Network Security - PowerPoint PPT Presentation

1 / 25

About This Presentation

Title:

Network Security

Description:

A computer network is simply a system of ... As more and more people become networked, an increasing number of ... www.zonelabs.com. Intrusion ... – PowerPoint PPT presentation

Number of Views:63

Avg rating:3.0/5.0

Slides: 26

Provided by: chris878

Category:

more less

Transcript and Presenter's Notes

Title: Network Security

1
Network Security

Chris Jenkins MCSE CCNA

2
What is a Network

A computer network is simply a system of
interconnected computers.
How many are connected or how they're connected
is irrelevant.

3
What is Network Security

Network security is a complicated subject,
historically only tackled by well-trained and
experienced experts.
As more and more people become networked, an
increasing number of people need to understand
the basics of security in a networked world.
No single presentation can offer you a complete
understanding of network security, but we can
offer you resources to help you learn more.

4
THEY ARE OUT THERE

Threats to Computing Systems are
EVERYWHERE
And Increasing
EVERY DAY
Three major sources of vulnerabilities
1. Internal
2. Software
3. External

Internal Vulnerabilities
Software Vulnerabilities
External Vulnerabilities

6
Network Security through Risk Management

Every day individuals manage all types of risks,
some risks such as driving to work are deemed
acceptable while other higher risk activates may
be deemed unacceptable.
System Administrators, with the input of
management, should determine which risks are
acceptable and which are not.

7
Understanding the Security Extremes

The same risk management decisions we use for
everyday tasks can be applied when dealing with
network security.
The two extremes
Absolute Security Everything is so secure
nobody can access it.
Absolute Access Security is open and everyone
has access to everything.
The goal of network security through risk
management is to build a proper balance between
these two extremes.

8
Understanding the Threats

In order to access the risks you must first
understand the threats.
A threat can be defined as anything that could
affect network access.
Including but not limited to
Unauthorized access to network data
Inability to access network data
Access that has a negative affect on network
performance

9
Understanding the Threats

Unauthorized access to network data attacks
The goal of these attacks is to access some
resource that your machine should not provide the
attacker.
Who would want unauthorized access?
Crackers who want to execute commands illicitly
to prompt attacks against other systems.
Crackers employed by competitors to collect data,
or who just feel the need to make the data on
your network available to the public.
Thrill seeker crackers looking to make a
statement that they have breached your system
Destructive crackers employing data diddling or
data destruction techniques.

10
Understanding the Threats

Inability to access network data
DOS or denial of service attacks are used to keep
authorized users from accessing the network
resources.
Who would want to cause a denial of service?
Thrill crackers looking to show off.
Virus writers with a grudge
Competitors hoping to slow communications or
limits sales.

11
Understanding the Threats

Access that has a negative affect on network
performance
Performance threats include unauthorized
software, SPAM, spyware, and other items that
can slow or misuse network resources.
Who would cause a performance attack?
Unsuspecting users downloading what they think
are harmless applications.
SPAMMERS trying to sell goods

12
Mitigating the Risks

A critical step is to limit risks where possible.
Just as you would wear a seatbelt in your car to
reduce your risk while driving some basic
security techniques can be utilized to reduce
your network security risk.

13
Basic Security Techniques

Be aware of your environment
Keep your Operating systems and tools up-to-date
Always have current back-ups
Keep track of your data and dont put it where it
doesnt need to be
Avoid systems with a single point of failure
Watch for security advisories
Keep users informed of threats

14
Beyond the basics

Once you understand the threats and employ basic
security techniques its time to combine your
risk management with higher end security tools.
Considering security tools shouldnt be a matter
of Do we need security tools? but instead What
combination of security tools will best suit our
needs?.

15
Advanced Security Tools

Network Address Translation - NAT
Firewalls
Intrusion Detection Systems - IDS
Proxy Filters
Virus Scanners
SPAM Filters
Spyware Detectors

16
Network Address Translation

NAT is an Internet standard that enables a
local-area network (LAN) to use one set of IP
addresses for internal traffic and a second set
of addresses for external traffic.
NAT Provides
Provides a type of firewall by hiding internal IP
addresses
Enables a company to use more internal IP
addresses. Since they're used internally only,
there's no possibility of conflict with IP
addresses used by other companies and
organizations.

17
Firewalls

A system designed to prevent unauthorized access
to or from a private network.
Packet filter Looks at each packet entering or
leaving the network and accepts or rejects it
based on user-defined rules.
Application gateway Applies security mechanisms
to specific applications, such as FTP and Telnet
servers.
Circuit-level gateway Applies security
mechanisms when a connection is established. Once
the connection has been made, packets can flow
between the hosts without further checking.
Tools
www.all-internet-security.com/top_10_firewall_soft
ware.html
www.cisco.com
www.symantec.com
www.zonelabs.com

18
Intrusion Detection System

An intrusion detection system (IDS) inspects all
inbound and outbound network activity and
identifies suspicious patterns that may indicate
a network or system attack from someone
attempting to break into or compromise a system.
Passive system IDS detects a potential security
breach, logs the information and signals an
alert.
Reactive system IDS responds to the suspicious
activity by logging off a user or by
reprogramming the firewall to block network
traffic from the suspected malicious source.
Tools
www.snort.org
www.all-internet-security.com/top_10_IDS_software.
html

19
Proxy Filters

A server that sits between a client application,
such as a Web browser, and a real server. It
intercepts all requests to the real server to see
if it can fulfill the requests itself. If not, it
forwards the request to the real server.
Filter Requests Proxy servers can also be used
to filter requests. For example, a company might
use a proxy server to prevent its employees from
accessing a specific set of Web sites.
Tools
www.squid-cache.org
www.wingate.com
www.winproxy.com

20
Virus Scanners

A utility that searches a hard disk for viruses
and removes any that are found. Most antivirus
programs include an auto-update feature that
enables the program to download profiles of new
viruses so that it can check for the new viruses
as soon as they are discovered.
Tools
www.symantec.com
www.mcafee.com

21
Spam Filters

A utility that reviews incoming e-mail and checks
content against a defined rule set to define its
validity.
Tools
www.spamassassin.org
www.all-internet-security.com/top_10_antispam_filt
er.html

22
Spy Ware Detectors

Systems to detect and remove Spy Ware
www.mcafee.com
www.lavasoftusa.com
www.stopzilla.com CNET editors choice
www.spybot-spyware.com

23
Security Concepts in use

Even the most stringent security can be breached.
The best security tools are the simple ones.
Have good back-ups and a plan of action in case
you are hacked.
Using the most basic computer guidelines can
protect you from most script kiddies and
crackers.
Adding a combination of advanced security tools
strengthens your network while maintaining a
usable environment.
Remember the harder it is to get in the more
likely it is the crackers will just give up and
go away.

24
Security Resources on the Web