1 / 10

Internet Host and Network Security: Understanding Problems and Solutions

Learn about the key differences between host and network security, as highlighted by attacks like the Microsoft breach and denial of service incidents. Understand the model of the internet, network security issues like availability, and host security concerns such as break-ins and data confidentiality. Discover why ISPs struggle to fully protect users and how end-users can enhance security with encryption, authentication, and firewalls. Gain insight into who should do what to ensure a secure online environment.

abigail-vega
Télécharger la présentation

Internet Host and Network Security: Understanding Problems and Solutions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Host versus Network Security Steven M. Bellovin smb@research.att.com http://www.research.att.com/~smb

  2. What’s a Network Problem? • “Hackers Break Into Microsoft’s Network” (Wall Street Journal, 10/27/00) • “In the Wake of Web-Site Hacking, No Easy Answers, or Solutions” (New York Times, 2/9/00)

  3. Microsoft Break-in • A host problem, not a network problem. • The network was the vehicle for the attack. • “Highway robbery” doesn’t mean that someone stole the pavement...

  4. Denial of Service Attacks • These attacked the network, not Web sites. • A real network problem. • Can’t be solved by end-systems, firewalls, etc.

  5. Model of the Internet • Smart hosts, dumb network. • Network’s concern is packet transport. • Host’s concern is packet processing.

  6. Network Security Issues • Availability • Protocol infrastructure (i.e., DNS) • Routing • Link-flooding • Theft of Service • Primarily for switched services and shared media

  7. Availability • “How many backhoes are needed?” • “How many backbones are needed?”

  8. Host Security Issues • Break-ins • Data confidentiality • Transmission confidentiality • Remote user authentication • Buggy software

  9. Who Does What? • ISPs • Provide sufficient redundancy to protect links • Harden infrastructure protocols • Protect their own resources • End users • Encryption • Suitable authentication • Firewalls

  10. Why ISPs Can’t Protect Users • They don’t know what users want to do • Your “odd behavior” is my new, cutting-edge application • Your “allowed service” is my vulnerability • But what of ordinary consumers?

More Related