lecture-11-12 presented by: mazhar hussain · lecture-11-12 presented by: mazhar hussain. topics of...
TRANSCRIPT
![Page 1: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/1.jpg)
SECURITY ISSUES IN NETWORKS
WITH INTERNET ACCESS
Lecture-11-12
Presented by: Mazhar Hussain
![Page 2: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/2.jpg)
Topics of Discussion
• Principles for secure networking
• Internet Vulnerabilities
• Security building blocks
![Page 3: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/3.jpg)
Internet Security
• Why do we need to study security in the
internet? Here are some reasons …– Computer networks have lots of vulnerabilities and
threats
– A hacker can log into my machine remotely and destroy
the information
– A malicious program can wipe out data on hundreds of
computers causing huge losses
![Page 4: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/4.jpg)
Principles for Secure Networking
• Questions to consider
– What are we trying to protect?
– What operations are authorized?
– What is security parameter?
![Page 5: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/5.jpg)
Principles continued…
• Know the configuration of the network hardware
and software
• Know the vulnerabilities of the configuration
• Know the threats and consider it in relation to the
vulnerabilities to asses the risk
• Authenticate and authorize the accessto network
resources
![Page 6: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/6.jpg)
Principles Continued..
• Maintain audit logs
• Have a plan to detect and respond to security
incidents
• Ensure individual accountability
![Page 7: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/7.jpg)
The Networks of TwoHands Corporation
• TwoHands corporation develops, produces, and
markets specialized gloves used in waste disposal
and other safety related applications
• The corporation has a Headquarters,a Research
Lab,several factories and warehouses in different
parts of the country
![Page 8: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/8.jpg)
Continued…
• Let us discuss the five stages of development in
TwoHands Networks and consider in each stage
the problems associated with the network and the
possible remedies
![Page 9: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/9.jpg)
Stage1:Private Networks Only
Security Problems
1. Any user can access network traffic
2. Diskette drives on the client
workstations
3. PCs with modem connections
4. Insufficient training to authorized users
![Page 10: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/10.jpg)
Continued…
Possible Countermeasures
1. Introduction of an authentication system for each user
2. Installation of virus detection software and configuration monitors
3. Installation of temper resistant hardware
4. Security awareness training for authorized users
![Page 11: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/11.jpg)
Stage 2:Private Networks plus Read-only
Web Server
Security Problems
1. All the problems in stage 1
2. Denial of service attack
3. Unauthorized change to data on web
server
4. Web address spoofing
![Page 12: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/12.jpg)
Continued…
Possible Countermeasures
1. Use a reliable web server package
2. Keep abreast of the advisories provided
by CERT(Computer Emergency
Response Team), FIRST(Forum of
Incident Response Teams)
3. Proper maintenance of web server
![Page 13: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/13.jpg)
Stage 3:Private Nets Plus Forms-Based
WWW Server
Security Problems
1. Compromise of order information
2. Spoofing of order information
3. Loss of control over the web site
4. Customer information stored on ISP
host.
![Page 14: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/14.jpg)
Continued…
Possible Countermeasures
1. Using a secure web server like HTTP
2. Double checking the CGI scripts
3. Customer authentication
![Page 15: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/15.jpg)
Stage 4:Internet Service through Firewall
with Forms-Based WWW Server
Security Problems
1. Attacks on internal systems via misconfigured
firewalls
2. Importing of malicious software or
exporting of sensitive information via
properly configured firewall
3. Compromise of identity of correspondents
4. Back doors into internal networks
![Page 16: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/16.jpg)
Continued…
Possible Countermeasures
1. Proper firewall configuration
2. Vigilant management of firewall and the
website
3. Provide proper awareness of security to
the internal users
![Page 17: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/17.jpg)
Stage 5:Virtual Private Networks
Security Problems
1. Contamination of internal database via actions of cooperating companies
2. Service delays/denial for intranet traffic due to Internet/ISP problems
3. Compromise or delay of intranet traffic due to crypto mismanagement
4. Compromise of internal traffic patterns
![Page 18: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/18.jpg)
Continued…
Possible Countermeasures
1. Using proper encryption methodology
2. Avoid same company as ISP all the sites
![Page 19: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/19.jpg)
Network Security Policy and Services
• For any level of network security to be established
and maintained we need to understand:
• what assets we need to protect
• against what threats
• to what degree
• identify the elements of security policies
appropriate for networks
• construct a security policy to meet the needs of network
• decide on means for enforcing the policy
![Page 20: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/20.jpg)
Network security services
• confidentiality (protection against eavesdropping)
• integrity (protection against data modification)
• authentication (assurance that the source of
the data is accurately identified to the recipient)
• non-repudiation (inability of the sender to disavow
data the recipient receives)
![Page 21: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/21.jpg)
Vulnerabilities
• Network
• Sniffing
• War Dialing
• Protocol
• Data-link-layer security
• Network-layer security
• Transport-layer security
• IP origin forgery
![Page 22: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/22.jpg)
Above the application layer
• System access control and authorization data structures
• Malicious Software
• Hidden Application Features
![Page 23: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/23.jpg)
Types of Encryption Algorithms
Symmetric
DES ( Digital Encryption Standard)
Asymmetric ( Public Key Cryptography)
RSA (Rivest Shamir Adleman)
![Page 24: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/24.jpg)
DES
![Page 25: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/25.jpg)
RSA
![Page 26: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/26.jpg)
Authentication
Cryptographic Hash Functions
MAC (Message Authentication Code)
Digital Signatures
![Page 27: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/27.jpg)
Security in TCP/IP Protocol Stack
Application Layer Encryption
Session Encryption
IP Layer Encryption
![Page 28: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/28.jpg)
Relative Location of Security in TCP/IP Protocol Stack
![Page 29: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/29.jpg)
SSL Protocol Operation
![Page 30: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/30.jpg)
IP Security Scenario
![Page 31: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/31.jpg)
The Kerberos Architecture
Kerberos
Client
Ticket
Granting
Service
Server
(1) request/receive TGS ticket (2) request/receive server ticket
(3) request service
![Page 32: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/32.jpg)
Intrusion Detection
Network Based Network Security Monitor, Network
IDS, Net Ranger, Tripwire etc…
Host Based Probes of host ports, password guessing
etc…
![Page 33: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/33.jpg)
Taxonomy of Malicious Programs
![Page 34: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/34.jpg)
Security Management Tools
SATAN (Security Analysis Tool for Auditing Networks)
ISS (Internet Security Scanner)
Tiger
Crack
Snoop
![Page 35: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/35.jpg)
Firewall
• Firewall : a method used to prevent unauthorized
access to a private network
Internet
Trust
![Page 36: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/36.jpg)
Types of Firewalls
![Page 37: Lecture-11-12 Presented by: Mazhar Hussain · Lecture-11-12 Presented by: Mazhar Hussain. Topics of Discussion ... –A malicious program can wipe out data on hundreds of ... Importing](https://reader033.vdocument.in/reader033/viewer/2022050508/5f98f551becd1f164147daf3/html5/thumbnails/37.jpg)
SOCKS
Target of
communication
sends information
back through SOCKS
daemon, which routes it
to the user desktop.
Protected
NetworkInternet
Firewall
SOCKS daemon
on firewall parses
request, checks
access control
rules, and makes
connection (proxy);
copy data back in through
firewall.
Socksified
user app asks
SOCKS daemon for
circuit