SlideShare a Scribd company logo

need for NS.ppt

Download as PPT, PDF
L
LahiruRatnayake2

network security essentials

Technology
1 of 25
THE NEED FOR NETWORK SECURITY By Lahiru Ratnayake ( MBA(My), BSc(UK), DNIIT(in), IPICT, Dip. Network Eng. )
The Need for Web Security 2 PRESENTATION OBJECTIVES  Understand information security services  Be aware of vulnerabilities and threats  Realize why network security is necessary  What are the elements of a comprehensive security program
The Need for Web Security 3 TRENDS FOR INFORMATION  More information is being created, stored, processed and communicated using computers and networks  Computers are increasingly interconnected, creating new pathways to information assets  The threats to information are becoming more widespread and more sophisticated  Productivity, competitiveness, are tied to the first two trends  Third trend makes it inevitable that we are increasingly vulnerable to the corruption or exploitation of information INFORMATION IS THE MOST VALUABLE ASSET
The Need for Web Security 4 Information Security Services  Confidentiality  Integrity  Authentication  Nonrepudiation  Access Control  Availability
The Need for Web Security 5 Information Security Services  Confidentiality  Maintaining the privacy of data  Integrity  Detecting that the data is not tampered with  Authentication  Establishing proof of identity  Nonrepudiation  Ability to prove that the sender actually sent the data  Access Control  Access to information resources are regulated  Availability  Computer assets are available to authorized parties when needed
The Need for Web Security 6  Collection of networks that communicate  with a common set of protocols (TCP/IP)  Collection of networks with  no central control  no central authority  no common legal oversight or regulations  no standard acceptable use policy  “wild west” atmosphere What Is The Internet?
The Need for Web Security 7 Why Is Internet Security a Problem?  Security not a design consideration  Implementing change is difficult  Openness makes machines easy targets  Increasing complexity
The Need for Web Security 8 Common Network Security Problems  Network eavesdropping  Malicious Data Modification  Address spoofing (impersonation)  ‘Man in the Middle’ (interception)  Denial of Service attacks  Application layer attacks
The Need for Web Security 9 Security Incidents are Increasing Sophistication of Hacker Tools 1990 1980 Technical Knowledge Required High Low 2000 -from Cisco Systems
The Need for Web Security 10 HACKED WWW HOMEPAGES 11/29/96 CIA HOMEPAGE DOJ HOMEPAGE USAF HOMEPAGE
The Need for Web Security 11 Problem is Worsening 60000 50000 40000 30000 20000 10000 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 Jerusalem Tequila Michelangelo Good Times Melissa & ILOVEYOU Anna Kournikova Code Red Nimda Badtrans Source: CERT® Coordination Center Carnegie Mellon
The Need for Web Security 13 VIRUSES Risk Threat Discovered Protection TROJ_SIRCAM.A New !! Latest DAT W32.Navidad 11/03/2000 11/06/2000 W95.MTX 8/17/2000 8/28/2000 W32.HLLW.QAZ.A 7/16/2000 7/18/2000 VBS.Stages.A 6/16/2000 6/16/2000 VBS.LoveLetter 5/04/2000 5/05/2000 VBS.Network 2/18/2000 2/18/2000 Wscript.KakWorm 12/27/1999 12/27/1999 W32.Funlove.4099 11/08/1999 11/11/1999 PrettyPark.Worm 6/04/1999 6/04/1999 Happy99.Worm 1/28/1999 1/28/1999
The Need for Web Security 14 Consider that…  90% of companies detected computer security breaches in the last 12 months  59% cited the Internet as the most frequent origin of attack  74% acknowledged financial losses due to computer breaches  85% detected computer viruses Source: Computer Security Institute
The Need for Web Security 15 WHO ARE THE OPPONENTS?  49% are inside employees on the internal network  17% come from dial-up (still inside people)  34% are from Internet or an external connection to another company of some sort HACKERS
The Need for Web Security 16 HACKER MOTIVATIONS  Money, profit  Access to additional resources  Experimentation and desire to learn  “Gang” mentality  Psychological needs  Self-gratification  Personal vengeance  Emotional issues  Desire to embarrass the target
The Need for Web Security 17 Internet Security? Spoofing Replay Attack
The Need for Web Security 18 What Do People Do When They Hear All These?  Take the risks!  But there are solutions  Ignoring the situation is not one of them
The Need for Web Security 19 THE MOST COMMON EXCUSES  So many people are on the Internet, I'm just a face in the crowd. No one would pick me out.  I'm busy. I can't become a security expert--I don't have time, and it's not important enough  No one could possibly be interested in my information  Anti-virus software slows down my processor speed too much.  I don't use anti-virus software because I never open viruses or e-mail attachments from people I don't know.
The Need for Web Security 20 SANS Five Worst Security Mistakes End Users Make 1. Opening unsolicited e-mail attachments without verifying their source and checking their content first. 2. Failing to install security patches-especially for Microsoft Office, Microsoft Internet Explorer, and Netscape. 3. Installing screen savers or games from unknown sources. 4. Not making and testing backups. 5. Using a modem while connected through a local area network.
The Need for Web Security 21 SECURITY COUNTERMEASURES THREE PHASE APPROACH PROTECTION DETECTION RESPONSE
The Need for Web Security 22 ELEMENTS OF A COMPREHENSIVE SECURITY PROGRAM  Have Good Passwords  Use Good Antiviral Products  Use Good Cryptography  Have Good Firewalls  Have a Backup System  Audit and Monitor Systems and Networks  Have Training and Awareness Programs  Test Your Security Frequently
The Need for Web Security 23 CRYPTOGRAPHY Necessity is the mother of invention, and computer networks are the mother of modern cryptography. Ronald L. Rivest  Symmetric Key Cryptography  Public Key Cryptography  Digital Signatures
The Need for Web Security 24 Firewall Visible IP Address Internal Network PC Servers Host A system or group of systems that enforces an access control policy between two networks.
The Need for Web Security 25
The Need for Web Security 26 THANK YOU I have questions…

Recommended

Network security
Network securityNetwork security
Network securityAkhilesh Jain
 
Network security
Network securityNetwork security
Network securityNikhil Vyas
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityBryCunal
 
Cscu module 01 foundations of security
Cscu module 01 foundations of securityCscu module 01 foundations of security
Cscu module 01 foundations of securitySejahtera Affif
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptxJoselitoJMebolos
 
Cyber Security: A Hands on review
Cyber Security: A Hands on reviewCyber Security: A Hands on review
Cyber Security: A Hands on reviewMiltonBiswas8
 
hacker culture
hacker culturehacker culture
hacker cultureAmy McMullin
 
network security ppt.pptx
network security ppt.pptxnetwork security ppt.pptx
network security ppt.pptxKellyIsaac3
 

Recommended

Network security
Network securityNetwork security
Network securityAkhilesh Jain
 
Network security
Network securityNetwork security
Network securityNikhil Vyas
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityBryCunal
 
Cscu module 01 foundations of security
Cscu module 01 foundations of securityCscu module 01 foundations of security
Cscu module 01 foundations of securitySejahtera Affif
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptxJoselitoJMebolos
 
Cyber Security: A Hands on review
Cyber Security: A Hands on reviewCyber Security: A Hands on review
Cyber Security: A Hands on reviewMiltonBiswas8
 
hacker culture
hacker culturehacker culture
hacker cultureAmy McMullin
 
network security ppt.pptx
network security ppt.pptxnetwork security ppt.pptx
network security ppt.pptxKellyIsaac3
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data ProtectionUthsoNandy
 
Cyber Security.pptx
Cyber Security.pptxCyber Security.pptx
Cyber Security.pptxNavanathDarwante1
 
Four Network Security Challenges for the Cloud Generation
Four Network Security Challenges for the Cloud GenerationFour Network Security Challenges for the Cloud Generation
Four Network Security Challenges for the Cloud GenerationAboutSSL
 
Presentation1_CYBERCRIME.pptx
Presentation1_CYBERCRIME.pptxPresentation1_CYBERCRIME.pptx
Presentation1_CYBERCRIME.pptxNitishChoudhary23
 
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
6.Copyright © 2014 Pearson Education, Inc. Securing I.docxalinainglis
 
Honey Pot Intrusion Detection System
Honey Pot Intrusion Detection SystemHoney Pot Intrusion Detection System
Honey Pot Intrusion Detection SystemInternational Journal of Engineering Inventions www.ijeijournal.com
 
Cyber security
Cyber securityCyber security
Cyber securityKrishanu Ghosh
 
network security ppt.pptx
network security ppt.pptxnetwork security ppt.pptx
network security ppt.pptxMijanurSepai1
 
network_security_ppt[1].pptx
network_security_ppt[1].pptxnetwork_security_ppt[1].pptx
network_security_ppt[1].pptxME1923SoumyaSouravNa
 
Hamza
HamzaHamza
HamzaHamzaBaqee
 
INT 1010 10-3.pdf
INT 1010 10-3.pdfINT 1010 10-3.pdf
INT 1010 10-3.pdfLuis R Castellanos
 
Forensics
ForensicsForensics
ForensicsLaura Aviles
 
Event - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersEvent - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersSomyos U.
 
Network security ppt
Network security pptNetwork security ppt
Network security pptOECLIB Odisha Electronics Control Library
 
Cyber security
Cyber securityCyber security
Cyber securityMurugesanMurugesan12
 
MainPaper_4.0
MainPaper_4.0MainPaper_4.0
MainPaper_4.0varun4110
 
188
188188
188vivatechijri
 
3Nov Challanges to Inernal Security.pptx
3Nov Challanges to Inernal Security.pptx3Nov Challanges to Inernal Security.pptx
3Nov Challanges to Inernal Security.pptxssuser84f16f
 
cybersecurity essay.docx
cybersecurity essay.docxcybersecurity essay.docx
cybersecurity essay.docxssuser719d6b
 
Intrusion Detection Techniques In Mobile Networks
Intrusion Detection Techniques In Mobile NetworksIntrusion Detection Techniques In Mobile Networks
Intrusion Detection Techniques In Mobile NetworksIOSR Journals
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 

More Related Content

Similar to need for NS.ppt

Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data ProtectionUthsoNandy
 
Four Network Security Challenges for the Cloud Generation
Four Network Security Challenges for the Cloud GenerationFour Network Security Challenges for the Cloud Generation
Four Network Security Challenges for the Cloud GenerationAboutSSL
 
Presentation1_CYBERCRIME.pptx
Presentation1_CYBERCRIME.pptxPresentation1_CYBERCRIME.pptx
Presentation1_CYBERCRIME.pptxNitishChoudhary23
 
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
6.Copyright © 2014 Pearson Education, Inc. Securing I.docxalinainglis
 
network security ppt.pptx
network security ppt.pptxnetwork security ppt.pptx
network security ppt.pptxMijanurSepai1
 
Event - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersEvent - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersSomyos U.
 
MainPaper_4.0
MainPaper_4.0MainPaper_4.0
MainPaper_4.0varun4110
 
3Nov Challanges to Inernal Security.pptx
3Nov Challanges to Inernal Security.pptx3Nov Challanges to Inernal Security.pptx
3Nov Challanges to Inernal Security.pptxssuser84f16f
 
cybersecurity essay.docx
cybersecurity essay.docxcybersecurity essay.docx
cybersecurity essay.docxssuser719d6b
 
Intrusion Detection Techniques In Mobile Networks
Intrusion Detection Techniques In Mobile NetworksIntrusion Detection Techniques In Mobile Networks
Intrusion Detection Techniques In Mobile NetworksIOSR Journals
 

Similar to need for NS.ppt (20)

Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
 
Cyber Security.pptx
Cyber Security.pptxCyber Security.pptx
Cyber Security.pptx
 
Four Network Security Challenges for the Cloud Generation
Four Network Security Challenges for the Cloud GenerationFour Network Security Challenges for the Cloud Generation
Four Network Security Challenges for the Cloud Generation
 
Presentation1_CYBERCRIME.pptx
Presentation1_CYBERCRIME.pptxPresentation1_CYBERCRIME.pptx
Presentation1_CYBERCRIME.pptx
 
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
6.Copyright © 2014 Pearson Education, Inc. Securing I.docx
 
Honey Pot Intrusion Detection System
Honey Pot Intrusion Detection SystemHoney Pot Intrusion Detection System
Honey Pot Intrusion Detection System
 
Cyber security
Cyber securityCyber security
Cyber security
 
network security ppt.pptx
network security ppt.pptxnetwork security ppt.pptx
network security ppt.pptx
 
network_security_ppt[1].pptx
network_security_ppt[1].pptxnetwork_security_ppt[1].pptx
network_security_ppt[1].pptx
 
Hamza
HamzaHamza
Hamza
 
INT 1010 10-3.pdf
INT 1010 10-3.pdfINT 1010 10-3.pdf
INT 1010 10-3.pdf
 
Forensics
ForensicsForensics
Forensics
 
Event - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersEvent - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security Perimeters
 
Network security ppt
Network security pptNetwork security ppt
Network security ppt
 
Cyber security
Cyber securityCyber security
Cyber security
 
MainPaper_4.0
MainPaper_4.0MainPaper_4.0
MainPaper_4.0
 
188
188188
188
 
3Nov Challanges to Inernal Security.pptx
3Nov Challanges to Inernal Security.pptx3Nov Challanges to Inernal Security.pptx
3Nov Challanges to Inernal Security.pptx
 
cybersecurity essay.docx
cybersecurity essay.docxcybersecurity essay.docx
cybersecurity essay.docx
 
Intrusion Detection Techniques In Mobile Networks
Intrusion Detection Techniques In Mobile NetworksIntrusion Detection Techniques In Mobile Networks
Intrusion Detection Techniques In Mobile Networks
 

Recently uploaded

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Recently uploaded (20)

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

need for NS.ppt

  • 1. THE NEED FOR NETWORK SECURITY By Lahiru Ratnayake ( MBA(My), BSc(UK), DNIIT(in), IPICT, Dip. Network Eng. )
  • 2. The Need for Web Security 2 PRESENTATION OBJECTIVES  Understand information security services  Be aware of vulnerabilities and threats  Realize why network security is necessary  What are the elements of a comprehensive security program
  • 3. The Need for Web Security 3 TRENDS FOR INFORMATION  More information is being created, stored, processed and communicated using computers and networks  Computers are increasingly interconnected, creating new pathways to information assets  The threats to information are becoming more widespread and more sophisticated  Productivity, competitiveness, are tied to the first two trends  Third trend makes it inevitable that we are increasingly vulnerable to the corruption or exploitation of information INFORMATION IS THE MOST VALUABLE ASSET
  • 4. The Need for Web Security 4 Information Security Services  Confidentiality  Integrity  Authentication  Nonrepudiation  Access Control  Availability
  • 5. The Need for Web Security 5 Information Security Services  Confidentiality  Maintaining the privacy of data  Integrity  Detecting that the data is not tampered with  Authentication  Establishing proof of identity  Nonrepudiation  Ability to prove that the sender actually sent the data  Access Control  Access to information resources are regulated  Availability  Computer assets are available to authorized parties when needed
  • 6. The Need for Web Security 6  Collection of networks that communicate  with a common set of protocols (TCP/IP)  Collection of networks with  no central control  no central authority  no common legal oversight or regulations  no standard acceptable use policy  “wild west” atmosphere What Is The Internet?
  • 7. The Need for Web Security 7 Why Is Internet Security a Problem?  Security not a design consideration  Implementing change is difficult  Openness makes machines easy targets  Increasing complexity
  • 8. The Need for Web Security 8 Common Network Security Problems  Network eavesdropping  Malicious Data Modification  Address spoofing (impersonation)  ‘Man in the Middle’ (interception)  Denial of Service attacks  Application layer attacks
  • 9. The Need for Web Security 9 Security Incidents are Increasing Sophistication of Hacker Tools 1990 1980 Technical Knowledge Required High Low 2000 -from Cisco Systems
  • 10. The Need for Web Security 10 HACKED WWW HOMEPAGES 11/29/96 CIA HOMEPAGE DOJ HOMEPAGE USAF HOMEPAGE
  • 11. The Need for Web Security 11 Problem is Worsening 60000 50000 40000 30000 20000 10000 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 Jerusalem Tequila Michelangelo Good Times Melissa & ILOVEYOU Anna Kournikova Code Red Nimda Badtrans Source: CERT® Coordination Center Carnegie Mellon
  • 12. The Need for Web Security 13 VIRUSES Risk Threat Discovered Protection TROJ_SIRCAM.A New !! Latest DAT W32.Navidad 11/03/2000 11/06/2000 W95.MTX 8/17/2000 8/28/2000 W32.HLLW.QAZ.A 7/16/2000 7/18/2000 VBS.Stages.A 6/16/2000 6/16/2000 VBS.LoveLetter 5/04/2000 5/05/2000 VBS.Network 2/18/2000 2/18/2000 Wscript.KakWorm 12/27/1999 12/27/1999 W32.Funlove.4099 11/08/1999 11/11/1999 PrettyPark.Worm 6/04/1999 6/04/1999 Happy99.Worm 1/28/1999 1/28/1999
  • 13. The Need for Web Security 14 Consider that…  90% of companies detected computer security breaches in the last 12 months  59% cited the Internet as the most frequent origin of attack  74% acknowledged financial losses due to computer breaches  85% detected computer viruses Source: Computer Security Institute
  • 14. The Need for Web Security 15 WHO ARE THE OPPONENTS?  49% are inside employees on the internal network  17% come from dial-up (still inside people)  34% are from Internet or an external connection to another company of some sort HACKERS
  • 15. The Need for Web Security 16 HACKER MOTIVATIONS  Money, profit  Access to additional resources  Experimentation and desire to learn  “Gang” mentality  Psychological needs  Self-gratification  Personal vengeance  Emotional issues  Desire to embarrass the target
  • 16. The Need for Web Security 17 Internet Security? Spoofing Replay Attack
  • 17. The Need for Web Security 18 What Do People Do When They Hear All These?  Take the risks!  But there are solutions  Ignoring the situation is not one of them
  • 18. The Need for Web Security 19 THE MOST COMMON EXCUSES  So many people are on the Internet, I'm just a face in the crowd. No one would pick me out.  I'm busy. I can't become a security expert--I don't have time, and it's not important enough  No one could possibly be interested in my information  Anti-virus software slows down my processor speed too much.  I don't use anti-virus software because I never open viruses or e-mail attachments from people I don't know.
  • 19. The Need for Web Security 20 SANS Five Worst Security Mistakes End Users Make 1. Opening unsolicited e-mail attachments without verifying their source and checking their content first. 2. Failing to install security patches-especially for Microsoft Office, Microsoft Internet Explorer, and Netscape. 3. Installing screen savers or games from unknown sources. 4. Not making and testing backups. 5. Using a modem while connected through a local area network.
  • 20. The Need for Web Security 21 SECURITY COUNTERMEASURES THREE PHASE APPROACH PROTECTION DETECTION RESPONSE
  • 21. The Need for Web Security 22 ELEMENTS OF A COMPREHENSIVE SECURITY PROGRAM  Have Good Passwords  Use Good Antiviral Products  Use Good Cryptography  Have Good Firewalls  Have a Backup System  Audit and Monitor Systems and Networks  Have Training and Awareness Programs  Test Your Security Frequently
  • 22. The Need for Web Security 23 CRYPTOGRAPHY Necessity is the mother of invention, and computer networks are the mother of modern cryptography. Ronald L. Rivest  Symmetric Key Cryptography  Public Key Cryptography  Digital Signatures
  • 23. The Need for Web Security 24 Firewall Visible IP Address Internal Network PC Servers Host A system or group of systems that enforces an access control policy between two networks.
  • 24. The Need for Web Security 25
  • 25. The Need for Web Security 26 THANK YOU I have questions…