Lect 8
This presentation is the property of its rightful owner.
Sponsored Links
1 / 14

Lect 8 PowerPoint PPT Presentation


  • 109 Views
  • Uploaded on
  • Presentation posted in: General

Lect 8 . Tahani al jehain. Types of attack . Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not have priviliges to run. Denial of services: an attacker can send a large number of TCP Sync packets to a target. Syn packets

Download Presentation

Lect 8

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Lect 8

Lect 8

Tahani al jehain


Types of attack

Types of attack

Remote code execution: occurs when an attacker

exploits a software and runs a program that the user

does not have priviliges to run.

Denial of services: an attacker can send a large

number of TCP Sync packets to a target. Syn packets

are supposed to be the first part of the TCP header. The

server normally responds with a Syn-Ack packet, and

allocates buffer for new TCP session. However, the

attacking host never responds.

Worms and virus: automated attacks, programmed to

spread themselves as rapidaly, and widely as possible.


Lect 8

Trojan and Spyware: installed with other software.

They collect information about the system (password,

visited websites,…). Information which has been

collected can be send to someone else.

3- Functionnal segmentation:

Is based on layered security and the principle of least

privilege.

Functionnalsegmentation suggests a design in which

the network is partitionned according to user or device

function.


Virtual private network

Virtual private network

Virtual private network:

Provides a secure connection between a sender and a

receiver over a public network such as Internet.

VPNs are not new. They have been used in telephone

networks for years.

VPN uses data encryption and other security

mechanisms to prevent unauthorized users from

accessing data. It then use tunneling process

(enclosing the encrypted data) to transport the

encrypted data across the network.


Virtual private network1

Virtual private Network

  • A VPN solution should provide at least all of the following:

  • User authentication : verify the user’s ID and restrict VPN access to authorized users.

  • Address management: assign a client’s address on the private network and ensure that private addresses are kept private.

  • Data encryption: for ensuring confidentiality.

  • Key management: generate and refresh encryption keys.

  • Multiprotocol support: handle common protocols used in the public network


Ipsec

IPSec

  • Short for Internet Protocol Security, IPSec is a framework of open standards to provide security for transmission of sensitive information over unprotected networks such as the Internet.

  • IPsechas been deployed widely to implement Virtual Private Networks (VPNs).

  • The IPSec protocol typically works on the edges of a protected network domain.

  • It supports secure data exchange between a pair of participating IPSec devices (peers), such as PIX Firewalls


Ipsec1

IPSec

  • Basically, IPSec provides security by building tunnels between two peers.

  • You define which packets are considered sensitive and should be sent through these secure tunnels.

  • When the IPSec peer sees such a sensitive packet, it encapsulates a packet by wrapping another packet around it


Tunneling

Tunneling

  • Before continue we should define tunnel:

  • Tunneling basics:

    • Tunneling is a method to transfer data from one network over another.

    • It encapsulates the frame in an additional header.

    • Encapsulated packets are then routed between tunnel endpoints over the internetwork.

    • Tunnel= logical path.


Lect 8

Virtual private networks

Tunneling in virtual private network


Tunnel types

Tunnel types

  • Tunnel types :

    • Voluntary tunnels: a user or a client computer can issue a VPN request to configure and create a voluntary tunnel. In this case, the user’s computer is a tunnel endpoint and acts as the tunnel client.

    • Compulsory tunnels: the user’s computer is not a tunnel endpoint. Another device, the remote access server, between the user’s computer and the tunnel server is the tunnel endpoint.


Ipsec protocols

Ipsec protocols

  • IPsec has two main framework protocols:

    • Authentication Header

    • Encapsulating Security Payload

  • Authentication Header (AH), which essentially allows authentication of the sender of data, and

  • Encapsulating Security Payload (ESP), which supports both authentication of the sender and encryption of data.

  • ESP and AH can either be used together or separately, depending on the environment


Ipsec security services

IPSec Security Services

  • Confidentiality (encryption)

  • Data integrity

  • Origin Authentication


  • Login