security awareness applying practical security in your world second edition
Download
Skip this Video
Download Presentation
Security Awareness: Applying Practical Security in Your World, Second Edition

Loading in 2 Seconds...

play fullscreen
1 / 49

Download It - PowerPoint PPT Presentation


  • 324 Views
  • Uploaded on

Security Awareness: Applying Practical Security in Your World, Second Edition. Chapter 5 Network Security. Objectives. Explain how a network functions Discuss how to defend against network attacks Describe the types of attacks that are launched against networks and network computers.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Download It' - medwin


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
security awareness applying practical security in your world second edition

Security Awareness: Applying Practical Security in Your World, Second Edition

Chapter 5

Network Security

objectives
Objectives
  • Explain how a network functions
  • Discuss how to defend against network attacks
  • Describe the types of attacks that are launched against networks and network computers

Security Awareness: Applying Practical Security in Your World, 2e

how networks work
How Networks Work
  • Personal computer
    • Isolated from other computers
    • Functionality is limited to installed software and hardware directly connected to it
  • Computer network
    • Allows sharing

Security Awareness: Applying Practical Security in Your World, 2e

types of networks
Types of Networks
  • Local area network (LAN)
    • Computers located relatively close to each other
  • Wide area network (WAN)
    • Connects computers over a larger geographical area than a LAN
  • Wireless local area network (WLAN)
    • Based on standard that transmits data at fast speeds over a distance of up to 115 meters (375 feet)

Security Awareness: Applying Practical Security in Your World, 2e

transmitting network data
Transmitting Network Data
  • Transmission Control Protocol/Internet Protocol (TCP/IP)
    • Most common set of protocols used on networks
  • IP address
    • Uniquely identifies computer
  • Packets
    • Used to transmit data through a computer network

Security Awareness: Applying Practical Security in Your World, 2e

network devices
Network Devices
  • Network interface card (NIC)
    • Also called client network adapter
    • Hardware that connects a computer to a wired network
  • Laptop computers
    • May use an internal NIC or an external NIC

Security Awareness: Applying Practical Security in Your World, 2e

network devices continued
Network Devices (continued)
  • Access point (AP)
    • Contains an antenna and a radio transmitter/receiver to send and receive signals
    • Jack allows it to connect by cable to a standard wired network
    • Acts as base station for wireless network
    • Acts as bridge between wireless and wired networks
  • Router
    • Directs packets towards their destination

Security Awareness: Applying Practical Security in Your World, 2e

attacks on networks
Attacks on Networks
  • Denial of service (DoS)attack
    • Attempts to make a server or other network device unavailable by flooding it with requests
    • Variants
      • Smurf attack
      • Distributed denial of service (DDoS)attack

Security Awareness: Applying Practical Security in Your World, 2e

zombie and botnets
Zombie and Botnets
  • Computers that perform a DDoS and other network attacks
    • Often normal computers hijacked by attackers to carry out malicious network attacks
  • Zombies
    • Can be put to work to send spam and messages used in phishing scams
    • Can act as hosts for fake Web sites

Security Awareness: Applying Practical Security in Your World, 2e

man in the middle attacks
Man-in-the-Middle Attacks
  • Attacker intercepts messages intended for a valid device
  • Two computers appear to be communicating with each other
    • However, they are actually sending and receiving data with a computer between them

Security Awareness: Applying Practical Security in Your World, 2e

hijacking and spoofing
Hijacking and Spoofing
  • Spoofing
    • Act of pretending to be legitimate owner when in reality you are not
  • Media access control (MAC)address
    • Permanently recorded on network interface card when manufactured
    • Computers on network store a table
      • Links IP address with corresponding MAC address

Security Awareness: Applying Practical Security in Your World, 2e

sniffing
Sniffing
  • Attacker captures packets as they travel through network
  • Sniffer
    • Hardware or software that performs sniffing
  • Attackers with sniffers
    • Can capture usernames, passwords, and other secure information without being detected

Security Awareness: Applying Practical Security in Your World, 2e

network defenses
Network Defenses
  • Primary defenses against network attacks
    • Devices that can thwart attackers
    • Designing layout or configuration of a network that will reduce the risk of attacks
    • Testing network security

Security Awareness: Applying Practical Security in Your World, 2e

network devices31
Network Devices
  • Firewalls
    • Designed to prevent malicious packets from entering network or computers
  • Software firewall
    • Runs as a program on a local computer to protect it against attacks
  • Hardware firewalls
    • Separate devices that protect an entire network
    • Usually located outside network security perimeter as the first line of defense

Security Awareness: Applying Practical Security in Your World, 2e

firewalls
Firewalls
  • Rule base
    • Foundation of a firewall
    • Establishes what action firewall should take when it receives a packet
    • Options
      • Allow, Block, Prompt

Security Awareness: Applying Practical Security in Your World, 2e

firewalls continued
Firewalls (continued)
  • Stateless packet filtering
    • Looks at each incoming packet and permits or denies it based strictly on the rule base
    • Attackers can easily bypass the protection
  • Stateful packet filtering
    • Keeps record of the state of a connection between an internal computer and an external server
    • Makes decisions based on the connection as well as rule base

Security Awareness: Applying Practical Security in Your World, 2e

network address translation nat
Network Address Translation (NAT)
  • Hides IP addresses of network devices from attackers
  • As a packet leaves the network
    • NAT removes original IP address from sender’s packet and replaces it with an alias

Security Awareness: Applying Practical Security in Your World, 2e

network address translation nat continued
Network Address Translation (NAT) (continued)
  • NAT software
    • Maintains table of original address and corresponding alias address
  • Process is reversed when packet is returned to the NAT

Security Awareness: Applying Practical Security in Your World, 2e

intrusion detection system
Intrusion Detection System
  • Establishes and maintains network security for large organizations
  • Monitors activity on the network and what packets are doing
  • Performs specific function when it senses an attack
    • Such as dropping packets or tracing source of attack

Security Awareness: Applying Practical Security in Your World, 2e

proxy server
Proxy Server
  • Primary goal
    • To conceal the identity of computers within a protected network
  • Can inspect data packets for viruses and other malicious content
  • Intercepts requests sent to server and replaces original IP address with its own address

Security Awareness: Applying Practical Security in Your World, 2e

network design
Network Design
  • Demilitarized zone (DMZ)
    • Another network that sits outside the secure network perimeter
  • Virtual private network
    • Creates a secure network connection over a public network

Security Awareness: Applying Practical Security in Your World, 2e

wireless lan security
Wireless LAN Security
  • Hotspots
    • Locations where wireless data services are available
  • Advantages of WLANs
    • Do not restrict users to their desks to access network resources
    • Ease of installation

Security Awareness: Applying Practical Security in Your World, 2e

wireless lan security continued
Wireless LAN Security (continued)
  • Security concerns
    • Access to the wireless network
    • View wireless transmissions
    • Weaknesses in wireless security standards

Security Awareness: Applying Practical Security in Your World, 2e

summary
Summary
  • Purpose of a computer network
    • To allow computers and devices to share data, programs, and hardware
  • Denial of service attack
    • Attempts to make a server unavailable by flooding it with requests
  • Man-in-the-middle attack
    • Intercepts communication between two computers

Security Awareness: Applying Practical Security in Your World, 2e

summary continued
Summary (continued)
  • Firewall
    • Designed to prevent malicious packets from entering the network
  • Demilitarized zone
    • Another network that sits outside the secure network perimeter
  • Security for wireless LANs
    • Remains a primary concern for wireless users

Security Awareness: Applying Practical Security in Your World, 2e

ad