NETE4630 Advanced Network Security and Implementation - PowerPoint PPT Presentation

Loading...

PPT – NETE4630 Advanced Network Security and Implementation PowerPoint presentation | free to download - id: 78755f-NTI2M



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

NETE4630 Advanced Network Security and Implementation

Description:

NETE4630 Advanced Network Security and Implementation Supakorn Kungpisdan supakorn_at_mut.ac.th – PowerPoint PPT presentation

Number of Views:52
Avg rating:3.0/5.0
Slides: 36
Provided by: Supak7
Learn more at: http://www.msit2005.mut.ac.th
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: NETE4630 Advanced Network Security and Implementation


1
NETE4630 Advanced Network Security and
Implementation
  • Supakorn Kungpisdan
  • supakorn_at_mut.ac.th

2
Course Descriptions
  • Lecture Sunday 12.30PM-3.30PM
  • Lab Sunday 3.30PM-6.30PM
  • Textbooks
  • M. Gregg et al., Hack the Stack Using SNORT and
    Ethereal to Master the 8 Layers of An Insecure
    Network, Syngress, 2006, ISBN 1-59749-109-8
  • http//www.msit.mut.ac.th/

3
Course Information (contd)
  • Evaluation
  • Quizzes 20
  • Assignment 10
  • Project 30
  • Final exam 40

4
Course Outline
  1. Extending OSI to Network Security
  2. Securing Physical Layer
  3. Securing Data Link Layer
  4. Securing Network Layer
  5. Securing Transport Layer
  6. Securing Session Layer
  7. Securing Presentation Layer
  8. Presentation1
  9. Securing Application Layer
  10. Securing People Layer
  11. Cryptanalysis
  12. Advanced Cryptographic Protocols
  13. Advanced Topic1 Mobile Payments
  14. Advanced topic2 Access Controls and
    Authentication
  15. Presentation2

5
Lab Works 30
  • Group projects
  • Check out the list of assigned security project
    during the lab class
  • A number of progresses must be reported
  • Project demonstration periodically
  • Submit a report of the project assigned

6
Task
  • Work in a group of 10 students
  • Spend 3 minutes on the following tasks
  • (3 students) draw a picture that you can think of
    before attending the class.
  • (2 students) as a security administrator, draw a
    picture that you can imagine what users look like
  • (3 students) draw a picture that represents an
    organization network with best security
    implementation
  • 2 student draw a picture that represents the IT
    Security manager of your organization

7
Extending OSI to Network Security
  • Lecture 1
  • Supakorn Kungpisdan
  • supakorn_at_mut.ac.th

8
Roadmap
  • OSI and People Layer
  • Mapping OSI to TCP/IP
  • Current State of IT Security

9
OSI Security
10
Roadmap
  • OSI and People Layer
  • Mapping OSI to TCP/IP
  • Current State of IT Security

11
People Layer
  • Social Engineering Attacks
  • Dumpster Diving
  • Attacks usually takes on one of the following
    angles
  • Diffusion of Responsibility I know the policy is
    not to give out passwords, but I will take
    responsibility for this
  • Identification We both work for the same
    company this benefits everyone
  • Chance for Ingratiation This is a win-win
    situation. The company is going to reward you for
    helping me in this difficult situation
  • Trust Relationships Although I am new here, I am
    sure I have seen you in the break room
  • Cooperation Together we can get this done
  • Authority I know what the policy is I drafted
    those policies and I have the right to change them

12
Application Layer
  • Traditional network applications are vulnerable
    to several attacks
  • FTP sniffing cleartext passwords
  • Telnet sniffing cleartext passwords
  • SMTP spoofing and spamming
  • DNS DNS poisoning
  • TFTP lack of session management and
    authentication
  • HTTP stateless connection
  • SNMP community strings are passed in cleartext
    and default community strings are well-known
  • SNMP version 3 offers encryption for more robust
    security

13
Session Layer
  • Windows NT LanMan (NTLM) is a Microsoft
    authentication protocol used with SMB (Server
    Message Block, used to share files in Windows
    network) protocol for MS remote access protocols
  • NTLM has a weak encryption (NTLM password can be
    cracked in less than 1 second)
  • To create an NTLM password
  • Password is stored in uppercase
  • Pad the password to 14 characters
  • Divided into seven character parts and hash them
  • Concatenate two hash values and store as a LAN
    Manager (LM) hash, which is stored in the SAM
    (Security Account Manager).
  • Session hijacking

14
Session Layer (cont.)
  • NetBIOS allows applications of different systems
    to communicate through the LAN
  • Hosts using NetBIOS systems identify themselves
    using a 15-character unique name.
  • NetBIOS is used in conjunction with SMB, which
    allows for the remote access of shared
    directories and files.
  • It also gives attackers the ability to enumerate
    systems and gather user names and accounts, and
    share information
  • Almost every script kiddie and junior league
    hacker has exploited the nbtstat, net view, then
    net use command
  • net use is used to map drive on Windows network

15
Transport Layer
  • UDP is connectionless it is vulnerable to DoS
    and easy to spoof
  • TCP allows hackers to gather information about
    targets
  • From illegal flag settings, NULL and XMAS, to
    SYN and RST, TCP helps attackers identify
    services and operating systems

16
Network Layer
  • IPv4 has no security services built in
  • Vulnerable to various attacks
  • Source routing
  • DoS
  • Idle scan (or IPID scan)
  • Smurf DoS attack on ICMP protocol
  • Convert channel on ICMP protocol using Loki
  • IPSec is now a component of IPv6

17
Data Link Layer
  • Address Resolution Protocol (ARP) resolves
    logical to physical addresses
  • Vulnerable to ARP Poisoning (Dsniff and Ettercap)
    and passive sniffing

18
Physical Layer
  • An open port in the conference room, or an unused
    office could be the foothold needed to breach the
    network or gain access to a server
  • If someone gains physical access to an item, they
    can control it.

19
Stack Attacks and Vulnerabilities
20
Countermeasure Found in Each Layer
  • Virus Scanners
  • PGP
  • S/MIME
  • Privacy Enhanced Mail (PEM)
  • SSH
  • SET
  • Terminal Access Controller Access Control System
    (TACACS)
  • Kerberos
  • SSL and TLS
  • Windows Sockets (SOCKS)
  • Secure RPC (S/RPC)
  • IPSec
  • PPTP
  • Challenge Handshake Authentication Protocol
    (CHAP)
  • Wired Equivalent Privacy (WEP)
  • Wi-Fi Protected Access (WPA)
  • Packet Filters
  • NAT
  • Fiber Cable
  • Secure Coding

21
Roadmap
  • OSI and People Layer
  • Mapping OSI to TCP/IP
  • Current State of IT Security

22
Physical Security
  • Egyptians used locks more than 2,000 years ago.
    It the information is important, it was carved in
    stone or later written on paper
  • The loss of information usually meant the loss of
    critical assets, because knowledge is power
  • Even when information was not in transit, many
    levels of protection were typically used to
    protect it
  • including guards, walls, dogs, motes, and fences

23
Communications Security
  • A means of communication security was found in
    the discovery of encryption
  • Skytale
  • ATBASH
  • In the ninth century, Abu al-Kindi published A
    Manuscript on Deciphering Cryptographic Messages
  • National Security Agency (NSA) became involved at
    the beginning of the twentieth century
  • William Frederick Friedman, on of the best
    cryptologists of all time, helped break Japanese
    cryptographic schemes

24
Signal Security
  • Coreless phone had no security. It is easy to
    intercept conversation
  • Early cell phones were also easily intercepted
  • TEMPEST program, a US-led initiative designed to
    develop shielding for equipment to make it less
    vulnerable to signal theft
  • Spread Spectrum technology improves security and
    reliability
  • Direct-sequence Spread Spectrum (DSSS)
  • Frequency-hopping Spread Spectrum (FHSS)

25
Computer Security
  • Computer Security is focused on secure computer
    operations
  • A number of access control models
  • Bell LaPadula model was designed to protect
    confidentiality of information
  • Clark Wilson model was the first integrity model
  • Separation of Duties subjects must access data
    through an application, and auditing is required

26
Computer Security (cont.)
  • Trusted Computing System Evaluation Criteria
    (TCSEC) known as Orange Book defines
    confidentiality of computer systems according to
    the following scales
  • A Verified Protection The highest security
    division
  • B Mandatory Security Has mandatory protection
    of the TCB
  • C Discretionary Protection Provides
    discretionary protection of the TCB
  • D Minimal Protection Failed to meet any of the
    standards of A, B, or C has to security controls

27
Network Security
  • Need for network security was highlighted by the
    highly successful attacks e.g. Nimda, CodeRed,
    and SQL Slammer
  • Such exploits highlight the need for better
    network security
  • Several tools have been deployed to prevent such
    attacks

28
Information Security
  • Only physical security, communication security,
    signal security, compute security, and network
    security are not enough to solve all security
    risks
  • Only when combined together and examined from the
    point of information security can we start to
    build a complete picture.

29
Information Security (cont.)
  • It also requires
  • senior management support,
  • good security policies,
  • risk managements,
  • employee training,
  • vulnerability testing,
  • patch management,
  • good code design, and so on

30
Vulnerability Testing
  • Vulnerability Testing includes a systematic
    examination of an organizations network,
    policies, and security controls
  • The purpose is to
  • determine the adequacy of security measures,
  • identify security deficiencies,
  • provide data from which to predict the
    effectiveness of potential security measures,
  • confirm the adequacy of such measures after
    implementation

31
Security Testing
  • Security Audits
  • Vulnerability Scanning
  • Ethical Hacks (Penetration Testing)
  • Stolen Equipment Attack
  • Physical Entry
  • Signal Security Attack
  • Social Engineering Attack

32
Security Testing (cont.)
  • Open Source Security Testing Methodology Manual
    (OSSTMM) divides security reviews into six key
    points
  • Physical Security
  • Internet Security
  • Information Security
  • Wireless Security
  • Communications Security
  • Social Engineering

33
Finding and Reporting Vulnerabilities
  • During security testing, it is necessary to keep
    management know about it. Do not let them know at
    the completion of the testing
  • Need to report findings before developing a final
    report
  • Focus on what is found and its potential impact,
    not on its solutions
  • People dont like to hear about problems
  • www.cert.org has developed a way to report
    anonymously at www.cert.org/reporting/vulnerabilit
    y_form.txt

34
Readings
  • Chapter 2 The Physical Layer, Hack-the Stack
  • James Messer, Secrets of Network Cartography A
    Comprehensive Guide to nmap, http//www.networkupt
    ime.com/nmap/index.shtml

35
Question?
  • Next week
  • Physical Layer Security
About PowerShow.com