Anne Starr, profile picture
Uploaded byAnne Starr
46 views

Topic22

The document discusses several topics relating to cyber security foundations: 1. It outlines various network security concepts like the OSI model and vulnerabilities in core TCP/IP protocols that can be mitigated through encryption and firewall configuration. 2. It then examines vulnerabilities and mitigations for several application layer protocols including DNS, HTTP, FTP and wireless protocols. 3. Router security best practices like access control lists and strong authentication are presented to prevent attacks like man-in-the-middle. 4. Endpoint security solutions using devices like firewalls, antivirus and encryption are recommended to secure mobile devices connecting to the network. 5. Finally, it stresses the importance of physical security for network devices through locking,

Embed presentation

FOUNDATION IN CYBER SECURITY Network Security
Network Security Overview Copyright © 2019 Logical Operations, Inc. All rights reserved. • Network security is one of the most critical topics. • Rapid changes to technology make networking complex. • Need to secure each technology separately. • Need to handle interoperability issues. • No more clear-cut boundaries for the network.
The OSI Model 7 Application 7 Application 6 Presentation 6 Presentation 5 Session 5 Session 4 Transport 4 Transport 3 Network 3 Network 2 Data Link 2 Data Link 1 Physical 1 Physical Web Server Client Browser Information/Data Flow Copyright © 2019 Logical Operations, Inc. All rights reserved.
TCP/IP Core Protocol Vulnerabilities and Mitigation (Slide 1 of 2) Copyright © 2019 Logical Operations, Inc. All rights reserved. Protocol Vulnerability or Threat Mitigation TCP • An attacker can predict the incrementing sequence number of a TCP session and use it to hijack a session that has already been authenticated and authorized. • TCP can carry malicious payloads to other computers. • Use encrypted versions of Layer 7 protocols. • Encrypt or digitally sign data payloads. • Block unused TCP ports on firewalls. UDP • UDP requires no acknowledgment, so it’s easy to spoof the source or destination of UDP packets. • UPD can cause amplification and other denial-of-service attacks. • Use encrypted versions of Layer 7 protocols. • Encrypt and digitally sign data payloads. • Block unused UDP ports on firewalls. IP • IP has no mechanism for verifying the actual identity of the sender or the receiver. • It’s easy to spoof IP addresses, so that packets are sent to or received from a machine other than the intended destination or source. • An attacker can craft malicious IP packet fragments that cannot be reassembled by the receiving computer, causing a denial of service attack. Configure the router and other IP devices to disallow IP features that can be abused, including fragments, ICMP redirection, and source routing.
TCP/IP Core Protocol Vulnerabilities and Mitigation (Slide 2 of 2) Copyright © 2019 Logical Operations, Inc. All rights reserved. Protocol Vulnerability or Threat Mitigation ICMP • An attacker can send an ICMP redirect telling targets to use the attacker's machine as a default gateway. • An attacker can insert malicious data inside an ICMP packet, which will pass through routers and firewalls under the assumption that it is just a status message. • An attacker can send oversized ICMP packets and overwhelm the system. Configure firewalls and routers to disallow ICMP unless it is actually needed. IGMP Malformed IGMP packets can cause a buffer overflow in denial of service on a receiving host. Configure firewalls and routers to disable IGMP unless it is actually needed. ARP • ARP (and its twin RARP) is vulnerable because it is sent in cleartext by broadcast, with no way to verify the identity of the sending computer. • An attacker can poison a system's ARP table or cache, causing traffic to be delivered to the wrong node. This type of poisoning is the underlying mechanism for most man-in-the-middle attacks. Hard-code IP-to-MAC mappings in switches and device ARP caches.
Application Layer Protocols Vulnerabilities and Mitigation (Slide 1 of 4) Copyright © 2019 Logical Operations, Inc. All rights reserved. Protocol Vulnerability Mitigation DHCP Broadcasts in cleartext, so attackers can: • Plug directly into a network jack and receive an IP address. • Set up rogue DHCP servers that provide incorrect addresses to clients. Don’t use DHCP; hard code IP addresses on hosts instead. DNS Sends data in cleartext with no authentication, so attackers can: • Divert, intercept, or deny end-user communications. • Perform unauthorized zone transfers with DNS servers. • Send inaccurate lookup information to clients. • Corrupt the DNS server’s database or lookup cache. Use DNS Security (DNSSEC) to accompany all DNS records with digital signatures. SNMP • Prior to v3, SNMP is sent in cleartext, allowing it to be sniffed. • SNMP uses a weak authentication method that is easy to spoof. Install SNMP v3, or use a proprietary network management solution.
Application Layer Protocols Vulnerabilities and Mitigation (Slide 2 of 4) Copyright © 2019 Logical Operations, Inc. All rights reserved. Protocol Vulnerability Mitigation FTP • Standard FTP uses plaintext password authentication and no encryption, enabling man-in-the-middle attacks. • Some FTP implementations permit anonymous connections. • Use an encrypted replacement like FTPS or SFTP. • Disallow anonymous connections. • Apply file system permissions on the directories that contain FTP content. Telnet • Telnet is sent in cleartext with no encryption or digital signatures. • Its sessions can be sniffed, and it is vulnerable to session hijacking and man-in-the-middle attacks. Use SSH instead of Telnet. SSH • Different implementations have been vulnerable. • OpenSSH bug allowed enumeration of usernames registered on the SSH server. Make sure your SSH product is patched. HTTP • Uses plaintext and no authentication, so an attacker can intercept or manipulate sensitive information in web forms. • Lack of encryption and digital signatures allows for man-in-the-middle attacks. • Use HTTPS, with TLS v1.2 encryption. • Configure the web server to require Strict Transport Security (HSTS) so that an HTTPS session cannot be downgraded to HTTP.
Application Layer Protocols Vulnerabilities and Mitigation (Slide 3 of 4) Copyright © 2019 Logical Operations, Inc. All rights reserved. Protocol Vulnerability Mitigation SMTP • No authentication or encryption between servers, allowing fake email servers to send spam. • Cleartext SMTP can be sniffed and spoofed. • Create TLS tunnels and authentication between email servers. • Configure clients to use encrypted versions of SMTP. POP and IMAP Messages are sent in cleartext and can be sniffed or spoofed by an unauthorized person. Configure clients to use encrypted versions of POP3 and IMAP4. LDAP • LDAP provides weak authentication based on DNS. • If DNS is compromised, LDAP is also easy for an attacker to compromise. • Standard LDAP sends messages in plaintext, which can be easily intercepted and read by attackers. Configure clients and servers to use encrypted LDAPS. Kerberos • Weak implementations can have vulnerabilities. • Microsoft implementation allows creation of fake hash checksums and forged tickets (Security Bulletin MS14-068). Patch and update affected systems.
Application Layer Protocols Vulnerabilities and Mitigation (Slide 4 of 4) Copyright © 2019 Logical Operations, Inc. All rights reserved. Protocol Vulnerability Mitigation SMB • Unauthenticated "null session" enumeration. • Weak encryption. • Ransomware like WannaCry. • Buffer overflows like EternalBlue. • Patch and update affected systems. • Configure systems to disallow older protocol versions and null sessions. • Block SMB-related ports on the firewall: TCP 139 and 445, UDP 137, 138, and 139. RPC Crafted RPC calls can gain system level privilege from vulnerable Windows Services that use RPC (CVE-2003-0352/MS03-026 DCOM buffer overflow being the most notable). • Patch and update affected systems. • Block TCP 135 on the firewall. NFS • Older versions of NFS do not include encryption mechanisms to prevent eavesdropping or tampering of data being transferred. • Many implementations do not have access controls to prevent unauthorized connection and data theft. • Put access control on all NFS shares. • Block TCP 2049 on the firewall. RDP RDP is vulnerable to numerous flooding, overflow, and cryptographic attacks. • Patch affected systems, and configure the RDP server to allow only Network Level Authentication. • Use certificates issued by a trusted CA for authentication.
• Use firewalls/intrusion detection to monitor protocol abuse/suspicious traffic. • Harden/patch servers and workstations to mitigate risks from TCP/IP protocols. • Use TCP wrappers on Linux/UNIX devices to verify incoming connections to host. • Configure personal firewalls on all computers. • Configure routers to disallow/filter: • Source routing - can potentially be used for spoofing. • Subnet broadcasts - can potentially be used for denial of service. • ICMP - filter ICMP by message type; only allow PING to and from trusted hosts. • IP fragments - deliberately malformed fragments could be a denial of service technique. • IP options - excessive use could result in router CPU denial of service. • IP packets with low time-to-live (TTL) - could be used for denial of service. Copyright © 2019 Logical Operations, Inc. All rights reserved. Network Vulnerability Mitigation (Slide 1 of 2)
• If practical, implement DNSSEC in your environment. • If practical, implement authentication/encryption between servers, in your enterprise, and with partners. • Use authenticated/encrypted alternatives to cleartext protocols, including: • SSH (port 22) instead of telnet (port 23). • HTTPS (port 443) instead of HTTP (port 80). • SMTPS (port 465) or MSA (port 587) instead of SMTP (port 25). • IMAPS (port 993) or IMAP-SSL (port 585) instead of IMAP (port 143). • SSL-POP (port 995) instead of POP3 (port 110). • When possible, change default port of a service to an unexpected port number. • When possible, encrypt and digitally sign the payload. Copyright © 2019 Logical Operations, Inc. All rights reserved. Network Vulnerability Mitigation (Slide 2 of 2)
Wireless Security (Slide 1 of 2) Copyright © 2019 Logical Operations, Inc. All rights reserved. Wireless Security Protocol Description WEP • Wired Equivalent Privacy. • Relies on stream cipher with 24-bit initialization vector (IV). • Attack on IV can easily predict short value. • Can be compromised in minutes. • Obsolete – do not use. WPA • Wi-Fi Protected Access. • Provides additional encryption using Temporal Key Integrity Protocol (TKIP). • TKIP is vulnerable to transmission of arbitrary packets. • Also vulnerable to decryption of arbitrary packets. • Obsolete – do not use. WPA2 (802.11i) • Improvement on WPA. • Includes stronger encryption (CCMP protocol using AES standard). • Biggest known vulnerability is choosing a weak password. • The current best choice for Wi-Fi security. WPS • Automated mechanism for wireless devices to obtain the Wi-Fi key from the router. • Wi-Fi setup is easy and convenient. • Negotiation can be intercepted and cracked by hacking tools.
When implementing wireless security: • Select WPA2 (even WPA2 personal) over WEP or WPA. • When possible, use a RADIUS server for wireless authentication. • If you must use a pre-shared key, make the password complex and change it regularly. • Manually enter Wi-Fi passwords into your device, rather than allowing them to autoconfigure themselves by using WPS. • If necessary, enter the MAC addresses of all devices that are permitted to connect to the wireless network into the access point. Copyright © 2019 Logical Operations, Inc. All rights reserved. Wireless Security (Slide 2 of 2)
• If a router is compromised, attacker can use it in a man-in-the-middle attack. • Like planting a bug in a room to listen in remotely. • Can also initiate DoS attacks. • Router must be physically protected first and foremost. • Theft or tampering with router will result in major network issues. • Routers are also subject to logical attacks. • Attacker may attempt to access router using a remote protocol like Telnet/SSH. • May also try to send excessive or malformed packets to router, causing a DoS. Router Vulnerabilities Copyright © 2019 Logical Operations, Inc. All rights reserved.
• Deploy the router in a secure, locked area. • Disable all unnecessary services on the router. • Disable any unnecessary routing protocols. • Harden the router per the manufacturer's recommendations. • Use SSH instead of Telnet. • Create access control lists. • Require strong authentication for administrator connections. • Limit number of admin connections, and disconnect inactive sessions. • Require authentication to a centralized server on higher-end routers. • Create custom administrative accounts with limited privileges for support personnel. • Ensure passwords are stored using encryption. • Forward all security events to a central syslog server. • Monitor activity on the router, watching for suspicious behavior. Copyright © 2019 Logical Operations, Inc. All rights reserved. Router Security
• Comprehensive solution to secure mobile devices as they connect to network. • Ensures that these devices are healthy and cannot compromise network. • Software installed on devices includes: • Firewall • VPN client • Antivirus • Anti-malware • Encryption • Uses client/server security model. • Central server on network pushes updates to mobile clients and controls access. • Endpoint security often includes mobile device management (MDM). Copyright © 2019 Logical Operations, Inc. All rights reserved. Endpoint Security
• Various devices enable networking capabilities. • Often found in server rooms. • Use the following methods to secure these devices: • Physically secure all devices against tampering or accidents. • Lock cabinets and rack doors. • Use cable locks on laptops and small PCs. • Mount power adapters, smart jacks, media converters, etc., where they can be easily monitored and serviced. • Consider using a "lights out" approach to server management. • Place non-rack-mountable equipment on boltable trays above the rack floor. • Route all cables both inside racks and in the ceiling in managed bundles and cable trays. Copyright © 2019 Logical Operations, Inc. All rights reserved. Physical Devices
END Copyright © 2019 Logical Operations, Inc. All rights reserved.

More Related Content

PPTX
gkkSecurity essentials domain 2
byAnne Starr
 
PPTX
topicCybersecurity_4
byAnne Starr
 
PPT
Firewall Essentials
bySylvain Maret
 
PPT
Firewall
byManikyala Rao
 
PPT
Hacking Cisco
byguestd05b31
 
PPT
Barriers to TOR Research at UC Berkeley
byjoebeone
 
PPT
I ptable
bySandeep Gupta
 
PPT
Firewalls
byIsrael Marcus
 
gkkSecurity essentials domain 2
byAnne Starr
 
topicCybersecurity_4
byAnne Starr
 
Firewall Essentials
bySylvain Maret
 
Firewall
byManikyala Rao
 
Hacking Cisco
byguestd05b31
 
Barriers to TOR Research at UC Berkeley
byjoebeone
 
I ptable
bySandeep Gupta
 
Firewalls
byIsrael Marcus
 

What's hot

PPT
T C P I P Weaknesses And Solutions
byeroglu
 
PPTX
Common Layer 2 Threats, Attacks & Mitigation
byNetProtocol Xpert
 
PPT
UCL
byJanak Chandarana
 
PPT
Test
bysinha.mrinal
 
PDF
CISSP Week 6
byjemtallon
 
PPTX
Firewallpresentation 100826052003-phpapp02(1)
byPrabhdeep Kaur
 
PPTX
Basic Cisco ASA 5506-x Configuration (Firepower)
byNetProtocol Xpert
 
PPT
Isys20261 lecture 07
byWiliam Ferraciolli
 
PPT
Lte and future frauds
byRanjeet Kumar
 
PPTX
Tunneling vpn security and implementation
byMohibullah Saail
 
PPTX
security problems in the tcp/ip protocol suite
byYash Kotak
 
PDF
Ccna 2 Chapter 8 V4.0 Answers
byccna4discovery
 
PPT
Firewalls (6)
byBhargu Bhargavi
 
PDF
Java Abs Packet Sniffer Tool
byncct
 
PDF
Practical steps to mitigate DDoS attacks
bySecurity Session
 
PPT
Mitigating Layer2 Attacks
bydkaya
 
PDF
Packet sniffing & ARP Poisoning
byViren Rao
 
PPTX
SDN and Named Data Networking Security
bywolverinetyagi
 
PDF
DDoS Mitigation Tools and Techniques
byBabak Farrokhi
 
T C P I P Weaknesses And Solutions
byeroglu
 
Common Layer 2 Threats, Attacks & Mitigation
byNetProtocol Xpert
 
UCL
byJanak Chandarana
 
Test
bysinha.mrinal
 
CISSP Week 6
byjemtallon
 
Firewallpresentation 100826052003-phpapp02(1)
byPrabhdeep Kaur
 
Basic Cisco ASA 5506-x Configuration (Firepower)
byNetProtocol Xpert
 
Isys20261 lecture 07
byWiliam Ferraciolli
 
Lte and future frauds
byRanjeet Kumar
 
Tunneling vpn security and implementation
byMohibullah Saail
 
security problems in the tcp/ip protocol suite
byYash Kotak
 
Ccna 2 Chapter 8 V4.0 Answers
byccna4discovery
 
Firewalls (6)
byBhargu Bhargavi
 
Java Abs Packet Sniffer Tool
byncct
 
Practical steps to mitigate DDoS attacks
bySecurity Session
 
Mitigating Layer2 Attacks
bydkaya
 
Packet sniffing & ARP Poisoning
byViren Rao
 
SDN and Named Data Networking Security
bywolverinetyagi
 
DDoS Mitigation Tools and Techniques
byBabak Farrokhi
 

Similar to Topic22

PPTX
Securityic2
byAnne Starr
 
PPTX
gkk_2021123rg5hSecurity essentials domain 2
byAnne Starr
 
PPTX
gkk20211e4djwew4dSecurity essentials domain 2
byAnne Starr
 
PPT
Chapter 4.ppt
bygirmawodajo
 
PPT
Security - ch5.ppt
byHabtamuHaileMichael2
 
PPTX
PACE-IT: Common Network Vulnerabilities
byPace IT at Edmonds Community College
 
PPSX
Network security
bysyed mehdi raza
 
PPT
12 tcp-dns
byCulverton Blessy
 
PPT
Network sec 1
byJasleen Kaur
 
PPTX
Security in network
byDaNang University of Technology
 
PPT
IT8005_EC_Unit_III_Securing_Communication_Channels
byPalani Kumar
 
PPT
Network Security fundamentals
byTariq kanher
 
PDF
TCPIP-Protocol-and-Its-Vulnerabilities.pdf
byAshutoshBhatia7
 
PPTX
Network security - Defense in Depth
byDilum Bandara
 
PPT
Network Security
byMohammed Adam
 
PDF
Analysis of network_security_threats_and_vulnerabilities_by_development__impl...
byTương Hoàng
 
PPT
Net Sec
bybackdoor
 
PPT
Practical Network Security
bySudarsun Santhiappan
 
PPT
lec security
byEngr. ZEESHAN QAISER
 
PPT
Network Security
byVIKAS SINGH BHADOURIA
 
Securityic2
byAnne Starr
 
gkk_2021123rg5hSecurity essentials domain 2
byAnne Starr
 
gkk20211e4djwew4dSecurity essentials domain 2
byAnne Starr
 
Chapter 4.ppt
bygirmawodajo
 
Security - ch5.ppt
byHabtamuHaileMichael2
 
PACE-IT: Common Network Vulnerabilities
byPace IT at Edmonds Community College
 
Network security
bysyed mehdi raza
 
12 tcp-dns
byCulverton Blessy
 
Network sec 1
byJasleen Kaur
 
Security in network
byDaNang University of Technology
 
IT8005_EC_Unit_III_Securing_Communication_Channels
byPalani Kumar
 
Network Security fundamentals
byTariq kanher
 
TCPIP-Protocol-and-Its-Vulnerabilities.pdf
byAshutoshBhatia7
 
Network security - Defense in Depth
byDilum Bandara
 
Network Security
byMohammed Adam
 
Analysis of network_security_threats_and_vulnerabilities_by_development__impl...
byTương Hoàng
 
Net Sec
bybackdoor
 
Practical Network Security
bySudarsun Santhiappan
 
lec security
byEngr. ZEESHAN QAISER
 
Network Security
byVIKAS SINGH BHADOURIA
 

More from Anne Starr

PPTX
I01letor20so201leutor2020
byAnne Starr
 
PPTX
Iso27001leadauditor2020
byAnne Starr
 
PPTX
Ccsddm5days
byAnne Starr
 
PPT
Dayblic
byAnne Starr
 
PPT
Day1cspbeblic
byAnne Starr
 
PPTX
Dncybersecurity
byAnne Starr
 
PPTX
Dancyrityshy 1foundatioieh
byAnne Starr
 
PPTX
2 slides(2ndvariadaystion)
byAnne Starr
 
PPTX
Sec4
byAnne Starr
 
PPTX
Secuntialesse
byAnne Starr
 
PPTX
)k
byAnne Starr
 
PDF
inte
byAnne Starr
 
PDF
Awtitioneressentialsdeckscloudprac401-577
byAnne Starr
 
PDF
01wslouAsentialsdeck2dpractitioneres-400
byAnne Starr
 
PDF
uderessAwscloentialsdeck1-2ion00
byAnne Starr
 
PPTX
Cloudhnologysstecociat
byAnne Starr
 
PPTX
Cmbysantocsddsh
byAnne Starr
 
PPTX
Cddmbysantcsosh
byAnne Starr
 
PPTX
Ccbysantsddosh
byAnne Starr
 
PPTX
Ccsdbyhday1santodms
byAnne Starr
 
I01letor20so201leutor2020
byAnne Starr
 
Iso27001leadauditor2020
byAnne Starr
 
Ccsddm5days
byAnne Starr
 
Dayblic
byAnne Starr
 
Day1cspbeblic
byAnne Starr
 
Dncybersecurity
byAnne Starr
 
Dancyrityshy 1foundatioieh
byAnne Starr
 
2 slides(2ndvariadaystion)
byAnne Starr
 
Sec4
byAnne Starr
 
Secuntialesse
byAnne Starr
 
)k
byAnne Starr
 
inte
byAnne Starr
 
Awtitioneressentialsdeckscloudprac401-577
byAnne Starr
 
01wslouAsentialsdeck2dpractitioneres-400
byAnne Starr
 
uderessAwscloentialsdeck1-2ion00
byAnne Starr
 
Cloudhnologysstecociat
byAnne Starr
 
Cmbysantocsddsh
byAnne Starr
 
Cddmbysantcsosh
byAnne Starr
 
Ccbysantsddosh
byAnne Starr
 
Ccsdbyhday1santodms
byAnne Starr
 

Recently uploaded

PPTX
literary theory and criticism by Vivek p
byvivekrathodborda
 
PDF
Bishan_Singh_Presentation - Toba tek Singh
bygopalsinhchauhan9313
 
PPTX
'Colonial Mentality and Social Identity in Karma by Khushwant Singh'
byKrishnarajsinh Parmar
 
PPTX
Central Line Associated Bloodstream Infection
bynabinabhaila40
 
PDF
Sharad Bisen_Irrigation Systems and Methods in Horticultural Crops.pdf
bybisensharad
 
PPT
West Hatch High School - GCSE History Option
byWestHatch
 
PPTX
Appreciations - Jan 26 01.pptxkkkmmkmkmkmkm
bypreetheshparmar
 
PPTX
Guidelines for reporting social networks and personal networks data
byisidromj
 
PPTX
West Hatch High School - GCSE Spanish Presentation
byWestHatch
 
PDF
APPSC APPSC Forest Draughtsman GS Question paper.pdf
byssuser9d8e4e
 
PPTX
How to Track Team Performance Analysis in Odoo 18 Recruitment
byCeline George
 
PDF
Information about Presentation strategies
bymansivaja18126
 
PPTX
Master of Punjabi Short Story "kartar singh duggal
bybhautikbharwad4
 
PDF
Radio Ceylon Finals (An Indian Subcontinent Quiz).pdf
byConquiztadors- the Quiz Society of Sri Venkateswara College
 
PPTX
How to Create & Automate Asset Model in Odoo 18 Accounting
byCeline George
 
PPTX
West Hatch High School: Year 9 Art Course
byWestHatch
 
PPTX
The night at deoli - Ruskin bond's story of first love
byrajibhammar4
 
PDF
Types of Foot & Foot Modifications in Birds
byDr. Ramzan Virani
 
PDF
Radio Ceylon Prelims (An Indian Subcontinent Quiz).pdf
byConquiztadors- the Quiz Society of Sri Venkateswara College
 
PPTX
Definition of communication skills and it's process.
bypurvrajsinhsarvaiya0
 
literary theory and criticism by Vivek p
byvivekrathodborda
 
Bishan_Singh_Presentation - Toba tek Singh
bygopalsinhchauhan9313
 
'Colonial Mentality and Social Identity in Karma by Khushwant Singh'
byKrishnarajsinh Parmar
 
Central Line Associated Bloodstream Infection
bynabinabhaila40
 
Sharad Bisen_Irrigation Systems and Methods in Horticultural Crops.pdf
bybisensharad
 
West Hatch High School - GCSE History Option
byWestHatch
 
Appreciations - Jan 26 01.pptxkkkmmkmkmkmkm
bypreetheshparmar
 
Guidelines for reporting social networks and personal networks data
byisidromj
 
West Hatch High School - GCSE Spanish Presentation
byWestHatch
 
APPSC APPSC Forest Draughtsman GS Question paper.pdf
byssuser9d8e4e
 
How to Track Team Performance Analysis in Odoo 18 Recruitment
byCeline George
 
Information about Presentation strategies
bymansivaja18126
 
Master of Punjabi Short Story "kartar singh duggal
bybhautikbharwad4
 
Radio Ceylon Finals (An Indian Subcontinent Quiz).pdf
byConquiztadors- the Quiz Society of Sri Venkateswara College
 
How to Create & Automate Asset Model in Odoo 18 Accounting
byCeline George
 
West Hatch High School: Year 9 Art Course
byWestHatch
 
The night at deoli - Ruskin bond's story of first love
byrajibhammar4
 
Types of Foot & Foot Modifications in Birds
byDr. Ramzan Virani
 
Radio Ceylon Prelims (An Indian Subcontinent Quiz).pdf
byConquiztadors- the Quiz Society of Sri Venkateswara College
 
Definition of communication skills and it's process.
bypurvrajsinhsarvaiya0
 

Topic22

  • 1.
  • 2.
    Network Security Overview Copyright© 2019 Logical Operations, Inc. All rights reserved. • Network security is one of the most critical topics. • Rapid changes to technology make networking complex. • Need to secure each technology separately. • Need to handle interoperability issues. • No more clear-cut boundaries for the network.
  • 3.
    The OSI Model 7Application 7 Application 6 Presentation 6 Presentation 5 Session 5 Session 4 Transport 4 Transport 3 Network 3 Network 2 Data Link 2 Data Link 1 Physical 1 Physical Web Server Client Browser Information/Data Flow Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 4.
    TCP/IP Core ProtocolVulnerabilities and Mitigation (Slide 1 of 2) Copyright © 2019 Logical Operations, Inc. All rights reserved. Protocol Vulnerability or Threat Mitigation TCP • An attacker can predict the incrementing sequence number of a TCP session and use it to hijack a session that has already been authenticated and authorized. • TCP can carry malicious payloads to other computers. • Use encrypted versions of Layer 7 protocols. • Encrypt or digitally sign data payloads. • Block unused TCP ports on firewalls. UDP • UDP requires no acknowledgment, so it’s easy to spoof the source or destination of UDP packets. • UPD can cause amplification and other denial-of-service attacks. • Use encrypted versions of Layer 7 protocols. • Encrypt and digitally sign data payloads. • Block unused UDP ports on firewalls. IP • IP has no mechanism for verifying the actual identity of the sender or the receiver. • It’s easy to spoof IP addresses, so that packets are sent to or received from a machine other than the intended destination or source. • An attacker can craft malicious IP packet fragments that cannot be reassembled by the receiving computer, causing a denial of service attack. Configure the router and other IP devices to disallow IP features that can be abused, including fragments, ICMP redirection, and source routing.
  • 5.
    TCP/IP Core ProtocolVulnerabilities and Mitigation (Slide 2 of 2) Copyright © 2019 Logical Operations, Inc. All rights reserved. Protocol Vulnerability or Threat Mitigation ICMP • An attacker can send an ICMP redirect telling targets to use the attacker's machine as a default gateway. • An attacker can insert malicious data inside an ICMP packet, which will pass through routers and firewalls under the assumption that it is just a status message. • An attacker can send oversized ICMP packets and overwhelm the system. Configure firewalls and routers to disallow ICMP unless it is actually needed. IGMP Malformed IGMP packets can cause a buffer overflow in denial of service on a receiving host. Configure firewalls and routers to disable IGMP unless it is actually needed. ARP • ARP (and its twin RARP) is vulnerable because it is sent in cleartext by broadcast, with no way to verify the identity of the sending computer. • An attacker can poison a system's ARP table or cache, causing traffic to be delivered to the wrong node. This type of poisoning is the underlying mechanism for most man-in-the-middle attacks. Hard-code IP-to-MAC mappings in switches and device ARP caches.
  • 6.
    Application Layer ProtocolsVulnerabilities and Mitigation (Slide 1 of 4) Copyright © 2019 Logical Operations, Inc. All rights reserved. Protocol Vulnerability Mitigation DHCP Broadcasts in cleartext, so attackers can: • Plug directly into a network jack and receive an IP address. • Set up rogue DHCP servers that provide incorrect addresses to clients. Don’t use DHCP; hard code IP addresses on hosts instead. DNS Sends data in cleartext with no authentication, so attackers can: • Divert, intercept, or deny end-user communications. • Perform unauthorized zone transfers with DNS servers. • Send inaccurate lookup information to clients. • Corrupt the DNS server’s database or lookup cache. Use DNS Security (DNSSEC) to accompany all DNS records with digital signatures. SNMP • Prior to v3, SNMP is sent in cleartext, allowing it to be sniffed. • SNMP uses a weak authentication method that is easy to spoof. Install SNMP v3, or use a proprietary network management solution.
  • 7.
    Application Layer ProtocolsVulnerabilities and Mitigation (Slide 2 of 4) Copyright © 2019 Logical Operations, Inc. All rights reserved. Protocol Vulnerability Mitigation FTP • Standard FTP uses plaintext password authentication and no encryption, enabling man-in-the-middle attacks. • Some FTP implementations permit anonymous connections. • Use an encrypted replacement like FTPS or SFTP. • Disallow anonymous connections. • Apply file system permissions on the directories that contain FTP content. Telnet • Telnet is sent in cleartext with no encryption or digital signatures. • Its sessions can be sniffed, and it is vulnerable to session hijacking and man-in-the-middle attacks. Use SSH instead of Telnet. SSH • Different implementations have been vulnerable. • OpenSSH bug allowed enumeration of usernames registered on the SSH server. Make sure your SSH product is patched. HTTP • Uses plaintext and no authentication, so an attacker can intercept or manipulate sensitive information in web forms. • Lack of encryption and digital signatures allows for man-in-the-middle attacks. • Use HTTPS, with TLS v1.2 encryption. • Configure the web server to require Strict Transport Security (HSTS) so that an HTTPS session cannot be downgraded to HTTP.
  • 8.
    Application Layer ProtocolsVulnerabilities and Mitigation (Slide 3 of 4) Copyright © 2019 Logical Operations, Inc. All rights reserved. Protocol Vulnerability Mitigation SMTP • No authentication or encryption between servers, allowing fake email servers to send spam. • Cleartext SMTP can be sniffed and spoofed. • Create TLS tunnels and authentication between email servers. • Configure clients to use encrypted versions of SMTP. POP and IMAP Messages are sent in cleartext and can be sniffed or spoofed by an unauthorized person. Configure clients to use encrypted versions of POP3 and IMAP4. LDAP • LDAP provides weak authentication based on DNS. • If DNS is compromised, LDAP is also easy for an attacker to compromise. • Standard LDAP sends messages in plaintext, which can be easily intercepted and read by attackers. Configure clients and servers to use encrypted LDAPS. Kerberos • Weak implementations can have vulnerabilities. • Microsoft implementation allows creation of fake hash checksums and forged tickets (Security Bulletin MS14-068). Patch and update affected systems.
  • 9.
    Application Layer ProtocolsVulnerabilities and Mitigation (Slide 4 of 4) Copyright © 2019 Logical Operations, Inc. All rights reserved. Protocol Vulnerability Mitigation SMB • Unauthenticated "null session" enumeration. • Weak encryption. • Ransomware like WannaCry. • Buffer overflows like EternalBlue. • Patch and update affected systems. • Configure systems to disallow older protocol versions and null sessions. • Block SMB-related ports on the firewall: TCP 139 and 445, UDP 137, 138, and 139. RPC Crafted RPC calls can gain system level privilege from vulnerable Windows Services that use RPC (CVE-2003-0352/MS03-026 DCOM buffer overflow being the most notable). • Patch and update affected systems. • Block TCP 135 on the firewall. NFS • Older versions of NFS do not include encryption mechanisms to prevent eavesdropping or tampering of data being transferred. • Many implementations do not have access controls to prevent unauthorized connection and data theft. • Put access control on all NFS shares. • Block TCP 2049 on the firewall. RDP RDP is vulnerable to numerous flooding, overflow, and cryptographic attacks. • Patch affected systems, and configure the RDP server to allow only Network Level Authentication. • Use certificates issued by a trusted CA for authentication.
  • 10.
    • Use firewalls/intrusiondetection to monitor protocol abuse/suspicious traffic. • Harden/patch servers and workstations to mitigate risks from TCP/IP protocols. • Use TCP wrappers on Linux/UNIX devices to verify incoming connections to host. • Configure personal firewalls on all computers. • Configure routers to disallow/filter: • Source routing - can potentially be used for spoofing. • Subnet broadcasts - can potentially be used for denial of service. • ICMP - filter ICMP by message type; only allow PING to and from trusted hosts. • IP fragments - deliberately malformed fragments could be a denial of service technique. • IP options - excessive use could result in router CPU denial of service. • IP packets with low time-to-live (TTL) - could be used for denial of service. Copyright © 2019 Logical Operations, Inc. All rights reserved. Network Vulnerability Mitigation (Slide 1 of 2)
  • 11.
    • If practical,implement DNSSEC in your environment. • If practical, implement authentication/encryption between servers, in your enterprise, and with partners. • Use authenticated/encrypted alternatives to cleartext protocols, including: • SSH (port 22) instead of telnet (port 23). • HTTPS (port 443) instead of HTTP (port 80). • SMTPS (port 465) or MSA (port 587) instead of SMTP (port 25). • IMAPS (port 993) or IMAP-SSL (port 585) instead of IMAP (port 143). • SSL-POP (port 995) instead of POP3 (port 110). • When possible, change default port of a service to an unexpected port number. • When possible, encrypt and digitally sign the payload. Copyright © 2019 Logical Operations, Inc. All rights reserved. Network Vulnerability Mitigation (Slide 2 of 2)
  • 12.
    Wireless Security (Slide1 of 2) Copyright © 2019 Logical Operations, Inc. All rights reserved. Wireless Security Protocol Description WEP • Wired Equivalent Privacy. • Relies on stream cipher with 24-bit initialization vector (IV). • Attack on IV can easily predict short value. • Can be compromised in minutes. • Obsolete – do not use. WPA • Wi-Fi Protected Access. • Provides additional encryption using Temporal Key Integrity Protocol (TKIP). • TKIP is vulnerable to transmission of arbitrary packets. • Also vulnerable to decryption of arbitrary packets. • Obsolete – do not use. WPA2 (802.11i) • Improvement on WPA. • Includes stronger encryption (CCMP protocol using AES standard). • Biggest known vulnerability is choosing a weak password. • The current best choice for Wi-Fi security. WPS • Automated mechanism for wireless devices to obtain the Wi-Fi key from the router. • Wi-Fi setup is easy and convenient. • Negotiation can be intercepted and cracked by hacking tools.
  • 13.
    When implementing wirelesssecurity: • Select WPA2 (even WPA2 personal) over WEP or WPA. • When possible, use a RADIUS server for wireless authentication. • If you must use a pre-shared key, make the password complex and change it regularly. • Manually enter Wi-Fi passwords into your device, rather than allowing them to autoconfigure themselves by using WPS. • If necessary, enter the MAC addresses of all devices that are permitted to connect to the wireless network into the access point. Copyright © 2019 Logical Operations, Inc. All rights reserved. Wireless Security (Slide 2 of 2)
  • 14.
    • If arouter is compromised, attacker can use it in a man-in-the-middle attack. • Like planting a bug in a room to listen in remotely. • Can also initiate DoS attacks. • Router must be physically protected first and foremost. • Theft or tampering with router will result in major network issues. • Routers are also subject to logical attacks. • Attacker may attempt to access router using a remote protocol like Telnet/SSH. • May also try to send excessive or malformed packets to router, causing a DoS. Router Vulnerabilities Copyright © 2019 Logical Operations, Inc. All rights reserved.
  • 15.
    • Deploy therouter in a secure, locked area. • Disable all unnecessary services on the router. • Disable any unnecessary routing protocols. • Harden the router per the manufacturer's recommendations. • Use SSH instead of Telnet. • Create access control lists. • Require strong authentication for administrator connections. • Limit number of admin connections, and disconnect inactive sessions. • Require authentication to a centralized server on higher-end routers. • Create custom administrative accounts with limited privileges for support personnel. • Ensure passwords are stored using encryption. • Forward all security events to a central syslog server. • Monitor activity on the router, watching for suspicious behavior. Copyright © 2019 Logical Operations, Inc. All rights reserved. Router Security
  • 16.
    • Comprehensive solutionto secure mobile devices as they connect to network. • Ensures that these devices are healthy and cannot compromise network. • Software installed on devices includes: • Firewall • VPN client • Antivirus • Anti-malware • Encryption • Uses client/server security model. • Central server on network pushes updates to mobile clients and controls access. • Endpoint security often includes mobile device management (MDM). Copyright © 2019 Logical Operations, Inc. All rights reserved. Endpoint Security
  • 17.
    • Various devicesenable networking capabilities. • Often found in server rooms. • Use the following methods to secure these devices: • Physically secure all devices against tampering or accidents. • Lock cabinets and rack doors. • Use cable locks on laptops and small PCs. • Mount power adapters, smart jacks, media converters, etc., where they can be easily monitored and serviced. • Consider using a "lights out" approach to server management. • Place non-rack-mountable equipment on boltable trays above the rack floor. • Route all cables both inside racks and in the ceiling in managed bundles and cable trays. Copyright © 2019 Logical Operations, Inc. All rights reserved. Physical Devices
  • 18.
    END Copyright © 2019Logical Operations, Inc. All rights reserved.