• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Security design considerations/issues for routers and ...
 

Security design considerations/issues for routers and ...

on

  • 1,020 views

 

Statistics

Views

Total Views
1,020
Views on SlideShare
1,020
Embed Views
0

Actions

Likes
0
Downloads
30
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Security design considerations/issues for routers and ... Security design considerations/issues for routers and ... Presentation Transcript

    • Security design considerations/issues for routers and switches By Aditya Varakantam Professor Dr.Ravi Mukkamala
    • Overview
      • Definition
      • Motivation for providing Router Security
      • Router security considerations
      • Router Security Policy
      • Switch security considerations
      • Conclusion
      • References
    • Definition
      • Router
      • Router is a device which extracts the destination address from the incoming packet and sends it to the destination through the optimal path. Directing data between portions of a network is the purpose of a router.
      • Routers operate at the Network layer of the OSI model. They pass traffic between two different IP networks which may be either LANs or WANs
    • Router
    • Switch
      • Switches listen to the traffic on each Ethernet port and discover to which port each attached device is connected. The switch then sends traffic directly to the destination port
      • By using a switch we can ensure that most of the network traffic only goes where it needs to rather than to every port. Thus increasing the network performance
    • Switch
    • Possible Attacks on Routers
      • Session Hijacking
      • Session Replay Attack
      • Rerouting Attack
      • Masquerade Attacks
    • Motivation for providing Router security
      • Compromise of a router can lead to various security problems on the network served by that router, or even other networks with which that router communicates.
      • Compromise of a router’s route tables can result in reduced performance, denial of network communication services, and exposure of sensitive data.
      • Compromise of a router’s access control can result in exposure of network configuration details or denial of service, and can facilitate attacks against other network components.
    • Motivation for providing Router security
      • A poor router filtering configuration can reduce the overall security of an entire enclave, expose internal network components to scans and attacks, and make it easier for attackers to avoid detection .
      • Proper use of router cryptographic security features can help protect sensitive data, ensure data integrity, and facilitate secure cooperation between independent enclaves.
    • Router Security Considerations
      • Protecting the Router itself
      • Physical Security
      • Router should be placed in a locked room with access by only a small number of authorized personnel.
      • Operating System
      • Based on what features the network needs, use the feature list to select the version of the operating system.
    • Router Security Considerations
      • Protecting the Network with the Router
      • Interior Routers
      • Backbone Routers
      • Border Routers
      Router Security Considerations
    • Router Security Considerations
      • Patches and Updates
      • Subscribe to alert services provided by manufacturer of the networking hardware so that we are up to date with both security issues and service patches. This can fix the known security vulnerabilities.
      • Protocols
      • 1.Use ingress and egress filtering
      • 2.Screen ICMP traffic from the internal network
      • 3.Block Trace Route
      • 4.Control Broadcast traffic
      • 5.Block other unnecessary traffic
    • Router Security Considerations
      • Protocols
      • Ingress and Egress filtering- Filter both incoming and outgoing packets
      • Screen ICMP traffic from the internal network-
      • Echo Request (ping)
      • Echo Reply (ping reply)
      • Destination Unreachable
      • Source Quench
      • Redirect
      • Time Exceeded
    • Router Security Considerations
      • Protocols
      • Block Trace Route- Detects whether the packet is traveling along optimal routes and blocks the ICMP messages.
      • Control Broadcast Traffic- Blocks specific source addresses
      • Block other unnecessary traffic- Incoming traffic from the Internet to the border router is from unknown untrusted users who require access to our Web servers.
    • Router Security Considerations
      • Administrative Access
      • Apply Strong password policies- Always use uppercase and lowercase, number, and symbol combinations when creating passwords.
      • Use an administration access control system-
      • - Authentication
      • - Authorization
      • - Accounting
    • Router Security Considerations
      • Administrative Access
      • Disable Unused Interfaces- Only required interfaces should be enabled on the router. Unused interface might expose you to unknown attacks on those interfaces.
      • Consider Static Routes- Static routes prevent specially formed packets from changing routing tables on your router. An attacker might try to change routes by simulating a routing protocol message to cause denial of service or to forward requests to a rogue server
    • Router Security Considerations
      • Auditing and Logging
      • Most routers have a logging facility and can log all deny actions which would show intrusion attempts. Modern routers have an array of logging features that include the ability to set severities based on the data logged.
      • Intrusion Detection
      • With restrictions in place at the router to prevent TCP/IP attacks, the router should be able to identify when an attack is taking place and notify a system administrator of the attack.
    • Router Security Policy
      • Layered view of the security of a router
    • Router Security Policy
      • The innermost layer is the physical security of the router
      • The next innermost layer is the stored software and configuration state of the router
      • The next outermost layer has the dynamic configuration (Routing Tables)
      • The outer zone of the diagram represents the intra-network and inter-network traffic that the router manages.
    • Switch Security Considerations
      • Patches and Updates
      • Subscribe to alert services provided by manufacturer of the networking hardware so that we are up to date with both security issues and service patches. This can fix the known security vulnerabilities .
      • VLANs
      • Virtual LANs allow you to separate network segments and apply access control based on security rules. Using ACL's between VLANs provides an intermediate level of protection by blocking internal intrusions from within the enterprise while intrusions from outside are already blocked by the border network.
    • Switch Security Considerations
      • Use an administration access control system
      • - Authentication
      • - Authorization
      • - Accounting
      • Disable Unused Ports
      • Unused Ethernet ports on the switch should be disabled to prevent hackers plugging into an unused port
    • Switch Security Considerations
      • Encryption
      • Although it is not traditionally implemented at the switch, data encryption over the wire ensures that sniffed packets are useless in cases where a monitor is placed on the same switched segment or where the switch is compromised, allowing sniffing across segments.
    • Conclusion
      • Router and Switch are two important components in a network which need to be secured in order to keep the network secure.
    • References
      • http://nsa2.www.conxion.com/cisco/guides/cis-2.pdf
      • http://www.microsoft.com/technet/security/guidance/networksecurity/secmod40.mspx
      • http://en.wikipedia.org/wiki/Router
      • http://ask-leo.com/whats_the_difference_between_a_hub_a_switch_and_a_router.html
      • http://news.zdnet.com/2100-1009_22-5898169.html
      • https://www2.sans.org/resources/policies/Router_Security_Policy.pdf?portal=ad97740a1a2cd335cc01aaf1133c4592
      • Questions???
      • Thank You