Professional Documents
Culture Documents
Lecture 7 Security in Networks
Lecture 7 Security in Networks
Barbara Endicott-Popovsky
CSSE592/491
In collaboration with:
Deborah Frincke, Ph.D.
Director, Center for Secure and Dependable
Systems
University of Idaho
Text Book
Both broad survey and focused
Chapters 1-2 lay groundwork
Chapters 3 –7 Software
• Chapter 7
– Contrast to standalone environments
– Threats
– Controls
– Tools: Firewalls, Intrusion detection, Secure e-mail
II. Threats
III. Controls
IV. Tools
TCP/IP:
More efficient
NOTE:
Open
Study this part of the Chapter
Results:
TCP/IP used over Internet
Introduces security issues
Sharing
Complexity of system
Unknown perimeter
Unknown path
Profile—see Mittnick
Microwaves
Satellites
Fiber
Wireless
Avoid authentication
Nonexistent authentication
Known authentication
Trusted authentication
Delegation
MSN Passport
Source: Pfleeger & Pfleeger
Threats: Spoofing
Masquerade
Session hijacking
Exposure
Falsification of messages
Noise
Buffer overflows
Server-Side include
Connection flooding
Echo-chargen
Ping of death
Traffic redirection
DNS attack
BIND
Zombies attack
Persistent
Scripts
Active code
Hostile applet
Script Kiddies
Building Blocks
Heuristic IDS
Stealth mode
Examples
• PGP
• S/MIME