8/7/2019 Intro to Network Security_1
1/33
8/7/2019 Intro to Network Security_1
2/33
2
What is Internet Security?
Network security addresses the
vulnerabilities to which your
organization is exposed as aconsequence of being connected
to a network.
8/7/2019 Intro to Network Security_1
3/33
3
Topics ofDiscussionI. Whos vulnerable?
II. Whos attacking?
III. What are the kinds of attacks?
IV. How do we protect ourselves?
V. What do you do when youve
been hacked?VI. References and Q&A
8/7/2019 Intro to Network Security_1
4/33
4
Whos vulner
able?
Everyone in your organization who uses
computers or networks in the process of
doing their job. Everyone in your organization who is
affected by the information stored in
computers.
Everyone in your organization.
Outsiders who rely on your organization
your customers, the public.
8/7/2019 Intro to Network Security_1
5/33
5
Whos vulner
able?
Both Servers and End-Users are
subject to attack.
Web servers, E-mail servers, Fileservers, Communications servers,
Network devices
End-users receiving e-mail, visiting
web sites, downloading files,participating in online services
8/7/2019 Intro to Network Security_1
6/33
6
Whos vulner
able?
20-year-old man arrested for
breaking into two computers of
NASAs Jet Propulsion Laboratory. Hacking started in 1998
One computer was used to host
chat room devoted to hacking
Thousands of usernames and
passwords were stolenReuters News, July 12, 2000
8/7/2019 Intro to Network Security_1
7/33
7
Whos
attacking?
Attacks from the Outside
Outside means originating from
anyone/anyplace outside of yourLAN/intranet, an unknown source.
Sometimes the damage is done
without intent....
Sometimes the damage is done onpurpose.
8/7/2019 Intro to Network Security_1
8/33
8
What are the kinds of
attacks? Trojans, Worms and Backdoors
Trojans are programs that appear to
perform a desirable and necessaryfunction that perform functionsunknown to (and probably unwantedby) the user.
Worms are memory resident viruses.
Unlike a virus, which seeds itself inthe computer's hard disk or filesystem, a worm will only maintain afunctional copy of itself in activememory.
8/7/2019 Intro to Network Security_1
9/33
9
What are the kinds of
attacks? Password Crackers
Some actually try to decrypt....
Most simply try brute force orintelligent brute force
Dictionary words, days of year,
initials
Social Engineering
This is MIS, I need to fix your
e-mail box, whats your password?
8/7/2019 Intro to Network Security_1
10/33
10
How dowe protect
ourselves? One product cannot provide full
protection
The computer networkingenvironment consists of too many
different subsystems for one
product to provide full protection
8/7/2019 Intro to Network Security_1
11/33
11
How dowe protect
ourselves? Ethernet protocol
IP protocol
TCP protocol
Routing protocols
Operating Systems
Presentation protocols - HTML, DHTML,XHTML, XML
Remote Program execution protocols -VBS, ASP, DCOM, CORBA, JavaScript,Java Applets, Jini
Applications - MS Outlook, NetscapeCommunicator, server SW (MS IIS, etc.)
8/7/2019 Intro to Network Security_1
12/33
12
How dowe protect
ourselves? Anti-virus software
Personal Anti-virus SW on your
machine Make sure it is set to scan all
executables, compressed files,
e-mail, e-mail attachments, web
pages Keep your virus information files up
to date!!!
8/7/2019 Intro to Network Security_1
13/33
13
How dowe protect
ourselves? Web based protection filters
Web Server protection
Protects web server from hacking(e.g. AppShield (Sanctum Inc.))
Web Access Control
Restricts web sites to which you
can connect. Can protect you bynot allowing you to go to malicious
web sites (e.g. WebSENSE)
8/7/2019 Intro to Network Security_1
14/33
14
How dowe protect
ourselves? More on Web Site/Application
hacking
Some examples....
8/7/2019 Intro to Network Security_1
15/33
15
How dowe protect
ourselves? Hidden Manipulation
Parameter Tampering
Cookie Poisoning Stealth Commanding
Forceful Browsing
Backdoors and Debug
Options
Configuration Subversion
Buffer Overflow
Vendor assisted hackingthrough 3rd-party software
vulnerabilities
8/7/2019 Intro to Network Security_1
16/33
2/14/01 Fujitsu Systems Business of America 16
Example: Medical Records
AccessParameter Tampering - SQL
Query via CGI Parameters
8/7/2019 Intro to Network Security_1
17/33
8/7/2019 Intro to Network Security_1
18/33
8/7/2019 Intro to Network Security_1
19/33
2/14/01 Fujitsu Systems Business of America 19
Example: Money Theft
Utilizing Debug Options
8/7/2019 Intro to Network Security_1
20/33
8/7/2019 Intro to Network Security_1
21/33
8/7/2019 Intro to Network Security_1
22/33
8/7/2019 Intro to Network Security_1
23/33
2/14/01 Fujitsu Systems Business of America 23
Example: Shutting Down a Site
Buffer overflow
8/7/2019 Intro to Network Security_1
24/33
8/7/2019 Intro to Network Security_1
25/33
8/7/2019 Intro to Network Security_1
26/33
8/7/2019 Intro to Network Security_1
27/33
8/7/2019 Intro to Network Security_1
28/33
8/7/2019 Intro to Network Security_1
29/33
29
How dowe protect
ourselves? VPN technologies
Access Control
Who can talk to us through the network?
Authentification
How do we know you're who you say youare?
Integrity
How can we guarantee that what wereceive is what you sent?
Confidentiality
How can we guarantee that no one elsecan read this information?
8/7/2019 Intro to Network Security_1
30/33
30
How dowe protect
ourselves? Intrusion Detection Systems
Suspicious Pattern Detection
Looks for known patterns of types of trafficthat are common to electronically "casingthe joint"
Bit Pattern Signature Detection
Looks for known signatures of attacks
Anomaly Detection - the AI approach
Monitors network for a period of time toestablish a statistical norm for traffic onthe network. Generates alarms whenabnormal traffic occurs
8/7/2019 Intro to Network Security_1
31/33
31
What do you dowhen
youve been hacked? Too big of a topic to go into here.... but
its a vital part of network security.
What can you do to ensure thecompromise has been abated?
How do you identify whats been
changed?
What did you lose?
What can you recover?
8/7/2019 Intro to Network Security_1
32/33
32
References
Hacking Exposed, Network SecuritySecrets and Solutions, Joel Scambray,Stuart McClure, and George Kurtz,Osborne/McGraw-Hill
Mastering Network Security, ChrisBrenton, Sybex Network Press
Maximum Security, A Hacker's Guideto Protecting Your Internet Site and
Network, Anonymous, SAMS
Secrets and Lies, Digital Security In ANetworked World, Bruce Schneier, JohnWiley and Sons
8/7/2019 Intro to Network Security_1
33/33
33
References
Reputable sites
www.hackingexposed.com
www.securityfocus.com
Questionable sites
www.because-we-can.com
www.digicrime.com www.insecure.org