1 / 21

NETWORK SECURITY

NETWORK SECURITY. For more notes and topics visit: www.eITnotes.com. Network:. A Network is a series of points or  nodes interconnected by communication paths. Interconnect with other networks and contain sub networks. Security. Security is “ Freedom from risk or danger . “

pahana
Télécharger la présentation

NETWORK SECURITY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NETWORK SECURITY For more notes and topics visit: www.eITnotes.com eITnotes.com

  2. Network: A Network is a series of points or nodes interconnected by communication paths. Interconnect with other networks and contain sub networks. eITnotes.com

  3. Security Security is “Freedom from risk or danger.“ • The ability of a system to protect information and system resources with respect to confidentiality and integrity. eITnotes.com

  4. Network security: • Any activities designed to protect your network . • Target- variety of threats and stops them from entering or spreading on your network. • Handled by a network administrator. eITnotes.com

  5. Need For Network Security To ensure that -: • information on a network remains SECURED • information we passed should not be LOST • the information should not be DELAYED • hackers and crackers do not access your information eITnotes.com

  6. Need For Network Security Session Hijacking Worms Viruses Trojans Replay Attack Buffer Overflows Denial of Service Man-in-the-middlee 6 Spoofing eITnotes.com

  7. Who is vulnerable? • Financial institutions and banks • Internet service providers • Pharmaceutical companies • Government and defense agencies • Contractors to various government agencies • Multinational corporations • ANYONE ON THE NETWORK eITnotes.com

  8. Common Security Attacks • IP Spoofing • Sniffing • Trojans • DoS/DDoS Attacks • Social Engineering eITnotes.com

  9. IP Spoofing • Spoofing is the creation of TCP/IP packets using somebody else's IP address. Routers use the "destination IP" address in order to forward packets through the Internet, but ignore the "source IP" address. That address is only used by the destination machine when it responds back to the source. eITnotes.com

  10. PacketSniffing • Recall how Ethernet works … • When someone wants to send a packet to some else … • They put the bits on the wire with the destination MAC address … • And remember that other hosts are listening on the wire to detect for collisions … • It couldn’t get any easier to figure out what data is being transmitted over the network! eITnotes.com

  11. Trojans • These are programs that look like ordinary software, but actually perform unintended or malicious actions behind the scenes when launched. Most remote control spyware programs are of this type. The number of Trojan techniques are only limited by the attacker's imagination. A Torjanizes file will look, operate, and appear to be the same size as the compromised system file. eITnotes.com

  12. DoS/DDoS {Denial of Service} • Denial of Service attack on a network is designed to bring the network to its knees by flooding it with useless traffic. Denial of Service can result when a system, such as a Web server, has been flooded with illegitimate requests, thus making it impossible to respond to real requests or task. Yahoo! and e-bay were both victims of such attacks in February 2000. eITnotes.com

  13. Social Engineering Social Engineering Involves… • Faked Email : The social engineer sends a message to one or more users in a domain that "this is the system administrator and your password must be reset to user 123 " for a temporary period of time. The hacker then continuously monitors for the change and then exploits the whole system. • Fictitious Competition : The social engineer manipulates a group of users to participate in some fake competition for a jackpot prize, with the ultimate purpose of eventually extracting confidential information about network and password security. eITnotes.com

  14. NETWORK SECURITY TOOLS • Anti-virus and anti-spyware • Firewall • Intrusion detection and prevention systems • Encryption eITnotes.com

  15. ANTI VIRUS AND ANTI SPYWARE • Vulnerability to virus , malware, threats etc. • Scans every file being used by the system. • Repair or delete the infected files. eITnotes.com

  16. Firewall: • A typical border control mechanism. • Metaphor for network security. • Designed to prevent unauthorized access to or from a private network. eITnotes.com

  17. Intrusion Detection and Prevention Systems (IDPS) • BARC has developed a Web based Security Monitoring & Intrusion Detection And Prevention System • For monitoring security of routers, all Internet connected servers and related software packages on a continuous basis. • This software tool can detect network attacks in real-time by analyzing various log files and known signatures • It allows system administrator to take appropriate corrective action before any damage to information can be caused by setting an alarm eITnotes.com

  18. eITnotes.com

  19. Advantages of Network Security Protects personal data of clients on network. Protects information been shared between computers on the network. Protects confidential data of the organization from being altered or read. eITnotes.com

  20. Security related URLs • http://www.robertgraham.com/pubs/network-intrusion-detection.html • http://online.securityfocus.com/infocus/1527 • http://www.snort.org/ • http://www.cert.org/ • http://www.nmap.org/ • http://grc.com/dos/grcdos.htm • http://lcamtuf.coredump.cx/newtcp/ eITnotes.com

  21. THANK YOU eITnotes.com

More Related