network security. 2 security requirements privacy (confidentiality) data only be accessible by...
TRANSCRIPT
Network Security
2
SECURITY REQUIREMENTS
Privacy (Confidentiality) Data only be accessible by authorized parties
Authenticity A host or service be able to verity the identity of a
user Integrity
Data can be modified only by authorized parties Availability
Data are available to authorized parties Nonrepudiation
Receiver must be able to prove that a received message came from a specific sender
3
CRYPTOGRAPHY
Original message Plaintext
Encryption Transforms the plaintext to cipher text
Decryption Transforms the ciphertext back to plain text
Ciphers Different categories of algorithms in cryptography
Key Number (value) that the ciphers operate on
Firewall
firewall is a system designed to prevent unauthorized access to or from a private network.
Can be implemented in either hardware or software form, or a combination of both.
Firewalls prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets.
All messages entering or leaving the intranet must pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria
4
General Firewall Features
Port Control Network Address Translation Application Monitoring (Program Control) Packet Filtering
Firewall Layer of Operation Network Layer Application Layer
Network Layer Makes decision based on the source, destination
addresses, and ports in individual IP packets. Based on routers Has the ability to perform static and dynamic packet
filtering Application Layer
They are generally, hosts running proxy servers which perform logging and auditing of traffic through the network.
Logging and access control are done through software components.
Proxy Services Application that mediates traffic between a protected
network and the internet. Able to understand the application protocol being utilized
and implement protocol specific security. Application protocols include: FTP, HTTP, Telnet etc.
DMZ
Demilitarized zone Neither part of the internal network nor
part of the Internet Never offer attackers more to work with
than is absolutely necessary
Well-know TCP / UDP portsTCP Port Number Description
20 FTP (Data Channel)
21 FTP (Control Channel)
23 Telnet
80 HyperText Transfer Protocol (HTTP) used for the World Wide Web
139 NetBIOS session service
UDP Port Number Description
53 Domain Name System (DNS) Name Queries
69 Trivial File Transfer Protocol (TFTP)
137 NetBIOS name service
138 NetBIOS datagram service
161 Simple Network Management Protocol (SNMP)
Types of firewall techniques Packet filtering
The system examines each packet entering or leaving the network and accepts or rejects it based on user-defined rules.
Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
Circuit-level gateway implementation This process applies security mechanisms when a TCP or UDP
connection is established. Once the connection has been made, packets can flow between the
hosts without further checking. Proxy server
A proxy server is a type of gateway that hides the true network address of the computers connecting through it.
A proxy server connects to the Internet, makes the requests for pages, connections to servers, and receives the data on behalf of the computers behind it.
The firewall capabilities lie in the fact that a proxy can be configured to allow only certain types of traffic to pass (HTTP files, or web pages).
A proxy server has the potential drawback of slowing network performance, since it has to actively analyze and manipulate traffic passing through it.
9