2. OVERVIEW
• What is security?
• Why do we need security?
• Who is vulnerable?
• Types of network
• Threats
• Areas of Security Weakness
• Hackers & methods of attack
2
3. OVERVIEW
• Backups, Encryption & Virus protection
• Common security attacks and countermeasures
– Firewalls
– Intrusion Detection Systems
– IP Sec
– Packet Sniffing
– Social Problems
3
4. What is “Security”
• Definition says:
– Freedom from risk or danger; something that
gives or assures SAFETY.
– Freedom from doubt, anxiety, or fear;
CONFIDENCE.
4
5. What is “Security”
• Security Attack: Any action that compromises
the security of information.
• Security Mechanism: A mechanism that is
designed to detect, prevent, or recover from a
security attack.
• Security Service: A service that enhances the
security of data processing systems and
information transfers. A security service
makes use of one or more security
mechanisms.
5
6. Why do we need security?
• Protect vital info while still allowing access
to those who need it
• Provide authentication and access control
for resources
• Guarantee privacy and correct access
6
7. Who is vulnerable?
• Govt and defense agencies
• Contractors to various govt agencies
• Financial institutions and banks
• Internet service providers
• Multinational corporations
• ANYONE ON THE NETWORK
7
8. Types of Networks
• LAN
• Interconnected Networks
• Heterogeneous Networks
• Campus Metropolitan & WANs
8
9. Areas of Weakness
• Easily guessed/leaked passwords
• Poor login settings
• Data with viruses
• Poorly Implemented Firewalls
• Loss of sys having imp data/info
• Honey-trap or compromise
9
10. Hackers
• One who seeks and exploits
weaknesses in a sys or network
• An electronic sport
• Use sophisticated tech to break into sys
• Info useful for others
10
11. Hacker Motivations
Money, profit
Access to addn resources
Experimentation and desire to learn
“Gang” mentality
Psychological needs
Self-gratification
Personal vengeance
Desire to embarrass the tgt
11
14. Common security attacks and their
countermeasures
• Finding a way into the network : FIREWALLS
• Exploiting software bugs, buffer overflows : IDS
• TCP hijacking : IP SEC
• Packet sniffing : ENCRYPTION
• Social problems : EDUCATION
15
15. Firewalls
• A gp of components that collectively form a
barrier between two networks.
• A firewall is like a castle with a drawbridge
– Only one point of access into the network
– This can be good or bad
• Solution
– Admin limits access to end hosts by using a
firewall
– Firewall is kept up-to-date by admin
16
17. Intrusion Detection Sys
• Monitors network or sys activities for
malicious activities or policy violations and
produces reports to mgt stn.
• Used to monitor for “suspicious activity” on
a network
– Can protect against known software exploits
• Uses “intrusion signatures”
– Well known patterns of behaviour
18
18. IP Sec
• Internet Protocol Security (IP Sec) is a protocol
suite for securing Internet Protocol (IP) comn by
authenticating and encrypting each IP packet of a
comn session.
• IP Sec also includes protocols for establishing
mutual authentication between agents at the
beginning of the session and negotiation of
cryptographic keys to be used during the session.
19. Packet Sniffing
• A packet sniffer simply captures all of the
packets of data that pass through a given
network interface.
• Typically, it would only capture packets that
were intended for the machine in question.
• However, if placed into random mode, the
packet sniffer is also capable of
capturing ALL packets traversing the network
regardless of destination.
20
20. Social Problems
• People/Users can be just as dangerous as
unprotected computer systems
• People can be lied to, manipulated, bribed,
threatened, harmed, tortured, etc. to give
up valuable info
• Most humans will breakdown once they are
at the “harmed” stage, unless they have
been specially trained
21
21. Social Problems
• Humans will continue to be tricked into giving out
information they shouldn’t
• Educating them may help a little here, but,
depending on how bad you want the info, there are a
lot of bad things you can do to get it
• Implement a wide variety of solutions and more
closely monitor who has access to what network
resources and info
22
24. Backups
• Physical loss of sys
• Sys crash
• Virus attack
• Ensure non-corrupted backup
• Reg backups
• Safety of backups as well
25
25. Encryption
• Cryptographic tech/the process of encoding
messages (or info) in such a way that others
(hackers) cannot read it, but that
authorized indl can.
• Data remains pvt even after compromised
• Encryption sys/software is protected &
secure
26
26. Virus Protection
• Threat to network
• Contact & spread
• Monitor the telltale signs in network
• Trg of users in handling antivirus
• Re-infect capability
• Ensure backups
27
27. Elements of a comprehensive
security program
Have Good Passwords
Use Good Antiviral Products
Use Good Cryptography
Have Good Firewalls
Have a Backup System
Audit and Monitor Systems and Networks
Have Training and Awareness Programs
Test Your Security Frequently
28
28. Conclusion
• The Internet was not created with security in mind.
• Comn can be altered, examined and exploited.
• There is a growing need to protect private info
crossing the public networks that make up the Internet
infrastructure.
• A network security policy, an auditing procedure, and a
violation response plan must all be in place to deal
with any breach or breakdown of network security
before it occurs.
•