Download - Network Security
![Page 1: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/1.jpg)
Good Afternoon All…
Network Security
![Page 2: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/2.jpg)
OVERVIEW
What is SECURITY? Why do we need SECURITY? Who is VULNERABLE? Common Security Attacks and
countermeasures… Spoofing {IP Spoofing} Sniffing Hijacking {man-in-middle attacks} Trojans DoS/DDoS Attacks Social Engineering
![Page 3: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/3.jpg)
WHAT IS SECURITY?
Dictionary.com says -: Freedom from RISK or DANGER is SECURITY
RISK -: potential to create a LOSS is known as RISK…
DANGER -: a source of RISK is DANGER
If we correlate these two, it gives-:“ a source which has the potential to create a LOSS”
Security is the criteria of minimizing the RISK and removing the DANGER.
![Page 4: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/4.jpg)
NETWORK SECURITY
Security management for NETWORKS is known as Network Security…
What are NETWORKS??? network, is a collection of hardware
components and computers interconnected by communication channels that allow sharing of resources and information…
To secure our resources and information from illegal, unauthorized access, we need an efficient management for networks which is often known as NETWORK SECURITY…
![Page 5: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/5.jpg)
NEED FOR NETWORK SECURITY
To ensure that -:
information on a network remains SECURED
information we passed should not be LOST
the information should not be DELAYED hackers and crackers do not access
your information
![Page 6: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/6.jpg)
NEED FOR NETWORK SECURITY
6
Viruses
Worms
Buffer Overflows
Session HijackingTrojans
Denial of
ServiceSpoofing
Replay Attack
Man-in-the-m
iddle
![Page 7: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/7.jpg)
HACKERS VS. CRACKERS
Hacker { white hats } are the programmers that break the NETWORK SECURITY for fruitful purposes like for identifying security holes,
tracking suspicious CRACKER’s…
whereas,,,,,
Cracker { black hats } are the programmers that also break the NETWORK SECURITY but for evil purposes like stealing account details, login information's and infecting different NETWORK’s…
![Page 8: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/8.jpg)
WHO IS VULNERABLE?
Financial institutions and banks Internet service providers Pharmaceutical companies Government and defense agencies Contractors to various government
agencies Multinational corporations Bottom line is-:
“ANYONE ON THE NETWORK IS VULNEABLE”
![Page 9: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/9.jpg)
COMMON SECURITY ATTACKS AND COUNTERMEASURES
Spoofing {IP Spoofing} Sniffing Hijacking {man-in-middle attacks} Trojans DoS/DDoS Attacks Social Engineering
![Page 10: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/10.jpg)
OVERVIEW OF IP SPOOFING
First Attack-: 1980’s
Done By-: Robert Morris
Major Types-: Blind and Non-Blind Attacks
Victim-: Unsecured and Static IP Addresses
![Page 11: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/11.jpg)
IP SPOOFING Spoofing is the
creation of TCP/IP packets using somebody else's IP address. Routers use the "destination IP" address in order to forward packets through the Internet, but ignore the "source IP" address. That address is only used by the destination machine when it responds back to the source. SSH > SECURE SHELL
![Page 12: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/12.jpg)
SPOOFING COUNTERMEASURES
The countermeasure for spoofing is ingress filtering. Routers that perform ingress filtering check the IP address of incoming packets. If the source address is not in the valid range, then such packets will be discarded.
![Page 13: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/13.jpg)
SNIFFING
Packet sniffing is the interception of data packets traversing a network. A sniffer program works at the Ethernet layer in combination with network interface cards (NIC) to capture all traffic traveling to and from internet host site. There are dozens of freely available packet sniffer programs on the internet. The more sophisticated ones allow more active intrusion.
![Page 14: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/14.jpg)
SNIFFING COUNTERMEASURES
Sniffing can be detected two ways:
Host-based : Software commands exist that can be run on individual host machines to tell if the NIC is running in promiscuous mode.
Network-based : Solutions tend to check for the presence of running processes and log files, which sniffer programs consume a lot of. However, sophisticated intruders almost always hide their tracks by disguising the process and cleaning up the log files.
![Page 15: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/15.jpg)
OVERVIEW OF SESSION HIJACKING
First Attack-: 2001
Major Victims-: Any one on the Network which has cookies enabled…
Major Types-: Active and Passive Attacks
It’s the most DANGEROUS and MALLICIOUS attack in today’s scenario of NETWORKING
![Page 16: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/16.jpg)
SESSION HIJACKING {MAN-IN MIDDLE} COUNTERMEASURES
This is a technique that takes advantage of a weakness in the TCP/IP protocol. Hijacking occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently. Next Page…
![Page 17: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/17.jpg)
SESSION HIJACKING {MAN-IN MIDDLE}
Man-in-middle attacks are like someone assuming your identity in order to read your message. The person on the other end might believe it is you, because the attacker might be actively replying as you, to keep the exchange going and gain more information.
![Page 18: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/18.jpg)
SESSION HIJACKING {MAN-IN MIDDLE}COUNTERMEASURES
Countermeasures to help prevent session hijacking include:
Use encrypted session negotiation. Use encrypted communication channels.
Stay informed of platform patches to fix TCP/IP vulnerabilities, such as
predictable packet sequences.
![Page 19: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/19.jpg)
OVERVIEW OF TROJAN’S
First Trojan-: 1975, Pervading Animal
Who Coded It-: John Walker
Major Victims-: Banking, Business etc…
Major Examples-: big wooden horse, JESUS etc…
Have The Potential To Destroy Any System except UNIX one
![Page 20: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/20.jpg)
TROJANS These are programs that
look like ordinary software, but actually perform unintended or malicious actions behind the scenes when launched. Most remote control spyware programs are of this type. The number of Trojan techniques are only limited by the attacker's imagination. A Torjanizes file will look, operate, and appear to be the same size as the compromised system file.
![Page 21: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/21.jpg)
TROJANS COUNTERMEASURES
The only protection is early use of a cryptographic checksum or binary digital signature procedure.
THEY ARE OF XTREAM DANGER
![Page 22: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/22.jpg)
OVERVIEW OF DOS/DDOS ATTACKS
First Attack-: 1974 in PLATO System Laboratory
Who Done It-: A System Admin of PLATO
Major Victims-: Yahoo! , Hotmail, Twitter etc…
Most Devastating DoS Attack-: “Ping of DEATH”
Have The Potential To Destroy Any Network EVEN TODAY
![Page 23: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/23.jpg)
DOS/DDOS {DENIAL OF SERVICE} Denial of Service attack
on a network is designed to bring the network to its knees by flooding it with useless traffic. Denial of Service can result when a system, such as a Web server, has been flooded with illegitimate requests, thus making it impossible to respond to real requests or task. Yahoo! and e-bay were both victims of such attacks in February 2000.
![Page 24: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/24.jpg)
DOS/DDOS {DENIAL OF SERVICE}
There are three basic types of attack….
Consumption of computational resources, such as band width, disk space or CPU time.
Disruption of configuration information, such as routing information.
Disruption of physical network components.
![Page 25: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/25.jpg)
DOS/DDOS {DENIAL OF SERVICE} COUNTERMEASURES
![Page 26: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/26.jpg)
SOCIAL ENGINEERING
Social Engineering Involves…
Faked Email : The social engineer sends a message to one or more users in a domain that "this is the system administrator and your password must be reset to user 123 " for a temporary period of time. The hacker then continuously monitors for the change and then exploits the whole system.
Fictitious Competition : The social engineer manipulates a group of users to participate in some fake competition for a jackpot prize, with the ultimate purpose of eventually extracting confidential information about network and password security.
![Page 27: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/27.jpg)
SOCIAL ENGINEERING COUNTERMEASURES
There aren’t always solutions to all of these problems Humans will continue to be tricked into giving out
information they shouldn’t Educating them may help a little here, but,
depending on how bad you want the information, there are a lot of bad things you can do to get it.
So, the best that can be done is to implement a wide variety of solutions and more closely monitor who has access to what network resources and information
NOTE: But, this solution is still not perfect
![Page 28: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/28.jpg)
CONCLUSION
The Internet works only because we implicitly trust one another
It is very easy to exploit this trust
The same holds true for software
It is important to stay on top of the latest CERT security advisories to know how to patch any security holes
![Page 29: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/29.jpg)
PRESENTED BY -:
The Terminator {Pushkar} The Obedient {Nikhil} Mrs. Cheerful (Niyati) Mrs. Silence (Sonia) Mr. X {Puneet}
![Page 30: Network Security](https://reader033.vdocuments.us/reader033/viewer/2022060119/558fc2f91a28abcd668b4784/html5/thumbnails/30.jpg)
THANK YOU SO VERY MUCH, FOR BEING SO PATIENT…