Network Security
-
Upload
networkingcentral -
Category
Documents
-
view
836 -
download
0
Transcript of Network Security
![Page 1: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/1.jpg)
Network Security
Mike Yoho, Jason Letostak,Brian Hixenbaugh, Todd Saylor
![Page 2: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/2.jpg)
Objectives• Know who the attackers are
• Know the kinds of attacks
• Network defenses
• Wireless defenses
• Vulnerability assessment
• Live WEP crack
![Page 3: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/3.jpg)
What is Network Security?
• That which protects the integrity, confidentiality, and availability of information on devices that store, manipulate, and transmit the information through products, people, and procedures.
![Page 4: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/4.jpg)
Characteristics of Data
• Confidentiality– HIPAA, trade secrets, etc.
• Integrity– Medical records, Criminal records, etc.
• Availability– Emergency action procedures, Intelligence
networks, etc.
![Page 5: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/5.jpg)
Who are the Attackers
Types Skill Level Reasons for attack Threat Level
Hackers High Ego, display vulnerabilities
Low
Script Kiddies Low Cause Damage Moderate
Employees Low Retaliation, Carelessness
Moderate
Computer Spies Very High Money High
Cyber Criminals High Money, Fraud High
Cyber Terrorists High Ideology, principles, beliefs
Feared
![Page 6: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/6.jpg)
Categories of Attack• Denial of Service (DoS Attack)– Used to overload target’s network resources
• Spoofing– Impersonate trusted system to gain network access
• Man-in-the-middle– Collect information from network traffic
• Rogue access point– Used to bypass a companies external firewall
• Brute Force– Used to gain access to encrypted data
![Page 7: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/7.jpg)
Network Defences
• Authentication
• Firewalls
• Intrusion Detection\Prevention Systems
• Virtual Private Networks
![Page 8: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/8.jpg)
Authentication
• Remote Authentication Dial-in User Service (RADIUS)
•Strong passwords
![Page 9: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/9.jpg)
Firewalls
• Inspect incoming and outgoing packets
• Block traffic according to rules
• More advances systems can restrict individual applications
![Page 10: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/10.jpg)
Intrusion Detection/Prevention Systems
•Detect and report/block suspicious network traffic activity
•Able to learn normal network traffic patterns
![Page 11: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/11.jpg)
Virtual Private Networks
![Page 12: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/12.jpg)
Wireless Network Security
• Wired Equivalent Protection (WEP)
• Wi-Fi Protected Access (WPA, WPA2)
• Service Set Identifiers (SSID)
![Page 13: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/13.jpg)
Wired Equivalent Protection (WEP)
• Designed to be roughly as secure as a wired connection
• Uses 24 bit initialization vector
• Found to be relatively easy to crack
• Superseded in 2003 by WPA
![Page 14: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/14.jpg)
Wi-Fi Protected Access (WPA, WPA2)
• Created after WEP found vulnerable
• WPA with temporal key integrity protocol (TKIP) release as a stop-gap to replace WEP
• WPA2 completed in 2004– Pre-shared key encryption (PSK)– Support for protected extensible authentication
protocol (PEAP)
![Page 15: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/15.jpg)
Service Set Identifier (SSID)
• Identifier used to differentiate wireless access points
• Can be set to not broadcast adding a low level of security
• Should be changed from the default to help protect from WPA brute force attacks
![Page 16: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/16.jpg)
Vulnerability Assessment• Port Scanning
• Protocol analyzer
• Vulnerability scanner
• Password Cracking
• Penetration Testing
![Page 17: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/17.jpg)
Port Scanning
• Scanner analyzes the ports on a network and determines if they are:– Open: actively listening and accepting connections– Closed: port is not accepting connections– Filtered : no response from the scanned system.
• Tool: nMap(Windows/Linux)
![Page 18: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/18.jpg)
nMAP
![Page 19: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/19.jpg)
Protocol Analyzers
• Also known as Packet Sniffer– Logs network traffic– Analyzes packets– Attempts to decrypt packets
• Tool: WireShark(Windows/Linux)
![Page 20: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/20.jpg)
WireShark
![Page 21: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/21.jpg)
Vulnerability Scanner
• Software designed to:– Map all network devices– Scan network/system– Find Vulnerabilities– Give suggestions on how to make secure
• Doubled Edge Sword• Tool: Nessus
![Page 22: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/22.jpg)
Nessus
![Page 23: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/23.jpg)
Password Cracking
• Software that employs various algorithms in an attempt to discover passwords.
• Keyloggers, Cross-Scripting, Dictionary Tables, Rainbow tables.
• Tool: Hydra (Online), Rainbow Crack (Offline)
![Page 24: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/24.jpg)
Hydra
![Page 25: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/25.jpg)
Rainbow Crack
![Page 26: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/26.jpg)
Penetration Testing
• Method of evaluating the security of a computer system or network by simulating an attack from a malicious source.
• “Ethical Hacker” is hired to perform– Security Audit– Exploit vulnerabilities– Help secure the week points.
• Tool: Back Track 4
![Page 27: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/27.jpg)
Live WEP Crack Demonstration
• Using Ubuntu with Backtrack 4
• Decrypt a 128 bit authentication key
• WEP key: – 43:40:9f:91:d5:33:03:9e:6e:5b:60:dd:6c
![Page 28: Network Security](https://reader036.fdocuments.us/reader036/viewer/2022062707/55860764d8b42a3d6b8b4987/html5/thumbnails/28.jpg)
Conclusion
“The only truly secure computer, is a dead computer.” –Ransel Yoho III, Network Security Architect
Education of users & administrators – first line of defense Use software to test network vulnerability regularly Although new security methods will be developed,
remember that no network will ever be completely un-hackable