Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
   ACLs typically reside on routers to determine which    devices are allowed to access them based on the    requesting d...
   Basicly ACL use IP address for filtering packet but    now also use port number.
   ACLs are configured either to apply to inbound    traffic or to apply to outbound traffic.
   ACLs are configured either to apply to inbound    traffic or to apply to outbound traffic.
   There are two types of Cisco ACLs, standard and    extended.      Standard ACLs allow you to permit or deny traffic  ...
   The first is a concept called tunneling, which    basically means encapsulating one protocol within    another to ensu...
   Virtual Private Network (VPN)     Remote access VPNs     Site-to-site VPNs     Extranet VPNs
   This security protocol was developed by Netscape to work    with its browser. It’s based on Rivest, Shamir, and Adlema...
   Layer 2 Tunneling Protocol (L2TP), which was    created by the Internet Engineering Task    Force (IETF). It comes in ...
   just mentioned Point to Point Tunneling Protocol    (PPTP).   PPTP acts by combining an unsecured Point to Point    P...
   The two major protocols you’ll find working in    IPSec are the Authentication Header (AH) and    Encapsulating Securi...
   Encryption works by running the data (which    when encoded is represented as numbers)    through a special encryption...
   Private Encryption Keys    Private keys are commonly referred to as symmetrical keys.    Using private-key encryption,...
   Public Key Encryption    Public key encryption uses the Diffie-Hellman algorithm, which    employs a public key and a ...
   Disabling Accounts   Managing Account   Password-Management Features
   Public Key Infrastructure (PKI)    Public Key Infrastructure (PKI) is a system that links    users to public key that ...
   Public Key Infrastructure (PKI)
   Kerberos, created at MIT, isn’t just a protocol, it’s    an entire security system that establishes a user’s    identi...
   RADIUS    RADIUS is an authentication and accounting service that’s used for    verifying users over various types of ...
   The Terminal Access Controller Access-Control System Plus    (TACACS+) protocol is an alternative AAA method to RADIUS...
   Denial of Service (DoS)    A denial of service (DoS) attack does exactly what it sounds    like it would do—it prevent...
   It’s a version of a DoS attack that floods its    victim with spoofed broadcast ping messages
   They’re called distributed denial of service (DDos)    attacks and also make use of IP spoofing
   File Viruses   Macro Viruses   Boot-Sector Viruses   Multipartite Viruses
   Functionally, or not so much if your computer    happens to have been infected with one, worms are    a lot like virus...
   IP Spoofing    IP spoofing is the process of sending packets with    a fake source address that makes it look like tho...
   Backdoors    Backdoors are simply paths leading into a    computer or network. From simple invasions to    elaborate T...
   Packet Sniffers    A packet sniffer is a software tool that can be    incredibly  effective in  troubleshooting a    p...
   A man-in-the-middle attack happens when    someone intercepts packets intended for one    computer and reads the data.
   rogue access point is one that’s been    installed on a network without the    administrator’s knowledge.
   Social engineering, or phishing, refers to the    act of attempting to illegally obtain sensitive    information by pr...
   Active Detection   Passive Detection   Proactive Defense
   Security Policies    It should precisely define how security is to    be implemented within an organization and    inc...
   Security Policies    It should precisely define how security is to    be implemented within an organization and    inc...
   Firewalls are usually a combination of hardware    and software. The hardware part is usually a    router, but it can ...
   A network-based firewall is what companies use to protect    their private network from public networks. The defining ...
   host-based firewall is implemented on a single machine so it    only protects that one machine. This type of firewall ...
   Demilitarized Zone (DMZ)    Most firewalls in use today implement something called a    demilitarized zone (DMZ), whic...
   Proxy Services    Firewalls can also implement something called proxy services,    which actually makes them proxy ser...
   Proxy Services
   The first firewalls that were developed functioned solely at    the Network layer, and the earliest of these were know...
   Basic packet filter doesn’t care about whether the packet it is    examining is stand-alone or part of a bigger messag...
   There are two ways IDS systems can detect attacks or    intrusions. The first is based on the signature of an intrusio...
   network-based IDS (NIDS), where the IDS system is a separate    device attached to the network via a machine like a sw...
   In a host-based IDS (HIDS), software runs on one    computer to detect abnormalities on that system    alone by monito...
   A VPN concentrator is a device that creates remote access for    virtual private networks (VPNs) either for users logg...
Network security
Network security
Network security
Network security
Network security
Network security
Network security
Network security
Network security
Upcoming SlideShare
Loading in …5
×

Network security

641 views

Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Network security

  1. 1.  ACLs typically reside on routers to determine which devices are allowed to access them based on the requesting device’s Internet Protocol (IP) address.
  2. 2.  Basicly ACL use IP address for filtering packet but now also use port number.
  3. 3.  ACLs are configured either to apply to inbound traffic or to apply to outbound traffic.
  4. 4.  ACLs are configured either to apply to inbound traffic or to apply to outbound traffic.
  5. 5.  There are two types of Cisco ACLs, standard and extended.  Standard ACLs allow you to permit or deny traffic from source IP addresses.  Extended ACLs filter IP packets based on several attributes, for example, protocol type, source and IP address, destination IP address, source TCP or UDP ports, destination TCP or UDP ports, and optional protocol type information for finer granularity of control.
  6. 6.  The first is a concept called tunneling, which basically means encapsulating one protocol within another to ensure that a transmission is secure.
  7. 7.  Virtual Private Network (VPN)  Remote access VPNs  Site-to-site VPNs  Extranet VPNs
  8. 8.  This security protocol was developed by Netscape to work with its browser. It’s based on Rivest, Shamir, and Adleman (RSA) public-key encryption and used to enable secure Session-layer connections over the Internet between a web browser and a web server
  9. 9.  Layer 2 Tunneling Protocol (L2TP), which was created by the Internet Engineering Task Force (IETF). It comes in handy for supporting non-TCP IP protocols in VPNs over the Internet.
  10. 10.  just mentioned Point to Point Tunneling Protocol (PPTP). PPTP acts by combining an unsecured Point to Point Protocol (PPP) session with a secured session using the Generic Routing Encapsulation (GRE) protocol.
  11. 11.  The two major protocols you’ll find working in IPSec are the Authentication Header (AH) and Encapsulating Security Payload (ESP). AH serves up authentication services only—no encryption but ESP provides both authentication and encryption abilities.
  12. 12.  Encryption works by running the data (which when encoded is represented as numbers) through a special encryption formula called a key that the designated sending and receiving devices both ―know.‖
  13. 13.  Private Encryption Keys Private keys are commonly referred to as symmetrical keys. Using private-key encryption, both the sender and receiver have the same key and use it to encrypt and decrypt all messages  DES  56-bit key  3DES  168 – bit key  The Advanced Encryption Standard (AES)  128, 192, or 256 bits
  14. 14.  Public Key Encryption Public key encryption uses the Diffie-Hellman algorithm, which employs a public key and a private key to encrypt and decrypt data. The sending machine’s public key is used to encrypt a message to the receiving machine that it uses to decrypt the message with a private key.
  15. 15.  Disabling Accounts Managing Account Password-Management Features
  16. 16.  Public Key Infrastructure (PKI) Public Key Infrastructure (PKI) is a system that links users to public key that verifies the user’s identity by using a certificate authority (CA).
  17. 17.  Public Key Infrastructure (PKI)
  18. 18.  Kerberos, created at MIT, isn’t just a protocol, it’s an entire security system that establishes a user’s identity when they first log on to a system that’s running it.
  19. 19.  RADIUS RADIUS is an authentication and accounting service that’s used for verifying users over various types of links, including dial-up. Many ISPs use a RADIUS server to store the usernames and passwords of their clients in a central spot through which connections are configured to pass authentication requests
  20. 20.  The Terminal Access Controller Access-Control System Plus (TACACS+) protocol is an alternative AAA method to RADIUS. Here are two major differences between TACACS+ and RADIUS:  RADIUS combines user authentication and authorization i NN nto one profile, but TACACS+ separates the two.  TACACS+ utilizes the connection-based TCP protocol, but RADIUS uses UDP instead.
  21. 21.  Denial of Service (DoS) A denial of service (DoS) attack does exactly what it sounds like it would do—it prevents users from accessing the network and/or its resources. Example of DoS: The Ping of Death Ping 192.168.131.67 -l 65000
  22. 22.  It’s a version of a DoS attack that floods its victim with spoofed broadcast ping messages
  23. 23.  They’re called distributed denial of service (DDos) attacks and also make use of IP spoofing
  24. 24.  File Viruses Macro Viruses Boot-Sector Viruses Multipartite Viruses
  25. 25.  Functionally, or not so much if your computer happens to have been infected with one, worms are a lot like viruses—only worse because they’re much harder to stop. Worms can actively replicate without requiring you to do anything like open an infected file.
  26. 26.  IP Spoofing IP spoofing is the process of sending packets with a fake source address that makes it look like those packets actually originate from within the network that the hacker is trying to attack.
  27. 27.  Backdoors Backdoors are simply paths leading into a computer or network. From simple invasions to elaborate Trojan Horses, villains can use their previously placed inroads into a specific host or a network whenever they want to.
  28. 28.  Packet Sniffers A packet sniffer is a software tool that can be incredibly effective in troubleshooting a problematic network but that can also be a hacker’s friend.
  29. 29.  A man-in-the-middle attack happens when someone intercepts packets intended for one computer and reads the data.
  30. 30.  rogue access point is one that’s been installed on a network without the administrator’s knowledge.
  31. 31.  Social engineering, or phishing, refers to the act of attempting to illegally obtain sensitive information by pretending to be a credible source.
  32. 32.  Active Detection Passive Detection Proactive Defense
  33. 33.  Security Policies It should precisely define how security is to be implemented within an organization and include physical security, document security, and network security. Security Audit A security audit is a thorough examination of your network that includes testing all its components to make sure everything is secure.
  34. 34.  Security Policies It should precisely define how security is to be implemented within an organization and include physical security, document security, and network security. Security Audit A security audit is a thorough examination of your network that includes testing all its components to make sure everything is secure.
  35. 35.  Firewalls are usually a combination of hardware and software. The hardware part is usually a router, but it can also be a computer or a dedicated piece of hardware called a black box that has two Network Interface Cards (NICs) in it. One of the NICs connects to the public side, and the other one connects to the private side. The software part is configured to control how the firewall actually works to protect your network by scrutinizing each incoming and outgoing packet and rejecting any suspicious ones.
  36. 36.  A network-based firewall is what companies use to protect their private network from public networks. The defining characteristic of this type of firewall is that it’s designed to protect an entire network of computers instead of just one system, and it’s usually a combination of hardware and software
  37. 37.  host-based firewall is implemented on a single machine so it only protects that one machine. This type of firewall is usually a software implementation, because you don’t need any additional hardware in your personal computer to run it. All current Windows client operating systems come with Windows Firewall, which is a great example of a host-based solution
  38. 38.  Demilitarized Zone (DMZ) Most firewalls in use today implement something called a demilitarized zone (DMZ), which, as its name implies, is a network segment that isn’t public or local but halfway between the two. A standard DMZ setup typically (but not always) has two or three network cards in the firewall computer.  The first goes to the Internet  Second one goes to the network segment where the commonly targeted servers exist that I recommended be placed in the DMZ  Third connects to your intranet.
  39. 39.  Proxy Services Firewalls can also implement something called proxy services, which actually makes them proxy servers, or proxies for short. Let’s say an internal client sends a request to an external host on the Internet. That request will get to the proxy server first, where it will be examined, broken down, and handled by an application that will create a new packet requesting Information from the external server.
  40. 40.  Proxy Services
  41. 41.  The first firewalls that were developed functioned solely at the Network layer, and the earliest of these were known as packet-filter firewalls. I covered packet filtering a bit earlier in this chapter; as a refresher, all it means is that the firewall looks at an incoming packet and applies it against the set of rules in the ACL(s).
  42. 42.  Basic packet filter doesn’t care about whether the packet it is examining is stand-alone or part of a bigger message stream. That type of packet filter is said to be stateless, in that it does not monitor the status of the connections passing through it. Stateful firewall is one that keeps track of the various data streams passing through it. If a packet that is a part of an established connection hits the firewall, it’s passed through.
  43. 43.  There are two ways IDS systems can detect attacks or intrusions. The first is based on the signature of an intrusion that’s often referred to as a misuse-detection IDS (MD-IDS). There are two ways IDS systems can detect attacks or intrusions. The first is based on the signature of an intrusion that’s often referred to as a misuse-detection IDS (MD-IDS),
  44. 44.  network-based IDS (NIDS), where the IDS system is a separate device attached to the network via a machine like a switch or directly via a tap.
  45. 45.  In a host-based IDS (HIDS), software runs on one computer to detect abnormalities on that system alone by monitoring applications, system logs, and event logs—not by directly monitoring network traffic.
  46. 46.  A VPN concentrator is a device that creates remote access for virtual private networks (VPNs) either for users logging in remotely or for a large site-to-site VPN. VPNs often allow higher data throughput and provide encryption VPN through a concentrator is usually handled by Internet Protocol Security (IPSec) or by Secure Sockets Layer (SSL), and user authentication can be achieved via Microsoft’s Active Directory, Kerberos, Remote Authentication Dial In User Service (RADIUS), Rivest, Shamir, and Adleman (RSA), and digital certificates.

×