19-introduction to network security
TRANSCRIPT
![Page 1: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/1.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 1/32
![Page 2: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/2.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 2/32
By.P. Victer Paul
Dear,We planned to share our eBooks and project/seminar contents
for free to all needed friends like u.. To get to know about morefree computerscience ebooks and technology advancements incomputer science. Please visit....
http://free-computerscience-ebooks.blogspot.com/
http://recent-computer-technology.blogspot.com/
http://computertechnologiesebooks.blogspot.com/
Please to keep provide many eBooks and technology news forFREE. Encourage us by Clicking on the advertisement in theseBlog.
![Page 3: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/3.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 3/32
![Page 4: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/4.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 4/32
Intentional attacks on computing resources and networkspersist for a number of reasons
Complexity of computer software and newly emerginghardware and software combinations make computer and
the network susceptible to intrusion◦ It is difficult to thoroughly test an application for all
possible intrusions
![Page 5: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/5.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 5/32
1. Trojan horse programs2. Back door and remote administration programs3. Denial of service
4. Being an intermediary for another attack 5. Unprotected Windows shares6. Mobile code (Java, JavaScript, and ActiveX)7. Cross-site scripting8. Email spoofing9. Email-borne viruses10. Hidden file extensions11. Chat clients12. Packet sniffing
Source: CERT
![Page 6: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/6.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 6/32
Trojan horses are programs that are installed withoutthe knowledge of the user
Trojan horse programs can perform a wide variety of covert talks such as modifying and deleting files,
transmitting files to the intruder, installing programs,installing viruses and other Trojan horse programs etc.
![Page 7: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/7.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 7/32
Covert installation of remote administration programs
such as BackOrifice, Netbus and SubSeven
Such programs give remote access to the computer
from anywhere on the Internet
![Page 8: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/8.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 8/32
Client computer is used to launch mostly denial of
service attacks on other computers
An agent is usually installed using a Trojan horse
program to launch the denial of service attack on other
computers
![Page 9: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/9.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 9/32
Malicious code can be stored in protected Windows
share for propagation
![Page 10: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/10.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 10/32
Mobile codes in Java, JavaScript, and ActiveX canbe executed by a web browser is generally useful,but it can also be used to run malicious code on
the client computer. Disabling Java, JavaScript, and ActiveX fromrunning in the Web browser must be consideredwhen accessing websites that cannot be trusted
Email received in HTML format is also
susceptible to mobile code attack because it couldalso carry the mobile code
![Page 11: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/11.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 11/32
A malicious script can be sent and stored by a webdeveloper on a website to be downloaded by anunsuspecting surfer
When this website is accessed by a user, the script istransferred to the local web browser
Ways of acquiring malicious scripts include “followinglinks in web pages, email messages, or newsgroup, usinginteractive forms on an untrustworthy site, viewingonline discussion groups, forums, or other dynamicallygenerated pages where users can post text containingHTML tags” - CERT
![Page 12: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/12.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 12/32
Email “spoofing” tricks the user in believing that the
email originated from a certain user such as an
administrator although it actually originated from a
hacker
Such emails may solicit personal information such as
credit card details and passwords
Examining the email header may provide some
additional information about the origin of the email
![Page 13: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/13.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 13/32
Malicious code is often distributed through email as
attachments
Attachments must thus be opened with caution
![Page 14: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/14.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 14/32
An attachment may have a hidden file extension◦ Such files may execute the attachment
Examaple:◦ Downloader (MySis.avi.exe or
QuickFlick.mpg.exe)◦ VBS/Timofonica (TIMOFONICA.TXT.vbs)◦ VBS/CoolNote
(COOL_NOTEPAD_DEMO.TXT.vbs)◦ VBS/OnTheFly (AnnaKournikova.jpg.vbs)
In the above files, the hidden extension is .vbspertaining to an executable Visual Basic script
![Page 15: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/15.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 15/32
Internet chat applications such as instant messagingapplications and
Internet Relay Chat (IRC) involve the exchange of information including files that may contain malicious
executable codes The same caution that applies to email attachments
apply here as well
![Page 16: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/16.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 16/32
Packet sniffer programs capture the contents of packets that may include passwords and othersensitive information that could later be used forcompromising the client computer
For example, a sniffer installed on a cable modem inone cable trunk may be able to sniff the passwordfrom other users on the same trunk
Encryption of network traffic provides one of the
defenses against sniffing
![Page 17: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/17.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 17/32
![Page 18: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/18.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 18/32
Many businesses rely heavily on computers to
operate critical business processes
Individuals are using computers for tasks that
required confidentiality Advent of Internet has provided a physical path of
entry for every computer connected to the Internet
◦ An always connected broadband connection is
always vulnerable in this case
![Page 19: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/19.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 19/32
Providing security requires action on two fronts,namely the management and the technical frontsrespectively
The management aspect relates to organizational
policies and behavior that would address securitythreats and issues
The technical aspect relates to the implementation of hardware and software to secure access to computing
resources and the network
![Page 20: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/20.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 20/32
Best practice approach is to ensure secure behavior
The above can be done by established guidelines for
managing, addressing and rectifying security related
issues
![Page 21: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/21.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 21/32
Introduce security related hardware and software tosecure access to computers and computing resources
![Page 22: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/22.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 22/32
From an implementation point of view, the following aresome of the steps that could be taken to provide security
◦ Implement security patches and other updatespertaining to an operating system and other venerable
software such as the Internet Explorer◦ Install self-monitoring an anti-virus, anti-spam and anti-
hacker and pop-up blocker software
◦ Install a firewalls
◦
Use encryption wherever feasible All the approaches can be used to complement one
another
![Page 23: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/23.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 23/32
Security patches are issued by mainly the OS vendor
such as Microsoft to patch security holes as they arediscovered
Examples of self-monitoring software include anti-virus, spyware elimination, pop-up blocking, andanti-spam software
Both the security patches and the self-monitoringsoftware act at the local client level
![Page 24: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/24.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 24/32
Antivirus◦ Mcafee
Spyware elimination
Pop-up blocker
Anti-Spam
![Page 25: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/25.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 25/32
Firewalls are used for controlling access to thecomputing resources
In general, it acts at the network level controlling
network access to computing resources
Firewalls can be implemented in software as well as in
hardware
![Page 26: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/26.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 26/32
By encryption, the data can be made illegible to theintruder
It can be implemented at the network level as well as
the client level
For example, locally stored data can be encrypted and
the network traffic could equally well be encrypted
![Page 27: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/27.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 27/32
VPN
PKI
Digital Certificates
![Page 28: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/28.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 28/32
Firewalls and encryption will be discussed further inseparate modules under the section entitled “Network
Security”
![Page 29: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/29.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 29/32
firewall.com
firewall-net.com firewallguide.com
msdn.microsoft.com
winroute.com
tinysoftware.com sunsite.unc.edu
![Page 30: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/30.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 30/32
http:// www.howstuffworks.com http://www.microsoft.com
http://www.securityfocus.com
http://grace.com/us-firewalls.htm
http://www.kerio.com/us/supp_kpf_manual.html
http://www.broadbandreports.com/faq/security/2.5.1.
http://www.firewall-software.com
![Page 31: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/31.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 31/32
http://www.tlc.discovery.com/convergence/hackers/hackers.html
http://www.tuxedo.org/~esr/faqs/hacker-howto.html
http://www.iss.net/security_center/advice/Underground/Hacki
ng/Methods/Technical/ http://www.infosecuritymag.com/articles/march01/features4_b
attle_plans.shtml
http://www.nmrc.org/faqs/www/wsec09.html
http://www.microsoft.com/ . Tim Rains • Technical Lead • Networking Team
Q310099, "Description of the Portqry.exe Command-LineUtility"
![Page 32: 19-Introduction to Network Security](https://reader036.vdocuments.net/reader036/viewer/2022062504/577d24661a28ab4e1e9c61e1/html5/thumbnails/32.jpg)
8/3/2019 19-Introduction to Network Security
http://slidepdf.com/reader/full/19-introduction-to-network-security 32/32