Network Security Techniques

About This Presentation

Title:

Network Security Techniques

Description:

Network Security Techniques by Bruce Roy Millard Division of Computing Studies Arizona State University Bruce.Millard_at_asu.edu What is Network Security Hardware ... – PowerPoint PPT presentation

Number of Views:6570

Avg rating:3.0/5.0

Slides: 34

Provided by: dcsAsuEd

Category:

more less

Transcript and Presenter's Notes

Title: Network Security Techniques

1
Network SecurityTechniques

by
Bruce Roy Millard
Division of Computing Studies
Arizona State University
Bruce.Millard_at_asu.edu

2
What is Network Security

Hardware computers, routers, etc
Networks ethernet, wireless
Communication
Intruders
Mitigation

3
What is Network SecurityHardware

Workstation
Servers (and load balancers)
Printers (and other shared devices)
Routers/switches/hubs
Security devices (firewalls, IDS, etc)

4
What is Network SecurityNetworks

Connectivity
Ethernet (cable, DSL, TP, 1Gbps up)
Wireless (radio waves, 802.11?, satellite)
LAN, CAN, MAN, WAN, PAN
Internet

5
What is Network SecurityCommunication

E-mail
FTP
HTTP/HTML
Voice, video, teleconferencing
SSH/SCP

6
What is Network SecurityIntruders
7
What is Network SecurityIntruders

Eavesdroppers
Insertion
Hijacking
Spoofing
Denial of Service
Trojan horse software
Lurkers (viruses and worms)

8
What is Network SecurityMitigation

Prevent
Avoid
Detect
Assess
React

9
Security Goals

Privacy
Integrity
Non-repudiation
Trust relationships internal external
Authentication supports authorization
supports fine-grained access control

10
Security Model(Protection)

Assets - identify
Risks - characterize
Counter-measures - obtain
Policy create where no laws exist

11
Security Methods

Shields firewalls, virus scanners
Selective shields - access control (VPN)
Protocols IPsec, SSL/TLS
Intrusion Detection Systems
Training awareness
Redundancy backups, encryption,
hashes, digests

12
Prevention(Attempts)

Firewalls have holes
Virus Scanners behind the times
Physical Security
Know Fundamentals routing, IP, TCP, ARP,
DHCP, applications
Encryption PGP, SSH, SSL/TLS, Ipsec,
stenography, public key, symetric key
Patches windowsupdate, up2date, yum

13
Avoidance

Firewalls VPNs Ipsec, SSL,
access control
Host hardening personal firewalls, ssh,

iptables
Proxy servers squid (Web content cache)
Honeynets/honeypots - redirection

14
DetectionFeeds Avoidance

Vulnerability Scanning netstat, netview,
netmon, nmap,
Nessus
Network-based IDS snort, kismet, ACID,
tcpdump, ethereal,
windump,
netstumbler
Host-based IDS TCPwrappers, xinetd,
tripwire, logsentry,
portsentry
Web security, Cisco logs

15
Exploits

Password cracking WEP cracking
Denial of Service
OS typing null session, xmas tree, . . .
OS configuration sadmin password, . . .
Application holes buffer overflow, NFS,
rpc, netbios, BIND,
sendmail, CGI,etc
Dumpsec, pingwar, . . .

16
URLs of Interest

http//www.sans.org
http//www.giac.org
http//www.isc2.org
http//www.cissp.com

17
10 Domains of the CBK

Security Management Practices
Security Architecture and Models
Access Control Systems Methodology
Application Development Security
Operations Security
Physical Security
Cryptography
Telecommunications, Network, Internet Security
Business Continuity Planning
Law, Investigations, Ethics

18
NS Applications

netstat
tcpview
netmon
netstumbler

windump
nmap
ethereal
snortiquette

19
www.sans.org/top20(vulnerabilities)

Top Vulnerabilities to Windows Systems
W1 Web Servers Services
W2 Workstation Service
W3 Windows Remote Access Services
W4 Microsoft SQL Server (MSSQL)
W5 Windows Authentication
W6 Web Browsers
W7 File-Sharing Applications
W8 LSAS Exposures
W9 Mail Client
W10 Instant Messaging

20
www.sans.org/top20(vulnerabilities)

Top Vulnerabilities to UNIX Systems
U1 BIND Domain Name System
U2 Web Server
U3 Authentication
U4 Version Control Systems
U5 Mail Transport Service
U6 Simple Network Management Protocol (SNMP)
U7 Open Secure Sockets Layer (SSL)
U8 Misconfiguration of Enterprise Services
NIS/NFS
U9 Databases
U10 Kernel

21
(No Transcript)
22
(No Transcript)
23
(No Transcript)
24
(No Transcript)
25
(No Transcript)
26
(No Transcript)
27
(No Transcript)
28
(No Transcript)
29
(No Transcript)
30
(No Transcript)
31
(No Transcript)
32
(No Transcript)
33
(No Transcript)

Write a Comment

User Comments (0)

About PowerShow.com

Network Security Techniques - PowerPoint PPT Presentation

Network Security Techniques

Network Security Techniques by Bruce Roy Millard Division of Computing Studies Arizona State University Bruce.Millard_at_asu.edu What is Network Security Hardware ... – PowerPoint PPT presentation