01 NetworkSecurity Basics
Transcript of 01 NetworkSecurity Basics
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 1/36
2/24/15 Dr. Enis Karaarslan 1
Network Security
Philosophy & Introduction
Dr. Enis Karaarslan
Muğla University
Computer Engineering
Department
Netseclab.mu.edu.tr
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 2/36
2/24/15 Ar. Gör. Enis Karaaslan 2
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 3/36
SECURITY
PHILOSPHY
2/24/15 Ar. Gör. Enis Karaaslan 3
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 4/36
C!"#$%r & '%$(r) S%*#ri$+ ,assi!ilari$i%s (i$, $,% s%*#ri$+ innr!al li-%.
2/24/15 Ar. Gör. Enis Karaaslan 4
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 5/36
There is no such thing as
%100 Security
2/24/15 Ar. Gör. Enis Karaaslan 5
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 6/36
Security at the gates only,
is not enough
2/24/15 Ar. Gör. Enis Karaaslan
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 7/36
2/24/15 Ar. Gör. Enis Karaaslan
A chain is only as strong as
its weaest lin
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 8/36
As there is no %100 security …
So give up?
A possible solution:
Use more than one chain
2/24/15 Ar. Gör. Enis Karaaslan 0
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 9/36
MULTI LAY! S"U!ITY
2/24/15 Ar. Gör. Enis Karaaslan
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 10/36
2/24/15 Ar. Gör. Enis Karaaslan 1
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 11/36
Security # Usa$ility
2/24/15 Ar. Gör. Enis Karaaslan 11
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 12/36
%alue o Assets and
#penditures ,a$ is $,% ALUE - +#r ass%$6a$a7 "r%s$i8% 9:;
K%%" in !in6 $,a$ S%*#ri$+ %<"%n6i$#r%s s,#l6 n$ =%
8r%a$%r $,an $,% >al#% - $,% ass%$s
2/24/15Ar. Gör. Enis Karaaslan
12
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 13/36
!isk Analysis
Ris) anal+sis is %ss%n$ial I- $,% ris) is $ l(7 $,a$/s!%
"r%*a#$ins: *an =% *an*%ll%6 9
2/24/15Ar. Gör. Enis Karaaslan
13
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 14/36
'alse Sense o Security
A ?-als% s%ns% - s%*#ri$+@ is (rs%$,an ?a $r#% s%ns% - ins%*#ri$+@.
Sl#$in
'%>%r $,in) +#r s+s$%! is s%*#r%.
2/24/15Ar. Gör. Enis Karaaslan
14
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 15/36
No Te(plate )hich Suits All
T,%r% is n $%!"la$%s (,i*, s#i$s all. T,%r% is a 6iB%r%n$ sl#$in -r
6iB%r%n$ r8ania$ins• DiB%r%n$ n%%6s
• DiB%r%n$ ass%$s
2/24/15 Ar. Gör. Enis Karaaslan 15
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 16/36
2/24/15 Ar. Gör. Enis Karaaslan 1
To win a war,
one (ust know the
way
Sun T*u
The Art o )ar
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 17/36
S%*#ri$+ is a "r*%ss7 n$ a "r6#*$.r#*% S*,n%i%r
2/24/15 Ar. Gör. Enis Karaaslan 1
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 18/36
M+NIT+!
T,% s+s$%! s,#l6 =% !ni$r%6 -rin$r#sins
An6 i!!%6ia$% a*$in s,#l6 =%$a)%n a$ a$$a*)s
2/24/15 Ar. Gör. Enis Karaaslan 10
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 19/36
)arn The Attacker
2/24/15 Ar. Gör. Enis Karaaslan 1
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 20/36
Try to uy ti(e or -
a)% a$$a*)in8 6iF*#l$ -r 9• Dis*>%r+ - $,% a$$a*)
• Ta)% !%as#r%s
a)% 6%*r+"$in 6iF*#l$ s $,a$• T,% 6a$a is n$ >ali6 r >al#a=l% an+
!r%.
2/24/15 Ar. Gör. Enis Karaaslan 2
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 21/36
Network Awareness
Kn( +#r %n%!+ ;: Kn( +#rs%l-7
• )n( +#r ass%$s
• )n( (,a$ $ "r$%*$
Kn( +#r s+s$%!s !r% $,an $,%a$$a*)%r
2/24/15 Ar. Gör. Enis Karaaslan 21
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 22/36
U'DAE'TALS
2/24/15 Ar. Gör. Enis Karaaslan 22
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 23/36
IN'+!MATI+N SYSTM
Inor(ation Syste( and
Security
ATTA".!
%ULN!AILITY
ATTA".
US!S
S"U!ITYMASU!S
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 24/36
%ulnera$le Syste(s
T,% s+s$%!s ar% >#ln%ra=l%• ainl+ =%*a#s% - =a6 *6in8
• #s$ =% "a$*,%6 =#$ *an n$ =% 6n%
ra"i6l+ as $,%+ s,#l6:• als% s%ns% - s%*#ri$+
2/24/15 Ar. Gör. Enis Karaaslan 24
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 25/36
A /ulnera$ility ti(eline -
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 26/36
The Attacker0Intruder
T,% a$$a*)%r *an =% *all%6 as
La!%r7 in$r#6%r7 a$$a*)%r 9
(rn8l+ #s%6 as ,a*)%r als: Als s%*r%$ r8ania$ins; Als *!"ani%s
s%ri#s an$i>ir#s/6%-%n*% %*n!+:
2/24/15 Ar. Gör. Enis Karaaslan 2
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 27/36
2/24/15 Ar. Gör. Enis Karaaslan 2
1acker 0La(er 0Attacker -
1acker is used as attacker0la(er, in the (eaning2
The intruder, who gets in your syste( and intends
to use or his0her own ai(s3
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 28/36
2/24/15 Ar. Gör. Enis Karaaslan 20
The Attacker
The attackers strength is 4edication
• )ill not stop until he0she gets in
• "an use the co(puter or days long sleepless
• .nows the /ulnera$ilities o syste(s
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 29/36
2/24/15 Ar. Gör. Enis Karaaslan 2
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 30/36
2/24/15 Ar. Gör. Enis Karaaslan 3
Network Security Assets
Network Security +/erall
• Network Awareness
• 'irewall, Intrusion 4etection Syste(s - etc
•
More - 1ost 5"o(puter0Ser/er0N) 4e/ice6 Security
• Physical Security
• +S and Application Security
•
User Manage(ent ncryption
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 31/36
2/24/15 Ar. Gör. Enis Karaaslan 31
'irewall
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 32/36
2/24/15 Ar. Gör. Enis Karaaslan 32
'irewall asics
R#l% =as%6 a**%ss *n$rl =%$(%%nn%$(r)s.
S-$(ar%/,ar6(ar% =as%6
Ar*,i$%*$#r%• S$a$i* Pa*)%$ il$%rin8
• D+na!i* Pa*)%$ il$%rin8 S$a$%-#llins"%*$in:
• A""li*a$in L%>%l Pr$%*$in
L88in8 an6 al%r$ *a"a=ili$i%s
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 33/36
2/24/15 Ar. Gör. Enis Karaaslan 33
ncryption
ncryption is the con/ersion o data
into a or(, called a cipherte#t, that
cannot $e easily understood $yunauthori*ed people3
5ncryption # 4ecryption6
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 34/36
2/24/15 Ar. Gör. Enis Karaaslan 34
ncryption
Two dierent (ethods 5according to key use6• Conventional! Two keys are the sa(e
• Asymetric 7 5"ublic Key Encryption6 7
.ey pair 5pu$lic, pri/ate6
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 35/36
2/24/15 Ar. Gör. Enis Karaaslan 35
ncryption
To decyrpt an encrypted data
• How much time?
• How much Processing (Computing power)?
The science which deals with encryption is
Cryptology
7/25/2019 01 NetworkSecurity Basics
http://slidepdf.com/reader/full/01-networksecurity-basics 36/36
2/24/15 Ar. Gör. Enis Karaaslan 3
N4 +' T1 SSSI+N
4r3 nis .araaslanenis3karaarslan8(u3edu3tr