Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fundamentals of Networking Discovery 1, Chapter 8 Basic Security.

Published byAubrey McDonald Modified over 9 years ago

Similar presentations

Presentation on theme: "Fundamentals of Networking Discovery 1, Chapter 8 Basic Security."— Presentation transcript:

1 Fundamentals of Networking Discovery 1, Chapter 8 Basic Security

2 Objectives Identify & describe the various networking threats Identify different methods of attacks Describe security procedures and applications Describe the features of a firewall and how it can be used to protect against an attack

3

4

5 What’s Ahead… Networking Threats Methods of Attack Security Policy Using Firewalls

6

7 Network Intrusion Attacks can be devastating ▫ Cost money, time, theft of files, etc HACKERS ▫ Intruders who gain access by modifying software or exploiting software vulnerabilities

8 4 Threats from Hacker Information theft Identity theft Data loss / manipulation Disruption of service

9 4 Threats from the Hacker Stealing Confidential Info ▫ Credit card #’s ▫ Private Company info such as a project in development ▫ Could be sold

10 4 Threats from the Hacker Destroy or Alter Records ▫ Send a virus that reformats HD ▫ Changing your grades ▫ Change store prices

11 4 Threats from the Hacker Identity Theft ▫ Stealing info to take on identity ▫ Applying for credit cards & buying stuff ▫ Obtain DL’s

12 4 Threats from the Hacker Disrupting Service ▫ Preventing user from accessing services such as Internet

13 Activity

14 What is a hacker? ▫ Handout Review posters and decide on the threat ▫ Handout

15 Where’d He Come From? External Threat ▫ Outside attacker ▫ Internet or Wireless

16 Where’d He Come From? Internal Threat ▫ Has authorized access  Knows people & network  Knows what info is valuable ▫ OR someone may have just picked up a virus According to the FBI, internal access and misuse of computers systems account for approximately 70% of reported incidents of security breaches.

17 Discussion Who is the greatest threat? ▫ Internal or External

18 Social Engineering- The Trojan Horse

19 Social Engineering Easiest way to gain access… Deceiving internal users into performing actions or revealing confidential info ▫ Takes advantage of them ▫ Usually don’t meet them face-to-face

20 Fight Intrusion http://www.us-cert.gov/reading_room/before_you_plug_in.html http://www.us-cert.gov/reading_room/distributable.html Example 1 Example 2

21 3 Types of Social Engineering Pretexting, Phishing, and Vishing

22 Phishing

23 Review

24 Let’s Try This… Cyber Security Awareness Quiz

25

26 Other Attacks Viruses, Worms and Trojan horses ▫ Malicious software put on hosts ▫ Damage system, destroy data, deny access ▫ They can forward data to thieves ▫ Can replicate to other hosts

27 3 Evil Things Viruses, Worms and Trojan horses ▫ Go to 8.2.1.2

28 Simplified TransmissionReplicationBehavior Virus Attaches to a program Can reproduceCauses havoc! Worm Self-replicatingSends copies of itself to other comp. w/ security holes Cause harm to network; ties up bandwidth Trojan Horse Computer program disguised Does damage when run Can’t replicate

29 Let’s See… GCIT Who wants to play… ▫ ID Theft Faceoff? ID Theft ▫ Invasion of the Wireless Hackers? Invasion of the Wireless Hackers ▫ Phishing Scams? Phishing Scams Quiz Time for all! ▫ http://www.sonicwall.com/phishing/ http://www.sonicwall.com/phishing/

30 Activity Virus, Worm or Trojan Horse???

31 Homework Look up three current virus threats. ▫ Handout

32 Just Being Evil! Sometimes the goal is to shut a network down & disrupt the organization ▫ Can cost a business lots of money!!

33 Denial of Service (DoS) In general, DoS attacks seek to: ▫ Flood a system or network with traffic to prevent legitimate network traffic from flowing ▫ Disrupt connections between a client and server to prevent access to a service ▫ Some are not used much anymore, but can be SYN flooding Ping of Death

34 DoS- SYN Flooding

35 DoS- Ping of Death! Sending SO MANY LARGE pings, the server can’t respond to anyone else!

36 DDoS ▫ Attack by multiple systems infected with DDoS code ▫ Sends useless data to server ▫ Overwhelms system & it crashes

37 Brute Force Fast computer used to guess passwords or decipher encryption code Brute force attacks can cause a denial of service due to excessive traffic to a specific resource or by locking out user accounts Try Activity on 8.2.2.3

38 Review Name 3 types of social engineering. ▫ Pretexting, Phishing, Vishing How are you targeted in a pretexting attack? ▫ Over the phone You click on a pop-up window to claim a “prize.” A program was installed w/out you knowing & now an attacker has access to your system. What is this called? ▫ Trojan Horse

39 Review Which attack doesn’t need activation and copies itself across the network? ▫ Worm A server is busy responding to a SYN with an invalid source IP address. What’s the attack? ▫ SYN Flooding

40 Other Threats Not all threats do damage ▫ Some collect info Collecting Info/Invading Privacy ▫ Spyware ▫ Tracking Cookies ▫ Adware ▫ Pop-ups

41 Spyware Program that gathers personal info w/out your permission ▫ Info sent to advertisers Usually installed unknowingly ▫ Downloaded, installing a program, click on pop-up Can slow computer down or make settings changes Can be difficult to remove ToolbarsKeyloggersBundled Software

42 Tracking Cookies Form of spyware ▫ Not always bad Records info about user when they visit web sites ▫ Allows personalization ▫ Many sites require them

43 Adware Form of spyware Records info about user when they visit web sites For advertising purposes ▫ Pop-ups & pop-ups of ads

44 Pop-Ups (and Pop-Unders) Adware EXCEPT doesn’t collect any info Pop-ups ▫ Open in front of the current browser window Pop-unders ▫ Open behind the current browser window

45 What’s This?

46 Spam Unwanted bulk mail from advertisers Spammer sends ▫ Often sent through unsecured servers ▫ Can take control of computers ▫ Then sent from that computer to others On average, how many spam emails are sent to a person per year? ▫ 3000

47 Review You visit a web site and see this annoying advertising tactic that appears in a new window. What is it? ▫ Pop-up This type of advertising is sent to many, many people. The advertiser uses no marketing scheme. ▫ Spam This form of spyware is not always bad & can be used for personalization of a site. ▫ Cookies

48

49 Security Measures You can’t eliminate security breaches ▫ You can minimize the risks Policy Procedures Tools & Applications

50 Security Policy Formal statement of rules when using tech ▫ Acceptable use policy ▫ Detailed handbook What should be included?

51 Activity Let’s review some policies… GCIT Klondike Middle School Clearview High School

52 More Security Procedures The procedures help implement the policies Some of the security tools and applications used in securing a network include:

53 Rut Roh! Computer starts acting abnormally Program does not respond to mouse and keystrokes. Programs starting or shutting down on their own. Email program begins sending out large quantities of email CPU usage is very high There are unidentifiable, or a large number of, processes running. Computer slows down significantly or crashes

54 Anti-Virus Software Preventive & Reactive tool Features ▫ Email checker ▫ Dynamic Scanning (checks files when accessed) ▫ Scheduled scans ▫ Auto update When a virus is known, they will update it

55 Anti-Spam Spam sends unwanted emails ▫ Code takes over PC to send more The software ID’s it & places it in junk folder or deletes it On PC or on email server ▫ ISP may have a spam filter

56 Other ways to prevent spam Keep anti-virus up to date Don’t forward suspect emails Ignore the virus warning email Report spam to admin to be blocked Don’t open attachment from people you don’t know

57 Anti-Spyware Spyware & Adware cause virus-like symptoms ▫ Use computer resources This software can detect & delete them Pop-Up Blockers

58 Activity

59 Review This policy says what you can & can’t do on a network or computer. ▫ Acceptable use policy T or F. A-V companies like McAfee can protect you against every known virus & future viruses. ▫ False T or F. It is possible for legitimate emails to be marked as spam. ▫ True

60 Review T or F. With A-V & anti-spyware installed, you need not worry about opening email attachments. You are completely safe! ▫ False…why? Other than on your PC, Google’s Gmail servers have this security software installed. ▫ Spam Filter

61

62 What’s a firewall? Controls traffic between networks & helps prevent unauthorized access ▫ Permits or denies data

63 4 Types of Firewalls

64 Firewall Decisions Based On Packet Filtering ▫ Based on IP or MAC addresses Application / Web Site Filtering ▫ Based on the application. ▫ Websites can be blocked by URL or keywords Stateful Packet Inspection (SPI) ▫ Must be responses from internal host ▫ DoS saver

65 Firewall Placement & DMZ

66 GCIT & DMZ Web Server (has GCIT web site) Email Server (allows outside access) File Server (allows file access from outside) DRAW DMZ

67 Firewall & DMZ at home/ Port Forwarding/ Wireless AP internal Let’s say you have a web server It needs to handle web request while you still protect you internal network Create a DMZ with the Linksys

68 Lab 8.4.2.4 DMZ Setup Lab ▫ Set up DMZ ▫ Set up port forwarding ▫ You can even set up time/day access (will not do in the lab)

69 Review Which type of firewall… ▫ Is dedicated hardware & the best?  Appliance ▫ Is on a single computer?  Personal What is an area that is accessible to internal PC’s & outside PC’s? ▫ DMZ What 3 security measures can be set up for a server on your network that needs public access? ▫ DMZ, port forward, time/day

70 Review How many firewalls would a big business use? ▫ Two firewalls What of these can you setup in a wireless access point for security? ▫ Popup stopper, Change the default IP address, Update the antivirus software, Tighten the cable between the AP and PC  Change the AP default IP from 192.168.1.1 to 192.168.x.x Which process allows firewall entrance into the network ONLY IF it was requested from an internal PC? ▫ SPI

71 Is Your Network Vulnerable? Tools to help identify where attacks can occur ▫ Number of hosts on a network ▫ The services hosts are offering ▫ The OS and update versions on hosts ▫ Packet filters and firewalls in use Lab 8.4.3.2? ▫ Vulnerability Analysis

72 Lab 8.4.3.2 Vulnerability Analysis

73 Review- 10 Questions

74 8: Basic Security Networking for Home & Small Business

Download ppt "Fundamentals of Networking Discovery 1, Chapter 8 Basic Security."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
How to protect yourself, your computer, and others on the internet

How to protect yourself, your computer, and others on the internet
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,

Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.

Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.
Spyware and Adware Rick Carback 9/18/2005

Spyware and Adware Rick Carback 9/18/2005
SECURITY CHECK Protecting Your System and Yourself Source:

SECURITY CHECK Protecting Your System and Yourself Source:
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Computer Viruses.

Computer Viruses.
1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.

1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.

Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Issues Raised by ICT.

Issues Raised by ICT.
Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.

Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Similar presentations

Ads by Google