• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Net Sec
 

Net Sec

on

  • 1,128 views

 

Statistics

Views

Total Views
1,128
Views on SlideShare
1,128
Embed Views
0

Actions

Likes
0
Downloads
19
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Net Sec Net Sec Presentation Transcript

    • Practical Network Security Sudarsun S Checktronix India Pvt Ltd Chennai 600034 [email_address]
    • Agenda
      • Security Threats
      • Fundamental loop hole of Ethernet
      • Basic Services offered by Secured Sys
      • Types of Intruders
      • Network Security Administration
        • Configuring Servers
        • Applications
        • Tools
        • Cross Platform deployment
    • Agenda (cont..)
      • Firewalls
      • Intrusion Detection
        • Rules based
        • Pattern Analysis
          • Usage patterns
          • Feature vectors analysis
      • Role of Artificial Intelligence
        • Statistical Analysis
        • Knowledge based Systems
        • Adaptive Security systems
    • Overview
      • What are we protecting?
      • Private communication over Public channel.
      • Who are we meaning Intruders?
      • What is the cost of intrusion ?
      • Protection Vs Recovery !?
      • Insiders Vs Outsiders !?
    • Data Security
      • What are Security Attributes ?
      • What’s Default Security Policy ?
      • How does Windows give protection?
        • The Security Tab
        • Ownership / Full Control Access
      • How does Unix flavors give protection?
        • chmod, chown, umask commands
          • chmod <1777> <filename> ex: chmod 600 myfile.txt
          • chown user:group <filename> ex: chown sudar:dev file
          • umask <masknumber> ex: umask 077
    • Private Comm Over Public Channel
      • Internet: Public Communication Media
      • How Privacy is achieved ?
      • What are the security threats ?
        • What happens when you send an email ?
        • What happens when you pay your bills ?
        • What happens when you transfer money?
        • What happens when you purchase online?
    • Security Threats
      • Interruption
        • Oops, Availability is gone!
      • Interception
        • Some one is watching you!
      • Fabrication
        • Whom are you talking to ?
      • Modification
        • Am I getting the correct information ?
    • Design Flaw
      • Promiscuous Mode of operation
      • Encryption only at or below App layer
        • Will IPSec overcomes that ?
        • Are SSL, TLS not enough ?
    • Services
      • Confidentiality
      • Authenticity
      • Integrity
      • Non-Repudiation
    • Confidentiality
      • Only B can discern the message from A
      E D Host A Sends M Bpub Bpri Text = Bpub(M) Host B Recvs M
    • Authencity
      • Guarantees A as the Message Source
      E D Host A Sends M A pri A pub Host B Recvs M M M+A pri (M) ~ M A pri (M) M
    • Steganography
      • How Steganography is different from cryptography?
        • Are of concealing the existence of a message
      • Strengths of Steganography
      • Multimedia stream, the Auspicious Carrier!
    • Some Apps
      • Authentication applications - Kerberos
      • Email Security – PGP
      • IP Security – Layer in IP
      • Web Security – SSL, TLS
      • SSH Vs Telnet
      • SSH Tunnels
      • Virtual Private Networks
    • VPN
      • Created using Two-Way SSH Tunnels
        • ssh -l <user> -L <localport>:<remote-ip>:<remoteport> -g -p <ssh-port> <remote-ssh-ip-address>
        • ssh -l <user> -R <remoteport>:<local-ip>:<localport> -g -p <ssh-port> <remote-ssh-ip-address>
    • VPN Hardware
    • Cyber Café Stuff
      • Do you know know Temporary Internet Files folder ?
      • Do you know about persistent cookies ?
      • Do you know where your passwords are stored ?
      • Do you know how your data is transferred when you click submit button?
      • Do you know about VNC servers ?
      • Can your emails, passwords, credit card details be intercepted ?
      • Are you sure of all the Emails received ?
    • How to Safeguard?
      • Delete Temporary Internet Folder
      • Delete cookies
      • Delete history
      • Don’t allow passwords to be saved
      • Don’t give your credit card details on a non-https URL.
      • Enable detailed headers in Emails.
    • SPAM Filters
      • What is SPAM, HAM ?
      • How can we identify SPAM ?
      • Spamassasin
      • Techniques
        • Bayes Classifier
        • Rules based
      • SMTP Filter
        • Open Relay, Blacklisted IP address, HELO method, banner delays, reverse lookup tests.
    • Intruders
      • Masquerader
      • An unauthorized user exploiting legitimate user’s account
      • Misfeasor
      • A legitimate user violating the limitation on her or him authorization
      • Clandestine user
      • Individual seizing supervisor control to evade auditing
    • Intrusion Detection
      • Statistical Anomaly Detection
        • Network monitors
        • tcpdump, ethereal, netstat, iptraf
      • Auditors and Event Logs
        • Windows Event Logs
        • Linux SysLogs
      • Rules based Detection
        • ipchains, iptables
        • proxy, reverse proxy, firewalls
    • Viruses
      • Malicious Programs
      • Trap doors
      • Logic bomb
      • Trojans
      • Viruses
      • Worms
      • Adware, Spyware
    • Firewalls
      • Need for a firewall
      • Attacks
            • Ping of death
            • Fragmentation Attack
            • Denial of Service
            • IP Spoofing
            • Port scanning
    • Level of Control
      • Service Control
            • Based on Port number
      • Direction Control
            • Limits inbound and outbound traffic
      • User Control
            • Restrict user level access to resources
      • Behavioral Control
            • Content limitation on resource use
    • Types
      • Packet Filtering firewall
            • Based on Packet filter rules
      • Application Level Gateway
            • Limits the application superficially
      • Circuit level Gateway
            • Man-in-the-Middle contruction
    • References
      • Public Key Cryptography: http://www.rsasecurity.com/rsalabs/pkcs/
      • HMAC: http://www.cs.ucsd.edu/users/mihir/papers/hmac.html
      • Digital Signatures: http://www.epic.org/crypto/dss/
      • Bruce Schenider, Applied Cryptography
      • William Stallings, Cryptography and Network Security, Pearson Education
      • All RFCs: http://www.ietf.org/rfc.html
      • PGP: http://www.pgp.com/
      • Comer D, Internetworking with TCP/IP Volume 1, Prentice Hall, 1995
      • Cheng P et al, “A Security Architecture for the IP”, IBM Systems Journal, Number 1, 1998
      • OpenSSL: http://www.openssl.org/
      • SSL: http://wp.netscape.com/security/techbriefs/ssl.html?cp=sciln
      • Denning P, Computers Under Attack: Intruders, Worms & Viruses. Reading MA: Addison-Wesley,1990
      • Oppliger R “Internet Security: Firewalls and Beyond” Communication of the ACM, May 1997
      • Bellovin S, Cheswick W. “Network Firewalls”, IEEE Communications Magazine, Sep 1994
    •