networksecurity_2
TRANSCRIPT
-
8/7/2019 NetworkSecurity_2
1/18
NETWORK SECURITY
Presented By
Mohd WaseemB.Tech (CSE) IIT Gzb
04/06/11 1Mohd Waseem
-
8/7/2019 NetworkSecurity_2
2/18
2
Presentation Overview
What is security Why do we need security
Threats to Network
Threats:Malware
Common security attack and their countermeasure
Firewall Intrusion Detection System
Future enhancement
Conclusions
http://images.google.co.in/imgres?imgurl=http://i212.photobucket.com/albums/cc94/Dl4All/album3/Network-Security-Protector.jpg&imgrefurl=http://www.dl4all.com/search/Security%2BAdministrator%2BPro.html&usg=__exEKCH1_x9bRNx0QnRY0C0xR3cg=&h=252&w=256&sz=8&hl=en&start=22&itbs=1&tbnid=Q7SgyCYzFnnSNM:&tbnh=109&tbnw=111&prev=/images%3Fq%3Dthe%2Bbest%2Blogo%2Bon%2Bnetwork%2Bsecurity%26start%3D20%26hl%3Den%26sa%3DN%26gbv%3D2%26ndsp%3D20%26tbs%3Disch:1http://images.google.co.in/imgres?imgurl=http://i212.photobucket.com/albums/cc94/Dl4All/album3/Network-Security-Protector.jpg&imgrefurl=http://www.dl4all.com/search/Security%2BAdministrator%2BPro.html&usg=__exEKCH1_x9bRNx0QnRY0C0xR3cg=&h=252&w=256&sz=8&hl=en&start=22&itbs=1&tbnid=Q7SgyCYzFnnSNM:&tbnh=109&tbnw=111&prev=/images%3Fq%3Dthe%2Bbest%2Blogo%2Bon%2Bnetwork%2Bsecurity%26start%3D20%26hl%3Den%26sa%3DN%26gbv%3D2%26ndsp%3D20%26tbs%3Disch:1http://images.google.co.in/imgres?imgurl=http://i212.photobucket.com/albums/cc94/Dl4All/album3/Network-Security-Protector.jpg&imgrefurl=http://www.dl4all.com/search/Security%2BAdministrator%2BPro.html&usg=__exEKCH1_x9bRNx0QnRY0C0xR3cg=&h=252&w=256&sz=8&hl=en&start=22&itbs=1&tbnid=Q7SgyCYzFnnSNM:&tbnh=109&tbnw=111&prev=/images%3Fq%3Dthe%2Bbest%2Blogo%2Bon%2Bnetwork%2Bsecurity%26start%3D20%26hl%3Den%26sa%3DN%26gbv%3D2%26ndsp%3D20%26tbs%3Disch:1 -
8/7/2019 NetworkSecurity_2
3/18
04/06/11 3
What is Security
1. Freedom from risk or danger; safety. 2. Freedom from doubt, anxiety, or fear; confidence. 3. Something that gives or assures safety, as:
1. A group or department of private guards: Call buildingsecurity if a visitor acts suspicious.
2. Measures adopted by a government to prevent espionage,sabotage, or attack.
3. Measures adopted, as by a business or homeowner, toprevent a crime such as burglary or assault.
Mohd Waseem
-
8/7/2019 NetworkSecurity_2
4/18
04/06/11 4
Why do we need security?
Protect vital information while still allowingaccess to those who need it Trade secrets, medical records, etc.
Provide authentication and access control
for resources.
Mohd Waseem
-
8/7/2019 NetworkSecurity_2
5/18
THREATS TO NETWORK
SECURITY Attacks on Network Security
Active attack
Passive attack
-
8/7/2019 NetworkSecurity_2
6/18
Threats: MALWARE
Malware is Malicious Software -deliberately created and specifically
designed to damage, disrupt or destroy
network services, computer data andsoftware.
There are several types... Viruses:
Trojan Horses:
Worms:
6
-
8/7/2019 NetworkSecurity_2
7/18
Viruses:
Conceal
themselves
Infect computersystems
Replicate
themselves Deliver a payload
7
-
8/7/2019 NetworkSecurity_2
8/18
Trojan Horses:
Programs that contain hidden
functionality that can harm the
host computer and the data it
contains.
THs are not automatic replicators
- computer users inadvertently
set them off.
8
-
8/7/2019 NetworkSecurity_2
9/18
Worms:
Programs that are capable
of independently
propagating throughout acomputer network.
They replicate fast and
consume large amounts ofthe host computers
memory
9
-
8/7/2019 NetworkSecurity_2
10/18
Securing from Outside Attacks
SPAM and EMAIL VIRUS PROTECTION
Spam is: Unsolicited Bulk Email (UBE) Unsolicited means that the recipient has not granted verifiable
permission for the message to be sent. Bulk means that the message is sent as part of a larger collection of
messages, all having substantively identical content.
A message is Spam only if it is both Unsolicited and Bulk.
How do we Protect from Spam?
BrightMail (a Microsoft Partner) Content Filtering
04/06/11 10Mohd Waseem
C it tt k
-
8/7/2019 NetworkSecurity_2
11/1804/06/11 11
Common security attacks
and their countermeasures
Finding a way into the network Firewalls
Exploiting software bugs, buffer overflows Intrusion Detection Systems
Denial of Service IDS
TCP hijacking IPSec
Packet sniffing Encryption (SSL, HTTPS)
Social problems Education
Mohd Waseem
-
8/7/2019 NetworkSecurity_2
12/18
METHODS OF NETWORK
SECURITY
Encryption Methods Private key encryption - symmetric
cryptography
Public Key encryption - AsymmetricEncryption
http://images.google.co.in/imgres?imgurl=http://www.firewallyouth.org/Firewall%2520Logo.jpg&imgrefurl=http://www.firewallyouth.org/Events.htm&usg=__-HBGU8Am8LYE3NhPWcD1inE3B84=&h=255&w=800&sz=61&hl=en&start=37&itbs=1&tbnid=ifRVzOSzO-ICaM:&tbnh=46&tbnw=143&prev=/images%3Fq%3Dlogo%2Bof%2Bfirewall%26start%3D20%26hl%3Den%26sa%3DN%26gbv%3D2%26ndsp%3D20%26tbs%3Disch:1 -
8/7/2019 NetworkSecurity_2
13/1813
Firewalls
A firewall is like a castle with a drawbridge Only one point of access into the network
Typically used to protect internal networks fromexternal threats
Two basic types Filtering firewall
Application level firewall
http://images.google.co.in/imgres?imgurl=http://www.essoy.fi/files/logo_settings_firewall.jpg&imgrefurl=http://www.essoy.fi/%3Fpage%3Dproducts&usg=__q60mxLdfJ-ckJSt7tyX-nP0cjCU=&h=140&w=125&sz=11&hl=en&start=35&itbs=1&tbnid=cldiLSaxhr6xdM:&tbnh=93&tbnw=83&prev=/images%3Fq%3Dlogo%2Bof%2Bfirewall%26start%3D20%26hl%3Den%26sa%3DN%26gbv%3D2%26ndsp%3D20%26tbs%3Disch:1http://images.google.co.in/imgres?imgurl=http://www.firewallyouth.org/Firewall%2520Logo.jpg&imgrefurl=http://www.firewallyouth.org/Events.htm&usg=__-HBGU8Am8LYE3NhPWcD1inE3B84=&h=255&w=800&sz=61&hl=en&start=37&itbs=1&tbnid=ifRVzOSzO-ICaM:&tbnh=46&tbnw=143&prev=/images%3Fq%3Dlogo%2Bof%2Bfirewall%26start%3D20%26hl%3Den%26sa%3DN%26gbv%3D2%26ndsp%3D20%26tbs%3Disch:1http://images.google.co.in/imgres?imgurl=http://www.essoy.fi/files/logo_settings_firewall.jpg&imgrefurl=http://www.essoy.fi/%3Fpage%3Dproducts&usg=__q60mxLdfJ-ckJSt7tyX-nP0cjCU=&h=140&w=125&sz=11&hl=en&start=35&itbs=1&tbnid=cldiLSaxhr6xdM:&tbnh=93&tbnw=83&prev=/images%3Fq%3Dlogo%2Bof%2Bfirewall%26start%3D20%26hl%3Den%26sa%3DN%26gbv%3D2%26ndsp%3D20%26tbs%3Disch:1 -
8/7/2019 NetworkSecurity_2
14/1804/06/11 14
Firewalls
Intranet
Internet
Firewall
FTP server, email
server, etc
Mohd Waseem
I t i D t ti
-
8/7/2019 NetworkSecurity_2
15/18
Intrusion Detection
Systems
Firewalls allow traffic only to legitimatehosts and services
Traffic to the legitimate hosts/services canhave attacks CodeReds on IIS
Solution? Intrusion Detection Systems Monitor data and behavior Report when identify attacks
04/06/11 15Mohd Waseem
-
8/7/2019 NetworkSecurity_2
16/18
Future Enhancements
Physical Security
Biometrics
IP Cameras
Access Control
04/06/11 16Mohd Waseem
-
8/7/2019 NetworkSecurity_2
17/1817
Conclusions
New attacks crop up all the timeA firewall limits traffic between two networks
Crypto protects traffic in transit
It's important to build systems and networksin such a way that the user is not constantly
reminded of the security system around him.
-
8/7/2019 NetworkSecurity_2
18/18
Q&A
04/06/11 18Mohd Waseem