INTERNET INTEGRATION & NETWORK SECURITY

BY

SYED UBAID ALI JAFRIInformation Security ExpertCEOUJ Consultant & Solution Providerhttp://www.ujconsultant.com

CONSIDERATIONS

•IMPORTANCE OF TECHNOLOGY •NETWORK SCANNING•WHAT WE DO?•VIRTUALIZATION•INTRODUCTION TO NETWORK SECURITY•MINIMIZING RISK•EVALUATE PERFORMANCE

IMPORTANCE OF TECHNOLOGYMAIL POST EMAIL

A Sender A Sender

Writes a Letter and place the informationTo:From:Return Address:

Writes a Letter and place the informationTo:From:Return Address:

Find nearby post office Find an E-Mail Server

Post Officer then check the Header information:1)To: abc2)Address: 123/Abc. Khi3)From: xyz4)Return Address: 123/Abc. Khi

E-Mail Server verify the header information:1)To: abc@hotmail.com2)From: xyz@hotmail.com3)Return Address: abc@hotmail.com

When the information on a header is verified a stamp has been made on the envelop , and an amount is charged for the service

When the information on a header is verified it send the information to the e-mail server, For free E-Mail Server , no amount is charged for the service

On the same day or another day the post master took the envelop and send the envelop to the nearby post office of the destination

On the same day or with a delay of time Email server send the request to another email server if it contains the address then it send to the Mail Server

Post Master of the destination’s Address then took the envelop and send it to the address

Mail Server send a mail to the destination’s Address.

Receiver check the POSTBOX Receiver checks the Mail Box

10 Years Back• Microsoft Launch their operating system known as

“Windows XP”

Time Period Commands

10 Years Start > Run> cmdNetstat-an

Identifies from which server your machine connection is established

10 Years Start > Run > cmdNet view

Identifies how many computers are the part of your network

9 Years Start > Run > cmdPing Pc-Name

Ping google.com.pkGet the IP Address from a Domain name

8 Years Start > Run > cmdMsinfo32.exe

Command used to identify the peripheral of computer

NETWORK SCANNING

•Foot printing•Finger Printing•Scanning•Identify the threat•Applying patches

WHAT WE DO AND HOW WE BECOME A VICTIM

Following are the list of threats that a user faces on a network:

•MAN IN THE MIDDLE ATTACK•SESSION HIJACKING•FAKE E-MAIL FORWARDING•DENIAL OF SERVICES•SOCIAL ENGINEERING

THREATSMAN IN THE MIDDLE ATTACK:

The man-in-the middle attack intercepts a communicationbetween two systems.

THREATSSESSION HIJACKING

•The Session Hijacking attack consists of the exploitation of the web session control mechanism, which is normally managed for a session token.

THREATSFAKE E-MAIL FORWARDING

THREATS

DENIAL OF SERVICES

A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer or network resource unavailable to its intended users

THREATS

SOCIAL ENGINEERING

In the context of security, is understood to mean the art of manipulating people into performing actions or divulging confidential information

INTRODUCTION TO NETWORK SECURITY

• It consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.

• Network security involves the authorization of access to data in a network, which is controlled by the network administrator.

COUNTERMEASUREMENTS

•Denying Unusable services•Checking people currently connect with this network•Closing Default operators of windows•Saving external resources•Making Log files•Updated Virus Definitions

COUNTERMEASUREMENTSDenying Unusable services

RUN>Services.mscClose these services

Automatic UpdatesLive UpdateTelnet

COUNTERMEASUREMENTS

Closing Default operators of windows

COUNTERMEASUREMENTSHKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ExplorerHKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Operating system Default settingWindows 7 0x91

Windows Server 2008 0x91

Windows Vista 0x91

Windows Server 2003 0x95

Windows XP 0x91

Windows 2000 0x95

Windows 95/98 0x95

COUNTERMEASUREMENTSMaking Log files

RUN > eventvwr

MINIMIZING RISK•Making Remote Connectivity disabled•Services Like Telnet, SSH, VNC should be stopped forcefully•Changing Values from Registry•Releasing and Renewing IP Addresses

MINIMIZING RISK•Services Like Telnet, SSH, VNC should be stopped forcefully

•Net stop telnet

•Net start telnet

MINIMIZING RISK•Releasing and Renewing IP Addresses:

•Ipconfig /release

•Ipconfig /renew

EVALUATE PERFORMANCE

http://www.tvfanatic.com/gallery/emily-vs-emily/