This document summarizes the key topics covered in a class on network security. It introduces common security concepts like authentication, access control, data confidentiality and integrity. It also discusses common security threats like passive attacks, active attacks, and security services defined by the ITU-T standard X.800. The document provides examples of security mechanisms and an outline of the topics to be covered, including a whirlwind tour of computer networks and an anatomy of an attack in five phases.

1. TCSS 431: Network SecurityClass Meeting 2a: Introduction to Network SecurityJoe McCarthy

2. Network Security close to home

3. Hacked Yahoo mail accountsSubject: hi how are you?Date: Sat, 23 Oct 2010 00:43:49 -0700 (PDT)From: * <*@yahoo.com>To: *@gmail.com, *@nokia.com, *@stanford.edu, *@baylegal.org …http://villarentalbyowner.com/index0314.php

4. Hacked Yahoo mail accountsSubject: this account has a virus - feel free to block itDate: Tue, 19 Oct 2010 15:46:27 -0700 (PDT)From: * <*@yahoo.com>To: * <*@gmail.com>Dear friends and colleagues,Some time earlier this year, my yahoo email account "contracted" a virus. As a result of it, my address book is being used to send spam emails to all of you which appear as if they are coming from me. They typically contain links to web sites, promotions, meds, etc.I am very sorry about this annoying cycle. I have tried to correct the problem through Yahoo's customer support. There doesn't seem to be any immediate remedy, as the emails don't originate from me any more. All I can hope is that this eventually wears itself off.Please feel free to block *@yahoo.com. I am switching to using *@gmail.com as my private email. I am also available at *@nokia.com.Thanks,*

5. A few words (& images) aboutPassword Security … some combination of upper and lowercase characters as well as numbers and a few ascii characters at least 13 characters in length … (Example: tH3w0rldi5round!1!)http://blogs.computerworld.com/17547/a_formula_approach_to_generating_passwordshttp://www.passwordmeter.com/

6. Textbook updateNetwork Security: Private Communication in a Public World, 2/EKaufman, Perlman & SpecinerPrentice Hall, 2003Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, 2/ESkoudis & ListonPrentice Hall, 2006

7. Another perspectiveon Network SecurityNetwork Security Essentials:Applications and Standards, 4/EWilliam StallingsISBN-10: 0136108059ISBN-13: 9780136108054Publisher: Prentice HallCopyright: 2011Format: Paper; 432 ppPublished: 03/12/2010http://williamstallings.com/NetSec/NetSec4e.html

8. The Security Requirements TriadComputer SecurityThe protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)

9. Security RequirementsConfidentialityPreserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.IntegrityGuarding against information modifications or destruction, including ensuring information non-repudiation and authenticity. AvailabilityEnsuring timely and reliable access to and use of information

10. Security Attacks, Mechanisms & ServicesSecurity AttackAny action that compromises the security of informationSecurity MechanismA process / device that is designed to detect, prevent or recover from a security attack.Security ServiceA service intended to counter security attacks, typically by implementing one or more mechanisms.

11. Threats & Attacks… but threat and attack used nearly interchangeably

12. Security Threats / Attacks……

13. Security Threats / Attacks

14. Passive Attacks

15. Active Attacks (1)

16. Active Attacks (2)

17. Security Services (X.800)AuthenticationThe assurance that the communicating entity is the one it claims to beAccess ControlThe prevention of unauthorized use of a resource who can have access to a resource,under what conditions access can occur, what those accessing the resource are allowed to doData ConfidentialityThe protection of data from unauthorized disclosureData IntegrityThe assurance that data received are exactly as sent by an authorized entity (i.e., contains no modification, insertion, deletion or replay).Non-RepudiationProvides protection against denial by one of the entities involved in a communication of having participated in all/part of the communication.

18. Security Mechanisms (X.800)

19. Model for Network Security

20. Coarse OutlineWhirlwind tour of Computer NetworksComputer Hack Reloaded: Anatomy of an AttackPhase 1: ReconnaissancePhase 2: ScanningPhase 3: Gaining AccessPhase 4: Maintaining AccessPhase 5: Covering Tracks and HidingNetwork Security: Mechanisms & ServicesSpecial Topics

21. Some Network Humorhttp://www.amazon.com/Story-About-Ping-Marjorie-Flack/product-reviews/0140502416

22. Some Network Humor$ ping google.comPING google.com (66.102.7.104): 56 data bytes64 bytes from 66.102.7.104: icmp_seq=0 ttl=53 time=55.990 ms64 bytes from 66.102.7.104: icmp_seq=1 ttl=53 time=44.317 ms64 bytes from 66.102.7.104: icmp_seq=2 ttl=53 time=45.687 ms64 bytes from 66.102.7.104: icmp_seq=3 ttl=53 time=44.993 ms64 bytes from 66.102.7.104: icmp_seq=4 ttl=53 time=45.481 ms^C--- google.com ping statistics ---5 packets transmitted, 5 packets received, 0% packet lossround-trip min/avg/max/stddev = 44.317/47.294/55.990/4.374 ms$ ping amazon.comPING amazon.com (72.21.214.128): 56 data bytes^C--- amazon.com ping statistics ---10 packets transmitted, 0 packets received, 100% packet loss$