S. Vamshidhar Babu CCNA, MCSE, CEH, CHFI, GNIIT Team Lead AppLabs
Agenda <ul><li>Security Fallacies </li></ul><ul><li>What is Security? </li></ul><ul><li>How to Secure? </li></ul><ul><li>L...
Security Fallacies <ul><li>We have antivirus software, so we are secure </li></ul><ul><li>We have a firewall, so we are se...
What is Security? <ul><li>Its an technique for ensuring that  data   stored  in a  computer  cannot be  read  or compromis...
How to Secure? <ul><li>What assets are you trying to protect? </li></ul><ul><li>What are the risks to those assets? </li><...
Layers of Security <ul><li>Physical Security </li></ul><ul><li>Host Security </li></ul><ul><li>Network Security </li></ul>...
Physical Security <ul><li>Physical security consists of all mechanisms used to ensure that physical access to the computer...
<ul><li>Host security takes a granular view of security by focusing on protecting each computer and device individually in...
Network Security <ul><li>In network security, an emphasis is placed on controlling access to internal computers from exter...
Web Application Security <ul><li>A Web application is an application, generally comprised of a collection of scripts, that...
Web Application Security <ul><li>Application attacks are the latest trend when it comes to hacking. </li></ul><ul><li>On a...
Basic Security Terminology <ul><li>CIA </li></ul><ul><ul><li>Confidentiality </li></ul></ul><ul><ul><li>Integrity </li></u...
Basic Terminology of Attacks <ul><li>Vulnerability: A weakness that may lead to undesirable consequences. </li></ul><ul><l...
Operational model of Computer Security <ul><li>the focus of security was on prevention. If we could prevent somebody from ...
Security Model <ul><li>Prevention </li></ul><ul><li>Access controls </li></ul><ul><li>Firewall </li></ul><ul><li>Encryptio...
Security Principles <ul><li>Three ways to an organization to choose to address the protection of its network: </li></ul><u...
Security Concerns <ul><li>Security concerns: </li></ul><ul><ul><li>Application reliance on the Internet  </li></ul></ul><u...
Common Types of Attacks Connection Fails Organizational Attacks Restricted Data Accidental Breaches In Security Automated ...
Layers - Dangers
Examples of Security intrusions <ul><li>CodeRed I & II  </li></ul><ul><li>ILoveYou </li></ul><ul><li>Nimda </li></ul><ul><...
Poor Security = Serious damage <ul><li>Website Deface </li></ul><ul><li>System downtime </li></ul><ul><li>Lost productivit...
Challenges When Implementing Security Attacker needs to understand only one vulnerability Defender needs to secure all ent...
Threat Modeling <ul><li>Threat modeling is: </li></ul><ul><ul><li>A security-based analysis of an application </li></ul></...
Overview of Security Technology <ul><ul><li>Encryption </li></ul></ul><ul><ul><li>Secure communication  </li></ul></ul><ul...
Encryption <ul><li>Encryption is the process of encoding data </li></ul><ul><ul><li>To protect a user’s identity or data f...
Symmetric vs. Asymmetric Encryption Algorithm Type Description Symmetric <ul><li>Uses one key to: </li></ul><ul><ul><li>En...
Secure Communication   How SSL Works The user browses to a secure Web server by using HTTPS The browser creates a unique s...
Firewalls <ul><li>Firewalls can provide: </li></ul><ul><ul><li>Secure gateway to the Internet for  internal clients </li><...
Intrusion Detection System (IDS) <ul><li>IDS is an application which detects attacks on computer systems and / or networks...
Virus Protection <ul><li>Software should be installed on all network servers, as well as computers. </li></ul><ul><li>Shal...
Questions ?
Thanks
Upcoming SlideShare
Loading in …5
×

Essentials Of Security

2,261 views

Published on

Basics of Computer Security

Published in: Technology, Business
1 Comment
4 Likes
Statistics
Notes
  • i need a ppt of network security which contain potential location for security attack,location of encryption devices,key distribution
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total views
2,261
On SlideShare
0
From Embeds
0
Number of Embeds
18
Actions
Shares
0
Downloads
387
Comments
1
Likes
4
Embeds 0
No embeds

No notes for slide
  • MGB 2003 © 2004 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
  • Essentials Of Security

    1. 1. S. Vamshidhar Babu CCNA, MCSE, CEH, CHFI, GNIIT Team Lead AppLabs
    2. 2. Agenda <ul><li>Security Fallacies </li></ul><ul><li>What is Security? </li></ul><ul><li>How to Secure? </li></ul><ul><li>Layers of Security </li></ul><ul><li>Operation model of Computer Security </li></ul><ul><li>Security Principles </li></ul><ul><li>Security Concerns </li></ul><ul><li>Poor Security = </li></ul><ul><li>Challenges When Implementing Security </li></ul><ul><li>Threat Modeling </li></ul><ul><li>Overview of Security technology </li></ul>
    3. 3. Security Fallacies <ul><li>We have antivirus software, so we are secure </li></ul><ul><li>We have a firewall, so we are secure </li></ul><ul><li>The most serious threats come from the outside </li></ul><ul><li>I don’t care about security because I backup my data daily </li></ul><ul><li>Responsibility for security rests with IT security Staff. </li></ul>
    4. 4. What is Security? <ul><li>Its an technique for ensuring that data stored in a computer cannot be read or compromised by any individuals without authorization. </li></ul>
    5. 5. How to Secure? <ul><li>What assets are you trying to protect? </li></ul><ul><li>What are the risks to those assets? </li></ul><ul><li>How are you trying to protect them? </li></ul><ul><li>How well does your solution work? </li></ul><ul><li>What other risks does your solution introduce? </li></ul>
    6. 6. Layers of Security <ul><li>Physical Security </li></ul><ul><li>Host Security </li></ul><ul><li>Network Security </li></ul><ul><li>Web Application Security </li></ul>
    7. 7. Physical Security <ul><li>Physical security consists of all mechanisms used to ensure that physical access to the computer system and networks is restricted to only authorized users. </li></ul><ul><ul><li>Access Controls , physical barriers, etc… </li></ul></ul>
    8. 8. <ul><li>Host security takes a granular view of security by focusing on protecting each computer and device individually instead of addressing protection of the network as a whole. </li></ul><ul><ul><li>Authentication and Logging Mechanisms </li></ul></ul><ul><ul><li>Host based IDS </li></ul></ul><ul><ul><li>File Integrity Checkers </li></ul></ul>Host Security
    9. 9. Network Security <ul><li>In network security, an emphasis is placed on controlling access to internal computers from external entities. </li></ul><ul><ul><li>Firewalls </li></ul></ul><ul><ul><li>Intrusion Detection Systems (IDS) </li></ul></ul><ul><ul><li>Access Controls on network devices </li></ul></ul><ul><ul><li>Vulnerability Scanners </li></ul></ul>
    10. 10. Web Application Security <ul><li>A Web application is an application, generally comprised of a collection of scripts, that reside on a Web server and interact with databases or other sources of dynamic content. </li></ul><ul><ul><li>Examples of Web applications include search engines, Webmail, shopping carts and portal systems </li></ul></ul>
    11. 11. Web Application Security <ul><li>Application attacks are the latest trend when it comes to hacking. </li></ul><ul><li>On average, 90% of all dynamic content sites have vulnerabilities associated with them. </li></ul><ul><li>No single web server and </li></ul><ul><li>database server combination </li></ul><ul><li>has been found to be </li></ul><ul><li>immune! </li></ul>“ Today over 70% of attacks against a company’s network come at the ‘Application Layer’ not the Network or System layer - Gartner
    12. 12. Basic Security Terminology <ul><li>CIA </li></ul><ul><ul><li>Confidentiality </li></ul></ul><ul><ul><li>Integrity </li></ul></ul><ul><ul><li>Availability </li></ul></ul>Confidentiality Integrity Availability <ul><li>AAA </li></ul><ul><ul><li>Authorization </li></ul></ul><ul><ul><li>Access Control </li></ul></ul><ul><ul><li>Authentication </li></ul></ul>
    13. 13. Basic Terminology of Attacks <ul><li>Vulnerability: A weakness that may lead to undesirable consequences. </li></ul><ul><li>Threat: The danger that a vulnerability will actually occur. </li></ul><ul><li>Risk: A potential problem </li></ul><ul><li>(Vulnerability + Threat + Extent of the consequences) </li></ul><ul><ul><li>Example. Buffer overflow is the vulnerability, where the threat would be transmission of a TCP/IP packet to cause buffer overflow and System crash is Risk. </li></ul></ul>
    14. 14. Operational model of Computer Security <ul><li>the focus of security was on prevention. If we could prevent somebody from gaining access to our computer systems and networks, then we assumed that we had obtained security. Protection was thus equated with prevention. </li></ul><ul><li>Protection = Prevention + (Detection + Response) </li></ul>
    15. 15. Security Model <ul><li>Prevention </li></ul><ul><li>Access controls </li></ul><ul><li>Firewall </li></ul><ul><li>Encryption </li></ul><ul><li>Detection </li></ul><ul><li>Audit Logs </li></ul><ul><li>Intrusion Detection System </li></ul><ul><li>Honeypots </li></ul><ul><li>Response </li></ul><ul><li>Backups </li></ul><ul><li>Incident Response teams </li></ul><ul><li>Computer Forensics </li></ul>
    16. 16. Security Principles <ul><li>Three ways to an organization to choose to address the protection of its network: </li></ul><ul><ul><li>Ignore Security Issues </li></ul></ul><ul><ul><li>Provide Host Security </li></ul></ul><ul><ul><li>Approach security at a network level </li></ul></ul><ul><li>Only last two Host and Network security, have prevention as well as detection and response components. </li></ul>
    17. 17. Security Concerns <ul><li>Security concerns: </li></ul><ul><ul><li>Application reliance on the Internet </li></ul></ul><ul><ul><li>Hacking, Cracking, Phreaking, Script kiddies </li></ul></ul><ul><ul><li>Internal Security attacks </li></ul></ul><ul><ul><li>External Security attacks </li></ul></ul><ul><ul><li>Viruses and Worms </li></ul></ul>
    18. 18. Common Types of Attacks Connection Fails Organizational Attacks Restricted Data Accidental Breaches In Security Automated Attacks Attackers Viruses, Trojan Horses, and Worms Denial of Service (DoS) DoS
    19. 19. Layers - Dangers
    20. 20. Examples of Security intrusions <ul><li>CodeRed I & II </li></ul><ul><li>ILoveYou </li></ul><ul><li>Nimda </li></ul><ul><li>Sniffing </li></ul><ul><li>Spoofing </li></ul><ul><li>Trojans </li></ul><ul><li>Backdoors </li></ul><ul><li>DDos </li></ul>Attacker Virus Trojans
    21. 21. Poor Security = Serious damage <ul><li>Website Deface </li></ul><ul><li>System downtime </li></ul><ul><li>Lost productivity </li></ul><ul><li>Damage to business reputation </li></ul><ul><li>Lost consumer confidence </li></ul><ul><li>Severe financial losses due to lost revenue </li></ul>
    22. 22. Challenges When Implementing Security Attacker needs to understand only one vulnerability Defender needs to secure all entry points Attackers have unlimited time Defender works with time and cost constraints Attackers vs. Defenders Security vs. Usability Secure systems are more difficult to use Complex and strong passwords are difficult to remember Users prefer simple passwords Do I need security… Security As an Afterthought Developers and management think that security does not add any business value Addressing vulnerabilities just before a product is released is very expensive
    23. 23. Threat Modeling <ul><li>Threat modeling is: </li></ul><ul><ul><li>A security-based analysis of an application </li></ul></ul><ul><ul><li>A crucial part of the design process </li></ul></ul><ul><li>Threat modeling: </li></ul><ul><ul><li>Reduces the cost of securing an application </li></ul></ul><ul><ul><li>Provides a logical, efficient process </li></ul></ul><ul><ul><li>Helps the development team: </li></ul></ul><ul><ul><ul><li>Identify where the application is most vulnerable </li></ul></ul></ul><ul><ul><ul><li>Determine which threats require mitigation and how to address those threats </li></ul></ul></ul>
    24. 24. Overview of Security Technology <ul><ul><li>Encryption </li></ul></ul><ul><ul><li>Secure communication </li></ul></ul><ul><ul><li>Firewalls </li></ul></ul><ul><ul><li>IDS </li></ul></ul><ul><ul><li>Virus Protection </li></ul></ul>
    25. 25. Encryption <ul><li>Encryption is the process of encoding data </li></ul><ul><ul><li>To protect a user’s identity or data from being read </li></ul></ul><ul><ul><li>To protect data from being altered </li></ul></ul><ul><ul><li>To verify that data originates from a particular user </li></ul></ul><ul><li>Encryption can be: </li></ul><ul><ul><li>Asymmetric </li></ul></ul><ul><ul><li>Symmetric </li></ul></ul>
    26. 26. Symmetric vs. Asymmetric Encryption Algorithm Type Description Symmetric <ul><li>Uses one key to: </li></ul><ul><ul><li>Encrypt the data </li></ul></ul><ul><ul><li>Decrypt the data </li></ul></ul><ul><li>Is fast and efficient </li></ul>Asymmetric <ul><li>Uses two mathematically related keys: </li></ul><ul><ul><li>Public key to encrypt the data </li></ul></ul><ul><ul><li>Private key to decrypt the data </li></ul></ul><ul><li>Is more secure than symmetric encryption </li></ul><ul><li>Is slower than symmetric encryption </li></ul>
    27. 27. Secure Communication How SSL Works The user browses to a secure Web server by using HTTPS The browser creates a unique session key and encrypts it by using the Web server’s public key, which is generated from the root certificate The Web server receives the session key and decrypts it by using the server’s private key After the connection is established, all communication between the browser and Web server is secure 1 2 3 4 Web Server Root Certificate Message Secure Web Server HTTPS Secure Browser 1 2 3 4
    28. 28. Firewalls <ul><li>Firewalls can provide: </li></ul><ul><ul><li>Secure gateway to the Internet for internal clients </li></ul></ul><ul><ul><li>Packet filtering </li></ul></ul><ul><ul><li>Application filtering </li></ul></ul><ul><li>A system or group of systems that enforce a network access control policy </li></ul><ul><li>Filters data packet in and out of intended target </li></ul><ul><li>Will mitigate the following attacks: </li></ul><ul><ul><li>Denial of Services (DoS) Attacks </li></ul></ul><ul><ul><li>Unauthorized Access </li></ul></ul><ul><ul><li>Port-scanning and Probing </li></ul></ul>
    29. 29. Intrusion Detection System (IDS) <ul><li>IDS is an application which detects attacks on computer systems and / or networks. </li></ul><ul><li>Network-based Intrusion Detection </li></ul><ul><ul><li>Monitors real-time network traffic for malicious activity </li></ul></ul><ul><ul><li>Similar to a network sniffer </li></ul></ul><ul><ul><li>Sends alarms for network traffic that meets certain attack patterns or signatures </li></ul></ul><ul><li>Host-based Intrusion-Detection </li></ul><ul><ul><li>Monitors computer or server files for anomolies </li></ul></ul><ul><ul><li>Sends alarms for network traffic that meets a predetermined attack signature </li></ul></ul>
    30. 30. Virus Protection <ul><li>Software should be installed on all network servers, as well as computers. </li></ul><ul><li>Shall include the latest version, as well as signature files (detected viruses) </li></ul><ul><li>Should screen all software coming into your computer or network system (files, attachments, programs, etc.) </li></ul><ul><li>Secure from: </li></ul><ul><ul><li>Viruses and Worms </li></ul></ul><ul><ul><li>Malicious Code and Trojans </li></ul></ul>
    31. 31. Questions ?
    32. 32. Thanks

    ×