Network security


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Network security

  1. 1. SUBMITTED BY-Himanshu VarshneyaB.Tech.-IT(VIII Semester) IIMET, Jaipur
  2. 2.  What is security Why do we need security Basic Terminology Security Management Attacks Others Securities Wireless Security Firewall Virtual Private Network
  3. 3.  Freedom from risk or danger; safety. Freedom from doubt, anxiety, or fear; confidence. Information Security - Information security = confidentiality + integrity + availability + authentication Authorization of access to data in a network, which is controlled by the network administrator.
  4. 4.  To prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Protect vital information while still allowing access to those who need it. Provide authentication and access control for resource. Guarantee availability of resources. To prevent malicious attacks from hacking and spamming
  5. 5.  Identification Authentication Access Control (Authorization) Confidentiality Integrity Nonrepudiation Availability
  6. 6.  Homes & Small Businesses Basic Firewall , Basic Antivirus software, Passwords for all accounts. Medium businesses Strong Firewall, Internet Security Software, Virtual Private Network. Large businesses Strong Firewall and Proxy, Strong Antivirus software, Physical Security Management Large government Strong Firewall and Proxy, Strong Encryption, Whitelist authorized wireless connection
  7. 7.  Passive Attacks  Wiretapping  Port scanner  Idle scan Active Attacks  Denial-of-service attack  Spoofing  Man in the middle  ARP poisoning  Smurf attack  Buffer overflow  Heap overflow  Format string attack  SQL injection
  8. 8.  Cloud computing security A set of policies, technologies, and controls to protect data, applications. Crime ware A class of malware designed specifically to automate cybercrime. Cyber security standards ISO/IEC 27002 IT Baseline Protection Catalogs Data loss prevention Information Leak Detection and Prevention (ILDP) Information Leak Prevention (ILP) Content Monitoring and Filtering (CMF) Information Protection and Control (IPC)
  9. 9.  Wireless security is the prevention of unauthorized access or damage to computers using wireless networks. WLAN uses spread-spectrum or OFDM modulation technology wireless security are Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA) Wireless Intrusion Prevention Systems (WIPS) or Wireless Intrusion Detection Systems (WIDS) common used technique.  Ad-hoc networks  Non-traditional networks  Man-in-the-middle attacks  Denial of service
  10. 10. Independent Topology BSS BSS Ad-hoc network
  11. 11.  Infrastructure topology using multiple BSS AP: Access Point AP AP AP BSS BSS wired network
  12. 12.  Effective means of protection a local system or network of systems from network-based security threats while affording access to the outside world via WAN`s or the Internet. Aims:  Establish a controlled link  Protect the premises network from Internet-based attacks  Provide a single choke point
  13. 13.  Design goals:  All traffic from inside to outside must pass through the firewall (physically blocking all access to the local network except via the firewall)  Only authorized traffic (defined by the local security police) will be allowed to pass
  14. 14.  Three common types of Firewalls:  Packet-filtering routers  Applies a set of rules to each incoming IP packet and then forwards or discards the packet  Filter packets going in both directions, policies (discard or forward)  Application-level gateways  Also called proxy server  Acts as a relay of application-level traffic  Circuit-level gateways  Specialized function performed by an Application-level Gateway  Sets up two TCP connections  (Bastion host)  The bastion host serves as a platform for an application-level or circuit-level gateway
  15. 15.  A VPN is a means of transporting traffic in a secure manner over an unsecured network. A VPN usually achieves this by employing some combination of encryption, authentication, and tunneling. "Tunneling" (encapsulation) refers to the process of encapsulating or embedding one network protocol to be carried within the packets of a second network.  Point-to-Point Tunneling Protocol (PPTP);  Layer 2 Tunneling Protocol (L2TP);  Internet Protocol Security (IPSec);  SOCKS.