network security
DESCRIPTION
TRANSCRIPT
![Page 1: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/1.jpg)
THE NEED FORTHE NEED FORNETWORK NETWORK SECURITYSECURITY
![Page 2: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/2.jpg)
PRESENTATION PRESENTATION OBJECTIVES:-OBJECTIVES:- Understand information security services
Be aware of vulnerabilities and threats
Realize why network security is necessary
What are the elements of a comprehensive security program
The
Nee
d fo
r W
eb S
ecur
ity
2
![Page 3: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/3.jpg)
TRENDS FOR TRENDS FOR INFORMATION :-INFORMATION :- More information is being created, stored, processed
and communicated using computers and networks
Computers are increasingly interconnected, creating new pathways to information assets
The threats to information are becoming more widespread and more sophisticated
Productivity, competitiveness, are tied to the first two trends Third trend makes it inevitable that we are increasingly
vulnerable to the corruption or exploitation of information
INFORMATION IS THE MOST VALUABLE ASSET INFORMATION IS THE MOST VALUABLE ASSET ..
The
Nee
d fo
r W
eb S
ecur
ity
3
![Page 4: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/4.jpg)
Information Security Information Security Services :-Services :-
Confidentiality Integrity Authentication Non repudiation Access Control Availability T
he N
eed
for
Web
Sec
urit
y
4
![Page 5: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/5.jpg)
Information Security Services Confidentiality
Maintaining the privacy of data
Integrity Detecting that the data is not tampered with
Authentication Establishing proof of identity
Non repudiation Ability to prove that the sender actually sent the data
Access Control Access to information resources are regulated
Availability Computer assets are available to authorized parties when
needed
The
Nee
d fo
r W
eb S
ecur
ity
5
SERVICES
![Page 6: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/6.jpg)
What Is The Internet?What Is The Internet?
The
Nee
d fo
r W
eb S
ecur
ity
6
![Page 7: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/7.jpg)
Why Is Internet Why Is Internet Security a Problem?Security a Problem? Security not a design consideration
Implementing change is difficult
Openness makes machines easy targets
Increasing complexity
The
Nee
d fo
r W
eb S
ecur
ity
7
![Page 8: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/8.jpg)
Common Network Common Network Security ProblemsSecurity Problems
Network eavesdroppingMalicious Data ModificationAddress spoofing (impersonation)
‘Man in the Middle’ (interception)Denial of Service attacksApplication layer attacks
The
Nee
d fo
r W
eb S
ecur
ity
8
![Page 9: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/9.jpg)
Security Incidents are Security Incidents are
IncreasingIncreasing:-:-
The
Nee
d fo
r W
eb S
ecur
ity
9
Sophistication of Hacker Tools
19901980
Technical Knowledge Required
High
Low 2000 -from Cisco Systems
![Page 10: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/10.jpg)
Problem is WorseningProblem is Worsening
The
Nee
d fo
r W
eb S
ecur
ity
10
60000
50000
40000
30000
20000
10000
19
88
19
89
19
90
19
91
19
92
19
93
19
94
19
95
19
96
19
97
19
98
19
99
20
00
20
01
Inte
r net
Secu
r ity
Vio
lat i
ons
Jerusalem
Tequila
Michelangelo
Good Times
Melissa & ILOVEYOU
Anna Kournikova
Code Red
Nimba
Badtrans
Source: CERT® Coordination Center Carnegie Mellon
![Page 11: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/11.jpg)
VIRUSESVIRUSES
Risk Threat Discovered Protection TROJ_SIRCAM.A New !! Latest
DATW32.Navidad 11/03/2000 11/06/2000 W95.MTX 8/17/20008/28/2000 W32.HLLW.QAZ.A 7/16/20007/18/2000 VBS.Stages.A 6/16/2000
6/16/2000 VBS.LoveLetter 5/04/20005/05/2000 VBS.Network 2/18/20002/18/2000 Wscript.KakWorm
12/27/1999 12/27/1999 W32.Funlove.409911/08/1999 11/11/1999 PrettyPark.Worm
6/04/1999 6/04/1999 Happy99.Worm1/28/1999 1/28/1999
The
Nee
d fo
r W
eb S
ecur
ity
11
![Page 12: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/12.jpg)
Consider that…Consider that…
90% of companies detected computer security breaches in the last 12 months
59% cited the Internet as the most frequent origin of attack
74% acknowledged financial losses due to computer breaches
85% detected computer viruses
Source: Computer Security Institute
The
Nee
d fo
r W
eb S
ecur
ity
12
![Page 13: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/13.jpg)
WHO ARE THE OPPONENTS?
49% are inside employees on the internal network
17% come from dial-up (still inside people)
34% are from Internet or an external connection to another company of some sort
The
Nee
d fo
r W
eb S
ecur
ity
13
HACKERS
![Page 14: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/14.jpg)
HACKER MOTIVATIONSHACKER MOTIVATIONS Money, profit Access to additional resources Experimentation and desire to
learn “Gang” mentality Psychological needs Self-gratification Personal vengeance Emotional issues Desire to embarrass the target
The
Nee
d fo
r W
eb S
ecur
ity
14
![Page 15: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/15.jpg)
The
Nee
d fo
r W
eb S
ecur
ity
15
Internet Security?Internet Security?
Malicious Code
Malicious Code
Viruses
Worms
Buffer Overflows
Buffer Overflows
Session Hijacking
Port Scanning
Trojans
Denial of ServiceSpoSpooofingfing
Replay Attack
Man-in-the-middle
![Page 16: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/16.jpg)
What Do People Do When They Hear All These?
Take the risks!
But there are solutions
Ignoring the situation is not one of them
The
Nee
d fo
r W
eb S
ecur
ity
16
![Page 17: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/17.jpg)
THE MOST COMMON THE MOST COMMON EXCUSESEXCUSES
So many people are on the Internet, I'm just a face in the crowd. No one would pick me out.
I'm busy. I can't become a security expert--I don't have time, and it's not important enough
The
Nee
d fo
r W
eb S
ecur
ity
17
No one could possibly be interested in my information
Anti-virus software slows down my processor speed too much.
I don't use anti-virus software because I never open viruses or e-mail attachments from people I don't know.
![Page 18: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/18.jpg)
SANS Five Worst Security SANS Five Worst Security Mistakes End Users MakeMistakes End Users Make
1. Opening unsolicited e-mail attachments without verifying their source and checking their content first.
2. Failing to install security patches-especially for Microsoft Office, Microsoft Internet Explorer, and Netscape.
3. Installing screen savers or games from unknown sources.
4. Not making and testing backups. 5. Using a modem while connected through a
local area network.
The
Nee
d fo
r W
eb S
ecur
ity
18
![Page 19: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/19.jpg)
SECURITY SECURITY COUNTERMEASURESCOUNTERMEASURES:-:-
THREE PHASE APPROACH
PROTECTION
DETECTION
RESPONSE
The
Nee
d fo
r W
eb S
ecur
ity
19
![Page 20: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/20.jpg)
ELEMENTS OF A ELEMENTS OF A COMPREHENSIVE SECURITY COMPREHENSIVE SECURITY PROGRAMPROGRAM
Have Good PasswordsUse Good Antiviral ProductsUse Good CryptographyHave Good FirewallsHave a Backup SystemAudit and Monitor Systems and
NetworksHave Training and Awareness
ProgramsTest Your Security Frequently
The
Nee
d fo
r W
eb S
ecur
ity
20
Principles
![Page 21: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/21.jpg)
CRYPTOGRAPHYCRYPTOGRAPHYNecessity is the mother of invention, and computer networks are the mother of modern cryptography.
Ronald L. Rivest
Symmetric Key Cryptography
Public Key Cryptography
Digital Signatures
The
Nee
d fo
r W
eb S
ecur
ity
21
![Page 22: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/22.jpg)
FirewallFirewall
The
Nee
d fo
r W
eb S
ecur
ity
22
Visible IP Address
InternalNetwork
PC Servers
Host
A system or group of systems that enforces an access control policy between two networks.
![Page 23: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/23.jpg)
The
Nee
d fo
r W
eb S
ecur
ity
23
![Page 24: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/24.jpg)
THANK YOUTHANK YOU
The
Nee
d fo
r W
eb S
ecur
ity
24
![Page 25: Network security](https://reader038.vdocuments.mx/reader038/viewer/2022103109/5467f569af7959925f8b4b55/html5/thumbnails/25.jpg)
The
Nee
d fo
r W
eb S
ecur
ity
25