Network Security


Published on

1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Network Security

  1. 1. Network Security Mike Yoho, Jason Letostak, Brian Hixenbaugh, Todd Saylor
  2. 2. Objectives <ul><li>Know who the attackers are </li></ul><ul><li>Know the kinds of attacks </li></ul><ul><li>Network defenses </li></ul><ul><li>Wireless defenses </li></ul><ul><li>Vulnerability assessment </li></ul><ul><li>Live WEP crack </li></ul>
  3. 3. What is Network Security? <ul><li>That which protects the integrity, confidentiality, and availability of information on devices that store, manipulate, and transmit the information through products, people, and procedures. </li></ul>
  4. 4. Characteristics of Data <ul><li>Confidentiality </li></ul><ul><ul><li>HIPAA, trade secrets, etc. </li></ul></ul><ul><li>Integrity </li></ul><ul><ul><li>Medical records, Criminal records, etc. </li></ul></ul><ul><li>Availability </li></ul><ul><ul><li>Emergency action procedures, Intelligence networks, etc. </li></ul></ul>
  5. 5. Who are the Attackers Types Skill Level Reasons for attack Threat Level Hackers High Ego, display vulnerabilities Low Script Kiddies Low Cause Damage Moderate Employees Low Retaliation, Carelessness Moderate Computer Spies Very High Money High Cyber Criminals High Money, Fraud High Cyber Terrorists High Ideology, principles, beliefs Feared
  6. 6. Categories of Attack <ul><li>Denial of Service (DoS Attack) </li></ul><ul><ul><li>Used to overload target’s network resources </li></ul></ul><ul><li>Spoofing </li></ul><ul><ul><li>Impersonate trusted system to gain network access </li></ul></ul><ul><li>Man-in-the-middle </li></ul><ul><ul><li>Collect information from network traffic </li></ul></ul><ul><li>Rogue access point </li></ul><ul><ul><li>Used to bypass a companies external firewall </li></ul></ul><ul><li>Brute Force </li></ul><ul><ul><li>Used to gain access to encrypted data </li></ul></ul>
  7. 7. Network Defences <ul><li>Authentication </li></ul><ul><li>Firewalls </li></ul><ul><li>Intrusion DetectionPrevention Systems </li></ul><ul><li>Virtual Private Networks </li></ul>
  8. 8. Authentication <ul><li>Remote Authentication Dial-in User Service (RADIUS) </li></ul><ul><li>Strong passwords </li></ul>
  9. 9. Firewalls <ul><li>Inspect incoming and outgoing packets </li></ul><ul><li>Block traffic according to rules </li></ul><ul><li>More advances systems can restrict individual applications </li></ul>
  10. 10. Intrusion Detection/Prevention Systems <ul><li>Detect and report/block suspicious network traffic activity </li></ul><ul><li>Able to learn normal network traffic patterns </li></ul>
  11. 11. Virtual Private Networks
  12. 12. Wireless Network Security <ul><li>Wired Equivalent Protection (WEP) </li></ul><ul><li>Wi-Fi Protected Access (WPA, WPA2) </li></ul><ul><li>Service Set Identifiers (SSID) </li></ul>
  13. 13. Wired Equivalent Protection (WEP) <ul><li>Designed to be roughly as secure as a wired connection </li></ul><ul><li>Uses 24 bit initialization vector </li></ul><ul><li>Found to be relatively easy to crack </li></ul><ul><li>Superseded in 2003 by WPA </li></ul>
  14. 14. Wi-Fi Protected Access (WPA, WPA2) <ul><li>Created after WEP found vulnerable </li></ul><ul><li>WPA with temporal key integrity protocol (TKIP) release as a stop-gap to replace WEP </li></ul><ul><li>WPA2 completed in 2004 </li></ul><ul><ul><li>Pre-shared key encryption (PSK) </li></ul></ul><ul><ul><li>Support for protected extensible authentication protocol (PEAP) </li></ul></ul>
  15. 15. Service Set Identifier (SSID) <ul><li>Identifier used to differentiate wireless access points </li></ul><ul><li>Can be set to not broadcast adding a low level of security </li></ul><ul><li>Should be changed from the default to help protect from WPA brute force attacks </li></ul>
  16. 16. Vulnerability Assessment <ul><li>Port Scanning </li></ul><ul><li>Protocol analyzer </li></ul><ul><li>Vulnerability scanner </li></ul><ul><li>Password Cracking </li></ul><ul><li>Penetration Testing </li></ul>
  17. 17. Port Scanning <ul><li>Scanner analyzes the ports on a network and determines if they are: </li></ul><ul><ul><li>Open: actively listening and accepting connections </li></ul></ul><ul><ul><li>Closed: port is not accepting connections </li></ul></ul><ul><ul><li>Filtered : no response from the scanned system. </li></ul></ul><ul><li>Tool: nMap(Windows/Linux) </li></ul>
  18. 18. nMAP
  19. 19. Protocol Analyzers <ul><li>Also known as Packet Sniffer </li></ul><ul><ul><li>Logs network traffic </li></ul></ul><ul><ul><li>Analyzes packets </li></ul></ul><ul><ul><li>Attempts to decrypt packets </li></ul></ul><ul><li>Tool: WireShark(Windows/Linux) </li></ul>
  20. 20. WireShark
  21. 21. Vulnerability Scanner <ul><li>Software designed to: </li></ul><ul><ul><li>Map all network devices </li></ul></ul><ul><ul><li>Scan network/system </li></ul></ul><ul><ul><li>Find Vulnerabilities </li></ul></ul><ul><ul><li>Give suggestions on how to make secure </li></ul></ul><ul><li>Doubled Edge Sword </li></ul><ul><li>Tool: Nessus </li></ul>
  22. 22. Nessus
  23. 23. Password Cracking <ul><li>Software that employs various algorithms in an attempt to discover passwords. </li></ul><ul><li>Keyloggers, Cross-Scripting, Dictionary Tables, Rainbow tables. </li></ul><ul><li>Tool: Hydra (Online), Rainbow Crack (Offline) </li></ul>
  24. 24. Hydra
  25. 25. Rainbow Crack
  26. 26. Penetration Testing <ul><li>Method of evaluating the security of a computer system or network by simulating an attack from a malicious source. </li></ul><ul><li>“ Ethical Hacker” is hired to perform </li></ul><ul><ul><li>Security Audit </li></ul></ul><ul><ul><li>Exploit vulnerabilities </li></ul></ul><ul><ul><li>Help secure the week points. </li></ul></ul><ul><li>Tool: Back Track 4 </li></ul>
  27. 27. Live WEP Crack Demonstration <ul><li>Using Ubuntu with Backtrack 4 </li></ul><ul><li>Decrypt a 128 bit authentication key </li></ul><ul><li>WEP key: </li></ul><ul><ul><li>43:40:9f:91:d5:33:03:9e:6e:5b:60:dd:6c </li></ul></ul>
  28. 28. Conclusion <ul><li>“ The only truly secure computer, is a dead computer.” –Ransel Yoho III, Network Security Architect </li></ul><ul><ul><li>Education of users & administrators – first line of defense </li></ul></ul><ul><ul><li>Use software to test network vulnerability regularly </li></ul></ul><ul><ul><li>Although new security methods will be developed, remember that no network will ever be completely un-hackable </li></ul></ul>