Devices - PowerPoint PPT Presentation

Devices l.jpg
1 / 27

  • Updated On :
  • Presentation posted in: General

Devices. ISQS 6342 Spring 2004 Gurkan Ozfidan. Outline. Firewalls, Routers, Switches Wireless/Modems Remote Access Services (RAS) Telecom/Private Branch Exchange (PBX) Virtual Private Networks (VPN) Intrusion Detection Systems (IDS) Mobile Devices. What is Firewall?.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Devices l.jpg


ISQS 6342

Spring 2004

Gurkan Ozfidan

Outline l.jpg


  • Firewalls, Routers, Switches

  • Wireless/Modems

  • Remote Access Services (RAS)

  • Telecom/Private Branch Exchange (PBX)

  • Virtual Private Networks (VPN)

  • Intrusion Detection Systems (IDS)

  • Mobile Devices

What is firewall l.jpg

What is Firewall?

  • Firewall is a barrier to keep destructive forces away from your property

  • Firewall is any hardware or software device that provides a means of securing a computer or network from unwanted intrusion

Firewall security l.jpg

Firewall Security

Drafting Security Policy;

  • What am I protecting?

  • Who am I protecting it from?

  • Who gets access to which resources?

    Common areas of attack;

  • Web servers, mail servers, FTP services, databases

    Available service means hole in your firewall;

  • DNS(23,23), FTP(20-21), ICQ(4000), HTTP(80), Telnet(23)

    What Do Firewalls Protect Against?

  • DoS -not to steal information, but to disable a device

  • ping of death -create an IP packet that exceeds the maximum 65535 bytes

  • SYN flood - TCP connections requests faster than a machine can process

  • IP spoofing - break into systems, to hide the hacker's identity

Slide6 l.jpg

How Do Firewalls Work?

  • Network address translation (NAT)

    • Basic firewalls usually use only one technique - NAT

  • Basic packet filtering

    • Most basic security function performed by firewall

  • Stateful packet inspection (SPI)

    • Basic packet filtering by adding a feature called “stateful packet inspection”

  • Access control lists (ACL)

    • Packet filtering is made possible through the use of access control list (ACL).

Slide7 l.jpg

How Do Firewalls Work?

Network Address Translation;

  • Provides a type of firewall by hiding internal IP addresses

  • Enables a local-area network to use one set of IP addresses for internal network

  • Use second set of addresses for external traffic

  • A NAT box located where the LAN meets the Internet makes all necessary IP address translations

Slide8 l.jpg

How Do Firewalls Work?

Basic Packet Filtering;

  • Decides whether to forward TCP/IP packets based on information

  • Packet filters screen information based on

    • Protocol type

    • IP address

    • TCP/UDP port

    • Source routing information

  • Packets that make it through the filters are sent to the requesting system

Slide9 l.jpg

How Do Firewalls Work?

Stateful Packet Inspection;

  • Stateful packet filters can record session-specific information which ports are in use on the client and on the server

  • Three-way handshake;

    • Initiates a TCP connection

    • Begin passing packets once the connection made

    • Once session is ended no packet is allowed

  • Enhances security which side of the firewall a connection was initiated

  • Essential to blocking IP spoofing attacks

Slide10 l.jpg

How Do Firewalls Work?

Access Control Lists;

  • Packet filtering is made possible through the use of ACLs

  • ACL is a list of rules either allowing or blocking inbound or outbound packets which the firewall comes into contact

  • Example of allowing access only to HTTP(port 80)

    access-list 101 permit tcp any eq 80

    access-list 101 deny ip any – r u

Routers l.jpg


  • Network management device that sits between different network segments

  • Allows different networks to communicate with one another and the Internet to function

Slide12 l.jpg

  • Message or file is broken up into packages about 1500 bytes long

  • Packages includes information on the sender's address, the receiver's address

  • Checksum value allows the receiving computer to be sure that packet arrived intact

  • Packet is sent via the best available route

  • Tracert ; traces the route that a packet takes to another computer

Switches l.jpg


  • Device that filters and forwards packets between LAN segments

  • Network switches are capable of determining the source and destination of packet, and forwarding that packet appropriately

  • Switches conserve network bandwidth and offer generally better performance than hubs

  • Hub joins multiple computers (or other network devices) together to form a single network segment

Slide14 l.jpg

  • Switches usually work at Layer 2 using MAC addresses.

  • Routers work at Layer 3, using addresses (IP, IPX or Appletalk, depending on protocols).

  • Hubs are simply a junction that joins all different nodes together.

The seven layers of the Open Systems Interconnection (OSI) Reference Model

Slide15 l.jpg

Click on the menu terms to learn more about how transparent

Wireless digital data into radio signals l.jpg

Wireless - digital data into radio signals


  • Wired Equivalent Privacy, a security protocol for wireless local area networks (WLANs) defined in the 802.11b standard.

  • Designed to provide the same level of security as wired LAN

  • WEP aims to provide security by encrypting data over radio waves.

  • Do not have same physical structure as LAN, therefore are more vulnerable to tampering

Wireless digital data into radio signals17 l.jpg

Wireless - digital data into radio signals


  • Wi-Fi Protected Access , designed to improve upon the security features of WEP

  • Includes two improvements over WEP

  • Improved data encryption through the temporal key integrity protocol (TKIP). TKIP scrambles the keys using a hashing algorithm, ensures that the keys haven’t been tampered with

  • MAC address is simple to be sniffed out and stolen; Extensible Authentication Protocol EAP is built on a more secure public-key encryption system to ensure that only authorized network users can access the network

Modems mo dulator dem odulator l.jpg

Modems - modulator-demodulator

  • Digital Subscriber Line (DSL) provides a direct connection between computer or network connected on the client side and the Internet.

  • Cable modems are connected to a shared segment that anyone else on that segment can potentially threaten your system.

  • DSL and cable modems users was the issuing of static IP addresses.

  • Static addresses provide a fixed target for hackers.

  • Dynamic Host Configuration Protocol (DHCP) to issue dynamic addresses.

  • Best solution is to implement a firewall.

Remote access services ras l.jpg

Remote Access Services (RAS)

  • Provides the ability for one computer to dial into another computer via modem.

  • Also offer a feature called callback, work only with fixed phone numbers.

  • It is behind any physical firewall.

  • Unless there is a gateway software or a firewall software running on the server hosting RAS, there is a potential for the network to be compromised.

Telecom private branch exchange l.jpg

Telecom/Private Branch Exchange

  • A traditional PBX is a computer-based telephone switch that may be thought of as a small, in-house, telephone company

  • A private telephone network used within an enterprise

  • Users of the PBX share a certain number of outside lines for making telephone calls external to the PBX

  • Failure to secure PBX can result in toll fraud, theft of information, denial of service

  • Securing a PBX should be part of a written security policy

Virtual private networks l.jpg

Virtual Private Networks

  • VPN is a private network that uses a public network (usually the Internet) to connect remote sites or users together

  • Security is enhanced by implementing Internet Protocol Security (IPSec)

  • IPSec provides better encryption algorithms and more comprehensive authentication – transport and tunneling

    • Transport; encryption of data in a packet

    • Tunneling; encryption of data including the address header information

  • IPSec eliminates packet sniffing and identity spoofing

  • Sending and receiving computers hold the keys to encrypt and decrypt the packets

Slide22 l.jpg

A typical VPN might have a main LAN at the corporate headquarters of a company, other LANs at remote offices or facilities and individual users connecting from out in the field

Intrusion detection systems l.jpg

Intrusion Detection Systems

  • IDS offer the ability to analyze data in real time to detect, log, and stop misuse or attacks as they occur

    Computer Based IDS;

    • To secure critical network servers or systems sensitive information

    • Agents are loaded on each on each protected computer

    • Analyze the disk space, RAM, CPU time, and applications

    • Collected information is compared to a set of rules to determine if a security breach has occurred

Intrusion detection systems24 l.jpg

Intrusion Detection Systems

Network-based IDS;

  • Monitor activity on a specific network segment

  • Usually dedicated platforms with two components;

    • Sensor; which passively analyzes network traffic

    • Management system; displays alarm information from the sensor and allows security personnel to configure the sensors

      Anomaly-based Detection;

  • Involves building statistical profiles of user activity and reacting to any activity that falls outside these profiles

  • Two major problems;

  • Users do not access their computers or the network in static, predictable ways

  • Not enough memory to contain the entire profile

Intrusion detection systems25 l.jpg

Intrusion Detection Systems

Signature-based detection;

  • Similar to an antivirus program in its method of detecting potential attacks

  • Vendors produce a list of “signatures” to compare against activity

  • When match is found, IDS take some action

  • Customers depend on vendors to provide the latest signatures

  • Normal network activity can be constructed as malicious

  • Network application may send ICMP (supports packets containing errors) messages

Mobile devices l.jpg

Mobile Devices

  • Personal Digital Systems (PDAs)

  • Can open security holes for any computer with which these devices communicate

  • Virus or destructive code may be introduced during a sync operation between mobile and PC

  • Standard antivirus and firewall applications can’t protect PCs

References l.jpg


  • Paul Campbell, et al. Security+.Thomson Course Technology, 2004.

  • Craig Zacker. The Complete Reference Networking. Mc Graw Hill, 2001.

  • George Coulouris, et al. Distributed Systems Concepts and Desing. Addison Wesley, 2001.

  • How Stuff Works. Retrieved from on February 16, 2004.

  • P2P Concepts. Retrieved from on February 17, 2004.

  • Wireless LAN Standards. Retrieved from on February 27, 2004.

  • Login