• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
July132000
 

July132000

on

  • 452 views

 

Statistics

Views

Total Views
452
Views on SlideShare
451
Embed Views
1

Actions

Likes
0
Downloads
0
Comments
0

1 Embed 1

http://www.ctin.org 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

July132000 July132000 Presentation Transcript

  • Introduction to Networks Sandy Bacik [email_address] Breakwater Security Associates
  • Agenda
    • Complexity of network incidents
    • Firewalls
    • Encrypted tunnels
    • Zone Alarm
  • Way Back When
  • Way Back When
    • Not enough hard drive space to hide anything
    • No logs on the workstation
    • All logs were centralized on the main frame
    • Easy phone logs for traces
  • Then...
  • Then...
    • Not enough hard drive space to hide anything
    • No logs on the workstation
    • All logs were centralized on the main frame
    • Easy phone logs for traces
  • Then...
  • Then...
    • Now the hard drives could start storing information
    • Sometime there were logs on the workstation
    • The logs are now decentralized, but for the most part remained with the network
    • Easy phone logs for traces
  • Early Today...
  • Early Today...
    • Now the hard drives could start storing information
    • Sometime there were logs on the workstation
    • The logs are now decentralized
    • Easy phone logs for traces
    • Still no really good encrypted tunnels
  • Today
  • Today
    • Almost anything can be logged - somewhere
    • The logs are now decentralized
    • Now follow packets, not phone logs
    • Encrypted tunnels - all bets are off
  • Where to look for logs
    • Corporate/Personal servers
    • Corporate/Home workstation
    • Firewall
    • Internet Service Provider (ISP) and all their logs
    • Outside networks - anywhere in the world
  • Issues with log file tracking
    • Time synchronizations from system to system
    • Time synchronizations from server to workstation
    • IP address spoofing
    • Understanding each systems log file information
  • IP Addresses 192 . 168 . 124 . 123 http://www.cisco.com/univercd/cc/td/doc/product/software/ssr90/ptc_r_90/54084.htm
  • Domain Names .com .edu .gov .mil .net .org .int . xx
  • Domain Lookups
    • www.iana.org/dev7/iana/
    • www.internic.net
    • www.networksolutions.com
    • www.arin.net
  • Whois Sample
  • Whois Sample
  • Whois Sample
  • Simple ways to track an IP address/host name
    • ping -a <ipaddress>
    • ping <sitename>
    • tracert <ipaddress>
    • tracert <sitename>
  • Ping results
  • Ping results
  • Tracert results
  • What is a firewall?
    • A set of hardware and software mechanisms that shield ‘internal’ trusted networks from ‘external’ untrusted networks such as the Internet or shield internal networks from other internal networks.
  • Firewall Design
  • What a firewall does not protect against
    • Invalid configurations
    • Other entry points into the network
    • Dial-up access
    • Viruses
    • Single points of failure/throughput
    • Insiders
  • Purposes of encryption
    • Protect sensitive information from disclosure
    • Identify the corruption or unauthorized change of information
    • Designed to make compromise too expensive or too time consuming
  • What is a VPN?
    • Virtual private network
    • An encrypted tunnel
    • A secure link between entities using the Internet or a network as a backbone
  • What’s a VPN for?
    • Strong encryption for sensitive data transmission
    • Reliability of critical data transmissions
    • Good authentication
    • Access and traffic control
  • VPN Design
  • How can we protect our home machine(s)
    • Virus scanners
    • Logging and auditing
    • Firewalls
      • http://www.zonelabs.com/default.htm
  • ZoneAlarm Alerts
  • ZoneAlarm Lock
  • ZoneAlarm Security
  • ZoneAlarm Programs
  • ZoneAlarm Configure
  • ZoneAlarm STOP
  • Thank you