network security and firewalls
DESCRIPTION
Network Security and Firewalls. Lesson 1: What Is Security. Objectives. Define security Explain the need for network security Identify resources that need security Identify the two general security threat types List security standards and organizations. What Is Security?. LANs WANs VPNs - PowerPoint PPT PresentationTRANSCRIPT
Copyright © 2002 ProsoftTraining. All rights reserved.
Network Securityand Firewalls
Copyright © 2002 ProsoftTraining. All rights reserved.
Lesson 1:What Is Security
Objectives
• Define security• Explain the need for network security• Identify resources that need security• Identify the two general security threat types• List security standards and organizations
What Is Security?
• LANs• WANs• VPNs• Network perimeters
Hacker Statistics
• One of every five Internet sites has experienced a security breach
• Losses due to security breaches are estimated at $10 billion each year
• Intrusions have increased an estimated 50 percent in the past year
What Is the Risk?
• Categorizing attacks• Countering attacks systematically
The Myth of 100-Percent Security
• Security as balance• Security policies
Attributes of anEffective Security Matrix
• Allows access control• Easy to use• Appropriate cost of ownership• Flexible and scalable• Superior alarming and reporting
What You AreTrying to Protect
• End user resources• Network resources• Server resources• Information storage resources
Who Is the Threat?
• Casual attackers• Determined attackers• Spies
Security Standards
• Security services– Authentication– Access control– Data confidentiality– Data integrity– Nonrepudiation
• Security mechanisms– The Orange Book
Summary
Define security Explain the need for network security Identify resources that need security Identify the two general security threat types List security standards and organizations
Copyright © 2002 ProsoftTraining. All rights reserved.
Lesson 2:Elements of Security
Objectives
• Formulate the basics of an effective security policy
• Identify the key user authentication methods• Explain the need for access control methods• Describe the function of an access control
list
Objectives (cont’d)
• List the three main encryption methods used in internetworking
• Explain the need for auditing
Elements of Security
Audit Administration
Encryption Access Control
User Authentication
Corporate Security Policy
The Security Policy
• Classify systems• Prioritize resources• Assign risk factors• Define acceptable and unacceptable activities• Define measures to apply to resources• Define education standards• Assign policy administration
Encryption
• Encryption categories– Symmetric– Asymmetric– Hash
• Encryption strength
Authentication
• Authentication methods– Proving what you know– Showing what you have– Demonstrating who you are– Identifying where you are
SpecificAuthentication Techniques
• Kerberos• One-time passwords
Access Control
• Access Control List– Objects
• Execution Control List– Sandboxing
Auditing
• Passive auditing• Active auditing
Security Tradeoffsand Drawbacks
• Increased complexity• Slower system response time
Summary
Formulate the basics of an effective security policy
Identify the key user authentication methods Explain the need for access control methods Describe the function of an access control
list
Summary (cont’d)
List the three main encryption methods used in internetworking
Explain the need for auditing
Copyright © 2002 ProsoftTraining. All rights reserved.
Lesson 3:Applied Encryption
Objectives
• Create a trust relationship using public-key cryptography
• List specific forms of symmetric, asymmetric, and hash encryption
• Deploy PGP in Windows 2000 and Linux
Creating Trust Relationships
• Manually• Automatically
Rounds, Parallelizationand Strong Encryption
• Round– Discrete part of the encryption process
• Parallelization– Use of multiple processes, processors or
machines to work on cracking one encryption algorithm
• Strong encryption– Use of any key longer than 128 bits
Symmetric-KeyEncryption
• One key is used to encrypt and decrypt messages
SymmetricAlgorithms
• Data encryption standard
• Triple DES• Symmetric
algorithms created by RSA Security Corporation
• International Data Encryption Algorithm
• Blowfish • Twofish• Skipjack• MARS• Rijndael• Serpent• Advanced
Encryption Standard
Asymmetric Encryption
• Asymmetric-key encryption elements– RSA– DSA– Diffie-Hellman
Hash Encryption
• Signing• Hash algorithms
– MD2, MD4, and MD5– Secure hash algorithm
AppliedEncryption Processes
• E-mail• PGP and GPG• S-MIME• Encrypting drives• Web server encryption
Summary
Create a trust relationship using public-key cryptography
List specific forms of symmetric, asymmetric, and hash encryption
Deploy PGP in Windows 2000 and Linux
Copyright © 2002 ProsoftTraining. All rights reserved.
Lesson 4:Types of Attacks
Objectives
• Describe specific types of security attacks• Recognize specific attack incidents
Brute-Force andDictionary Attacks
• Brute-force attack– Repeated access attempts
• Dictionary attack– Customized version of brute-force attack
System Bugs and Back Doors
• Buffer overflow• Trojans and root kits
Social Engineeringand Nondirect Attacks
• Call and ask for the password• Fraudulent e-mail• DOS and DDOS attacks• Spoofing• Trojans• Information leakage• Hijacking and man-in-the-middle attacks
Summary
Describe specific types of security attacks Recognize specific attack incidents
Copyright © 2002 ProsoftTraining. All rights reserved.
Lesson 5:General
Security Principles
Objectives
• Describe the universal guidelines and principles for effective network security
• Use universal guidelines to create effective specific solutions
CommonSecurity Principles
• Be paranoid• Have a security
policy• No system stands
alone• Minimize damage• Deploy company-
wide enforcement
• Provide training• Integrate security
strategies• Place equipment
according to needs• Identify security
business issues• Consider physical
security
Summary
Describe the universal guidelines and principles for effective network security
Use universal guidelines to create effective specific solutions
Copyright © 2002 ProsoftTraining. All rights reserved.
Lesson 6:Protocol Layers
and Security
Objectives
• List the protocols that pass through a firewall
• Identify potential threats at different layers of the TCP/IP stack
TCP/IP andNetwork Security
• The Internet and TCP/IP were not designed around strong security principles
The TCP/IP Suite andthe OSI Reference Model
• Physical layer• Network layer• Transport layer• Application layer• Presentation layer• Session layer• Data link layer
TCP/IPPacket Construction
TCP Segment
Header Body
IP Datagram
Header Body
Ethernet Frames
Application Message: e-mail, FTP, Telnet
Header Body Trailer
Summary
List the protocols that pass through a firewall
Identify potential threats at different layers of the TCP/IP stack
Copyright © 2002 ProsoftTraining. All rights reserved.
Lesson 7:Securing Resources
Objectives
• Consistently apply security principles• Secure TCP/IP services• Describe the importance of testing and
evaluating systems and services• Discuss network security management
applications
Implementing Security
• Categorize resources and needs• Define a security policy• Secure each resource and service• Log, test, and evaluate• Repeat the process and keep current
Resources and Services
• Protecting services– Protect against profiling– Coordinate methods and techniques– Protect services by changing default
settings– Remove unnecessary services
ProtectingTCP/IP Services
• The Web Server– CGI scripts– CGI and programming
• Securing IIS• Additional HTTP servers• FTP servers
– Access control
Simple MailTransfer Protocol
• The Internet Worm• The Melissa virus• E-mail and virus scanning• Access control measures
Testing and Evaluating
• Testing existing systems
Security Testing Software
• Specific tools– Network scanners– Operating system add-ons– Logging and log analysis tools
Security and Repetition
• Understanding the latest exploits
Summary
Consistently apply security principles Secure TCP/IP services Describe the importance of testing and
evaluating systems and services Discuss network security management
applications
Copyright © 2002 ProsoftTraining. All rights reserved.
Lesson 8:Firewalls and
Virtual Private Networks
Objectives
• Describe the role a firewall plays in a company’s security policy
• Define common firewall terms• Describe packet-filtering rules• Describe circuit-level gateways• Configure an application-level gateway• Explain PKI• Discuss public keys and VPNs
The Roleof a Firewall
• Implement a company’s security policy• Create a choke point• Log Internet activity• Limit network host exposure
FirewallTerminology
• Packet filter• Proxy server• NAT• Bastion host• Operating system hardening• Screening and choke routers• DMZ
CreatingPacket Filter Rules
• Process– Packet filters work at the network layer of
the OSI/RM• Rules and fields
Packet Filter Advantages and Disadvantages
• Drawbacks• Stateful multi-layer inspection• Popular packet-filtering products• Using the ipchains and iptables
commands in Linux
ConfiguringProxy Servers
• Recommending a proxy-oriented firewall• Advantages and disadvantages
– Authentication– Logging and alarming– Caching– Reverse proxies and proxy arrays– Client configuration– Speed
Remote Access andVirtual Private Networks
• Virtual network perimeter• Tunneling protocols• IPsec• ESP• PPTP• L2TP
Public KeyInfrastructure (PKI)
• Standards– Based on X.509 standard
• Terminology• Certificates
Summary
Describe the role a firewall plays in a company’s security policy
Define common firewall terms Describe packet-filtering rules Describe circuit-level gateways Configure an application-level gateway Explain PKI Discuss public keys and VPNs
Copyright © 2002 ProsoftTraining. All rights reserved.
Lesson 9:Levels of
Firewall Protection
Objectives
• Plan a firewall system that incorporates several levels of protection
• Describe the four types of firewall systems design and their degrees of security
• Implement a packet-filtering firewall
FirewallStrategies and Goals
• Resource placement• Physical access points• Site administration• Monitoring tools• Hardware
Building a Firewall
• Design principles– Keep design simple– Make contingency plans
Types ofBastion Hosts
• Single-homed bastion host• Dual-homed bastion host• Single-purpose bastion hosts
– Internal bastion hosts
Hardware Issues
• Operating system• Services• Daemons
CommonFirewall Designs
• Screening routers• Screened host firewall (single-homed bastion)• Screened host firewall (dual-homed bastion)• Screened subnet firewall (demilitarized zone)
Summary
Plan a firewall system that incorporates several levels of protection
Describe the four types of firewall systems design and their degrees of security
Implement a packet-filtering firewall
Copyright © 2002 ProsoftTraining. All rights reserved.
Lesson 10:Detecting and
Distracting Hackers
Objectives
• Customize your network to manage hacker activity
• Implement proactive detection• Distract hackers and contain their activity• Set traps• Deploy Tripwire for Linux
Proactive Detection
• Automated security scans• Login scripts• Automated audit analysis• Checksum analysis
Distractingthe Hacker
• Dummy accounts• Dummy files• Dummy password files• Tripwires and automated checksums• Jails
Punishingthe Hacker
• Methods• Tools
Summary
Customize your network to manage hacker activity
Implement proactive detection Distract hackers and contain their activity Set traps Deploy Tripwire for Linux
Copyright © 2002 ProsoftTraining. All rights reserved.
Lesson 11:Incident Response
Objectives
• Respond appropriately to a security breach• Identify some of the security organizations
that can help you in case your system is attacked
• Subscribe to respected security alerting organizations
DecideAhead of Time
• Itemize a detailed list of procedures• Include the list in a written policy• Be sure all employees have a copy
Incident Response
• Do not panic• Document everything• Assess the situation• Stop or contain the activity• Execute the response plan• Analyze and learn
Summary
Respond appropriately to a security breach Identify some of the security organizations
that can help you in case your system is attacked
Subscribe to respected security alerting organizations
NetworkSecurity and Firewalls
What Is Security? Elements of Security Applied Encryption Types of Attacks General Security Principles Protocol Layers and Security
NetworkSecurity and Firewalls
Securing Resources Firewalls and Virtual Private Networks Levels of Firewall Protection Detecting and Distracting Hackers Incident Response