110 likes | 117 Views
Network Security 101. By: David Crim. Security. Balance between oposing interests Security v.s. Convienience Security v.s. Resources Security v.s. Risk. Security v.s. Convenience. Long Passwords, or easy to remember Open access, or forced authentication http web-site, or https.
E N D
Network Security 101 By: David Crim
Security • Balance between oposing interests • Security v.s. Convienience • Security v.s. Resources • Security v.s. Risk
Security v.s. Convenience • Long Passwords, or easy to remember • Open access, or forced authentication • http web-site, or https
Security v.s. Resources • $$$ • Configuration of devices • Review of logs • Follow through on problems • Create and enforce policies
Security v.s. Risk • Telnet v.s. SSH • Credit Card company v.s. weblog • Microsoft v.s. local shop
Security Scope • You secure your house with alarm systems, a Doberman, barbed wire, electric fences,etc… • Result: Your house is more secure • For you! • Police View • The robbery is still going to happen • This simply shifts the security risk around
Network Security • Traffic Control • Firewalls • ACLs • Traffic Management • Packetshaper • NetFlow • Authentication • Passwords / biometrics • Policies
Traffic Control • Firewall • Cisco PIX • IP Cop / Smoothwall • Windows Firewall • ACLs • VLAN • Subnet • Intranet <-> Internet
Traffic Management • Packetshaping • Packeteer Packetshaper • Linux tools • NetFlows • Ntop • Cisco NetFlow accounting
Authentication • Passwords • Complexity • Length • Upper/Lower case • Special characters • Expiration • Rules • Password = lv89jdNm45 • Rule – All numbers are proceeded by N+1 • Written “hint” = lv8jdNm4 • Rule 2 – All n’s are capitalized • Written “hint” becomes lv8jdnm4
Policies • Enforceable policies • Passwords • ACLs • Proxy servers • Unenforceable policies • Network attachment • EULA • Plausible deniability