0
TCSS 431: Network Security<br />Class Meeting 2a: Introduction to Network Security<br />Joe McCarthy<br />
Network Security close to home<br />
Hacked Yahoo mail accounts<br />Subject: 	hi how are you?<br />Date: 	Sat, 23 Oct 2010 00:43:49 -0700 (PDT)<br />From: 	* ...
Hacked Yahoo mail accounts<br />Subject: 	this account has a virus - feel free to block it<br />Date: 	Tue, 19 Oct 2010 15...
A few words (& images) aboutPassword Security<br />         … some combination of upper and lowercase characters as well a...
Textbook update<br />Network Security: Private Communication in a Public World, 2/E<br />Kaufman, Perlman & Speciner<br />...
Another perspectiveon Network Security<br />Network Security Essentials:Applications and Standards, 4/E<br />William Stall...
The Security Requirements Triad<br />Computer Security<br />The protection afforded to an automated information system in ...
Security Requirements<br />Confidentiality<br />Preserving authorized restrictions on information access and disclosure, i...
Security Attacks, Mechanisms & Services<br />Security Attack<br />Any action that compromises the security of information<...
Threats & Attacks<br />… but threat and attack used nearly interchangeably <br />
Security Threats / Attacks<br />…<br />…<br />
Security Threats / Attacks<br />
Passive Attacks<br />
Active Attacks (1)<br />
Active Attacks (2)<br />
Security Services (X.800)<br />Authentication<br />The assurance that the communicating entity is the one it claims to be<...
Security Mechanisms (X.800)<br />
Model for Network Security<br />
Coarse Outline<br />Whirlwind tour of Computer Networks<br />Computer Hack Reloaded: Anatomy of an Attack<br />Phase 1: Re...
Some Network Humor<br />http://www.amazon.com/Story-About-Ping-Marjorie-Flack/product-reviews/0140502416<br />
Some Network Humor<br />$ ping google.com<br />PING google.com (66.102.7.104): 56 data bytes<br />64 bytes from 66.102.7.1...
Upcoming SlideShare
Loading in...5
×

02 introduction to network security

1,884

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,884
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
20
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "02 introduction to network security"

  1. 1. TCSS 431: Network Security<br />Class Meeting 2a: Introduction to Network Security<br />Joe McCarthy<br />
  2. 2. Network Security close to home<br />
  3. 3. Hacked Yahoo mail accounts<br />Subject: hi how are you?<br />Date: Sat, 23 Oct 2010 00:43:49 -0700 (PDT)<br />From: * <*@yahoo.com><br />To: *@gmail.com, *@nokia.com, *@stanford.edu, *@baylegal.org …<br />http://villarentalbyowner.com/index0314.php<br />
  4. 4. Hacked Yahoo mail accounts<br />Subject: this account has a virus - feel free to block it<br />Date: Tue, 19 Oct 2010 15:46:27 -0700 (PDT)<br />From: * <*@yahoo.com><br />To: * <*@gmail.com><br />Dear friends and colleagues,<br />Some time earlier this year, my yahoo email account "contracted" a virus. As a result of it, my address book is being used to send spam emails to all of you which appear as if they are coming from me. They typically contain links to web sites, promotions, meds, etc.<br />I am very sorry about this annoying cycle. I have tried to correct the problem through Yahoo's customer support. There doesn't seem to be any immediate remedy, as the emails don't originate from me any more. All I can hope is that this eventually wears itself off.<br />Please feel free to block *@yahoo.com. I am switching to using *@gmail.com as my private email. I am also available at *@nokia.com.<br />Thanks,<br />*<br />
  5. 5. A few words (& images) aboutPassword Security<br /> … some combination of upper and lowercase characters as well as numbers and a few ascii characters at least 13 characters in length … (Example: tH3w0rldi5round!1!)<br />http://blogs.computerworld.com/17547/a_formula_approach_to_generating_passwords<br />http://www.passwordmeter.com/<br />
  6. 6. Textbook update<br />Network Security: Private Communication in a Public World, 2/E<br />Kaufman, Perlman & Speciner<br />Prentice Hall, 2003<br />Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, 2/E<br />Skoudis & Liston<br />Prentice Hall, 2006<br />
  7. 7. Another perspectiveon Network Security<br />Network Security Essentials:Applications and Standards, 4/E<br />William Stallings<br />ISBN-10: 0136108059<br />ISBN-13: 9780136108054<br />Publisher: Prentice Hall<br />Copyright: 2011<br />Format: Paper; 432 pp<br />Published: 03/12/2010<br />http://williamstallings.com/NetSec/NetSec4e.html<br />
  8. 8. The Security Requirements Triad<br />Computer Security<br />The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)<br />
  9. 9. Security Requirements<br />Confidentiality<br />Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.<br />Integrity<br />Guarding against information modifications or destruction, including ensuring information non-repudiation and authenticity. <br />Availability<br />Ensuring timely and reliable access to and use of information<br />
  10. 10. Security Attacks, Mechanisms & Services<br />Security Attack<br />Any action that compromises the security of information<br />Security Mechanism<br />A process / device that is designed to detect, prevent or recover from a security attack.<br />Security Service<br />A service intended to counter security attacks, typically by implementing one or more mechanisms.<br />
  11. 11. Threats & Attacks<br />… but threat and attack used nearly interchangeably <br />
  12. 12. Security Threats / Attacks<br />…<br />…<br />
  13. 13. Security Threats / Attacks<br />
  14. 14. Passive Attacks<br />
  15. 15. Active Attacks (1)<br />
  16. 16. Active Attacks (2)<br />
  17. 17. Security Services (X.800)<br />Authentication<br />The assurance that the communicating entity is the one it claims to be<br />Access Control<br />The prevention of unauthorized use of a resource <br />who can have access to a resource,<br />under what conditions access can occur, <br />what those accessing the resource are allowed to do<br />Data Confidentiality<br />The protection of data from unauthorized disclosure<br />Data Integrity<br />The assurance that data received are exactly as sent by an authorized entity (i.e., contains no modification, insertion, deletion or replay).<br />Non-Repudiation<br />Provides protection against denial by one of the entities involved in a communication of having participated in all/part of the communication.<br />
  18. 18. Security Mechanisms (X.800)<br />
  19. 19. Model for Network Security<br />
  20. 20. Coarse Outline<br />Whirlwind tour of Computer Networks<br />Computer Hack Reloaded: Anatomy of an Attack<br />Phase 1: Reconnaissance<br />Phase 2: Scanning<br />Phase 3: Gaining Access<br />Phase 4: Maintaining Access<br />Phase 5: Covering Tracks and Hiding<br />Network Security: Mechanisms & Services<br />Special Topics <br />
  21. 21. Some Network Humor<br />http://www.amazon.com/Story-About-Ping-Marjorie-Flack/product-reviews/0140502416<br />
  22. 22. Some Network Humor<br />$ ping google.com<br />PING google.com (66.102.7.104): 56 data bytes<br />64 bytes from 66.102.7.104: icmp_seq=0 ttl=53 time=55.990 ms<br />64 bytes from 66.102.7.104: icmp_seq=1 ttl=53 time=44.317 ms<br />64 bytes from 66.102.7.104: icmp_seq=2 ttl=53 time=45.687 ms<br />64 bytes from 66.102.7.104: icmp_seq=3 ttl=53 time=44.993 ms<br />64 bytes from 66.102.7.104: icmp_seq=4 ttl=53 time=45.481 ms<br />^C<br />--- google.com ping statistics ---<br />5 packets transmitted, 5 packets received, 0% packet loss<br />round-trip min/avg/max/stddev = 44.317/47.294/55.990/4.374 ms<br />$ ping amazon.com<br />PING amazon.com (72.21.214.128): 56 data bytes<br />^C<br />--- amazon.com ping statistics ---<br />10 packets transmitted, 0 packets received, 100% packet loss<br />$<br />
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×