts. IT 4823 Information Security Concepts and Administration. The Network Environment. Resilience. Network Topology. Transmission Media

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

CTS2134 Introduction to Networking. Module Network Security

Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Firewall

Linux Network Security

General Network Security

CMPT 471 Networking II

A S B

Firewalls, Tunnels, and Network Intrusion Detection

Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) :

Networking for Caribbean Development

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Network Security. Computer Security & Forensics. Security in Compu5ng, Chapter 7. l Network Defences. l Firewalls. l Demilitarised Zones

What is Firewall? A system designed to prevent unauthorized access to or from a private network.

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Firewall Firewall August, 2003

Chapter 8 Security Pt 2

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

Architecture. The DMZ is a portion of a network that separates a purely internal network from an external network.

Security Technology: Firewalls and VPNs

Intro to Firewalls. Summary

Security Issues with Distributed Web Applications

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

Proxy Server, Network Address Translator, Firewall. Proxy Server

Network Defense Tools

1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding?

Cornerstones of Security

Final exam review, Fall 2005 FSU (CIS-5357) Network Security

20-CS X Network Security Spring, An Introduction To. Network Security. Week 1. January 7

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT

Module 4 Protection of Information Systems Infrastructure and Information Assets. Chapter 6: Network Security

A Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.

7. Firewall - Concept

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

ΕΠΛ 674: Εργαστήριο 5 Firewalls

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

Network Security Fundamentals

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

CSCI 4250/6250 Fall 2015 Computer and Networks Security

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

Chapter 9 Firewalls and Intrusion Prevention Systems

Firewalls. Chapter 3

12. Firewalls Content

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

information security and its Describe what drives the need for information security.

8. Firewall Design & Implementation

Firewalls. CEN 448 Security and Internet Protocols Chapter 20 Firewalls

Firewalls for the Home & Small Business. Gordon Giles DTEC Professor: Dr. Tijjani Mohammed

Network Security: From Firewalls to Internet Critters Some Issues for Discussion

Firewall Design Principles

How To Protect Your Network From Attack From Outside From Inside And Outside

Firewalls. Ola Flygt Växjö University, Sweden Firewall Design Principles

Firewall. User Manual

CSE331: Introduction to Networks and Security. Lecture 12 Fall 2006

ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας. University of Cyprus Department of Computer Science

Security Technology White Paper

Chapter 4: Networking and the Internet

Firewalls. Ingress Filtering. Ingress Filtering. Network Security. Firewalls. Access lists Ingress filtering. Egress filtering NAT

Recommended IP Telephony Architecture

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

Network Security. by David G. Messerschmitt. Secure and Insecure Authentication. Security Flaws in Public Servers. Firewalls and Packet Filtering

Outline (Network Security Challenge)

Network Security. Chapter 3. Cornelius Diekmann. Version: October 21, Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik

TECHNICAL NOTE 01/02 PROTECTING YOUR COMPUTER NETWORK

Session Hijacking Exploiting TCP, UDP and HTTP Sessions

Firewalls. Basic Firewall Concept. Why firewalls? Firewall goals. Two Separable Topics. Firewall Design & Architecture Issues

OVERVIEW OF TYPICAL WINDOWS SERVER ROLES

SFWR ENG 4C03 Class Project Firewall Design Principals Arash Kamyab March 04, 2004

Steelcape Product Overview and Functional Description

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

What is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?

Reverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006

Description: Objective: Attending students will learn:

What would you like to protect?

Internet Firewall CSIS Internet Firewall. Spring 2012 CSIS net13 1. Firewalls. Stateless Packet Filtering

A typical router setup between WebSAMS and ITEd network is shown below for reference. DSU. Router

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

Fig : Packet Filtering

CS 356 Lecture 16 Denial of Service. Spring 2013

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

Chapter 8 Network Security

SE 4C03 Winter 2005 Firewall Design Principles. By: Kirk Crane

Security Type of attacks Firewalls Protocols Packet filter

Solution of Exercise Sheet 5

Proxies. Chapter 4. Network & Security Gildas Avoine

What is a Firewall? A choke point of control and monitoring Interconnects networks with differing trust Imposes restrictions on network services

Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 22 Firewalls.

Chapter 5. Figure 5-1: Border Firewall. Firewalls. Figure 5-1: Border Firewall. Figure 5-1: Border Firewall. Figure 5-1: Border Firewall

Secure Software Programming and Vulnerability Analysis

Certified Ethical Hacker Exam Version Comparison. Version Comparison

How To Protect A Database From Attack

Firewalls and Intrusion Detection

HP Certified Professional

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

Transcription:

CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human supervision Distance Opaqueness, hidden distance Routing diversity and fault tolerance 1-2 Sources of vulnerabilities Anonymity Many points of attack Sharing Complexity Unknown perimeter, expandability Unknown paths Users do not control routing! 1-3 Rev 1.1 1-1

Threat Precursors Port Scans open ports send responses to inquires. Depicts services, OS versions. Application fingerprinting (HTTP-80, SMTP-25, POP-110, FTP-21, ). Social engineering, reconnaissance. Eavesdropping, wiretapping. 1-4 Interesting Threats Protocol flaws Not as common any longer. Impersonation Spoofing Masquerade: host pretends to be a similar named one. Session hijacking: Intercepting and stealing the session. Man-in-the-middle: A third entity intrudes from the beginning of the session. Foiled by asymmetric cryptography. 1-5 Interesting Threats (2) Denial of Service (DOS) Transmission failure, connection flooding. Syn flood (losing handshake packets). Traffic redirection A corrupted router advertises best path. DNS attacks (Domain Name Server) BIND programs suffer from flaws, allowing for incorrect name-address mappings). Distributed DOS Trojan horses planted in multiple computers, each performs a DOS attack against the same target. 1-6 Rev 1.1 1-2

Threats to active code Cookies: What do they contain? Scripts CGI scripts encode communicated data. For example, %OA (EOL) instructs interpreter to accept next line as a new command http://www.t1.com/cgi-bin/qu?%oa/bin/cat/%20/etc/passwd Active Code Java 1.1 disabled code from writing on the disk. Subsequent versions relaxed the sandbox security. Hostile applets. Active X (Microsoft s response to Java). Crypto signatures of code. 1-7 Network Security Controls Architecture (segmentation) Encryption Virtual Private Networks Session keys established between the user and the target system s firewall. Encryption provides an encrypted tunnel. PKI and certificates SSH and SSL (secure sockets layer) encryption IP Sec, IP security protocol. Supports encryption in Internet traffic. 1-8 Distributed System Security Encryption valuable within the system boundaries. In a distributed system, secure access to data, programs and other resources is needed. Seamless access, regardless of the physical location. Access control mechanism must: Protecting access points. Authenticating network nodes. 1-9 Rev 1.1 1-3

Port Protection Authentication far more difficult for dial-ups. Any phone in the world is an access point. Automatic call-back Upon user identification, the line is broken. Computer calls back the user, using the table lookup for the number. Works for multiple registered numbers too. An easy way to establish 2-way authentication. 1-10 Port Protection (2) Differentiated access rights. Access to sensitive data allowed from safe houses (numbers) only. Silent modems Solve the systematic dial-up problem. Waits for the caller s modem to send the first tone. Authentication is still not addressed. 1-11 Firewalls Appeared in 90 s, but reflect reference monitor concepts from the 70 s. A firewall filters traffic at the network boundary. For performance reasons, usually runs on a dedicated device. Default deny vs. default permit. Specific policy can be defined by an admin. 1-12 Rev 1.1 1-4

Firewalls 1-13 Types of firewalls Packet filtering gateway (screening router). Statefull inspection firewall Application proxy Personal firewall Screening is simpler than proxying. 1-14 Packet filtering gateways Filters packets based on address or transport protocol information. Only IP address or port information screened. Packet filtering (screening) gateway Blocked network 1 Forged (inside) address HTTP, e-mail telnet Accepted network 2 1-15 Rev 1.1 1-5

Packet Filters A packet coveys the following information Source IP address and port Destination IP address and port Information about the protocol Error checking information 1-16 Statefull inspection firewall Can track the sequence of packages Instead of just individual ones. Can prevent unusual traffic patterns from unknown sites. 1-17 Application proxy Simulates application behavior to the outside world. 1-18 Rev 1.1 1-6

Application proxy (2) Implementation example 1-19 Personal firewalls Suitable for broadband home users. Protecting single workstation or small networks. Runs on the workstation itself (not in isolation). Blocks unwanted network traffic. Java applets, Active X, leakage of personal data, closes ports. Usually generate activity and access logs. May be combined with virus scanners. Provide reasonable protection. 1-20 Rules of use Firewall needs to control entire network perimeter, no unmediated connections. Protection for internal network only. Firewall is visible to outside world. Target to attacks. Provide layers of firewalls. No protection against packets that cross the perimeter! 1-21 Rev 1.1 1-7

Defense in depth Multiple LAN configurations Intermediate LAN Outmost network Internet Screening router Proxy 1-22 Rev 1.1 1-8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information