02 introduction to network security

  • 1,658 views
Uploaded on

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,658
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
16
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. TCSS 431: Network Security
    Class Meeting 2a: Introduction to Network Security
    Joe McCarthy
  • 2. Network Security close to home
  • 3. Hacked Yahoo mail accounts
    Subject: hi how are you?
    Date: Sat, 23 Oct 2010 00:43:49 -0700 (PDT)
    From: * <*@yahoo.com>
    To: *@gmail.com, *@nokia.com, *@stanford.edu, *@baylegal.org …
    http://villarentalbyowner.com/index0314.php
  • 4. Hacked Yahoo mail accounts
    Subject: this account has a virus - feel free to block it
    Date: Tue, 19 Oct 2010 15:46:27 -0700 (PDT)
    From: * <*@yahoo.com>
    To: * <*@gmail.com>
    Dear friends and colleagues,
    Some time earlier this year, my yahoo email account "contracted" a virus. As a result of it, my address book is being used to send spam emails to all of you which appear as if they are coming from me. They typically contain links to web sites, promotions, meds, etc.
    I am very sorry about this annoying cycle. I have tried to correct the problem through Yahoo's customer support. There doesn't seem to be any immediate remedy, as the emails don't originate from me any more. All I can hope is that this eventually wears itself off.
    Please feel free to block *@yahoo.com. I am switching to using *@gmail.com as my private email. I am also available at *@nokia.com.
    Thanks,
    *
  • 5. A few words (& images) aboutPassword Security
    … some combination of upper and lowercase characters as well as numbers and a few ascii characters at least 13 characters in length … (Example: tH3w0rldi5round!1!)
    http://blogs.computerworld.com/17547/a_formula_approach_to_generating_passwords
    http://www.passwordmeter.com/
  • 6. Textbook update
    Network Security: Private Communication in a Public World, 2/E
    Kaufman, Perlman & Speciner
    Prentice Hall, 2003
    Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, 2/E
    Skoudis & Liston
    Prentice Hall, 2006
  • 7. Another perspectiveon Network Security
    Network Security Essentials:Applications and Standards, 4/E
    William Stallings
    ISBN-10: 0136108059
    ISBN-13: 9780136108054
    Publisher: Prentice Hall
    Copyright: 2011
    Format: Paper; 432 pp
    Published: 03/12/2010
    http://williamstallings.com/NetSec/NetSec4e.html
  • 8. The Security Requirements Triad
    Computer Security
    The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)
  • 9. Security Requirements
    Confidentiality
    Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.
    Integrity
    Guarding against information modifications or destruction, including ensuring information non-repudiation and authenticity.
    Availability
    Ensuring timely and reliable access to and use of information
  • 10. Security Attacks, Mechanisms & Services
    Security Attack
    Any action that compromises the security of information
    Security Mechanism
    A process / device that is designed to detect, prevent or recover from a security attack.
    Security Service
    A service intended to counter security attacks, typically by implementing one or more mechanisms.
  • 11. Threats & Attacks
    … but threat and attack used nearly interchangeably
  • 12. Security Threats / Attacks


  • 13. Security Threats / Attacks
  • 14. Passive Attacks
  • 15. Active Attacks (1)
  • 16. Active Attacks (2)
  • 17. Security Services (X.800)
    Authentication
    The assurance that the communicating entity is the one it claims to be
    Access Control
    The prevention of unauthorized use of a resource
    who can have access to a resource,
    under what conditions access can occur,
    what those accessing the resource are allowed to do
    Data Confidentiality
    The protection of data from unauthorized disclosure
    Data Integrity
    The assurance that data received are exactly as sent by an authorized entity (i.e., contains no modification, insertion, deletion or replay).
    Non-Repudiation
    Provides protection against denial by one of the entities involved in a communication of having participated in all/part of the communication.
  • 18. Security Mechanisms (X.800)
  • 19. Model for Network Security
  • 20. Coarse Outline
    Whirlwind tour of Computer Networks
    Computer Hack Reloaded: Anatomy of an Attack
    Phase 1: Reconnaissance
    Phase 2: Scanning
    Phase 3: Gaining Access
    Phase 4: Maintaining Access
    Phase 5: Covering Tracks and Hiding
    Network Security: Mechanisms & Services
    Special Topics
  • 21. Some Network Humor
    http://www.amazon.com/Story-About-Ping-Marjorie-Flack/product-reviews/0140502416
  • 22. Some Network Humor
    $ ping google.com
    PING google.com (66.102.7.104): 56 data bytes
    64 bytes from 66.102.7.104: icmp_seq=0 ttl=53 time=55.990 ms
    64 bytes from 66.102.7.104: icmp_seq=1 ttl=53 time=44.317 ms
    64 bytes from 66.102.7.104: icmp_seq=2 ttl=53 time=45.687 ms
    64 bytes from 66.102.7.104: icmp_seq=3 ttl=53 time=44.993 ms
    64 bytes from 66.102.7.104: icmp_seq=4 ttl=53 time=45.481 ms
    ^C
    --- google.com ping statistics ---
    5 packets transmitted, 5 packets received, 0% packet loss
    round-trip min/avg/max/stddev = 44.317/47.294/55.990/4.374 ms
    $ ping amazon.com
    PING amazon.com (72.21.214.128): 56 data bytes
    ^C
    --- amazon.com ping statistics ---
    10 packets transmitted, 0 packets received, 100% packet loss
    $