Practical Network Security
Upcoming SlideShare
Loading in...5
×
 

Practical Network Security

on

  • 4,840 views

Introducing Network Security Issues and simple ways to fight back.

Introducing Network Security Issues and simple ways to fight back.

Statistics

Views

Total Views
4,840
Views on SlideShare
4,838
Embed Views
2

Actions

Likes
0
Downloads
169
Comments
0

1 Embed 2

http://www.slideshare.net 2

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Practical Network Security Practical Network Security Presentation Transcript

    • Practical Network Security Sudarsun S Checktronix India Pvt Ltd Chennai 600034 [email_address]
    • Agenda
      • Security Threats
      • Fundamental loop hole of Ethernet
      • Basic Services offered by Secured Sys
      • Types of Intruders
      • Network Security Administration
        • Configuring Servers
        • Applications
        • Tools
        • Cross Platform deployment
    • Agenda (cont..)
      • Firewalls
      • Intrusion Detection
        • Rules based
        • Pattern Analysis
          • Usage patterns
          • Feature vectors analysis
      • Role of Artificial Intelligence
        • Statistical Analysis
        • Knowledge based Systems
        • Adaptive Security systems
    • Overview
      • What are we protecting?
      • Private communication over Public channel.
      • Who are we meaning Intruders?
      • What is the cost of intrusion ?
      • Protection Vs Recovery !?
      • Insiders Vs Outsiders !?
    • Data Security
      • What are Security Attributes ?
      • What’s Default Security Policy ?
      • How does Windows give protection?
        • The Security Tab
        • Ownership / Full Control Access
      • How does Unix flavors give protection?
        • chmod, chown, umask commands
          • chmod <1777> <filename> ex: chmod 600 myfile.txt
          • chown user:group <filename> ex: chown sudar:dev file
          • umask <masknumber> ex: umask 077
    • Private Comm Over Public Channel
      • Internet: Public Communication Media
      • How Privacy is achieved ?
      • What are the security threats ?
        • What happens when you send an email ?
        • What happens when you pay your bills ?
        • What happens when you transfer money?
        • What happens when you purchase online?
    • Security Threats
      • Interruption
        • Oops, Availability is gone!
      • Interception
        • Some one is watching you!
      • Fabrication
        • Whom are you talking to ?
      • Modification
        • Am I getting the correct information ?
    • Design Flaw
      • Promiscuous Mode of operation
      • Encryption only at or below App layer
        • Will IPSec overcomes that ?
        • Are SSL, TLS not enough ?
    • Services
      • Confidentiality
      • Authenticity
      • Integrity
      • Non-Repudiation
    • Confidentiality
      • Only B can discern the message from A
      E D Host A Sends M Bpub Bpri Text = Bpub(M) Host B Recvs M
    • Authencity
      • Guarantees A as the Message Source
      E D Host A Sends M A pri A pub Host B Recvs M M M+A pri (M) ~ M A pri (M) M
    • Steganography
      • How Steganography is different from cryptography?
        • Are of concealing the existence of a message
      • Strengths of Steganography
      • Multimedia stream, the Auspicious Carrier!
    • Some Apps
      • Authentication applications - Kerberos
      • Email Security – PGP
      • IP Security – Layer in IP
      • Web Security – SSL, TLS
      • SSH Vs Telnet
      • SSH Tunnels
      • Virtual Private Networks
    • VPN
      • Created using Two-Way SSH Tunnels
        • ssh -l <user> -L <localport>:<remote-ip>:<remoteport> -g -p <ssh-port> <remote-ssh-ip-address>
        • ssh -l <user> -R <remoteport>:<local-ip>:<localport> -g -p <ssh-port> <remote-ssh-ip-address>
    • VPN Hardware
    • Cyber Café Stuff
      • Do you know know Temporary Internet Files folder ?
      • Do you know about persistent cookies ?
      • Do you know where your passwords are stored ?
      • Do you know how your data is transferred when you click submit button?
      • Do you know about VNC servers ?
      • Can your emails, passwords, credit card details be intercepted ?
      • Are you sure of all the Emails received ?
    • How to Safeguard?
      • Delete Temporary Internet Folder
      • Delete cookies
      • Delete history
      • Don’t allow passwords to be saved
      • Don’t give your credit card details on a non-https URL.
      • Enable detailed headers in Emails.
    • SPAM Filters
      • What is SPAM, HAM ?
      • How can we identify SPAM ?
      • Spamassasin
      • Techniques
        • Bayes Classifier
        • Rules based
      • SMTP Filter
        • Open Relay, Blacklisted IP address, HELO method, banner delays, reverse lookup tests.
    • Intruders
      • Masquerader
      • An unauthorized user exploiting legitimate user’s account
      • Misfeasor
      • A legitimate user violating the limitation on her or him authorization
      • Clandestine user
      • Individual seizing supervisor control to evade auditing
    • Intrusion Detection
      • Statistical Anomaly Detection
        • Network monitors
        • tcpdump, ethereal, netstat, iptraf
      • Auditors and Event Logs
        • Windows Event Logs
        • Linux SysLogs
      • Rules based Detection
        • ipchains, iptables
        • proxy, reverse proxy, firewalls
    • Viruses
      • Malicious Programs
      • Trap doors
      • Logic bomb
      • Trojans
      • Viruses
      • Worms
      • Adware, Spyware
    • Firewalls
      • Need for a firewall
      • Attacks
            • Ping of death
            • Fragmentation Attack
            • Denial of Service
            • IP Spoofing
            • Port scanning
    • Level of Control
      • Service Control
            • Based on Port number
      • Direction Control
            • Limits inbound and outbound traffic
      • User Control
            • Restrict user level access to resources
      • Behavioral Control
            • Content limitation on resource use
    • Types
      • Packet Filtering firewall
            • Based on Packet filter rules
      • Application Level Gateway
            • Limits the application superficially
      • Circuit level Gateway
            • Man-in-the-Middle contruction
    • References
      • Public Key Cryptography: http://www.rsasecurity.com/rsalabs/pkcs/
      • HMAC: http://www.cs.ucsd.edu/users/mihir/papers/hmac.html
      • Digital Signatures: http://www.epic.org/crypto/dss/
      • Bruce Schenider, Applied Cryptography
      • William Stallings, Cryptography and Network Security, Pearson Education
      • All RFCs: http://www.ietf.org/rfc.html
      • PGP: http://www.pgp.com/
      • Comer D, Internetworking with TCP/IP Volume 1, Prentice Hall, 1995
      • Cheng P et al, “A Security Architecture for the IP”, IBM Systems Journal, Number 1, 1998
      • OpenSSL: http://www.openssl.org/
      • SSL: http://wp.netscape.com/security/techbriefs/ssl.html?cp=sciln
      • Denning P, Computers Under Attack: Intruders, Worms & Viruses. Reading MA: Addison-Wesley,1990
      • Oppliger R “Internet Security: Firewalls and Beyond” Communication of the ACM, May 1997
      • Bellovin S, Cheswick W. “Network Firewalls”, IEEE Communications Magazine, Sep 1994
    •