Network Concepts. IT 4823 Information Security Concepts and Administration. The Network Environment. Resilience. Network Topology. Transmission Media



Similar documents
CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

CS5008: Internet Computing

Outline. CSc 466/566. Computer Security. 18 : Network Security Introduction. Network Topology. Network Topology. Christian Collberg

Network Security. Vorlesung Kommunikation und Netze SS 10 E. Nett

IP Networking. Overview. Networks Impact Daily Life. IP Networking - Part 1. How Networks Impact Daily Life. How Networks Impact Daily Life

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶

Post-Class Quiz: Telecommunication & Network Security Domain

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

General Network Security

Chapter 8 Security Pt 2

20-CS X Network Security Spring, An Introduction To. Network Security. Week 1. January 7

Chapter 8: Computer Networking. AIMS The aim of this chapter is to give a brief introduction to computer networking.

Linux Network Security

Network Security. Dr. Ihsan Ullah. Department of Computer Science & IT University of Balochistan, Quetta Pakistan. April 23, 2015

CYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

CompTIA Network+ (Exam N10-005)

CSCI 362 Computer and Network Security

Module 4 Protection of Information Systems Infrastructure and Information Assets. Chapter 6: Network Security

Networking Technology Online Course Outline

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

SY system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.

Network Security: A Practical Approach. Jan L. Harrington

The OSI and TCP/IP Models. Lesson 2

Lecture 9: Network Security Introduction

Local-Area Network -LAN

Security vulnerabilities in the Internet and possible solutions

Security Technology White Paper

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

JOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT. Test Code: 4514 Version: 01

Overview of computer and communications security

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities

WEB APPLICATION FIREWALLS: DO WE NEED THEM?

Network Security Fundamentals

Layered protocol (service) architecture

MANAGED SECURITY TESTING

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Computer Networks CS321

Computer Networking Networks

Session Hijacking Exploiting TCP, UDP and HTTP Sessions

3.1 TELECOMMUNICATIONS, NETWORKS AND THE INTERNET

Web Application Security Considerations

SECURITY FLAWS IN INTERNET VOTING SYSTEM

A S B

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

Firewalls. Test your Firewall knowledge. Test your Firewall knowledge (cont) (March 4, 2015)

Where every interaction matters.

1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet

Network Security. Computer Security & Forensics. Security in Compu5ng, Chapter 7. l Network Defences. l Firewalls. l Demilitarised Zones

How To Secure Network Threads, Network Security, And The Universal Security Model

CSCE 465 Computer & Network Security

CMPT 471 Networking II

SAST, DAST and Vulnerability Assessments, = 4

TYLER JUNIOR COLLEGE School of Continuing Studies 1530 SSW Loop 323 Tyler, TX

Potential Targets - Field Devices

1. Firewall Configuration

Chapter 1 Personal Computer Hardware hours

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

Communication Networks. MAP-TELE 2011/12 José Ruela

Firewall Firewall August, 2003

Core Syllabus. Version 2.6 C OPERATE KNOWLEDGE AREA: OPERATION AND SUPPORT OF INFORMATION SYSTEMS. June 2006

Detailed Description about course module wise:

Denial of Service. Tom Chen SMU

Firewall. User Manual

Telecommunications, Networks, and Wireless Computing

Network: several computers who can communicate. bus. Main example: Ethernet (1980 today: coaxial cable, twisted pair, 10Mb 1000Gb).

Introduction Chapter 1. Uses of Computer Networks

An Analysis of Security Mechanisms in the OSI Model

BASIC ANALYSIS OF TCP/IP NETWORKS

Introduction to computer networks and Cloud Computing

Villains and Voice Over IP

Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks

Network Simulation Traffic, Paths and Impairment

Agenda. Distributed System Structures. Why Distributed Systems? Motivation

NETWORKING TECHNOLOGIES

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Acquia Cloud Edge Protect Powered by CloudFlare

A Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.

DDoS Protection Technology White Paper

TCP/IP Security Problems. History that still teaches

Presented By: Holes in the Fence. Agenda. IPCCTV Attack. DDos Attack. Why Network Security is Important

Advanced Higher Computing. Computer Networks. Homework Sheets

Guide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP

Course Content: Session 1. Ethics & Hacking

CloudFlare advanced DDoS protection

Frequent Denial of Service Attacks

CONNECTING WINDOWS XP PROFESSIONAL TO A NETWORK

A Systems Engineering Approach to Developing Cyber Security Professionals

Data Communication Networks and Converged Networks

Overview of Computer Networks

1 Which network type is a specifically designed configuration of computers and other devices located within a confined area? A Peer-to-peer network

Basic Network Configuration

Computer Networks CCNA Module 1

Networks: IP and TCP. Internet Protocol

How To Write A Transport Layer Protocol For Wireless Networks

Eudemon8000 High-End Security Gateway HUAWEI TECHNOLOGIES CO., LTD.

Transcription:

IT 4823 Information Security Concepts and Administration March 17 Network Threats Notice: This session is being recorded. Happy 50 th, Vanguard II March 17, 1958 R.I.P. John Backus March 17, 2007 Copyright 2008 by Bob Brown Network Concepts Network: two or more computers connected by a communication medium Client-server: a network architecture with a few specialized servers (e.g. file servers, database servers, email servers) providing services to many client computers. Computers on a network are called hosts or nodes. Connections are called links. Resilience A system is resilient when it has few or no single points of failure. Also called fault-tolerant. The opposite of resilient is brittle. Large networks tend to be resilient at the center and brittle at the edges. The Network Environment Anonymity Automation Distance Opaqueness Path diversity Network Topology Arrangement of nodes in a shared medium environment Logical topology (data flow) Physical topology (cabling scheme) Concerns: Boundary Ownership Administrative control Transmission Media Bounded media Twisted pair wiring Coaxial cable Optical fiber Unbounded media Terrestrial radio Short-range (Bluetooth) Mid-range (wireless networks) Long-range (microwave) Satellite Infrared 1

Protocols Protocols are rules for communicating TCP/IP: Transmission Control Protocol / Internet Protocol; the basic transport protocol of the Internet. HTTP: Hypertext Transfer Protocol; the protocol of the World Wide Web. Uses TCP/IP for transport. So, TCP/IP is a lower level protocol and HTTP is a higher level protocol. The Idea of a Protocol Stack The Internet model is slightly different from and simpler than the OSI model. The OSI Model The Internet Model 7. Application Layer 6. Presentation layer 5. Session Layer 4. Transport Layer 3. Network Layer 2. Data Link Layer 1. Physical Layer SMTP, HTTP, telnet, etc. TCP or UDP Internet Protocol (IP) Ethernet, WAN protocols, etc. Addressing Physical addressing (MAC addressing) Part of the network interface Used for local connections Logical addressing (IP addressing) Inter-network or inter-segment traffic Routers Connect dissimilar networks or dissimilar address spaces Convert format of the message to correspond to the protocol of the other network Network traffic is specifically addressed to the router Connect LANs to wide-area networks Types of Networks Local area networks A department, building, or campus Short distances, small scope Often physically protected Wide area networks Tens to thousands of miles Single control Possibly less physically secure Internetworks: Networks of networks The Internet A Network of Networks A common address space A common name space A collection of common communication protocols 2

A Network of Networks Vulnerabilities Anonymity Many points of attack Sharing Complexity Ill-defined perimeter Unknown path (uncertain routing) Why People Attack Challenge Fame/fun Espionage Organized crime Ideology Grudges Hacktivism Cyberterrorism Intelligence Gathering Port scanning Fingerprinting of applications and operating systems Availability of documentation Social engineering Information exchange: Web sites and chats Threats in Transmission Wiretapping Passive Active Susceptibility Bounded Media Packet sniffers Inductive coupling Optical fiber Susceptibility Unbounded media Radio, satellite, etc. Theft of service Protocol Flaws Problems with protocol specifications TCP sequence numbers Email authentication Problems with implementation Buffer overflows Ping of death 3

Impersonation Guessing credentials Access to credentials, e.g. through wiretapping Circumventing authentication Attack unauthenticated targets Attack trust systems, e.g..rhosts and.rlogin Spoofing Attacks Masquerade: One host pretends to be another, as in phishing attacks. Session hijacking Man-in-the-middle attack Confidentiality Threats Mis-delivery Exposure through interception Traffic analysis Integrity Threats Forgery or falsification Format failures Protocol and implementation failures Man-in-the-middle attack Web Sites Defacement Buffer overflow Dot-dot-slash Application vulnerabilities Programming errors Writable file systems SQL injection Cross-site scripting Remote execution Availability Threats Transmission failure Connection flooding echo requests syn flood chargen Ping of death (flaw in MS TCP/IP) Smurf attack (ping to broadcast address) Teardrop (malformed fragmented packets) Distributed DoS 4

Availability Threats Traffic redirection: By announcing bogus routes using BGP By compromising DNS Cache poisoning Compromise hosts file Active ( Mobile ) Code Cookies Executable code JavaScript ActiveX Java A word about cryptographic signing Execution by file type, and hidden extensions Where Attacks Come From Accomplished attackers Private business Criminal gangs Governments? Script kiddies A Note on Developing Policy What assets are you trying to protect? What are the risks to those assets? How well does a proposed solution mitigate those risks? What other risks might the security controls cause? What are the costs and trade-offs of the proposed solutions? From Beyond Fear by Bruce Schneier Questions 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information