Scribd
Upload
51 views29 pages

Network Security

The document provides an overview of network security. It discusses what security is, why it is needed, who is vulnerable, types of networks and threats. It covers areas of security weaknesses, hackers and methods of attack. It then discusses specific security attacks like firewalls, intrusion detection systems, IPsec, packet sniffing and social problems. It provides details on each of these topics and outlines countermeasures and elements of a comprehensive security program.

Uploaded by

MuhammadArsalan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
51 views29 pages

Network Security

The document provides an overview of network security. It discusses what security is, why it is needed, who is vulnerable, types of networks and threats. It covers areas of security weaknesses, hackers and methods of attack. It then discusses specific security attacks like firewalls, intrusion detection systems, IPsec, packet sniffing and social problems. It provides details on each of these topics and outlines countermeasures and elements of a comprehensive security program.

Uploaded by

MuhammadArsalan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 29

NETWORK

SECURITY
OVERVIEW
What is security?
Why do we need security?
Who is vulnerable?
Types of network
Threats
Areas of Security Weakness
Hackers & methods of attack

2
OVERVIEW

Backups, Encryption & Virus protection


Common security attacks and countermeasures
Firewalls
Intrusion Detection Systems
IP Sec
Packet Sniffing
Social Problems

3
What is Security
Definition says:

Freedom from risk or danger; something that


gives or assures SAFETY.

Freedom from doubt, anxiety, or fear;


CONFIDENCE.

4
What is Security

Security Attack: Any action that compromises


the security of information.
Security Mechanism: A mechanism that is
designed to detect, prevent, or recover from a
security attack.
Security Service: A service that enhances the
security of data processing systems and
information transfers. A security service
makes use of one or more security
mechanisms.
5
Why do we need security?

Protect vital info while still allowing access


to those who need it

Provide authentication and access control


for resources

Guarantee privacy and correct access

6
Who is vulnerable?

Govt and defense agencies


Contractors to various govt agencies
Financial institutions and banks
Internet service providers
Multinational corporations
ANYONE ON THE NETWORK

7
Types of Networks

LAN

Interconnected Networks

Heterogeneous Networks

Campus Metropolitan & WANs


8
Areas of Weakness

Easily guessed/leaked passwords


Poor login settings
Data with viruses
Poorly Implemented Firewalls
Loss of sys having imp data/info
Honey-trap or compromise

9
Hackers
One who seeks and exploits
weaknesses in a sys or network

An electronic sport

Use sophisticated tech to break into sys

Info useful for others

10
Hacker Motivations

Money, profit
Access to addn resources
Experimentation and desire to learn
Gang mentality
Psychological needs
Self-gratification
Personal vengeance
Desire to embarrass the tgt
11
Methods of attack

Phone attack (preachers)

Accts & pswd attack

Viruses & Trojan Horses

12
Methods of attack

Phone attack (preachers)

Accts & pswd attack

Viruses & Trojan Horses

14
Common security attacks and their
countermeasures

Finding a way into the network : FIREWALLS

Exploiting software bugs, buffer overflows : IDS

TCP hijacking : IP SEC

Packet sniffing : ENCRYPTION

Social problems : EDUCATION


15
Firewalls
A gp of components that collectively form a
barrier between two networks.
A firewall is like a castle with a drawbridge
Only one point of access into the network
This can be good or bad
Solution
Admin limits access to end hosts by using a
firewall
Firewall is kept up-to-date by admin
16
Firewalls

Outsider
Web server, email
server etc

Firewall
Firewall

Insider
17
Intrusion Detection Sys

Monitors network or sys activities for


malicious activities or policy violations and
produces reports to mgt stn.
Used to monitor for suspicious activity on
a network
Can protect against known software exploits
Uses intrusion signatures
Well known patterns of behaviour
18
IP Sec
Internet Protocol Security (IP Sec) is a protocol
suite for securing Internet Protocol (IP) comn by
authenticating and encrypting each IP packet of a
comn session.

IP Sec also includes protocols for establishing


mutual authentication between agents at the
beginning of the session and negotiation of
cryptographic keys to be used during the session.
Packet Sniffing
A packet sniffer simply captures all of the
packets of data that pass through a given
network interface.
Typically, it would only capture packets that
were intended for the machine in question.
However, if placed into random mode, the
packet sniffer is also capable of
capturing ALL packets traversing the network
regardless of destination.

20
Social Problems

People/Users can be just as dangerous as


unprotected computer systems
People can be lied to, manipulated, bribed,
threatened, harmed, tortured, etc. to give
up valuable info
Most humans will breakdown once they are
at the harmed stage, unless they have
been specially trained
21
Social Problems
Humans will continue to be tricked into giving out
information they shouldnt

Educating them may help a little here, but,


depending on how bad you want the info, there are a
lot of bad things you can do to get it

Implement a wide variety of solutions and more


closely monitor who has access to what network
resources and info

22
Countermeasures

Identification & authentication


Access Cont
Accountability & auditing
Accuracy
Reliabilty
Data Exchange

23
Countermeasures

Identification & authentication


Access Cont
Accountability & auditing
Accuracy
Reliabilty
Data Exchange

24
Backups

Physical loss of sys


Sys crash
Virus attack
Ensure non-corrupted backup
Reg backups
Safety of backups as well
25
Encryption

Cryptographic tech/the process of encoding


messages (or info) in such a way that others
(hackers) cannot read it, but that
authorized indl can.

Data remains pvt even after compromised

Encryption sys/software is protected &


secure
26
Virus Protection

Threat to network
Contact & spread
Monitor the telltale signs in network
Trg of users in handling antivirus
Re-infect capability
Ensure backups

27
Elements of a comprehensive
security program

Have Good Passwords


Use Good Antiviral Products
Use Good Cryptography
Have Good Firewalls
Have a Backup System
Audit and Monitor Systems and Networks
Have Training and Awareness Programs
Test Your Security Frequently
28
Conclusion
The Internet was not created with security in mind.
Comn can be altered, examined and exploited.
There is a growing need to protect private info
crossing the public networks that make up the Internet
infrastructure.
A network security policy, an auditing procedure, and a
violation response plan must all be in place to deal
with any breach or breakdown of network security
before it occurs.

Questions IF ANY.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy