SlideShare a Scribd company logo

Network security and protocols

Online
Online

This document discusses network security and protocols. It covers internal and external threats to networks like unauthorized access, data destruction, and hacking. It also discusses ways to protect networks from these threats, including passwords, firewalls, encryption, authentication protocols, and virtual local area networks (VLANs). The document outlines concepts like cryptography, digital signatures, and authentication protocols. It also discusses firewalls, storage technologies like RAID, NAS, and SAN for fault tolerance, and tape backups.

EducationTechnology
1 of 44
Network Security and Protocols
Threats  Prevent users from accessing the required resources for performing their task Types of Threats Internal External
Internal Threats • Malicious practices done by the local networks users that do not allow efficient sharing of the network resources • Common internal threats are: – Unauthorized Access – Data Destruction – Administrative Access – System Crash/Hardware Failure – Virus
Protecting from Internal Threats • Methods of protecting internal threats largely dependent on policies rather than technology • To protect the network from internal threats you need to implement: – Passwords – User Account Control – creating groups – Policies – Fault Tolerance
External Threats • External threats can exist in two forms: – Attacker manipulates the user to gain access to the network – Hacker at a remote location uses technical methods to gain illegal access to your network • Common external threats are: – Social Engineering – Hacking – internet worms or other internet hacking tools
Protecting from External Threats • Securing network from external threat is a competition between hackers and security people • To protect the network from external threats you need to provide: – Physical protection – lock the server – Firewalls – Encryption –IPSec ,SSL – Authentication – Kerberos, PAP, CHAP – Public Keys and Certificates – VLAN
Need for Network Security • Network security - Mechanism that protects the network resources from being attacked by the outside world • Hackers constantly look out for loopholes in the network security and snoop into a network • Spyware and other adware program get installed into your computer and start transmitting private information • IP snooping allows monitoring of network traffic that is sent over the internet
Security Attacks - I • Break the security barrier of the network and access the network resources Types of Security Attacks Active Passive
Implementing External Network Security - I • Implementing external network security was not necessary while dial up connections were used • Arrival of high speed internet connection has completely changed security aspect for home computers • Users who use Asymmetric digital subscriber line (ADSL) or a cable modem is the main target for the hackers • Windows XP now has an Internet Connection Firewall (ICF) available
Implementing External Network Security - II • SOHO routers are connected to provide security to networked systems sharing a single Internet connection • Large networks employ a dedicated firewall between a gateway router and the protected network • A demilitarized zone (DMZ) can also be implemented to prevent access to the network
Cryptography • Cryptography is a science that deals with securing information • Objectives of Cryptography are: – Message Confidentiality – Message Integrity – Message Authentication – Message Nonrepudiation – solves the issues related to disputes beteween sender and receiver – Entity Authentication
Types of Cryptosystems • Cryptographic systems consists of algorithms and procedures used for encrypting the messages • Types of cryptographic systems: – Symmetric Cryptographic Systems – Asymmetric Cryptographic Systems • Symmetric Cryptographic Systems use same keys for encryption and decryption • Asymmetric Cryptographic Systems use two keys, one for encryption and other for decryption
Encryption/Decryption • Encryption refers to conversion of plain text into cipher text • Cipher algorithm is used to transform plain text into cipher text • Different types of traditional ciphers used to encode the message fall in to two broad categories: – Substitution ciphers – Transposition ciphers
Public Key Encryption/Decryption • Uses a combination of two keys the private key and the public key (Asymmetric) • Private key is known only to the receiver of the message
Secret Key Encryption / Decryption • Uses the same key to encrypt and decrypt the message (Symmetric) • Algorithm used for decrypting the message is inverse of algorithm that is used to encrypt message
Digital Signatures - I • Used to authenticate the origin of the document • Come under the asymmetric cryptography category • Can be accomplished in two ways: – Signing the document – Signing the digest of the document
Digital Signature - II • Signing the document • Signing the digest
Digital Signature - III • Signing the Document – public and private keys of the sender are used for encrypting and decrypting the document • Signing the digest – used when the message to be sent is long. Creates a digest of the message using the hash function and then sign it
Authentication Protocol • Authentication is a process by which the identity of the concerned party is identified before starting the communication process • Data traffic is encrypted using symmetric key cryptography for performance reasons • Public key cryptography is used for developing authorization protocols as well as creating a session key
Authentication based on Shared Secret Key • Challenge response protocols used for authentication using shared secret key
Authentication using Kerberos • Three types of servers involved in Kerberos protocol: – Authentication Server (AS) – Ticket-Granting Server (TGS) – Real Server
Authentication using Public – Key Cryptography • Certification Authority : Organization that binds a public key to an entity and issues a certificate
Firewall - I • Firewall is a system that blocks all unwanted and unauthorized access of the system resources • Firewall can be set using a router, switch, or a bridge • Firewall is basically present at the junction point or gateway between two networks like a private and public network • Firewalls can be hardware or software • Basic types of firewalls are: – Packet-Filter Firewalls – Proxy Firewalls
Types of Firewall • Packet filter Firewall – forward or blocks the packets depending source and destination IP address, port address or type of protocol used (TCP or UDP). Collects the information from the network and transport layer headers • Proxy Firewall – filters the data at application layer e.g. online book
Firewall - II • Demilitarized Zones in Firewall – Network that is usually present between an internal and external network of an organization – DMZ host provides services for external networks thus providing cover for internal networks against intruders
VLAN - I • Individual broadcast domains created by the switch are called virtual LANs. • Different characteristics used to group stations in a VLAN are: – Port Numbers – MAC addresses – IP addresses – Multicast IP Addresses – Combination • IEEE standard 802.1Q defines format of frame tagging in VLAN
VLAN - II • VLAN can be configured in three ways: Manual, Automatic, and Semiautomatic • Three methods used for communication between switches are: – Table Maintenance – Frame tagging – Time Division Multiplexing (TDM) • Advantages of VLAN are: – Network Management – Creating Virtual Work Groups – Security
Fault Tolerance and Redundancy • Shared data of a network should have better protection rather than having to restore the backups with difficulty • The capability of a server to continue operating in case of a hardware failure is known as fault tolerance • To implement fault tolerance you have to make the data redundant on the serving system
RAID • RAID is a technology that uses a collection of hard disks to share and replicate data • Different levels of RAID are RAID 0, 1, 2, 3, 4, 5, 6, 0+1, 10, 53 and linear RAID
Network-Attached Storage (NAS) • Used for implementing a server just for file sharing • A prebuilt system usually running LINUX with Samba and/ or Network File System (NFS) • Devices have DHCP enabled and require very little or no configuration to run
Storage area network (SAN) • SAN is a network whose primary aim is to transfer data between disk arrays, tape drives and servers • The various SAN components are: – Fiber channel Switches – Hosts and Host Bus Adapters – Storage Devices – Cabling and Cable Connectors
Tape Backup • Tape backup becomes essential incase of a hardware crash or damage to the server • Magnetic tape is the oldest method of storing data from the computer • Tape backup options fall in to three major groups: – Quarter-inch tape (QIC) – Digital Audio Tape (DAT) – Digital Linear Tape (DLT)
Perfect Server - I • Network that shares data requires specialized hardware so as to share data as fast as possible • Hardware requirement for Speed – Fast NICS : Increasing the data throughput and making it do more than one task at a time – Faster Drives : Using a PATA or a SCSI drive and implementing RAID 5 for data protection
Perfect Server - II • Servers require reliability, speed as well as data protection • Good Power • Antivirus Program • Environment
Hardware Requirement for speed • The hardware requirements for a server and a workstation differ from each other completely • Workstations do not require the speed, reliability and data backup. Servers on the other hand require reliability, speed, as well as data protection • The two things that can make the server provide good speed are: – Fast NICs – Fast Drives
Reliability - I • A steady AC power supply is to be provided to all the systems • The different methods of providing good power are: – Dedicated Circuits – Surge suppressors – Uninterruptible Power Supply (UPS) – Backup Power • Another problem along with faulty power is computer viruses
Reliability - II • Five typical types of viruses are: – Boot sector – Executable – Macro – Trojan – Worm • Damage due to virus attacks can be prevented by not allowing the virus from entering the system • Necessary to provide a good environment for the server to improve its reliability
Protocols • Different protocols are used at different layers of the OSI model for providing security to the users • The different protocols used are: – Secure Socket Layer (SSL) – Internet Protocol Security (IPSec) – Point-to-Point Tunneling Protocol (PPTP) – Point-to-Point Protocol (PPP) – Serial Line Interface Protocol (SLIP)
SLIP • Serial Line Internet Protocol (SLIP) is used to connect the computer to the Internet using serial connection such as the dial-up modem • Serial Line Internet Protocol was designed for Data link protocol for telephony • However, SLIP only supported TCP/IP and not NetBEUI or IPX network.
PPP - I • One of the common protocols for point to point access • PPP addressed all of the shortcomings of SLIP • Different services provided by PPP are as follows: – Defines the format of the frames to be exchanged between devices. – Defines how the devices can negotiate for establishment of link and exchange of data – Defines how network layer data is encapsulated in the data link frame. – Defines how the devices can authenticate each other
PPP - II • Provides multiple network layer services that support different network layer protocols. • Provides connection over multiple links. • Provides network address configuration which is useful incase a user needs a temporary network address to connect to the Internet
PPTP • Network protocol that allows secure transfer of data from a remote client to a private server • It is the Microsoft VPN encryption protocol • The three processes involved in PPTP are: – PPTP connection and communication – PPTP control connection – PPTP data tunnelling
IPSec • Protocol set that was developed by Internet Engineering Task Force (IETF) for providing security to a packet at the network level • IPSec operates in two modes: – Transport Mode – Tunnel Mode
SSL • SSL is a protocol developed by Netscape for transmitting private documents over the Internet. • Web pages that use SSL have URLs starting with https • Different services provided by SSL for the data received by application layer are: – Fragmentation – Compression – Message Integrity – Confidentiality – Framing

Recommended

Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
Nikhil Raj
 
Key management
Key managementKey management
Key management
Sujata Regoti
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Network security
Network securityNetwork security
Network security
Estiak Khan
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
G Prachi
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
Dr. Loganathan R
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
lalithambiga kamaraj
 
Network security ppt
Network security pptNetwork security ppt
Network security ppt
OECLIB Odisha Electronics Control Library
 

Recommended

Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
Nikhil Raj
 
Key management
Key managementKey management
Key management
Sujata Regoti
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityJohn Ely Masculino
 
Network security
Network securityNetwork security
Network security
Estiak Khan
 
Computer security concepts
Computer security conceptsComputer security concepts
Computer security concepts
G Prachi
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
Dr. Loganathan R
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
lalithambiga kamaraj
 
Network security ppt
Network security pptNetwork security ppt
Network security ppt
OECLIB Odisha Electronics Control Library
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
Papun Papun
 
Security policies
Security policiesSecurity policies
Security policies
Nishant Pahad
 
Cia security model
Cia security modelCia security model
Cia security model
Imran Ahmed
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
Bharath Rao
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
Access Controls
Access ControlsAccess Controls
Access Controls
primeteacher32
 
Firewalls
FirewallsFirewalls
Firewalls
University of Central Punjab
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
Muhammad Zia
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingAltacit Global
 
IoT Security
IoT SecurityIoT Security
IoT Security
Narudom Roongsiriwong, CISSP
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standards
primeteacher32
 
Information security
Information security Information security
Information security
razendar79
 
System security
System securitySystem security
System security
sommerville-videos
 
Secure communication in Networking
Secure communication in NetworkingSecure communication in Networking
Secure communication in Networkinganita maharjan
 
Security models
Security models Security models
Security models
LJ PROJECTS
 
IT Security Presentation
IT Security PresentationIT Security Presentation
IT Security Presentationelihuwalker
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Network security
Network securityNetwork security
Network security
quest university nawabshah
 
lecture 7.pptx
lecture 7.pptxlecture 7.pptx
lecture 7.pptx
MelkamuEndale1
 
Section c group2_firewall_ final
Section c group2_firewall_ finalSection c group2_firewall_ final
Section c group2_firewall_ finalpg13tarun_g
 

More Related Content

What's hot

Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
Papun Papun
 
Security policies
Security policiesSecurity policies
Security policies
Nishant Pahad
 
Cia security model
Cia security modelCia security model
Cia security model
Imran Ahmed
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
Bharath Rao
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
Access Controls
Access ControlsAccess Controls
Access Controls
primeteacher32
 
Firewalls
FirewallsFirewalls
Firewalls
University of Central Punjab
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
Muhammad Zia
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
IoT Security
IoT SecurityIoT Security
IoT Security
Narudom Roongsiriwong, CISSP
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standards
primeteacher32
 
Information security
Information security Information security
Information security
razendar79
 
System security
System securitySystem security
System security
sommerville-videos
 
Secure communication in Networking
Secure communication in NetworkingSecure communication in Networking
Secure communication in Networkinganita maharjan
 
Security models
Security models Security models
Security models
LJ PROJECTS
 
IT Security Presentation
IT Security PresentationIT Security Presentation
IT Security Presentationelihuwalker
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Network security
Network securityNetwork security
Network security
quest university nawabshah
 

What's hot (20)

Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
 
Security policies
Security policiesSecurity policies
Security policies
 
Cia security model
Cia security modelCia security model
Cia security model
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
 
Network Security
Network SecurityNetwork Security
Network Security
 
Access Controls
Access ControlsAccess Controls
Access Controls
 
Firewalls
FirewallsFirewalls
Firewalls
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
IoT Security
IoT SecurityIoT Security
IoT Security
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standards
 
Information security
Information security Information security
Information security
 
System security
System securitySystem security
System security
 
Secure communication in Networking
Secure communication in NetworkingSecure communication in Networking
Secure communication in Networking
 
Security models
Security models Security models
Security models
 
IT Security Presentation
IT Security PresentationIT Security Presentation
IT Security Presentation
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Network security
Network securityNetwork security
Network security
 

Similar to Network security and protocols

lecture 7.pptx
lecture 7.pptxlecture 7.pptx
lecture 7.pptx
MelkamuEndale1
 
Section c group2_firewall_ final
Section c group2_firewall_ finalSection c group2_firewall_ final
Section c group2_firewall_ finalpg13tarun_g
 
Network defenses
Network defensesNetwork defenses
Network defenses
G Prachi
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewalls
Divya Jyoti
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths
hibaehed
 
Ccna sec 01
Ccna sec 01Ccna sec 01
Ccna sec 01
EduclentMegasoftel
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
Murali Mohan
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)
Jainam Shah
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Sachintha Gunasena
 
Firewall
FirewallFirewall
Firewall
Tapan Khilar
 
How we breach small and medium enterprises (SMEs)
How we breach small and medium enterprises (SMEs)How we breach small and medium enterprises (SMEs)
How we breach small and medium enterprises (SMEs)NCC Group
 
E-COMMERCE SECURITY (2).ppt
E-COMMERCE SECURITY (2).pptE-COMMERCE SECURITY (2).ppt
E-COMMERCE SECURITY (2).ppt
Hemlata Gangwar
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
ssuser530a07
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters
Radhika Talaviya
 
Lect_2.pptx
Lect_2.pptxLect_2.pptx
Lect_2.pptx
Senthil Vit
 
MVA slides lesson 8
MVA slides lesson 8MVA slides lesson 8
MVA slides lesson 8
Fabio Almeida- Oficina Eletrônica
 
98 366 mva slides lesson 8
98 366 mva slides lesson 898 366 mva slides lesson 8
98 366 mva slides lesson 8
suddenven
 
Seminar
SeminarSeminar
Seminar
Abhinav Kushwah
 

Similar to Network security and protocols (20)

lecture 7.pptx
lecture 7.pptxlecture 7.pptx
lecture 7.pptx
 
Section c group2_firewall_ final
Section c group2_firewall_ finalSection c group2_firewall_ final
Section c group2_firewall_ final
 
Network defenses
Network defensesNetwork defenses
Network defenses
 
Unit08
Unit08Unit08
Unit08
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewalls
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths
 
Ccna sec 01
Ccna sec 01Ccna sec 01
Ccna sec 01
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)
 
Security chapter6
Security chapter6Security chapter6
Security chapter6
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
 
Firewall
FirewallFirewall
Firewall
 
How we breach small and medium enterprises (SMEs)
How we breach small and medium enterprises (SMEs)How we breach small and medium enterprises (SMEs)
How we breach small and medium enterprises (SMEs)
 
E-COMMERCE SECURITY (2).ppt
E-COMMERCE SECURITY (2).pptE-COMMERCE SECURITY (2).ppt
E-COMMERCE SECURITY (2).ppt
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters
 
Lect_2.pptx
Lect_2.pptxLect_2.pptx
Lect_2.pptx
 
MVA slides lesson 8
MVA slides lesson 8MVA slides lesson 8
MVA slides lesson 8
 
98 366 mva slides lesson 8
98 366 mva slides lesson 898 366 mva slides lesson 8
98 366 mva slides lesson 8
 
Seminar
SeminarSeminar
Seminar
 

More from Online

Philosophy of early childhood education 3
Philosophy of early childhood education 3Philosophy of early childhood education 3
Philosophy of early childhood education 3
Online
 
Philosophy of early childhood education 2
Philosophy of early childhood education 2Philosophy of early childhood education 2
Philosophy of early childhood education 2
Online
 
Philosophy of early childhood education 1
Philosophy of early childhood education 1Philosophy of early childhood education 1
Philosophy of early childhood education 1
Online
 
Philosophy of early childhood education 4
Philosophy of early childhood education 4Philosophy of early childhood education 4
Philosophy of early childhood education 4
Online
 
Operation and expression in c++
Operation and expression in c++Operation and expression in c++
Operation and expression in c++
Online
 
Functions
FunctionsFunctions
Functions
Online
 
Formatted input and output
Formatted input and outputFormatted input and output
Formatted input and output
Online
 
Control structures selection
Control structures selectionControl structures selection
Control structures selection
Online
 
Control structures repetition
Control structures repetitionControl structures repetition
Control structures repetition
Online
 
Introduction to problem solving in c++
Introduction to problem solving in c++Introduction to problem solving in c++
Introduction to problem solving in c++
Online
 
Optical transmission technique
Optical transmission techniqueOptical transmission technique
Optical transmission technique
Online
 
Multi protocol label switching (mpls)
Multi protocol label switching (mpls)Multi protocol label switching (mpls)
Multi protocol label switching (mpls)
Online
 
Lan technologies
Lan technologiesLan technologies
Lan technologies
Online
 
Introduction to internet technology
Introduction to internet technologyIntroduction to internet technology
Introduction to internet technology
Online
 
Internet standard routing protocols
Internet standard routing protocolsInternet standard routing protocols
Internet standard routing protocols
Online
 
Internet protocol
Internet protocolInternet protocol
Internet protocol
Online
 
Application protocols
Application protocolsApplication protocols
Application protocols
Online
 
Addressing
AddressingAddressing
Addressing
Online
 
Transport protocols
Transport protocolsTransport protocols
Transport protocols
Online
 
Leadership
LeadershipLeadership
Leadership
Online
 

More from Online (20)

Philosophy of early childhood education 3
Philosophy of early childhood education 3Philosophy of early childhood education 3
Philosophy of early childhood education 3
 
Philosophy of early childhood education 2
Philosophy of early childhood education 2Philosophy of early childhood education 2
Philosophy of early childhood education 2
 
Philosophy of early childhood education 1
Philosophy of early childhood education 1Philosophy of early childhood education 1
Philosophy of early childhood education 1
 
Philosophy of early childhood education 4
Philosophy of early childhood education 4Philosophy of early childhood education 4
Philosophy of early childhood education 4
 
Operation and expression in c++
Operation and expression in c++Operation and expression in c++
Operation and expression in c++
 
Functions
FunctionsFunctions
Functions
 
Formatted input and output
Formatted input and outputFormatted input and output
Formatted input and output
 
Control structures selection
Control structures selectionControl structures selection
Control structures selection
 
Control structures repetition
Control structures repetitionControl structures repetition
Control structures repetition
 
Introduction to problem solving in c++
Introduction to problem solving in c++Introduction to problem solving in c++
Introduction to problem solving in c++
 
Optical transmission technique
Optical transmission techniqueOptical transmission technique
Optical transmission technique
 
Multi protocol label switching (mpls)
Multi protocol label switching (mpls)Multi protocol label switching (mpls)
Multi protocol label switching (mpls)
 
Lan technologies
Lan technologiesLan technologies
Lan technologies
 
Introduction to internet technology
Introduction to internet technologyIntroduction to internet technology
Introduction to internet technology
 
Internet standard routing protocols
Internet standard routing protocolsInternet standard routing protocols
Internet standard routing protocols
 
Internet protocol
Internet protocolInternet protocol
Internet protocol
 
Application protocols
Application protocolsApplication protocols
Application protocols
 
Addressing
AddressingAddressing
Addressing
 
Transport protocols
Transport protocolsTransport protocols
Transport protocols
 
Leadership
LeadershipLeadership
Leadership
 

Recently uploaded

Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
Vikramjit Singh
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
JosvitaDsouza2
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
BhavyaRajput3
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
Levi Shapiro
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
Mohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
Atul Kumar Singh
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
TechSoup
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
Sandy Millin
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
Balvir Singh
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
DhatriParmar
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
EduSkills OECD
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
Nguyen Thanh Tu Collection
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
Celine George
 
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free downloadThe French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
Vivekanand Anglo Vedic Academy
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
RaedMohamed3
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
Jisc
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
EverAndrsGuerraGuerr
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
DeeptiGupta154
 

Recently uploaded (20)

Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
 
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free downloadThe French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
 
Thesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.pptThesis Statement for students diagnonsed withADHD.ppt
Thesis Statement for students diagnonsed withADHD.ppt
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
 

Network security and protocols

  • 2. Threats  Prevent users from accessing the required resources for performing their task Types of Threats Internal External
  • 3. Internal Threats • Malicious practices done by the local networks users that do not allow efficient sharing of the network resources • Common internal threats are: – Unauthorized Access – Data Destruction – Administrative Access – System Crash/Hardware Failure – Virus
  • 4. Protecting from Internal Threats • Methods of protecting internal threats largely dependent on policies rather than technology • To protect the network from internal threats you need to implement: – Passwords – User Account Control – creating groups – Policies – Fault Tolerance
  • 5. External Threats • External threats can exist in two forms: – Attacker manipulates the user to gain access to the network – Hacker at a remote location uses technical methods to gain illegal access to your network • Common external threats are: – Social Engineering – Hacking – internet worms or other internet hacking tools
  • 6. Protecting from External Threats • Securing network from external threat is a competition between hackers and security people • To protect the network from external threats you need to provide: – Physical protection – lock the server – Firewalls – Encryption –IPSec ,SSL – Authentication – Kerberos, PAP, CHAP – Public Keys and Certificates – VLAN
  • 7. Need for Network Security • Network security - Mechanism that protects the network resources from being attacked by the outside world • Hackers constantly look out for loopholes in the network security and snoop into a network • Spyware and other adware program get installed into your computer and start transmitting private information • IP snooping allows monitoring of network traffic that is sent over the internet
  • 8. Security Attacks - I • Break the security barrier of the network and access the network resources Types of Security Attacks Active Passive
  • 9. Implementing External Network Security - I • Implementing external network security was not necessary while dial up connections were used • Arrival of high speed internet connection has completely changed security aspect for home computers • Users who use Asymmetric digital subscriber line (ADSL) or a cable modem is the main target for the hackers • Windows XP now has an Internet Connection Firewall (ICF) available
  • 10. Implementing External Network Security - II • SOHO routers are connected to provide security to networked systems sharing a single Internet connection • Large networks employ a dedicated firewall between a gateway router and the protected network • A demilitarized zone (DMZ) can also be implemented to prevent access to the network
  • 11. Cryptography • Cryptography is a science that deals with securing information • Objectives of Cryptography are: – Message Confidentiality – Message Integrity – Message Authentication – Message Nonrepudiation – solves the issues related to disputes beteween sender and receiver – Entity Authentication
  • 12. Types of Cryptosystems • Cryptographic systems consists of algorithms and procedures used for encrypting the messages • Types of cryptographic systems: – Symmetric Cryptographic Systems – Asymmetric Cryptographic Systems • Symmetric Cryptographic Systems use same keys for encryption and decryption • Asymmetric Cryptographic Systems use two keys, one for encryption and other for decryption
  • 13. Encryption/Decryption • Encryption refers to conversion of plain text into cipher text • Cipher algorithm is used to transform plain text into cipher text • Different types of traditional ciphers used to encode the message fall in to two broad categories: – Substitution ciphers – Transposition ciphers
  • 14. Public Key Encryption/Decryption • Uses a combination of two keys the private key and the public key (Asymmetric) • Private key is known only to the receiver of the message
  • 15. Secret Key Encryption / Decryption • Uses the same key to encrypt and decrypt the message (Symmetric) • Algorithm used for decrypting the message is inverse of algorithm that is used to encrypt message
  • 16. Digital Signatures - I • Used to authenticate the origin of the document • Come under the asymmetric cryptography category • Can be accomplished in two ways: – Signing the document – Signing the digest of the document
  • 17. Digital Signature - II • Signing the document • Signing the digest
  • 18. Digital Signature - III • Signing the Document – public and private keys of the sender are used for encrypting and decrypting the document • Signing the digest – used when the message to be sent is long. Creates a digest of the message using the hash function and then sign it
  • 19. Authentication Protocol • Authentication is a process by which the identity of the concerned party is identified before starting the communication process • Data traffic is encrypted using symmetric key cryptography for performance reasons • Public key cryptography is used for developing authorization protocols as well as creating a session key
  • 20. Authentication based on Shared Secret Key • Challenge response protocols used for authentication using shared secret key
  • 21. Authentication using Kerberos • Three types of servers involved in Kerberos protocol: – Authentication Server (AS) – Ticket-Granting Server (TGS) – Real Server
  • 22. Authentication using Public – Key Cryptography • Certification Authority : Organization that binds a public key to an entity and issues a certificate
  • 23. Firewall - I • Firewall is a system that blocks all unwanted and unauthorized access of the system resources • Firewall can be set using a router, switch, or a bridge • Firewall is basically present at the junction point or gateway between two networks like a private and public network • Firewalls can be hardware or software • Basic types of firewalls are: – Packet-Filter Firewalls – Proxy Firewalls
  • 24. Types of Firewall • Packet filter Firewall – forward or blocks the packets depending source and destination IP address, port address or type of protocol used (TCP or UDP). Collects the information from the network and transport layer headers • Proxy Firewall – filters the data at application layer e.g. online book
  • 25. Firewall - II • Demilitarized Zones in Firewall – Network that is usually present between an internal and external network of an organization – DMZ host provides services for external networks thus providing cover for internal networks against intruders
  • 26. VLAN - I • Individual broadcast domains created by the switch are called virtual LANs. • Different characteristics used to group stations in a VLAN are: – Port Numbers – MAC addresses – IP addresses – Multicast IP Addresses – Combination • IEEE standard 802.1Q defines format of frame tagging in VLAN
  • 27. VLAN - II • VLAN can be configured in three ways: Manual, Automatic, and Semiautomatic • Three methods used for communication between switches are: – Table Maintenance – Frame tagging – Time Division Multiplexing (TDM) • Advantages of VLAN are: – Network Management – Creating Virtual Work Groups – Security
  • 28. Fault Tolerance and Redundancy • Shared data of a network should have better protection rather than having to restore the backups with difficulty • The capability of a server to continue operating in case of a hardware failure is known as fault tolerance • To implement fault tolerance you have to make the data redundant on the serving system
  • 29. RAID • RAID is a technology that uses a collection of hard disks to share and replicate data • Different levels of RAID are RAID 0, 1, 2, 3, 4, 5, 6, 0+1, 10, 53 and linear RAID
  • 30. Network-Attached Storage (NAS) • Used for implementing a server just for file sharing • A prebuilt system usually running LINUX with Samba and/ or Network File System (NFS) • Devices have DHCP enabled and require very little or no configuration to run
  • 31. Storage area network (SAN) • SAN is a network whose primary aim is to transfer data between disk arrays, tape drives and servers • The various SAN components are: – Fiber channel Switches – Hosts and Host Bus Adapters – Storage Devices – Cabling and Cable Connectors
  • 32. Tape Backup • Tape backup becomes essential incase of a hardware crash or damage to the server • Magnetic tape is the oldest method of storing data from the computer • Tape backup options fall in to three major groups: – Quarter-inch tape (QIC) – Digital Audio Tape (DAT) – Digital Linear Tape (DLT)
  • 33. Perfect Server - I • Network that shares data requires specialized hardware so as to share data as fast as possible • Hardware requirement for Speed – Fast NICS : Increasing the data throughput and making it do more than one task at a time – Faster Drives : Using a PATA or a SCSI drive and implementing RAID 5 for data protection
  • 34. Perfect Server - II • Servers require reliability, speed as well as data protection • Good Power • Antivirus Program • Environment
  • 35. Hardware Requirement for speed • The hardware requirements for a server and a workstation differ from each other completely • Workstations do not require the speed, reliability and data backup. Servers on the other hand require reliability, speed, as well as data protection • The two things that can make the server provide good speed are: – Fast NICs – Fast Drives
  • 36. Reliability - I • A steady AC power supply is to be provided to all the systems • The different methods of providing good power are: – Dedicated Circuits – Surge suppressors – Uninterruptible Power Supply (UPS) – Backup Power • Another problem along with faulty power is computer viruses
  • 37. Reliability - II • Five typical types of viruses are: – Boot sector – Executable – Macro – Trojan – Worm • Damage due to virus attacks can be prevented by not allowing the virus from entering the system • Necessary to provide a good environment for the server to improve its reliability
  • 38. Protocols • Different protocols are used at different layers of the OSI model for providing security to the users • The different protocols used are: – Secure Socket Layer (SSL) – Internet Protocol Security (IPSec) – Point-to-Point Tunneling Protocol (PPTP) – Point-to-Point Protocol (PPP) – Serial Line Interface Protocol (SLIP)
  • 39. SLIP • Serial Line Internet Protocol (SLIP) is used to connect the computer to the Internet using serial connection such as the dial-up modem • Serial Line Internet Protocol was designed for Data link protocol for telephony • However, SLIP only supported TCP/IP and not NetBEUI or IPX network.
  • 40. PPP - I • One of the common protocols for point to point access • PPP addressed all of the shortcomings of SLIP • Different services provided by PPP are as follows: – Defines the format of the frames to be exchanged between devices. – Defines how the devices can negotiate for establishment of link and exchange of data – Defines how network layer data is encapsulated in the data link frame. – Defines how the devices can authenticate each other
  • 41. PPP - II • Provides multiple network layer services that support different network layer protocols. • Provides connection over multiple links. • Provides network address configuration which is useful incase a user needs a temporary network address to connect to the Internet
  • 42. PPTP • Network protocol that allows secure transfer of data from a remote client to a private server • It is the Microsoft VPN encryption protocol • The three processes involved in PPTP are: – PPTP connection and communication – PPTP control connection – PPTP data tunnelling
  • 43. IPSec • Protocol set that was developed by Internet Engineering Task Force (IETF) for providing security to a packet at the network level • IPSec operates in two modes: – Transport Mode – Tunnel Mode
  • 44. SSL • SSL is a protocol developed by Netscape for transmitting private documents over the Internet. • Web pages that use SSL have URLs starting with https • Different services provided by SSL for the data received by application layer are: – Fragmentation – Compression – Message Integrity – Confidentiality – Framing