Network security and protocols


Published on

Click Here

Online Educational Website For You

Published in: Education, Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Network security and protocols

  1. 1. Network Security and Protocols
  2. 2. Threats Prevent users from accessing the required resources for performing their task Types of Threats Internal External
  3. 3. Internal Threats• Malicious practices done by the local networks users that do not allow efficient sharing of the network resources• Common internal threats are: – Unauthorized Access – Data Destruction – Administrative Access – System Crash/Hardware Failure – Virus
  4. 4. Protecting from Internal Threats• Methods of protecting internal threats largely dependent on policies rather than technology• To protect the network from internal threats you need to implement: – Passwords – User Account Control – creating groups – Policies – Fault Tolerance
  5. 5. External Threats• External threats can exist in two forms: – Attacker manipulates the user to gain access to the network – Hacker at a remote location uses technical methods to gain illegal access to your network• Common external threats are: – Social Engineering – Hacking – internet worms or other internet hacking tools
  6. 6. Protecting from External Threats• Securing network from external threat is a competition between hackers and security people• To protect the network from external threats you need to provide: – Physical protection – lock the server – Firewalls – Encryption –IPSec ,SSL – Authentication – Kerberos, PAP, CHAP – Public Keys and Certificates – VLAN
  7. 7. Need for Network Security• Network security - Mechanism that protects the network resources from being attacked by the outside world• Hackers constantly look out for loopholes in the network security and snoop into a network• Spyware and other adware program get installed into your computer and start transmitting private information• IP snooping allows monitoring of network traffic that is sent over the internet
  8. 8. Security Attacks - I• Break the security barrier of the network and access the network resources Types of Security Attacks Active Passive
  9. 9. Implementing External Network Security - I• Implementing external network security was not necessary while dial up connections were used• Arrival of high speed internet connection has completely changed security aspect for home computers• Users who use Asymmetric digital subscriber line (ADSL) or a cable modem is the main target for the hackers• Windows XP now has an Internet Connection Firewall (ICF) available
  10. 10. Implementing External Network Security - II• SOHO routers are connected to provide security to networked systems sharing a single Internet connection• Large networks employ a dedicated firewall between a gateway router and the protected network• A demilitarized zone (DMZ) can also be implemented to prevent access to the network
  11. 11. Cryptography• Cryptography is a science that deals with securing information• Objectives of Cryptography are: – Message Confidentiality – Message Integrity – Message Authentication – Message Nonrepudiation – solves the issues related to disputes beteween sender and receiver – Entity Authentication
  12. 12. Types of Cryptosystems• Cryptographic systems consists of algorithms and procedures used for encrypting the messages• Types of cryptographic systems: – Symmetric Cryptographic Systems – Asymmetric Cryptographic Systems• Symmetric Cryptographic Systems use same keys for encryption and decryption• Asymmetric Cryptographic Systems use two keys, one for encryption and other for decryption
  13. 13. Encryption/Decryption• Encryption refers to conversion of plain text into cipher text• Cipher algorithm is used to transform plain text into cipher text• Different types of traditional ciphers used to encode the message fall in to two broad categories: – Substitution ciphers – Transposition ciphers
  14. 14. Public Key Encryption/Decryption• Uses a combination of two keys the private key and the public key (Asymmetric)• Private key is known only to the receiver of the message
  15. 15. Secret Key Encryption / Decryption• Uses the same key to encrypt and decrypt the message (Symmetric)• Algorithm used for decrypting the message is inverse of algorithm that is used to encrypt message
  16. 16. Digital Signatures - I• Used to authenticate the origin of the document• Come under the asymmetric cryptography category• Can be accomplished in two ways: – Signing the document – Signing the digest of the document
  17. 17. Digital Signature - II• Signing the document• Signing the digest
  18. 18. Digital Signature - III• Signing the Document – public and private keys of the sender are used for encrypting and decrypting the document• Signing the digest – used when the message to be sent is long. Creates a digest of the message using the hash function and then sign it
  19. 19. Authentication Protocol• Authentication is a process by which the identity of the concerned party is identified before starting the communication process• Data traffic is encrypted using symmetric key cryptography for performance reasons• Public key cryptography is used for developing authorization protocols as well as creating a session key
  20. 20. Authentication based on Shared Secret Key• Challenge response protocols used for authentication using shared secret key
  21. 21. Authentication using Kerberos• Three types of servers involved in Kerberos protocol: – Authentication Server (AS) – Ticket-Granting Server (TGS) – Real Server
  22. 22. Authentication using Public – Key Cryptography• Certification Authority : Organization that binds a public key to an entity and issues a certificate
  23. 23. Firewall - I• Firewall is a system that blocks all unwanted and unauthorized access of the system resources• Firewall can be set using a router, switch, or a bridge• Firewall is basically present at the junction point or gateway between two networks like a private and public network• Firewalls can be hardware or software• Basic types of firewalls are: – Packet-Filter Firewalls – Proxy Firewalls
  24. 24. Types of Firewall• Packet filter Firewall – forward or blocks the packets depending source and destination IP address, port address or type of protocol used (TCP or UDP). Collects the information from the network and transport layer headers• Proxy Firewall – filters the data at application layer e.g. online book
  25. 25. Firewall - II• Demilitarized Zones in Firewall – Network that is usually present between an internal and external network of an organization – DMZ host provides services for external networks thus providing cover for internal networks against intruders
  26. 26. VLAN - I• Individual broadcast domains created by the switch are called virtual LANs.• Different characteristics used to group stations in a VLAN are: – Port Numbers – MAC addresses – IP addresses – Multicast IP Addresses – Combination• IEEE standard 802.1Q defines format of frame tagging in VLAN
  27. 27. VLAN - II• VLAN can be configured in three ways: Manual, Automatic, and Semiautomatic• Three methods used for communication between switches are: – Table Maintenance – Frame tagging – Time Division Multiplexing (TDM)• Advantages of VLAN are: – Network Management – Creating Virtual Work Groups – Security
  28. 28. Fault Tolerance and Redundancy• Shared data of a network should have better protection rather than having to restore the backups with difficulty• The capability of a server to continue operating in case of a hardware failure is known as fault tolerance• To implement fault tolerance you have to make the data redundant on the serving system
  29. 29. RAID• RAID is a technology that uses a collection of hard disks to share and replicate data• Different levels of RAID are RAID 0, 1, 2, 3, 4, 5, 6, 0+1, 10, 53 and linear RAID
  30. 30. Network-Attached Storage (NAS)• Used for implementing a server just for file sharing• A prebuilt system usually running LINUX with Samba and/ or Network File System (NFS)• Devices have DHCP enabled and require very little or no configuration to run
  31. 31. Storage area network (SAN)• SAN is a network whose primary aim is to transfer data between disk arrays, tape drives and servers• The various SAN components are: – Fiber channel Switches – Hosts and Host Bus Adapters – Storage Devices – Cabling and Cable Connectors
  32. 32. Tape Backup• Tape backup becomes essential incase of a hardware crash or damage to the server• Magnetic tape is the oldest method of storing data from the computer• Tape backup options fall in to three major groups: – Quarter-inch tape (QIC) – Digital Audio Tape (DAT) – Digital Linear Tape (DLT)
  33. 33. Perfect Server - I• Network that shares data requires specialized hardware so as to share data as fast as possible• Hardware requirement for Speed – Fast NICS : Increasing the data throughput and making it do more than one task at a time – Faster Drives : Using a PATA or a SCSI drive and implementing RAID 5 for data protection
  34. 34. Perfect Server - II• Servers require reliability, speed as well as data protection• Good Power• Antivirus Program• Environment
  35. 35. Hardware Requirement for speed• The hardware requirements for a server and a workstation differ from each other completely• Workstations do not require the speed, reliability and data backup. Servers on the other hand require reliability, speed, as well as data protection• The two things that can make the server provide good speed are: – Fast NICs – Fast Drives
  36. 36. Reliability - I• A steady AC power supply is to be provided to all the systems• The different methods of providing good power are: – Dedicated Circuits – Surge suppressors – Uninterruptible Power Supply (UPS) – Backup Power• Another problem along with faulty power is computer viruses
  37. 37. Reliability - II• Five typical types of viruses are: – Boot sector – Executable – Macro – Trojan – Worm• Damage due to virus attacks can be prevented by not allowing the virus from entering the system• Necessary to provide a good environment for the server to improve its reliability
  38. 38. Protocols• Different protocols are used at different layers of the OSI model for providing security to the users• The different protocols used are: – Secure Socket Layer (SSL) – Internet Protocol Security (IPSec) – Point-to-Point Tunneling Protocol (PPTP) – Point-to-Point Protocol (PPP) – Serial Line Interface Protocol (SLIP)
  39. 39. SLIP• Serial Line Internet Protocol (SLIP) is used to connect the computer to the Internet using serial connection such as the dial-up modem• Serial Line Internet Protocol was designed for Data link protocol for telephony• However, SLIP only supported TCP/IP and not NetBEUI or IPX network.
  40. 40. PPP - I• One of the common protocols for point to point access• PPP addressed all of the shortcomings of SLIP• Different services provided by PPP are as follows: – Defines the format of the frames to be exchanged between devices. – Defines how the devices can negotiate for establishment of link and exchange of data – Defines how network layer data is encapsulated in the data link frame. – Defines how the devices can authenticate each other
  41. 41. PPP - II• Provides multiple network layer services that support different network layer protocols.• Provides connection over multiple links.• Provides network address configuration which is useful incase a user needs a temporary network address to connect to the Internet
  42. 42. PPTP• Network protocol that allows secure transfer of data from a remote client to a private server• It is the Microsoft VPN encryption protocol• The three processes involved in PPTP are: – PPTP connection and communication – PPTP control connection – PPTP data tunnelling
  43. 43. IPSec• Protocol set that was developed by Internet Engineering Task Force (IETF) for providing security to a packet at the network level• IPSec operates in two modes: – Transport Mode – Tunnel Mode
  44. 44. SSL• SSL is a protocol developed by Netscape for transmitting private documents over the Internet.• Web pages that use SSL have URLs starting with https• Different services provided by SSL for the data received by application layer are: – Fragmentation – Compression – Message Integrity – Confidentiality – Framing