networksecurity_2

8/7/2019 NetworkSecurity_2

1/18

NETWORK SECURITY

Presented By

Mohd WaseemB.Tech (CSE) IIT Gzb

04/06/11 1Mohd Waseem


2/18

2

Presentation Overview

What is security Why do we need security

Threats to Network

Threats:Malware

Common security attack and their countermeasure

Firewall Intrusion Detection System

Future enhancement

Conclusions
http://images.google.co.in/imgres?imgurl=http://i212.photobucket.com/albums/cc94/Dl4All/album3/Network-Security-Protector.jpg&imgrefurl=http://www.dl4all.com/search/Security%2BAdministrator%2BPro.html&usg=__exEKCH1_x9bRNx0QnRY0C0xR3cg=&h=252&w=256&sz=8&hl=en&start=22&itbs=1&tbnid=Q7SgyCYzFnnSNM:&tbnh=109&tbnw=111&prev=/images%3Fq%3Dthe%2Bbest%2Blogo%2Bon%2Bnetwork%2Bsecurity%26start%3D20%26hl%3Den%26sa%3DN%26gbv%3D2%26ndsp%3D20%26tbs%3Disch:1http://images.google.co.in/imgres?imgurl=http://i212.photobucket.com/albums/cc94/Dl4All/album3/Network-Security-Protector.jpg&imgrefurl=http://www.dl4all.com/search/Security%2BAdministrator%2BPro.html&usg=__exEKCH1_x9bRNx0QnRY0C0xR3cg=&h=252&w=256&sz=8&hl=en&start=22&itbs=1&tbnid=Q7SgyCYzFnnSNM:&tbnh=109&tbnw=111&prev=/images%3Fq%3Dthe%2Bbest%2Blogo%2Bon%2Bnetwork%2Bsecurity%26start%3D20%26hl%3Den%26sa%3DN%26gbv%3D2%26ndsp%3D20%26tbs%3Disch:1http://images.google.co.in/imgres?imgurl=http://i212.photobucket.com/albums/cc94/Dl4All/album3/Network-Security-Protector.jpg&imgrefurl=http://www.dl4all.com/search/Security%2BAdministrator%2BPro.html&usg=__exEKCH1_x9bRNx0QnRY0C0xR3cg=&h=252&w=256&sz=8&hl=en&start=22&itbs=1&tbnid=Q7SgyCYzFnnSNM:&tbnh=109&tbnw=111&prev=/images%3Fq%3Dthe%2Bbest%2Blogo%2Bon%2Bnetwork%2Bsecurity%26start%3D20%26hl%3Den%26sa%3DN%26gbv%3D2%26ndsp%3D20%26tbs%3Disch:1


3/18

04/06/11 3

What is Security

1. Freedom from risk or danger; safety. 2. Freedom from doubt, anxiety, or fear; confidence. 3. Something that gives or assures safety, as:

1. A group or department of private guards: Call buildingsecurity if a visitor acts suspicious.

2. Measures adopted by a government to prevent espionage,sabotage, or attack.

3. Measures adopted, as by a business or homeowner, toprevent a crime such as burglary or assault.

Mohd Waseem


4/18

04/06/11 4

Why do we need security?

Protect vital information while still allowingaccess to those who need it Trade secrets, medical records, etc.

Provide authentication and access control

for resources.

Mohd Waseem


5/18

THREATS TO NETWORK

SECURITY Attacks on Network Security

Active attack

Passive attack


6/18

Threats: MALWARE

Malware is Malicious Software -deliberately created and specifically

designed to damage, disrupt or destroy

network services, computer data andsoftware.

There are several types... Viruses:

Trojan Horses:

Worms:

6


7/18

Viruses:

Conceal

themselves

Infect computersystems

Replicate

themselves Deliver a payload

7


8/18

Trojan Horses:

Programs that contain hidden

functionality that can harm the

host computer and the data it

contains.

THs are not automatic replicators

- computer users inadvertently

set them off.

8


9/18

Worms:

Programs that are capable

of independently

propagating throughout acomputer network.

They replicate fast and

consume large amounts ofthe host computers

memory

9


10/18

Securing from Outside Attacks

SPAM and EMAIL VIRUS PROTECTION

Spam is: Unsolicited Bulk Email (UBE) Unsolicited means that the recipient has not granted verifiable

permission for the message to be sent. Bulk means that the message is sent as part of a larger collection of

messages, all having substantively identical content.

A message is Spam only if it is both Unsolicited and Bulk.

How do we Protect from Spam?

BrightMail (a Microsoft Partner) Content Filtering


C it tt k


11/1804/06/11 11

Common security attacks

and their countermeasures

Finding a way into the network Firewalls

Exploiting software bugs, buffer overflows Intrusion Detection Systems

Denial of Service IDS

TCP hijacking IPSec

Packet sniffing Encryption (SSL, HTTPS)

Social problems Education

Mohd Waseem


12/18

METHODS OF NETWORK

SECURITY

Encryption Methods Private key encryption - symmetric

cryptography

Public Key encryption - AsymmetricEncryption
http://images.google.co.in/imgres?imgurl=http://www.firewallyouth.org/Firewall%2520Logo.jpg&imgrefurl=http://www.firewallyouth.org/Events.htm&usg=__-HBGU8Am8LYE3NhPWcD1inE3B84=&h=255&w=800&sz=61&hl=en&start=37&itbs=1&tbnid=ifRVzOSzO-ICaM:&tbnh=46&tbnw=143&prev=/images%3Fq%3Dlogo%2Bof%2Bfirewall%26start%3D20%26hl%3Den%26sa%3DN%26gbv%3D2%26ndsp%3D20%26tbs%3Disch:1


13/1813

Firewalls

A firewall is like a castle with a drawbridge Only one point of access into the network

Typically used to protect internal networks fromexternal threats

Two basic types Filtering firewall

Application level firewall
http://images.google.co.in/imgres?imgurl=http://www.essoy.fi/files/logo_settings_firewall.jpg&imgrefurl=http://www.essoy.fi/%3Fpage%3Dproducts&usg=__q60mxLdfJ-ckJSt7tyX-nP0cjCU=&h=140&w=125&sz=11&hl=en&start=35&itbs=1&tbnid=cldiLSaxhr6xdM:&tbnh=93&tbnw=83&prev=/images%3Fq%3Dlogo%2Bof%2Bfirewall%26start%3D20%26hl%3Den%26sa%3DN%26gbv%3D2%26ndsp%3D20%26tbs%3Disch:1http://images.google.co.in/imgres?imgurl=http://www.firewallyouth.org/Firewall%2520Logo.jpg&imgrefurl=http://www.firewallyouth.org/Events.htm&usg=__-HBGU8Am8LYE3NhPWcD1inE3B84=&h=255&w=800&sz=61&hl=en&start=37&itbs=1&tbnid=ifRVzOSzO-ICaM:&tbnh=46&tbnw=143&prev=/images%3Fq%3Dlogo%2Bof%2Bfirewall%26start%3D20%26hl%3Den%26sa%3DN%26gbv%3D2%26ndsp%3D20%26tbs%3Disch:1http://images.google.co.in/imgres?imgurl=http://www.essoy.fi/files/logo_settings_firewall.jpg&imgrefurl=http://www.essoy.fi/%3Fpage%3Dproducts&usg=__q60mxLdfJ-ckJSt7tyX-nP0cjCU=&h=140&w=125&sz=11&hl=en&start=35&itbs=1&tbnid=cldiLSaxhr6xdM:&tbnh=93&tbnw=83&prev=/images%3Fq%3Dlogo%2Bof%2Bfirewall%26start%3D20%26hl%3Den%26sa%3DN%26gbv%3D2%26ndsp%3D20%26tbs%3Disch:1


14/1804/06/11 14

Firewalls

Intranet

Internet

Firewall

FTP server, email

server, etc

Mohd Waseem

I t i D t ti


15/18

Intrusion Detection

Systems

Firewalls allow traffic only to legitimatehosts and services

Traffic to the legitimate hosts/services canhave attacks CodeReds on IIS

Solution? Intrusion Detection Systems Monitor data and behavior Report when identify attacks



16/18

Future Enhancements

Physical Security

Biometrics

IP Cameras

Access Control



17/1817

Conclusions

New attacks crop up all the timeA firewall limits traffic between two networks

Crypto protects traffic in transit

It's important to build systems and networksin such a way that the user is not constantly

reminded of the security system around him.


18/18

Q&A


networksecurity_2

Documents