Network security
-
Upload
nikhil-vyas -
Category
Technology
-
view
783 -
download
1
description
Transcript of Network security
THE NEED FORTHE NEED FORNETWORK NETWORK SECURITYSECURITY
PRESENTATION PRESENTATION OBJECTIVES:-OBJECTIVES:- Understand information security services
Be aware of vulnerabilities and threats
Realize why network security is necessary
What are the elements of a comprehensive security program
The
Nee
d fo
r W
eb S
ecur
ity
2
TRENDS FOR TRENDS FOR INFORMATION :-INFORMATION :- More information is being created, stored, processed
and communicated using computers and networks
Computers are increasingly interconnected, creating new pathways to information assets
The threats to information are becoming more widespread and more sophisticated
Productivity, competitiveness, are tied to the first two trends Third trend makes it inevitable that we are increasingly
vulnerable to the corruption or exploitation of information
INFORMATION IS THE MOST VALUABLE ASSET INFORMATION IS THE MOST VALUABLE ASSET ..
The
Nee
d fo
r W
eb S
ecur
ity
3
Information Security Information Security Services :-Services :-
Confidentiality Integrity Authentication Non repudiation Access Control Availability T
he N
eed
for
Web
Sec
urit
y
4
Information Security Services Confidentiality
Maintaining the privacy of data
Integrity Detecting that the data is not tampered with
Authentication Establishing proof of identity
Non repudiation Ability to prove that the sender actually sent the data
Access Control Access to information resources are regulated
Availability Computer assets are available to authorized parties when
needed
The
Nee
d fo
r W
eb S
ecur
ity
5
SERVICES
What Is The Internet?What Is The Internet?
The
Nee
d fo
r W
eb S
ecur
ity
6
Why Is Internet Why Is Internet Security a Problem?Security a Problem? Security not a design consideration
Implementing change is difficult
Openness makes machines easy targets
Increasing complexity
The
Nee
d fo
r W
eb S
ecur
ity
7
Common Network Common Network Security ProblemsSecurity Problems
Network eavesdroppingMalicious Data ModificationAddress spoofing (impersonation)
‘Man in the Middle’ (interception)Denial of Service attacksApplication layer attacks
The
Nee
d fo
r W
eb S
ecur
ity
8
Security Incidents are Security Incidents are
IncreasingIncreasing:-:-
The
Nee
d fo
r W
eb S
ecur
ity
9
Sophistication of Hacker Tools
19901980
Technical Knowledge Required
High
Low 2000 -from Cisco Systems
Problem is WorseningProblem is Worsening
The
Nee
d fo
r W
eb S
ecur
ity
10
60000
50000
40000
30000
20000
10000
19
88
19
89
19
90
19
91
19
92
19
93
19
94
19
95
19
96
19
97
19
98
19
99
20
00
20
01
Inte
r net
Secu
r ity
Vio
lat i
ons
Jerusalem
Tequila
Michelangelo
Good Times
Melissa & ILOVEYOU
Anna Kournikova
Code Red
Nimba
Badtrans
Source: CERT® Coordination Center Carnegie Mellon
VIRUSESVIRUSES
Risk Threat Discovered Protection TROJ_SIRCAM.A New !! Latest
DATW32.Navidad 11/03/2000 11/06/2000 W95.MTX 8/17/20008/28/2000 W32.HLLW.QAZ.A 7/16/20007/18/2000 VBS.Stages.A 6/16/2000
6/16/2000 VBS.LoveLetter 5/04/20005/05/2000 VBS.Network 2/18/20002/18/2000 Wscript.KakWorm
12/27/1999 12/27/1999 W32.Funlove.409911/08/1999 11/11/1999 PrettyPark.Worm
6/04/1999 6/04/1999 Happy99.Worm1/28/1999 1/28/1999
The
Nee
d fo
r W
eb S
ecur
ity
11
Consider that…Consider that…
90% of companies detected computer security breaches in the last 12 months
59% cited the Internet as the most frequent origin of attack
74% acknowledged financial losses due to computer breaches
85% detected computer viruses
Source: Computer Security Institute
The
Nee
d fo
r W
eb S
ecur
ity
12
WHO ARE THE OPPONENTS?
49% are inside employees on the internal network
17% come from dial-up (still inside people)
34% are from Internet or an external connection to another company of some sort
The
Nee
d fo
r W
eb S
ecur
ity
13
HACKERS
HACKER MOTIVATIONSHACKER MOTIVATIONS Money, profit Access to additional resources Experimentation and desire to
learn “Gang” mentality Psychological needs Self-gratification Personal vengeance Emotional issues Desire to embarrass the target
The
Nee
d fo
r W
eb S
ecur
ity
14
The
Nee
d fo
r W
eb S
ecur
ity
15
Internet Security?Internet Security?
Malicious Code
Malicious Code
Viruses
Worms
Buffer Overflows
Buffer Overflows
Session Hijacking
Port Scanning
Trojans
Denial of ServiceSpoSpooofingfing
Replay Attack
Man-in-the-middle
What Do People Do When They Hear All These?
Take the risks!
But there are solutions
Ignoring the situation is not one of them
The
Nee
d fo
r W
eb S
ecur
ity
16
THE MOST COMMON THE MOST COMMON EXCUSESEXCUSES
So many people are on the Internet, I'm just a face in the crowd. No one would pick me out.
I'm busy. I can't become a security expert--I don't have time, and it's not important enough
The
Nee
d fo
r W
eb S
ecur
ity
17
No one could possibly be interested in my information
Anti-virus software slows down my processor speed too much.
I don't use anti-virus software because I never open viruses or e-mail attachments from people I don't know.
SANS Five Worst Security SANS Five Worst Security Mistakes End Users MakeMistakes End Users Make
1. Opening unsolicited e-mail attachments without verifying their source and checking their content first.
2. Failing to install security patches-especially for Microsoft Office, Microsoft Internet Explorer, and Netscape.
3. Installing screen savers or games from unknown sources.
4. Not making and testing backups. 5. Using a modem while connected through a
local area network.
The
Nee
d fo
r W
eb S
ecur
ity
18
SECURITY SECURITY COUNTERMEASURESCOUNTERMEASURES:-:-
THREE PHASE APPROACH
PROTECTION
DETECTION
RESPONSE
The
Nee
d fo
r W
eb S
ecur
ity
19
ELEMENTS OF A ELEMENTS OF A COMPREHENSIVE SECURITY COMPREHENSIVE SECURITY PROGRAMPROGRAM
Have Good PasswordsUse Good Antiviral ProductsUse Good CryptographyHave Good FirewallsHave a Backup SystemAudit and Monitor Systems and
NetworksHave Training and Awareness
ProgramsTest Your Security Frequently
The
Nee
d fo
r W
eb S
ecur
ity
20
Principles
CRYPTOGRAPHYCRYPTOGRAPHYNecessity is the mother of invention, and computer networks are the mother of modern cryptography.
Ronald L. Rivest
Symmetric Key Cryptography
Public Key Cryptography
Digital Signatures
The
Nee
d fo
r W
eb S
ecur
ity
21
FirewallFirewall
The
Nee
d fo
r W
eb S
ecur
ity
22
Visible IP Address
InternalNetwork
PC Servers
Host
A system or group of systems that enforces an access control policy between two networks.
The
Nee
d fo
r W
eb S
ecur
ity
23
THANK YOUTHANK YOU
The
Nee
d fo
r W
eb S
ecur
ity
24
The
Nee
d fo
r W
eb S
ecur
ity
25