Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Intrusion Detection and Intrusion Prevention.

Similar presentations


Presentation on theme: "Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Intrusion Detection and Intrusion Prevention."— Presentation transcript:

1 Network Security

2 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Intrusion Detection and Intrusion Prevention Systems Intrusion Detection System (IDS)Only detects unauthorized activity. Example: MS Event Viewer Intrusion Detection System (IDS) Intrusion Prevention System (IPS)Detects unauthorized activity and performs some function to stop the activity. Example: Most antivirus software Intrusion Prevention System (IPS) IDS and IPS require some form of port monitoringport monitoring When a particular port on a switch is connected directly to the IDS or IPS and monitors all activity through another port on the same switch.

3 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Public Key Infrastructure (PKI) Provides encryption and authenticationencryption The method of using an algorithm to encode data. Algorithm converts data into ciphertextciphertext encrypted data CryptologyScience of encrypting data Cryptology Generates key and uses it for encryptionkey Generates certificate to verify authentication

4 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Key Encryption Methods Symmetric-key encryptionGenerally used when large amounts of data need to be encrypted Symmetric-key encryption Asymmetric-key encryptionBoth the public and private keys are needed to encode and decode data Asymmetric-key encryption

5 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Digital Certificate A file that commonly contains data such as the users name and address, the public key value assigned to the user, the validity period of the public key, issuing authority identifier information

6 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Certificate Authority (CA) 1.Station1 applies for digital certificate from a CA to send an encrypted message to Station2 2.CA issues digital certificate to Station1digital certificate 3.Station1 uses private key to encrypt message 4.Station1 sends encrypted message to Station2 5.Station2 uses the public key to decode encrypted message

7 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Details of a VeriSign Digital Certificate

8 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Security Sockets Layer (SSL)Security Sockets Layer (SSL) and Transport Layer Security (TLS) Transport Layer Security (TLS) Application layer protocols Support VoIP, , and remote connections Based on public key encryption technology Displays https:// when securing Web site connection Not compatible with each other TLS more secure; SSL more popular

9 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Secure HTTP (S-HTTP) Uses symmetric, or private, keys for encoding and decoding messages Not supported by all Web browsers

10 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Virtual Network Connection (VNC) Describes point-to-point connection to a remote device Connection considered virtual because users network device is not a physical part of remote network

11 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Independent Computer Architecture (ICA) Citrix ICA and Microsoft Remote Desktop Protocol are the two main choices for this type of application

12 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Internet Protocol Security (IPSec) Collection of security protocols, hashes, and algorithms Authentication can be verified with Kerberos, a preshared key, or digital certificates IPSec VPNs typically use public and private keys for encryption

13 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. IPSec Modes Transport mode An IPSec mode that only encrypts the payload. Transport mode Tunnel mode An IPSec mode that encrypts the payload and the header. Tunnel mode

14 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Secure Shell (SSH) Originally designed for UNIX to replace Remote Login (rlogin), Remote Shell (rsh), and Remote Copy (rcp) Uses port 22 Requires a private key, public key, and password Can be used on operating systems that support TCP/IP

15 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. SSH Example

16 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Secure Copy Protocol (SCP) Replacement for rcp command Does not require password

17 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Service Set Identifier (SSID) Identifies wireless network Similar to workgroup name All wireless network devices are configured with a default SSID To secure the wireless network, the default SSID should be changed

18 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Media Access Control (MAC) Filtering To configure MAC filtering, administrator creates an Access Control List (ACL) ACL is located on Wireless Access Point (WAP) ACL contains list of MAC addresses belonging to authorized wireless network devices

19 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Wired Equivalent Privacy (WEP) First attempt to secure with encryption the data transferred across a wireless network Algorithm not complex and can be easily cracked A VPN can add to the security set in place by WEP

20 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Wi-Fi Protected Access (WPA) Developed by the Wi-Fi organization to overcome the vulnerabilities of WEP Compatible with devices Wi-Fi Protected Access 2 (WPA2) is an enhanced version of WPA Wi-Fi Protected Access 2 (WPA2) WPA2 is compatible with the i standard

21 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc i IEEE ratified standard to remedy original security flaws Specifies the use of a 128-bit Advanced Encryption Standard (AES) for data encryption Generates fresh set of keys for each new connection Downward compatible with existing devices

22 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc x Authentication Provides port-based, network access control Used for client/server-based networks SupplicantWireless network device requesting network access AuthenticatorWAP provides authentication Authentication serverServer running Remote Authentication Dial-In User Service (RADIUS)

23 I N CLASS LAB Languard Lab – download lab from course website Labsim 8.25 N EXT C LASS No class on Monday November 11 th, 2013 November 13 th, 2013 Labsim Homework 8.3.1–8.3.3


Download ppt "Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Intrusion Detection and Intrusion Prevention."

Similar presentations


Ads by Google