Security issues in networks with internet access
Download
1 / 37

SECURITY ISSUES IN NETWORKS WITH INTERNET ACCESS - PowerPoint PPT Presentation


  • 282 Views
  • Updated On :

SECURITY ISSUES IN NETWORKS WITH INTERNET ACCESS. PRESENTED BY Sri Vallabh Aida Janciragic Sashidhar Reddy. Topics of Discussion. Principles for secure networking Internet Vulnerabilities Security building blocks. Internet Security.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'SECURITY ISSUES IN NETWORKS WITH INTERNET ACCESS' - kina


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Security issues in networks with internet access l.jpg
SECURITYISSUES IN NETWORKS WITH INTERNET ACCESS

PRESENTED BY

Sri Vallabh

Aida Janciragic

Sashidhar Reddy


Topics of discussion l.jpg
Topics of Discussion

  • Principles for secure networking

  • Internet Vulnerabilities

  • Security building blocks


Internet security l.jpg
Internet Security

  • Why do we need to study security in the internet? Here are some reasons …

    • Computer networks have lots of vulnerabilities and threats

    • A hacker can log into my machine remotely and destroy the information

    • A malicious program can wipe out data on hundreds of computers causing huge losses


Principles for secure networking l.jpg
Principles for Secure Networking

  • Questions to consider

    • What are we trying to protect?

    • What operations are authorized?

    • What is security parameter?


Principles continued l.jpg
Principles continued…

  • Know the configuration of the network hardware and software

  • Know the vulnerabilities of the configuration

  • Know the threats and consider it in relation to the vulnerabilities to asses the risk

  • Authenticate and authorize the accessto network resources


Principles continued6 l.jpg
Principles Continued..

  • Maintain audit logs

  • Have a plan to detect and respond to security incidents

  • Ensure individual accountability


The networks of twohands corporation l.jpg
The Networks of TwoHands Corporation

  • TwoHands corporation develops, produces, and markets specialized gloves used in waste disposal and other safety related applications

  • The corporation has a Headquarters,a Research Lab,several factories and warehouses in different parts of the country


Continued l.jpg
Continued…

  • Let us discuss the five stages of development in TwoHands Networks and consider in each stage the problems associated with the network and the possible remedies


Stage1 private networks only l.jpg
Stage1:Private Networks Only

Security Problems

1. Any user can access network traffic

2. Diskette drives on the client workstations

3. PCs with modem connections

4. Insufficient training to authorized users


Continued10 l.jpg
Continued…

Possible Countermeasures

1. Introduction of an authentication system for each user

2. Installation of virus detection software and configuration monitors

3. Installation of temper resistant hardware

4. Security awareness training for authorized users


Stage 2 private networks plus read only web server l.jpg
Stage 2:Private Networks plus Read-only Web Server

Security Problems

1. All the problems in stage 1

2. Denial of service attack

3. Unauthorized change to data on web server

4. Web address spoofing


Continued12 l.jpg
Continued…

Possible Countermeasures

1. Use a reliable web server package

2. Keep abreast of the advisories provided by CERT(Computer Emergency Response Team), FIRST(Forum of Incident Response Teams)

3. Proper maintenance of web server


Stage 3 private nets plus forms based www server l.jpg
Stage 3:Private Nets Plus Forms-Based WWW Server

Security Problems

1. Compromise of order information

2. Spoofing of order information

3. Loss of control over the web site

4. Customer information stored on ISP host.


Continued14 l.jpg
Continued…

Possible Countermeasures

1. Using a secure web server like HTTP

2. Double checking the CGI scripts

3. Customer authentication


Stage 4 internet service through firewall with forms based www server l.jpg
Stage 4:Internet Service through Firewall with Forms-Based WWW Server

Security Problems

1. Attacks on internal systems via misconfigured firewalls

2. Importing of malicious software or exporting of sensitive information via properly configured firewall

3. Compromise of identity of correspondents

4. Back doors into internal networks


Continued16 l.jpg
Continued… WWW Server

Possible Countermeasures

1. Proper firewall configuration

2. Vigilant management of firewall and the website

3. Provide proper awareness of security to the internal users


Stage 5 virtual private networks l.jpg
Stage 5:Virtual Private Networks WWW Server

Security Problems

1. Contamination of internal database via actions of cooperating companies

2. Service delays/denial for intranet traffic due to Internet/ISP problems

3. Compromise or delay of intranet traffic due to crypto mismanagement

4. Compromise of internal traffic patterns


Continued18 l.jpg
Continued… WWW Server

Possible Countermeasures

1. Using proper encryption methodology

2. Avoid same company as ISP all the sites


Network security policy and services l.jpg
Network Security Policy and Services WWW Server

  • For any level of network security to be established

  • and maintained we need to understand:

    • what assets we need to protect

    • against what threats

    • to what degree

  • identify the elements of security policies

  • appropriate for networks

    • construct a security policy to meet the needs of network

    • decide on means for enforcing the policy


  • Network security services l.jpg
    Network security services WWW Server

    • confidentiality (protection against eavesdropping)

    • integrity (protection against data modification)

    • authentication (assurance that the source of

      the data is accurately identified to the recipient)

    • non-repudiation (inability of the sender to disavow

      data the recipient receives)


    Vulnerabilities l.jpg
    Vulnerabilities WWW Server

    • Network

      • Sniffing

      • War Dialing

    • Protocol

      • Data-link-layer security

      • Network-layer security

      • Transport-layer security

      • IP origin forgery


    Above the application layer l.jpg
    Above the application layer WWW Server

    • System access control and authorization data structures

    • Malicious Software

    • Hidden Application Features


    Types of encryption algorithms l.jpg
    Types of Encryption Algorithms WWW Server

    • Symmetric

      • DES ( Digital Encryption Standard)

    • Asymmetric ( Public Key Cryptography)

      • RSA (Rivest Shamir Adleman)


    Slide24 l.jpg
    DES WWW Server


    Slide25 l.jpg
    RSA WWW Server


    Authentication l.jpg
    Authentication WWW Server

    • Cryptographic Hash Functions

    • MAC (Message Authentication Code)

    • Digital Signatures


    Security in tcp ip protocol stack l.jpg
    Security in TCP/IP Protocol Stack WWW Server

    • Application Layer Encryption

    • Session Encryption

    • IP Layer Encryption





    The kerberos architecture l.jpg
    The Kerberos Architecture WWW Server

    Ticket

    Granting

    Service

    Kerberos

    (1) request/receive TGS ticket

    (2) request/receive server ticket

    (3) request service

    Client

    Server


    Intrusion detection l.jpg
    Intrusion Detection WWW Server

    • Network Based

      • Network Security Monitor, Network IDS, Net Ranger, Tripwire etc…

    • Host Based

      • Probes of host ports, password guessing etc…



    Security management tools l.jpg
    Security Management Tools WWW Server

    • SATAN (Security Analysis Tool for Auditing Networks)

    • ISS (Internet Security Scanner)

    • Tiger

    • Crack

    • Snoop


    Firewall l.jpg
    Firewall WWW Server

    • Firewall :a method used to prevent unauthorized access to a private network

    Internet

    Trust


    Types of firewalls l.jpg
    Types of Firewalls WWW Server


    Socks l.jpg
    SOCKS WWW Server

    Internet

    Firewall

    Protected

    Network

    SOCKS daemon

    on firewall parses

    request, checks

    access control

    rules, and makes

    connection (proxy);

    copy data back in through

    firewall.

    Target of

    communication

    sends information

    back through SOCKS

    daemon, which routes it

    to the user desktop.

    Socksified

    user app asks

    SOCKS daemon for

    circuit


    ad