This document discusses network security and outlines common threats and countermeasures. It begins by defining security as freedom from harm caused by others. It then outlines organizations that are vulnerable to network attacks, such as financial institutions, governments, and corporations. Common attacks are discussed like denial of service attacks, software exploits, packet sniffing, and social engineering. Countermeasures recommended include antivirus software, firewalls, intrusion detection systems, virtual private networks, and network access control to monitor devices and users on the network. The document emphasizes the importance of staying aware of security updates to patch vulnerabilities.

1. Network Security
-Be aware! Connect with care
Presented By:
Jaydeep Patel
Analyst @ BHP

2. Outline
▰ What is Security?
▰ Requirements of Network Security.
▰ Vulnerable to the Network
▰ Common Attacks and Threats
▰ Countermeasures
2

3. What is Security ?

4. Security
4
▰ Security is freedom from, or resilience
against, potential harm caused by others.

5. “Security in IT is like locking your house or
car – it dosen’t stop the bad guys, but if
it’s good enough they may move on to an
easier target.
– Paul Herbka (Cyber Security, GCI)
5

6. Vulnerable to the Network Security
▰ Financial institutions and banks
▰ Internet service providers
▰ Pharmaceutical companies
▰ Government and defence agencies
▰ Contractors to various government
agencies
▰ Multinational corporations
▰ ANYONE ON THE NETWORK
6

7. Common Attacks and Threats
Computer Networks are the battlefields of Now…!!
7

8. 8
▰ Finding a way into the Network
▰ Exploiting software bugs, buffer Overflow
▰ Denial of Service
▰ TCP Hijacking
▰ Packet Sniffing
▰ Social Engineering
Common Attacks and Threats

9. Finding a way into the Network
▰ Connecting to a Network Physically
▰ Connecting to a Wireless network
▰ Accessing Remotely by Backdoors.
9

10. Exploiting software bugs, buffer Overflow
▰ Network Application Backdoors, software Backdoors, open Network
Ports.
10

11. Denial of Service
▰ A method to make a network service unusable, usually by overloading the
server or network
▰ different kinds of DoS attacks
○ SYN flooding
○ SMURF
○ Distributed attacks
11

12. The Largest DDoS attack of all the Time
12
▰ Date : February, 2018
▰ Target : GitHub – A popular code management service used by
millions of developers
▰ Peak Incoming Traffic : 1.3 Terabytes per Second (Tbps)
▰ Packet Rate : 126.9 Million per second
▰ Type of Attack : Memcached DDoS attack
▰ Magnitude : Around 50,000x
▰ Length of Attack : 20 Minutes

13. TCP Hijacking
▰ TCP session hijacking is a security attack on a user session over a
protected network.
▰ Another type of session hijacking is known as a man-in-the-middle
attack, where the attacker, using a sniffer, can observe the
communication between devices and collect the data that is
transmitted.
13

14. Packet Sniffing
▰ Packet sniffers work by intercepting and logging network traffic that
they can 'see' via the wired or wireless network interface that the packet
sniffing software has access to on its host computer.
14

15. Social Engineering
▰ Social engineering, in the context of information
security, refers to psychological manipulation of
people into performing actions or divulging
confidential information.
15

16. Countermeasures
True Network Security is preparing for
what’s next , not what was last.
16

17. The Best Solution
17

18. Antivirus and Antimalware Software
▰ This software is used for protecting against malware, which includes
spyware, ransomware, Trojans, worms, and viruses. Malware can also
become very dangerous as it can infect a network and then remain calm for
days or even weeks. This software handles this threat by scanning for
malware entry and regularly tracks files afterward in order to detect
anomalies, remove malware, and fix damage.
18

19. Firewalls
▰ A firewall is a network security system that monitors and controls
incoming and outgoing network traffic based on predetermined
security rules. A firewall typically establishes a barrier between a
trusted internal network and untrusted external network, such as
the Internet.
19

20. Intrusion Detection System
▰ An intrusion detection system is a device or software application that
monitors a network or systems for malicious activity or policy violations.
Any malicious activity or violation is typically reported either to an
administrator or collected centrally using a security information and
event management system.
20

21. Virtual Private Network
▰ A virtual private network (VPN) is programming that creates
a safe and encrypted connection over a less secure network,
such as the public internet. A VPN works by using the shared
public infrastructure while maintaining privacy through
security procedures and tunnelling protocols.
21

22. Network Access Control (NAC)
▰ This network security process helps you to control who can access your
network. It is essential to recognize each device and user in order to keep
out potential attackers. This indeed will help you to enforce your security
policies. Noncompliant endpoint devices can be given only limited access
or just blocked.
22

23. Conclusion
▰ The Internet works only because we implicitly trust one another
▰ It is very easy to exploit this trust
▰ The same holds true for software
▰ It is important to stay on top of the latest CERT security advisories to know
how to patch any security holes
23

24. Time to Q & A
24

25. Thank You
25