Practical Network Security

04/07/23 Sudarsun S - Checktronix India Pvt Ltd

Sudarsun SChecktronix India Pvt LtdChennai 600034sudar@burning-glass.com

Agenda

Security ThreatsFundamental loop hole of EthernetBasic Services offered by Secured SysTypes of IntrudersNetwork Security Administration Configuring Servers Applications Tools Cross Platform deployment

Agenda (cont..)

FirewallsIntrusion Detection Rules based Pattern Analysis

Usage patterns Feature vectors analysis

Role of Artificial Intelligence Statistical Analysis Knowledge based Systems Adaptive Security systems

Overview

What are we protecting?Private communication over Public channel.Who are we meaning Intruders?What is the cost of intrusion ?Protection Vs Recovery !?Insiders Vs Outsiders !?

Data Security

What are Security Attributes ?What’s Default Security Policy ?How does Windows give protection? The Security Tab Ownership / Full Control Access

How does Unix flavors give protection? chmod, chown, umask commands

chmod <1777> <filename> ex: chmod 600 myfile.txt chown user:group <filename> ex: chown sudar:dev

file umask <masknumber> ex: umask 077

Private Comm Over Public Channel

Internet: Public Communication MediaHow Privacy is achieved ?What are the security threats ? What happens when you send an email ? What happens when you pay your bills ? What happens when you transfer money? What happens when you purchase online?

Security Threats

Interruption Oops, Availability is gone!

Interception Some one is watching you!

Fabrication Whom are you talking to ?

Modification Am I getting the correct information ?

Design FlawPromiscuous Mode of operationEncryption only at or below App layer Will IPSec overcomes that ? Are SSL, TLS not enough ?

Services

ConfidentialityAuthenticityIntegrityNon-Repudiation

Confidentiality

Only B can discern the message from A

E DHost ASends

Bpub Bpri

Text = Bpub(M)

Host BRecvs

Authencity

Guarantees A as the Message Source

Host ASends

Apri Apub

Host BRecvs

MM+Apri(M)

Apri(M)M

Steganography

How Steganography is different from cryptography? Are of concealing the existence of a

message

Strengths of SteganographyMultimedia stream, the Auspicious Carrier!

Some Apps

Authentication applications - KerberosEmail Security – PGPIP Security – Layer in IPWeb Security – SSL, TLSSSH Vs TelnetSSH TunnelsVirtual Private Networks

Created using Two-Way SSH Tunnels

ssh -l <user> -L <localport>:<remote-ip>:<remoteport> -g -p <ssh-port> <remote-ssh-ip-address>

ssh -l <user> -R <remoteport>:<local-ip>:<localport> -g -p <ssh-port> <remote-ssh-ip-address>

VPN Hardware

Cyber Café StuffDo you know know Temporary Internet Files folder ?Do you know about persistent cookies ?Do you know where your passwords are stored ?Do you know how your data is transferred when you click submit button?Do you know about VNC servers ?Can your emails, passwords, credit card details be intercepted ?Are you sure of all the Emails received ?

How to Safeguard?

Delete Temporary Internet FolderDelete cookiesDelete historyDon’t allow passwords to be savedDon’t give your credit card details on a non-https URL.Enable detailed headers in Emails.

SPAM Filters

What is SPAM, HAM ?How can we identify SPAM ?SpamassasinTechniques Bayes Classifier Rules based

SMTP Filter Open Relay, Blacklisted IP address, HELO

method, banner delays, reverse lookup tests.

Intruders

MasqueraderAn unauthorized user exploiting legitimate user’s account

MisfeasorA legitimate user violating the limitation on her or him authorization

Clandestine userIndividual seizing supervisor control to evade auditing

Intrusion Detection

Statistical Anomaly Detection Network monitors tcpdump, ethereal, netstat, iptraf

Auditors and Event Logs Windows Event Logs Linux SysLogs

Rules based Detection ipchains, iptables proxy, reverse proxy, firewalls

Viruses

Malicious ProgramsTrap doorsLogic bombTrojansViruses WormsAdware, Spyware

Firewalls

Need for a firewallAttacks

Ping of death Fragmentation Attack Denial of Service IP Spoofing Port scanning

Level of Control

Service Control Based on Port number

Direction Control Limits inbound and outbound traffic

User Control Restrict user level access to resources

Behavioral Control Content limitation on resource use

Packet Filtering firewall Based on Packet filter rules

Application Level Gateway Limits the application superficially

Circuit level Gateway Man-in-the-Middle contruction

References

Public Key Cryptography: http://www.rsasecurity.com/rsalabs/pkcs/HMAC: http://www.cs.ucsd.edu/users/mihir/papers/hmac.htmlDigital Signatures: http://www.epic.org/crypto/dss/Bruce Schenider, Applied CryptographyWilliam Stallings, Cryptography and Network Security, Pearson EducationAll RFCs: http://www.ietf.org/rfc.htmlPGP: http://www.pgp.com/Comer D, Internetworking with TCP/IP Volume 1, Prentice Hall, 1995Cheng P et al, “A Security Architecture for the IP”, IBM Systems Journal, Number 1, 1998OpenSSL: http://www.openssl.org/SSL: http://wp.netscape.com/security/techbriefs/ssl.html?cp=scilnDenning P, Computers Under Attack: Intruders, Worms & Viruses. Reading MA: Addison-Wesley,1990Oppliger R “Internet Security: Firewalls and Beyond” Communication of the ACM, May 1997Bellovin S, Cheswick W. “Network Firewalls”, IEEE Communications Magazine, Sep 1994

Practical Network Security

Technology

Transcript of Practical Network Security

CRYPTOGRAPHY AND NETWORK SECURITY - KopyKitab · PDF fileCRYPTOGRAPHY AND NETWORK SECURITY —A Practical Approach By K. Haribaskar M.E., Assistant Professor Department

Affordable, practical, Registration Opens July 22 · • CISCO ® Certified Network Associate (CCNA) • CompTIA Network+ Certification • CompTIA ® Security+ Certification •

Processing Data to Construct Practical Visualizations for ... Data to Construct Practical Visualizations for Network Security by Kulsoom Abdullah, Chris Lee, Gregory Conti, and John

Security Awareness: Applying Practical Security in Your World Chapter 5: Network Security.

Practical Security Architecture Analysis

Practical Smart Grid Security

Practical Implications of Graphene-SGX · Practical Implications of Graphene-SGX Research Project 2 August 13, 2019 Robin Klusman University of Amsterdam Security and Network Engineering

PRACTICAL NETWORK DEFENSE VERSION 1 · Practical Network Defense is a practical self-study course which covers network and system security topics. The lessons include full practical

Network Security Professor Adeel Akram. Network Security Architecture.

Network Security Network Security Protocol 1 Network Security Chapter 2. Network Security Protocols.

Network Layer Security Network Systems Security Mort Anvari.

Practical Microservice Security

Network Security - Norbert Pohlmann · Security Infrastructure Mobile/Desktop Security Network Security E-Commerce Enabler Internet Security Network Security Secure Communication

CHAPTER 5 WIRELESS NETWORK SECURITY Network Security.

IUT– Network Security Course 1 Network Security Firewalls.

Information Security Practical

Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Cryptography and Network Security UNIT IV - NETWORK SECURITY.

IBM Host Integration in a Secure Network: A Practical Approachps-2.kev009.com/rs6000/aix_ps_pdf/security/host_integration.pdf · x IBM Host Integration in a Secure Network: A Practical

Www. engineersportal.in. OUTLINES Network & Network Security Need of Network Security Methods of Network Security Firewall Firewall’s Works Firewall’s.