Network security is important to protect vital information while allowing authorized access. Key aspects of network security include identifying vulnerabilities, threats like hackers and methods of attack, and implementing appropriate countermeasures. Common attacks include password attacks, viruses, and packet sniffing. Effective countermeasures include firewalls to control access, intrusion detection systems to monitor for exploits, IPsec and encryption to secure communications, and user education to address social engineering vulnerabilities. Comprehensive security requires backups, encryption, virus protection, firewalls, monitoring, training, and testing defenses.

1. NETWORK
SECURITY

2. OVERVIEW
• What is security?
• Why do we need security?
• Who is vulnerable?
• Types of network
• Threats
• Areas of Security Weakness
• Hackers & methods of attack
2

3. OVERVIEW
• Backups, Encryption & Virus protection
• Common security attacks and countermeasures
– Firewalls
– Intrusion Detection Systems
– IP Sec
– Packet Sniffing
– Social Problems
3

4. What is “Security”
• Definition says:
– Freedom from risk or danger; something that
gives or assures SAFETY.
– Freedom from doubt, anxiety, or fear;
CONFIDENCE.
4

5. What is “Security”
• Security Attack: Any action that compromises
the security of information.
• Security Mechanism: A mechanism that is
designed to detect, prevent, or recover from a
security attack.
• Security Service: A service that enhances the
security of data processing systems and
information transfers. A security service
makes use of one or more security
mechanisms.
5

6. Why do we need security?
• Protect vital info while still allowing access
to those who need it
• Provide authentication and access control
for resources
• Guarantee privacy and correct access
6

7. Who is vulnerable?
• Govt and defense agencies
• Contractors to various govt agencies
• Financial institutions and banks
• Internet service providers
• Multinational corporations
• ANYONE ON THE NETWORK
7

8. Types of Networks
• LAN
• Interconnected Networks
• Heterogeneous Networks
• Campus Metropolitan & WANs
8

9. Areas of Weakness
• Easily guessed/leaked passwords
• Poor login settings
• Data with viruses
• Poorly Implemented Firewalls
• Loss of sys having imp data/info
• Honey-trap or compromise
9

10. Hackers
• One who seeks and exploits
weaknesses in a sys or network
• An electronic sport
• Use sophisticated tech to break into sys
• Info useful for others
10

11. Hacker Motivations
 Money, profit
 Access to addn resources
 Experimentation and desire to learn
 “Gang” mentality
 Psychological needs
 Self-gratification
 Personal vengeance
 Desire to embarrass the tgt
11

12. Methods of attack
• Phone attack (preachers)
• Accts & pswd attack
• Viruses & Trojan Horses
12

13. Methods of attack
• Phone attack (preachers)
• Accts & pswd attack
• Viruses & Trojan Horses
14

14. Common security attacks and their
countermeasures
• Finding a way into the network : FIREWALLS
• Exploiting software bugs, buffer overflows : IDS
• TCP hijacking : IP SEC
• Packet sniffing : ENCRYPTION
• Social problems : EDUCATION
15

15. Firewalls
• A gp of components that collectively form a
barrier between two networks.
• A firewall is like a castle with a drawbridge
– Only one point of access into the network
– This can be good or bad
• Solution
– Admin limits access to end hosts by using a
firewall
– Firewall is kept up-to-date by admin
16

16. Firewalls
17
Insider
Outsider
Firewall
Firewall
Web server, email
server etc

17. Intrusion Detection Sys
• Monitors network or sys activities for
malicious activities or policy violations and
produces reports to mgt stn.
• Used to monitor for “suspicious activity” on
a network
– Can protect against known software exploits
• Uses “intrusion signatures”
– Well known patterns of behaviour
18

18. IP Sec
• Internet Protocol Security (IP Sec) is a protocol
suite for securing Internet Protocol (IP) comn by
authenticating and encrypting each IP packet of a
comn session.
• IP Sec also includes protocols for establishing
mutual authentication between agents at the
beginning of the session and negotiation of
cryptographic keys to be used during the session.

19. Packet Sniffing
• A packet sniffer simply captures all of the
packets of data that pass through a given
network interface.
• Typically, it would only capture packets that
were intended for the machine in question.
• However, if placed into random mode, the
packet sniffer is also capable of
capturing ALL packets traversing the network
regardless of destination.
20

20. Social Problems
• People/Users can be just as dangerous as
unprotected computer systems
• People can be lied to, manipulated, bribed,
threatened, harmed, tortured, etc. to give
up valuable info
• Most humans will breakdown once they are
at the “harmed” stage, unless they have
been specially trained
21

21. Social Problems
• Humans will continue to be tricked into giving out
information they shouldn’t
• Educating them may help a little here, but,
depending on how bad you want the info, there are a
lot of bad things you can do to get it
• Implement a wide variety of solutions and more
closely monitor who has access to what network
resources and info
22

22. Countermeasures
• Identification & authentication
• Access Cont
• Accountability & auditing
• Accuracy
• Reliabilty
• Data Exchange
23

23. Countermeasures
• Identification & authentication
• Access Cont
• Accountability & auditing
• Accuracy
• Reliabilty
• Data Exchange
24

24. Backups
• Physical loss of sys
• Sys crash
• Virus attack
• Ensure non-corrupted backup
• Reg backups
• Safety of backups as well
25

25. Encryption
• Cryptographic tech/the process of encoding
messages (or info) in such a way that others
(hackers) cannot read it, but that
authorized indl can.
• Data remains pvt even after compromised
• Encryption sys/software is protected &
secure
26

26. Virus Protection
• Threat to network
• Contact & spread
• Monitor the telltale signs in network
• Trg of users in handling antivirus
• Re-infect capability
• Ensure backups
27

27. Elements of a comprehensive
security program
 Have Good Passwords
 Use Good Antiviral Products
 Use Good Cryptography
 Have Good Firewalls
 Have a Backup System
 Audit and Monitor Systems and Networks
 Have Training and Awareness Programs
 Test Your Security Frequently
28

28. Conclusion
• The Internet was not created with security in mind.
• Comn can be altered, examined and exploited.
• There is a growing need to protect private info
crossing the public networks that make up the Internet
infrastructure.
• A network security policy, an auditing procedure, and a
violation response plan must all be in place to deal
with any breach or breakdown of network security
before it occurs.
•

29. Questions IF ANY….