Network Security

2

SECURITY REQUIREMENTS

Privacy (Confidentiality) Data only be accessible by authorized parties

Authenticity A host or service be able to verity the identity of a

user Integrity

Data can be modified only by authorized parties Availability

Data are available to authorized parties Nonrepudiation

Receiver must be able to prove that a received message came from a specific sender

3

CRYPTOGRAPHY

Original message Plaintext

Encryption Transforms the plaintext to cipher text

Decryption Transforms the ciphertext back to plain text

Ciphers Different categories of algorithms in cryptography

Key Number (value) that the ciphers operate on

Firewall

firewall is a system designed to prevent unauthorized access to or from a private network.

Can be implemented in either hardware or software form, or a combination of both.

Firewalls prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets.

All messages entering or leaving the intranet must pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria

4

General Firewall Features

Port Control Network Address Translation Application Monitoring (Program Control) Packet Filtering

Firewall Layer of Operation Network Layer Application Layer

Network Layer Makes decision based on the source, destination

addresses, and ports in individual IP packets. Based on routers Has the ability to perform static and dynamic packet

filtering Application Layer

They are generally, hosts running proxy servers which perform logging and auditing of traffic through the network.

Logging and access control are done through software components.

Proxy Services Application that mediates traffic between a protected

network and the internet. Able to understand the application protocol being utilized

and implement protocol specific security. Application protocols include: FTP, HTTP, Telnet etc.

DMZ

Demilitarized zone Neither part of the internal network nor

part of the Internet Never offer attackers more to work with

than is absolutely necessary

Well-know TCP / UDP portsTCP Port Number Description

20 FTP (Data Channel)

21 FTP (Control Channel)

23 Telnet

80 HyperText Transfer Protocol (HTTP) used for the World Wide Web

139 NetBIOS session service

UDP Port Number Description

53 Domain Name System (DNS) Name Queries

69 Trivial File Transfer Protocol (TFTP)

137 NetBIOS name service

138 NetBIOS datagram service

161 Simple Network Management Protocol (SNMP)

Types of firewall techniques Packet filtering

The system examines each packet entering or leaving the network and accepts or rejects it based on user-defined rules.

Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.

Circuit-level gateway implementation This process applies security mechanisms when a TCP or UDP

connection is established. Once the connection has been made, packets can flow between the

hosts without further checking. Proxy server

A proxy server is a type of gateway that hides the true network address of the computers connecting through it.

A proxy server connects to the Internet, makes the requests for pages, connections to servers, and receives the data on behalf of the computers behind it.

The firewall capabilities lie in the fact that a proxy can be configured to allow only certain types of traffic to pass (HTTP files, or web pages).

A proxy server has the potential drawback of slowing network performance, since it has to actively analyze and manipulate traffic passing through it.

9