Scribd Logo
Upload

Welcome to Scribd!

  • Lecture 7 Security in Networks

    Uploaded by

    kernelnot
    4 views33 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    4 views33 pages

    Lecture 7 Security in Networks

    Uploaded by

    kernelnot

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    of 33

    Security in Networks—

    Their design, development, usage…

    Barbara Endicott-Popovsky
    CSSE592/491

    In collaboration with:
    Deborah Frincke, Ph.D.
    Director, Center for Secure and Dependable
    Systems
    University of Idaho
    Text Book
     Both broad survey and focused
     Chapters 1-2 lay groundwork
     Chapters 3 –7 Software
    • Chapter 7
    – Contrast to standalone environments
    – Threats
    – Controls
    – Tools: Firewalls, Intrusion detection, Secure e-mail

     Chapter 9 Privacy, ethics, the law


     Chapter 10 Cryptography – the how
    In this section of the course we
    will look at…

     Networks—their design, development, usage


    • The Basics
    • Threats
    • Controls
    • Tools
    • Firewalls
    • Intrusion Detection
    • Secure e-mail

    Source: Pfleeger & Pfleeger


    Agenda
     I. The Basics

     II. Threats

     III. Controls

     IV. Tools

    Source: Pfleeger & Pfleeger


    I. The Basics
     Terms
    • Topology
    • Media
    • Analog/digital
    • Protocols
    • LAN/WAN
    • Internet
    • Distributed System
    • API’s

    Source: Pfleeger & Pfleeger


    ISO/OSI Model
    OSI Name Activity
    Layer
    User-level data
    7 Application
    Standardized data
    6 Presentation appearance
    Logical connection
    5 Session among parts
    Flow control
    4 Transport
    Routing
    3 Network
    Reliable data
    2 Data Link deliver6y
    Actual
    1 Physical communication across
    physical medium

    Source: Pfleeger & Pfleeger


    TCP/IP vs. OSI
    OSI Name Activity
    Layer
    User-level data
    7 Application
    Standardized data
    6 Presentation appearance
    Logical connection
    5 Session among parts
    Flow control
    4 Transport
    Routing
    3 Network
    Reliable data
    2 Data Link deliver6y
    Actual
    1 Physical communication across
    physical medium

    Source: Pfleeger & Pfleeger


    TCP/IP
    Layer Action Responsibilities

    Application Prepare User interaction,


    messages addressing

    Transport Convert messages Sequencing, reliability,


    to packets error connection

    Internet Convert messages Flow control, routing


    to datagrams

    Physical Transmit Data communication


    datagrams as bits

    Source: Pfleeger & Pfleeger


    Issues
     ISO/OSI:
    Slows things down

     TCP/IP:
    More efficient
    NOTE:
    Open
    Study this part of the Chapter

     Results:
    TCP/IP used over Internet
    Introduces security issues

    Source: Pfleeger & Pfleeger


    II. Threats
     Vulnerabilities
     Attackers
     Threats
    • Precursors
    • In transit
    • Protocol flaws
    • Impersonation
    • Spoofing
    • Message Confidentiality / Integrity threats
    • Web Site Defacement
    • Denial of Service (DOS)
    • Distributed Denial of Service (DDOS)
    • Active or Mobile Code Threats
    • Complex Attacks

    Source: Pfleeger & Pfleeger


    Vulnerabilities
     Anonymity

     Many points of attacks—targets and origins

     Sharing

     Complexity of system

     Unknown perimeter

     Unknown path

    Source: Pfleeger & Pfleeger


    Attackers
     Kiddiescripters
     Industrial spies
     Information warfare
     Cyber terrorists
     “Hactivists”
     Wardrivers, etc.

    Profile—see Mittnick

    Source: Pfleeger & Pfleeger


    Threat Spectrum

    Source: Deb Frincke


    From CSI/FBI Report 2002
    • 90% detected computer security breaches

    • 80% acknowledged financial losses

    • 44% (223) were willing / able to quantify losses: $455M

    • Most serious losses: theft of proprietary information and fraud


    • 26 respondents: $170M
    • 25 respondents: $115M

    • 74% cited Internet connection as a frequent point of attack

    • 33% cited internal systems as a frequent point of attack

    • 34% reported intrusions to law enforcement. (up from 16%-1996)

    Source: Deb Frincke


    More from CSI/FBI 2002
     40% detected external penetration

     40% detected DOS attacks.

     78% detected employee abuse of Internet

     85% detected computer viruses.

     38% suffered unauthorized access on Web sites

     21% didn’t know.

     12% reported theft of information.

     6% reported financial fraud (up from 3%-- 2000).

    Source: Deb Frincke


    Threats: Precursors
     Port Scan
     Social Engineering
     Reconnaissance
     OS Fingerprinting
     Bulletin Boards / Chats
     Available Documentation

    Source: Pfleeger & Pfleeger


    Threats: In Transit
     Packet Sniffing
     Eavesdropping
     Wiretapping

     Microwaves
     Satellites
     Fiber
     Wireless

    Source: Pfleeger & Pfleeger


    Threats: Protocol Flaws
    Public protocols
    Flaws public
    Human errors

    Source: Pfleeger & Pfleeger


    Threats: Impersonation
     Guessing
     Stealing
     Wiretapping
     Eavesdropping

     Avoid authentication
     Nonexistent authentication
     Known authentication
     Trusted authentication
     Delegation
     MSN Passport
    Source: Pfleeger & Pfleeger
    Threats: Spoofing

    Masquerade

    Session hijacking

    Man-in-the Middle attack

    Source: Pfleeger & Pfleeger


    Threats:
    Message Confidentiality/Integrity
    Misdelivery

    Exposure

    Traffic flow analysis

    Falsification of messages

    Noise

    Source: Pfleeger & Pfleeger


    Threats: Web Site Defacement

    Buffer overflows

    Dot-Dot and address problems

    Server-Side include

    Source: Pfleeger & Pfleeger


    Threats: Denial of Service (DOS)
    Transmission failure

    Connection flooding
    Echo-chargen

    Ping of death

    Smurf attack Service


    Syn flood

    Traffic redirection

    DNS attack
    BIND

    Source: Pfleeger & Pfleeger


    Threats:
    Distributed Denial of Service (DDOS)
     Trojan horses planted

     Zombies attack

    Source: Pfleeger & Pfleeger


    Threats: Active/Mobile Code
    (Code Pushed to the Client)
    Cookies
    Per-session

    Persistent

    Scripts

    Active code
    Hostile applet

    Auto Exec by type

    Source: Pfleeger & Pfleeger


    Threats: Complex Attacks

    Script Kiddies

    Building Blocks

    Source: Pfleeger & Pfleeger


    III. Controls
     Design
     Architecture
    • Segmentation
    • Redundancy
    • Single points of failure
     Encryptions
    • Link encryption
    • End-to-end encryption
    • VPN’s
    • PKI and Certificates
    • SSH and SSL encryption
    • IPSec
    • Signed code
    • Encrypted e-mail
    Source: Pfleeger & Pfleeger
    Controls (cont’d.)
     Content Integrity
    • Error correcting codes
    • Cryptographic Checksum
     Strong Authentication
    • One-time password
    • Challenge-Response systems
    • Digital distributed authentication
    • Kerberos
     Access controls
    • ACL’s on routers
    • Firewalls
     Alarms and Alerts
     Honeypots
     Traffic Flow Security
    • Onion routing

    Source: Pfleeger & Pfleeger


    IV. Tools
     Firewalls
     Intrusion Detection Systems
     Secure e-Mail

    Source: Pfleeger & Pfleeger


    Firewalls
     Packet filtering gateway
     Stateful inspection firewall
     Application proxy gateway
     Guard
     Personal firewalls

    Source: Pfleeger &


    Intrusion Detection Systems
     Signature-based IDS

     Heuristic IDS

     Stealth mode

    Source: Pfleeger &


    IDS Characteristics
     Goals
    • Detect all attacks
    • Little performance impacts
     Alarm response
    • Monitor and collect data
    • Protect
    • Call administrator
     Limitations
    • Avoidance strategies
    • Sensitivity
    • Only as good as the process/people

    Source: Pfleeger & Pfleeger


    Secure e-Mail
     Designs
    • Confidentiality—encryption
    • Message integrity checks

     Examples
    • PGP
    • S/MIME

    Source: Pfleeger & Pfleeger

    You might also like