a seminar
DESCRIPTION
A SEMINAR. ON. NETWORK SECURITY. BY. ROHIT KAUL CS BITSPILANI. AGENDA. Introduction to Computer Networks. Uses and types. LANs , WANs , MANs. Protocols. Network Security….its need. CONTINUED. Security Areas……. Modes of attack …. Safeguarding the systems. - PowerPoint PPT PresentationTRANSCRIPT
1
A SEMINAR
ON
BY
ROHIT KAUL CS BITSPILANI
2
AGENDA
•Introduction to Computer Networks
•Uses and types
•LANs , WANs , MANs
•Protocols
•Network Security….its need
3
CONTINUED..
•Security Areas…….•Modes of attack …..•Safeguarding the systems..•Firewalls and other methods•Network Security.. a Hacker’s perspective
•Summary and conclusions...
4
COMPUTER NETWORK ????•Simply an interconnected collection of autonomous computers...•Internet and WWW not networks!!!
•Distributed system
USES•Primarily resource sharing….
5
TYPES
•LANs , MANs , WANs , Internet
PROTOCOLS•To reduce design complexity most networks are organised as layers…
•no of layers,names,contents and functions are network specific…..
6
Layer 5
Layer 3
Layer 2
Layer 1
Layer 5
Layer 4 Layer 4
Layer 3
Layer 2
Layer 1
Physical layer
Host 1 Host 2
Layern
protocol
7
•Infact a protocol is an agreement between the communicating parties on how communication is to proceed…..
•An analogy..
•Application layer,presentation,session,transport,network,datalink,physical layers…..
8
SECURITY-ISSUES
•NEED
•4 INTERWINED AREAS...
NETWORKING
PRIVACYAUTHENTICATION
INTEGRITY NON REPUDIATION
9
•PRIVACY
•Has to do with keeping info out of the hands of unauthorized users
•Encryption/Decryption
•Secret-key encryption/decryption
•public-key encryption/decryption
10
SECRET KEY METHOD
ADV/DISADV
11
PUBLIC KEY METHOD (eg RSA)
ADV/DISADV
12
•Authentication deals with whom u r talking to before revealing sensitive info
•Integrity control…..no manipulation in data { message received = message sent}
•Non repudiations …no impersonification
•( seeming sender=actual sender )
DIGITAL SIGNATURE
13
SIGNING THE DOCUMENT
HOW DOES IT PRESERVE ALL 3?
14
UNDER ATTACK!!!
•Denial Of Service (DOS)
mail bombing
spam relaying
smurfing
•Distributed Denial Of Service (DDOS)
•Intrusion attacks
15
•IP spoofing
•Malacious programs/scripts
• viruses and worms
• trojans
• vandals
and many more……..
16Denial of Service Loss of Integrity
BankCustomer
Deposit $1000 Deposit $ 100
Security Threats
Loss of Privacy
m-y-p-a-s-s-w-o-r-d d-a-n
telnet company.orgusername: danpassword:
Impersonation
I’m Bob.Send Me All Corporate
Correspondencewith Cisco.
Bob
CPUCPU
17
Protection Against Attacks
Against DOS/DDOS
•Simple call to perpetrator’s ISP•Configure procmail/sendmail
•Use spamassassin
Against intrusion
Encryption algorithms
18
Configure a Firewall….
What is a FIREWALL????
Analogy with non computer world!!
Basically a shield which protects systems from unreliable sources on the internet.
…it is a utility,listens to all the ports on the system to open a connection,if detects ..reacts acc to predefined rules.
19
•Allows only selected packets <pkt filter>….
•General Methods•Updating through patches,virus detection,password cracks,port scanners. etc•Shifting from windows to LINUX/UNIX
•Ckt gateways and relays...
20
21
IP ADDRESSES…
OUR IDENTITY ON THE NET…
32 bit, written normally as 4 decimal nos of 8 bit each < dotted-decimal notation>,,,eg 202.34.12.23
concepts of classes,netmask,subnetmask other notations,etc etc
22
FINDING OUT IP OF UR SYSTEM.?.
Connect to internet,launch MSDOSType netstat -n at the prompt
Active conections:
proto local address state
TCP 203.94.253.183:1025 ESTABLISHED
Ping,netstat,traceroute,WHOIS
23
FINDING IP OF A REMOTE SYSTEM
•Through instant messaging softwares
•Through HTTP and scripts
•Through internet relay Chat IRC
•Through e-mail headers
Most common method of getting ips is thru instant mesg softwares like MSN,ICQ,Y
24
ICQ
Xx.xx.xx.xx<---------------->yy.yy.yy.yy
MSN
Xx.xx.xx.xx----MSN server--yy.yy.yy.yy
Transfer file,and use netstat….
Prevention..don’t accept file transfer,use wingate???
25
IPS BY STUDYING EMAIL HEADERS
Return-path:<[email protected]>
received:from hotmail.com by jammu.bsnl.net.in
(8.9.1/1.1.20.3/5jun04-12:30p.m.)
-----------------------------------------------------
X-originating Ip:[202.15.109.174]
from:simran”<[email protected]>
-----------------------
26
GETTING IP USING IRC
/Whois nicknameofthevictim
/whois swordfish
swordfish is [email protected]*rohit koul
swordfish on #chatterz
swordfish using irc.net GlobalNAPs Quincy,MA
swordfish has been idle since………
swordfish…Endof/WHOIS list
27
I have the IP..so what???
First step sor any hacking attack…..
All those attacks discussed before can be implemented….
Apart from getting ip…other imp things..cracking softwares,banner grabbing,breaking encryptions,fingerprinting etc but...
28
Summary and conclusions
•U c I have left a lot untouched…
•hash functions,DES,blow fish,detailed desciption of RSA ,hacking methods etc
•it is nearly impossible to configure a firewall or create a network that’s 100% fool-proof without compromising on the services to b offered
29
Security Objective: Balance Business Needs with Risks
Access SecurityAuthentication
Authorization
Accounting
Assurance
Confidentiality
Data Integrity
Policy ManagementPolicy Management
Connectivity
Performance
Ease of Use
Manageability
Availability
30
31
ANY QUESTIONS?????