seminar (network security)

25
By Gaurav Dalvi Final Yr BTech Roll no:A43 Reg no:2011BCS501 Network Security

Upload: gaurav-dalvi

Post on 10-Jul-2015

387 views

Category:

Education


0 download

TRANSCRIPT

Page 1: Seminar (network security)

By Gaurav Dalvi

Final Yr BTech

Roll no:A43

Reg no:2011BCS501

Network Security

Page 2: Seminar (network security)

Why Security?

The Internet was initially designed for

connectivity.

Fundamental aspects of information must be

protected.

We can’t keep ourselves isolated from the

Internet.

Page 3: Seminar (network security)

Internet Evolution

•Different Ways to handle security as the Internet

Evolves.

Page 4: Seminar (network security)

Type Of Security

Computer Security

generic name for the collection of tools designed

to protect data and to thwart hackers

Network Security

measures to protect the data during the

transmission.

Internet Security

measure to protect the data during the

transmission over a collection of interconnected

networks.

Page 5: Seminar (network security)

Goals of Information Security

Page 6: Seminar (network security)

Attacks on Different Layers

Page 7: Seminar (network security)

Security on Different Layers

Page 8: Seminar (network security)

IP

IP is a network layer protocol.

This is a layer that allows the hosts to actually

“talk ” to each other.

IP has a number of very important features which

make it an extremely robust and flexible protocol.

Page 9: Seminar (network security)

Attacks on IP

Attacks exploits the fact that IP does not perform

a robust mechanism for authentication, which is

proving that the packet came from where it claims

it did.

This means that the host authentication must be

provided by higher layers.

Eg: IP Spoofing, IP Session hijacking.

Page 10: Seminar (network security)

TCP Attacks

Exploits TCP 3-way handshake.

Attacker sends a series of SYN packets without

replying with the ACK packet.

Finite queue size for incomplete connections.

Page 11: Seminar (network security)

TCP Attacks

Page 12: Seminar (network security)

DNS Cache Poisoning

Page 13: Seminar (network security)

Common Type of Attacks

Ping sweeps and port scans – reconnaissance.

Sniffing – capture packet as they travel through

the network.

Man in the Middle Attack – intercept messages

that are intended for a valid device.

Spoofing – set up a fake device and trick others

to send messages to it.

Hijacking – take control of a session.

Denial of Service (DoS) and Distributed DoS

(DDoS).

Page 14: Seminar (network security)

Trusted Network

Standard defensive-oriented technologies.

- Firewall – first line of defense.

- Intrusion Detection.

Built trust on the top of the TCP/IP infrastructure.

- Strong Authentication.

- Two factor authentication.

- something you have + something you

know.

- Public key Infrastructure.(PKI)

Page 15: Seminar (network security)

Firewall

A choke point of control and monitoring.

Interconnects networks with differing trust.

Imposes restrictions on network services.

only authorized traffic is allowed.

Auditing and controlling access.

can implement alarms for abnormal behavior.

Itself immune to penetration.

Provides perimeter defence.

Page 16: Seminar (network security)

Intrusion Detection System

An intrusion detection system (IDS) is a device

or software application that monitors network or

system activities for malicious activities or policy

violations and produces reports to a management

station. Some systems may attempt to stop an

intrusion attempt but this is neither required nor

expected of a monitoring system.

Host IDS.

Network IDS.

Page 17: Seminar (network security)

Access Control

Access Control – ability to permit or deny the use

of an object by a subject.

It provides 3 essential services (known as AAA):

- Authentication.(who can login)

- Authorization.(what authorized user can do)

- Accountability.(identifies what a user did)

Page 18: Seminar (network security)

Cryptography

Has evolved into a complex science in the field of

information security.

Encryption – process of transforming plaintext to

ciphertext using a cryptographic key.

Symmetric key cryptography.

- DES, 3DES, AES, etc.

Asymmetric key cryptography.

- RSA, Diffie-Hellman, etc.

Page 19: Seminar (network security)

Cryptography

Page 20: Seminar (network security)

Public key Infrastructure

Combines public key cryptography and digital

signatures to ensure confidentiality, integrity,

authentication, non-repudiation and access

control.

Digital Certificate – basic element of PKI; secure

credential that identifies the owner.

Basic Components:-

- Certificate Authority.

- Registry Authority.

- Repository.

- Archives.

Page 21: Seminar (network security)

Different Layers of Encryption

Page 22: Seminar (network security)

IPSec

Provides Layer 3 Security.

Tunnel or Transport mode.

- Tunnel mode(entire IP packet is encrypted)

- Transport mode (IPSec header is inserted into

the packet)

Combine different components:

- Security associations, Authentication headers

(AH), Encapsulating security payload (ESP),

Internet Key Exchange (IKE).

Page 23: Seminar (network security)

Security Management Loss Prevention.

Loss prevention focuses on what your critical assets

are and how you are going to protect them.

Security risk management.

Management of security risks applies the principles of

risk management to the management of security

threats.

Risk options.

Risk avoidance.

Risk reduction.

Risk spreading.

Risk transfer.

Risk acceptance.

Page 24: Seminar (network security)

Whois Database

Public network Management Database.

Tracks network Resources.

- IP addresses, ASN, reverse routing.

Records administrative info.

- Contacts(person/role), authorization(maintainer)

All members must register their resources in the

Whois database.

Must keep records up to date at all times.

Page 25: Seminar (network security)