110 likes | 306 Vues
Network Security. ITIS 6201 – Computer Security and Privacy. Fictional Health Services – High-level Network Diagram. Pharmacy. Physical Security. Medical Technology X-ray Scans Labs. The Internet. Internet Access (In/Out). Authentication Services. Mainframe. Server Farms.
E N D
Network Security ITIS 6201 – Computer Security and Privacy Network Security
Fictional Health Services – High-level Network Diagram Pharmacy Physical Security • Medical Technology • X-ray • Scans • Labs The Internet Internet Access (In/Out) Authentication Services Mainframe Server Farms External Transition Zone • Medical Care Facilities • Patient Care Centers • Nurses Stations • Doctors’ Offices • Operating Theatre • Emergency Room Data Storage Remote Users Cloud - Intranet Administrative Services HR Medical Records & Insurance Accounting & Billing Network Security
Internet Inbound - Network Diagram The Internet Internet User Public Internet Boundary Router & IDS Internet Common Web Presentation Tier Load Balancing Load Balancing IDS App Proxy Firewall Border Web Server XLM Content Filter XLM Content Filter Border Web Server App Proxy Firewall Application/DB Tier Load Balancing Load Balancing Data Base Server Data Base Server Application Servers Application Servers Authentication Zone IDS Foundation Network Admin Network Administration Server Authentication Server IDS IDS Data Base Server Monitoring Server Cloud - Intranet Network Security
Internal Node - Network Diagram Cloud - Intranet Router Work Stations Network Node Print Server Data Center IDS Shared Printer Wireless Node Medical Care Facilities The Internet Network Security
Malicious Code • Virus – Replicates and passes the malicious code to other programs • Transient – Tied to the life of the host • Resident – Resides in memory • Trojan Horse – Does additional things as well as what is seen • Logic Bomb – Time bomb (the “trigger” is either logic or time) • Trap Door/Back Door – Supposedly only known to the insider • Worm – Spreads through the network. Replicates standalone programs of itself. • Zeus is the current big bad boy. Worm launched from a Trojan horse. • Rabbit – Replicates with out bound. Usually designed to bring down a resource. • Replay Attack – A form of a network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed • Denial of Service – An attack that overwhelms the resource with a flood of requests • Zero-day Attacks – Attacks on a vulnerability not yet known by the developer Network Security
Primary OS Functions • Memory • Sharable I/O devices, such as disks • Serially reusable I/O devices, such as printers and tape drives • Sharable programs and sub-procedures • Networks • Sharable data ITIS 6201 - Foley
Programming Weaknesses/Vulnerabilities • Buffer Overflows • Incomplete Mediation (like uncontrolled date or value fields) • Time-of-check to Time-of-use weaknesses ITIS 6201 - Foley