cisco networking academy chabot college elec 99.05 internet security introduction
Post on 08-Jan-2018
219 Views
Preview:
DESCRIPTION
TRANSCRIPT
CISCO NETWORKING ACADEMYCISCO NETWORKING ACADEMY
Chabot CollegeChabot College
ELEC 99.05ELEC 99.05Internet Security IntroductionInternet Security Introduction
CISCO NETWORKING ACADEMYCISCO NETWORKING ACADEMY
Internet SecurityInternet Security• TCP/IP and the internet were designed by
professionals with a common culture and cooperative goals.
• Today they are used by a wide range of persons with varying and sometimes malicious goals.
• The technology of TCP/IP does not assure user security.
• There are many points at which TCP/IP security can be compromised.
CISCO NETWORKING ACADEMYCISCO NETWORKING ACADEMY
Internet SecurityInternet Security• Security intrusions over the internet are
common.• The following slide shows 48 hours of intrusion
attempts against a DSL-connected PC…– Note that the probes come from all over the
world, including Romania.– Most of these attempts are from “script
kiddies” running a program on a PC to grind through a range of IP addresses.
CISCO NETWORKING ACADEMYCISCO NETWORKING ACADEMY
Probes Against DSL-Connected MachineProbes Against DSL-Connected Machine issueName intruderIp intruderName parameters Back Orifice ping 193.231.209.31 ppp31.fx.ro type=PING(1)&passwd=0x7A69&length=19&xid=0x4|0xD&iport=0x041A&vport=0x7A69 Back Orifice ping 193.226.61.246 ppp53.starnets.ro type=PING(1)&passwd=0x7A69&length=19&xid=0x0&iport=0x0404&vport=0x7A69 Back Orifice ping 193.230.162.163 type=PING(1)&passwd=0x7A69&length=19&xid=0xC&iport=0x0401&vport=0x7A69 Back Orifice ping 193.230.162.185 type=PING(1)&passwd=0x7A69&length=19&xid=0x0&iport=0x041F&vport=0x7A69 Back Orifice ping 193.230.162.80 type=PING(1)&passwd=0x7A69&length=19&xid=0x5&iport=0x040B&vport=0x7A69 Back Orifice ping 139.92.173.88 slip139-92-173-88.buk.ro.ibm.net type=PING(1)&passwd=0x7A69&length=19&xid=0x1|0x4&iport=0x040A&vport=0x7A69 SubSeven port probe 64.218.67.36 DEFAULT port=27374&name=Sub_7_2 SubSeven port probe 63.197.207.4 B-VANNOY-98WS port=27374&name=Sub_7_2 SubSeven port probe 63.198.106.43 REYNALDO port=27374&name=Sub_7_2 SubSeven port probe 200.40.59.146 r200-40-59-146.adinet.com.uy port=27374&name=Sub_7_2 DNS port probe 207.42.254.34 pinnacle.pinnaclenetwork.COM port=53 DNS port probe 24.6.48.235 cc750365-a.chmbl1.ga.home.com port=53 FTP port probe 62.226.25.215 p3EE219D7.dip.t-dialin.net port=21 FTP port probe 64.161.213.21 MODERN-IMAGES port=21 NetBIOS port probe 63.206.117.39 TED port=139 NetBIOS port probe 63.198.183.96 MONICA & LOUIE port=139 NetBIOS port probe 63.198.103.101 adsl-63-198-103-101.dsl.snfc21.pacbell.net port=139 NetBIOS port probe 63.198.217.105 JAY'SROOM port=139 PCAnywhere ping 63.198.176.9 adsl-63-198-176-9.dsl.snfc21.pacbell.net port=22 PCAnywhere ping 63.198.176.94 adsl-63-198-176-94.dsl.snfc21.pacbell.net port=5632 PCAnywhere ping 63.198.176.227 adsl-63-198-176-227.dsl.snfc21.pacbell.net port=5632 SOCKS port probe 63.22.60.176 2Cust48.tnt10.atl2.da.uu.net port=1080 TCP OS fingerprint 195.120.158.202 port=21&flags=3 TCP OS fingerprint 208.62.23.150 port=9704&flags=3 TCP OS fingerprint 24.13.154.175 c186232-a.aurora1.co.home.com port=21&flags=3 UDP port probe 205.188.153.108 fes-d012.icq.aol.com port=1062 UDP port probe 205.188.153.106 fes-d010.icq.aol.com port=1058 UDP port probe 205.188.153.105 fes-d009.icq.aol.com port=1654
CISCO NETWORKING ACADEMYCISCO NETWORKING ACADEMY
Security StrategiesSecurity Strategies• Use a NAT router to connect to DSL or
cable modem.• Use a software firewall for dial-up, DSL or
cable modem. – (e.g. Zone Alarm, from www.zonelabs.com -
free)• Read Steve Gibson’s excellent Shields-UP
site and follow his configuration advice. (free)
CISCO NETWORKING ACADEMYCISCO NETWORKING ACADEMY
Shields UPShields UP• Key ideas from Shields UP:
– As delivered, Windows is not secure when connected to the internet.
– The key problems can be fixed by a free reconfiguration.
– Free software firewalls are recommended.
CISCO NETWORKING ACADEMYCISCO NETWORKING ACADEMY
Shields UPShields UP• Here’s how windows protocol bindings are
delivered:
Layer 1&2
Layer 3
Higher Layers
CISCO NETWORKING ACADEMYCISCO NETWORKING ACADEMY
Shields UPShields UP• Binding these Microsoft network services to
TCP/IP creates security vulnerabilities!
ProblemBindings
CISCO NETWORKING ACADEMYCISCO NETWORKING ACADEMY
Shields UPShields UP• Here are the bindings needed for access to
the internet:
CISCO NETWORKING ACADEMYCISCO NETWORKING ACADEMY
Shields UPShields UP• The excellent Shields Up site tells you how to
do it!
• Bonus Credit Assignment - fix your home PC!
http://www.grc.com
top related