This document discusses network security and protocols. It covers internal and external threats to networks like unauthorized access, data destruction, and hacking. It also discusses ways to protect networks from these threats, including passwords, firewalls, encryption, authentication protocols, and virtual local area networks (VLANs). The document outlines concepts like cryptography, digital signatures, and authentication protocols. It also discusses firewalls, storage technologies like RAID, NAS, and SAN for fault tolerance, and tape backups.
Intrusion detection and prevention systemNikhil Raj
This presentation describes how to implement Network based Intrusion Detection System (SNORT) in the network. Detecting and analyzing alerts generated and blocking the Attacker using Access Control List.
Key management: Introduction, How public key distribution done, Diffie Hellman Key Exchage Algorithm,Digital Certificate. Key Management using Digital certificate is done etc. wireshark screenshot showing digital cetificate.
Intrusion detection and prevention systemNikhil Raj
This presentation describes how to implement Network based Intrusion Detection System (SNORT) in the network. Detecting and analyzing alerts generated and blocking the Attacker using Access Control List.
Key management: Introduction, How public key distribution done, Diffie Hellman Key Exchage Algorithm,Digital Certificate. Key Management using Digital certificate is done etc. wireshark screenshot showing digital cetificate.
Just created a slideshare presentation giving a basic introduction to the Confidentiality, Integrity & Availability (CIA) Security Model. You can see more slideshows on http://www.slideshare.net/ImranahmedIT or visit my website: http://imran-ahmed.co.uk
The CIA Triad - Assurance on Information SecurityBharath Rao
Confidentiality, Integrity and Availability of Data are the basis for providing assurance on IS Security. This document gives a small overview of the impact of confidentiality, integrity and availability on the data and the need of securing the CIA.
The growth of embedded systems connecting to the Internet or "Internet of Things" (IoT) increases year by year. Thus, the IoT ecosystems become new targets of the attackers. This presentation will talk about the basic principle of information security, why we need to secure IoT ecosystems, and also the vulnerabilities and solutions from OWASP.
To Support Digital India, We are trying to enforce the security on the web and digital Information. This Slides provide you basic as well as advance knowledge of security model. Model covered in this slides are Chinese Wall, Clark-Wilson, Biba, Harrison-Ruzzo-Ullman Model, Bell-LaPadula Model etc.
Types of Access Control.
How To Learn The Network Security
Slide berikut merupakan slide yang berisikan dasar-dasar bagi kita dalam memahami konsep keamanan jaringan komputer, baik dari sisi inftrastruktur, teknologi dan paradigma bagi pengguna.
Materi yang diberikan sudah disusun oleh Pakar yang merupakan Trainer CEH dan memang berkompeten dibidang keamanan jaringan.
Slide ini saya dapatkan dari beliau saat mengikut training Certified Computer Security Officer (CCSO) dan Certified Computer Security Analyst (CCSA) dari beliau.
Semoga bermanfaat sebagai acuan bagi kita untuk belajar tentang keamanan jaringan komputer.
Terimakasih
Just created a slideshare presentation giving a basic introduction to the Confidentiality, Integrity & Availability (CIA) Security Model. You can see more slideshows on http://www.slideshare.net/ImranahmedIT or visit my website: http://imran-ahmed.co.uk
The CIA Triad - Assurance on Information SecurityBharath Rao
Confidentiality, Integrity and Availability of Data are the basis for providing assurance on IS Security. This document gives a small overview of the impact of confidentiality, integrity and availability on the data and the need of securing the CIA.
The growth of embedded systems connecting to the Internet or "Internet of Things" (IoT) increases year by year. Thus, the IoT ecosystems become new targets of the attackers. This presentation will talk about the basic principle of information security, why we need to secure IoT ecosystems, and also the vulnerabilities and solutions from OWASP.
To Support Digital India, We are trying to enforce the security on the web and digital Information. This Slides provide you basic as well as advance knowledge of security model. Model covered in this slides are Chinese Wall, Clark-Wilson, Biba, Harrison-Ruzzo-Ullman Model, Bell-LaPadula Model etc.
Types of Access Control.
How To Learn The Network Security
Slide berikut merupakan slide yang berisikan dasar-dasar bagi kita dalam memahami konsep keamanan jaringan komputer, baik dari sisi inftrastruktur, teknologi dan paradigma bagi pengguna.
Materi yang diberikan sudah disusun oleh Pakar yang merupakan Trainer CEH dan memang berkompeten dibidang keamanan jaringan.
Slide ini saya dapatkan dari beliau saat mengikut training Certified Computer Security Officer (CCSO) dan Certified Computer Security Analyst (CCSA) dari beliau.
Semoga bermanfaat sebagai acuan bagi kita untuk belajar tentang keamanan jaringan komputer.
Terimakasih
Implementing Cisco IOS Network Security (IINS). For a complete list of available network security training, visit the Security Training page.http://bit.ly/1Lgc2LW
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionSachintha Gunasena
This series in about the Entrepreneurial and E-Commerce opportunities and how to harness the power of Information Technology to improve or revolutionize business.
This session discusses about:
the types of threats that could occur to an e-commerce business, and what are the prevention methods and technologies available for such threats.
A firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules. Packet filter is a hardware or software designed to block or allow transmission of packets based on criteria such as port, IP address, protocol.
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
Francesca Gottschalk - How can education support child empowerment.pptxEduSkills OECD
Francesca Gottschalk from the OECD’s Centre for Educational Research and Innovation presents at the Ask an Expert Webinar: How can education support child empowerment?
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
2. Threats
Prevent users from accessing the required
resources for performing their task
Types of Threats
Internal External
3. Internal Threats
• Malicious practices done by the local networks users
that do not allow efficient sharing of the network
resources
• Common internal threats are:
– Unauthorized Access
– Data Destruction
– Administrative Access
– System Crash/Hardware Failure
– Virus
4. Protecting from Internal Threats
• Methods of protecting internal threats largely dependent
on policies rather than technology
• To protect the network from internal threats you need to
implement:
– Passwords
– User Account Control – creating groups
– Policies
– Fault Tolerance
5. External Threats
• External threats can exist in two forms:
– Attacker manipulates the user to gain access to the
network
– Hacker at a remote location uses technical methods to
gain illegal access to your network
• Common external threats are:
– Social Engineering
– Hacking – internet worms or other internet hacking tools
6. Protecting from External Threats
• Securing network from external threat is a competition
between hackers and security people
• To protect the network from external threats you need
to provide:
– Physical protection – lock the server
– Firewalls
– Encryption –IPSec ,SSL
– Authentication – Kerberos, PAP, CHAP
– Public Keys and Certificates
– VLAN
7. Need for Network Security
• Network security - Mechanism that protects the
network resources from being attacked by the outside
world
• Hackers constantly look out for loopholes in the
network security and snoop into a network
• Spyware and other adware program get installed into
your computer and start transmitting private
information
• IP snooping allows monitoring of network traffic that is
sent over the internet
8. Security Attacks - I
• Break the security barrier of the network and access the
network resources
Types of Security
Attacks
Active Passive
9. Implementing External Network
Security - I
• Implementing external network security was not necessary
while dial up connections were used
• Arrival of high speed internet connection has completely
changed security aspect for home computers
• Users who use Asymmetric digital subscriber line (ADSL) or
a cable modem is the main target for the hackers
• Windows XP now has an Internet Connection Firewall (ICF)
available
10. Implementing External Network
Security - II
• SOHO routers are connected to provide security to
networked systems sharing a single Internet connection
• Large networks employ a dedicated firewall between a
gateway router and the protected network
• A demilitarized zone (DMZ) can also be implemented to
prevent access to the network
11. Cryptography
• Cryptography is a science that deals with securing
information
• Objectives of Cryptography are:
– Message Confidentiality
– Message Integrity
– Message Authentication
– Message Nonrepudiation – solves the issues related to
disputes beteween sender and receiver
– Entity Authentication
12. Types of Cryptosystems
• Cryptographic systems consists of algorithms and
procedures used for encrypting the messages
• Types of cryptographic systems:
– Symmetric Cryptographic Systems
– Asymmetric Cryptographic Systems
• Symmetric Cryptographic Systems use same keys for
encryption and decryption
• Asymmetric Cryptographic Systems use two keys, one for
encryption and other for decryption
13. Encryption/Decryption
• Encryption refers to conversion of plain text into cipher
text
• Cipher algorithm is used to transform plain text into
cipher text
• Different types of traditional ciphers used to encode the
message fall in to two broad categories:
– Substitution ciphers
– Transposition ciphers
14. Public Key Encryption/Decryption
• Uses a combination of two keys the private key and
the public key (Asymmetric)
• Private key is known only to the receiver of the
message
15. Secret Key Encryption / Decryption
• Uses the same key to encrypt and decrypt the message
(Symmetric)
• Algorithm used for decrypting the message is inverse of
algorithm that is used to encrypt message
16. Digital Signatures - I
• Used to authenticate the origin of the document
• Come under the asymmetric cryptography category
• Can be accomplished in two ways:
– Signing the document
– Signing the digest of the document
18. Digital Signature - III
• Signing the Document – public and private
keys of the sender are used for encrypting and
decrypting the document
• Signing the digest – used when the message
to be sent is long. Creates a digest of the
message using the hash function and then sign
it
19. Authentication Protocol
• Authentication is a process by which the identity of the
concerned party is identified before starting the
communication process
• Data traffic is encrypted using symmetric key
cryptography for performance reasons
• Public key cryptography is used for developing
authorization protocols as well as creating a session key
20. Authentication based on Shared Secret
Key
• Challenge response protocols used for authentication using
shared secret key
21. Authentication using Kerberos
• Three types of servers involved in Kerberos protocol:
– Authentication Server (AS)
– Ticket-Granting Server (TGS)
– Real Server
22. Authentication using Public – Key
Cryptography
• Certification Authority : Organization that binds a public
key to an entity and issues a certificate
23. Firewall - I
• Firewall is a system that blocks all unwanted and
unauthorized access of the system resources
• Firewall can be set using a router, switch, or a bridge
• Firewall is basically present at the junction point or
gateway between two networks like a private and public
network
• Firewalls can be hardware or software
• Basic types of firewalls are:
– Packet-Filter Firewalls
– Proxy Firewalls
24. Types of Firewall
• Packet filter Firewall – forward or blocks the
packets depending source and destination IP
address, port address or type of protocol used
(TCP or UDP). Collects the information from
the network and transport layer headers
• Proxy Firewall – filters the data at application
layer e.g. online book
25. Firewall - II
• Demilitarized Zones in Firewall
– Network that is usually present between an internal and
external network of an organization
– DMZ host provides services for external networks thus
providing cover for internal networks against intruders
26. VLAN - I
• Individual broadcast domains created by the switch are
called virtual LANs.
• Different characteristics used to group stations in a VLAN
are:
– Port Numbers
– MAC addresses
– IP addresses
– Multicast IP Addresses
– Combination
• IEEE standard 802.1Q defines format of frame tagging in
VLAN
27. VLAN - II
• VLAN can be configured in three ways: Manual,
Automatic, and Semiautomatic
• Three methods used for communication between
switches are:
– Table Maintenance
– Frame tagging
– Time Division Multiplexing (TDM)
• Advantages of VLAN are:
– Network Management
– Creating Virtual Work Groups
– Security
28. Fault Tolerance and Redundancy
• Shared data of a network should have better protection
rather than having to restore the backups with difficulty
• The capability of a server to continue operating in case
of a hardware failure is known as fault tolerance
• To implement fault tolerance you have to make the data
redundant on the serving system
29. RAID
• RAID is a technology that uses a collection of hard disks
to share and replicate data
• Different levels of RAID are RAID 0, 1, 2, 3, 4, 5, 6, 0+1,
10, 53 and linear RAID
30. Network-Attached Storage (NAS)
• Used for implementing a server just for file sharing
• A prebuilt system usually running LINUX with Samba and/
or Network File System (NFS)
• Devices have DHCP enabled and require very little or no
configuration to run
31. Storage area network (SAN)
• SAN is a network whose
primary aim is to transfer data
between disk arrays, tape
drives and servers
• The various SAN components
are:
– Fiber channel Switches
– Hosts and Host Bus Adapters
– Storage Devices
– Cabling and Cable Connectors
32. Tape Backup
• Tape backup becomes essential incase of a hardware
crash or damage to the server
• Magnetic tape is the oldest method of storing data from
the computer
• Tape backup options fall in to three major groups:
– Quarter-inch tape (QIC)
– Digital Audio Tape (DAT)
– Digital Linear Tape (DLT)
33. Perfect Server - I
• Network that shares data requires specialized hardware
so as to share data as fast as possible
• Hardware requirement for Speed
– Fast NICS : Increasing the data throughput and making it
do more than one task at a time
– Faster Drives : Using a PATA or a SCSI drive and
implementing RAID 5 for data protection
34. Perfect Server - II
• Servers require reliability, speed as well as data
protection
• Good Power
• Antivirus Program
• Environment
35. Hardware Requirement for speed
• The hardware requirements for a server and a
workstation differ from each other completely
• Workstations do not require the speed, reliability and
data backup. Servers on the other hand require
reliability, speed, as well as data protection
• The two things that can make the server provide good
speed are:
– Fast NICs
– Fast Drives
36. Reliability - I
• A steady AC power supply is to be provided to all the
systems
• The different methods of providing good power are:
– Dedicated Circuits
– Surge suppressors
– Uninterruptible Power Supply (UPS)
– Backup Power
• Another problem along with faulty power is computer
viruses
37. Reliability - II
• Five typical types of viruses are:
– Boot sector
– Executable
– Macro
– Trojan
– Worm
• Damage due to virus attacks can be prevented by not
allowing the virus from entering the system
• Necessary to provide a good environment for the server
to improve its reliability
38. Protocols
• Different protocols are used at different layers of the OSI
model for providing security to the users
• The different protocols used are:
– Secure Socket Layer (SSL)
– Internet Protocol Security (IPSec)
– Point-to-Point Tunneling Protocol (PPTP)
– Point-to-Point Protocol (PPP)
– Serial Line Interface Protocol (SLIP)
39. SLIP
• Serial Line Internet Protocol (SLIP) is used to connect the
computer to the Internet using serial connection such as
the dial-up modem
• Serial Line Internet Protocol was designed for Data link
protocol for telephony
• However, SLIP only supported TCP/IP and not NetBEUI or
IPX network.
40. PPP - I
• One of the common protocols for point to point access
• PPP addressed all of the shortcomings of SLIP
• Different services provided by PPP are as follows:
– Defines the format of the frames to be exchanged
between devices.
– Defines how the devices can negotiate for establishment
of link and exchange of data
– Defines how network layer data is encapsulated in the
data link frame.
– Defines how the devices can authenticate each other
41. PPP - II
• Provides multiple network layer services that support
different network layer protocols.
• Provides connection over multiple links.
• Provides network address configuration which is useful
incase a user needs a temporary network address to
connect to the Internet
42. PPTP
• Network protocol that allows secure transfer of data
from a remote client to a private server
• It is the Microsoft VPN encryption protocol
• The three processes involved in PPTP are:
– PPTP connection and communication
– PPTP control connection
– PPTP data tunnelling
43. IPSec
• Protocol set that was developed by Internet Engineering
Task Force (IETF) for providing security to a packet at the
network level
• IPSec operates in two modes:
– Transport Mode
– Tunnel Mode
44. SSL
• SSL is a protocol developed by Netscape for transmitting
private documents over the Internet.
• Web pages that use SSL have URLs starting with https
• Different services provided by SSL for the data received
by application layer are:
– Fragmentation
– Compression
– Message Integrity
– Confidentiality
– Framing