Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.

Published byBernard Wilson Modified over 9 years ago

Similar presentations

Presentation on theme: "Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network."— Presentation transcript:

1 Network Security

2 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network security breaches and vulnerabilities.  Differentiate between symmetrical and asymmetrical encryption.  Recall the role of a Certificate Authority (CA).  Compare RADIUS and TACACS+.  Compare authentication protocols.

3 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Summarize the characteristics of a secure password.  Give examples of how a firewall can be used to secure network access.  Recall the purpose of various computer and network security tools.

4 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Network Security  Network security comprises authentication and encryptionauthentication  Authentication is typically accomplished through a user name and password  Other forms of authentication are digital certificates, smart cards, and biometrics

5 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Hackers, Crackers, and Intruders  Exact meaning of hacker depends on the context in which it is used and by whom  Cracker typically means anyone who gains access to a computer system with intent to do harm or play pranks Cracker  For sake of clarity, the textbook uses term intruder

6 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Unprotected Network Shares  Network shares with minimal or no security plus remote access enabled on a computer are a security breach waiting to happen  Hacker tools can probe and access available network shares

7 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Social Engineering  Relies on the gullibility of a network user and his or her respect for authority  Caller: Hello. This is Bob down at IMS operations conducting as security check. We believe we may have an intruder in our system.  Joe Gullible: Yes. What Can I do To help ?  Caller: Well Joe, I need to look at your PC files to see if there have been any possible intrusions. I need your username and password.  Joe Gullible : Sure. My username is Jgullible and my Password is toocool

8 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Open Ports  Common way for intruders to gain access to a system  Administrators should close all unused ports  Third-party utility or the netstat utility can be used to check for open ports

9 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Zero Configuration (Zeroconf)  Standard Developed by the IEEE  Advantage  Enables a network device to automatically configure itself for a network  Disadvantage  Makes a network less secure

10 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Denial of Service (DoS)  One of the most common attacks on a server  Can overload a server to the point that it crashes or is not able to complete a legitimate user request

11 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Man in the Middle (MITM)  Intruder intercepts network transmission, reads it, then places it back on route to its destination  Contents may or may not be modified  MITM can also be used for a replay attackreplay attack  Using an IP or MAC address from a previous network transmission to make an unauthorized connection.

12 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Spoofing  Example: Using a valid IP address to fool a server  Example: Using a bogus IP address and ID when sending unsolicited e-mail

13 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Smurf Attack  A type of DoS  To deal with a DoS attack  Configure the computer firewall not to respond to ICMP (Internet Control Message Protocol) echo requests  Configure routers not to forward ICMP echo requests to broadcast addresses in the network

14 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Trojan Horse  Example: Free download that contains malicious code  That code could contain virus, worm, or backdoorbackdoor  Example: Can imitate legitimate logon screen  When user logs on, name and password are sent to unauthorized user

15 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. E-Mail Attachments  Source of most commonly encountered viruses  Malicious code can be programmed into attachment  When recipient opens attachment, malicious program is activated

16 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. As a network administrator, you are in charge of educating company employees on the dangers of e-mail attachments. What might you tell the employees concerning e-mail attachments and the prevention of infecting their computers and the network with malware? Applied Networking

17 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Macro Virus  Series of common keystrokes can be linked to a virus  Can be sent as e-mail attachment and is launched when recipient opens attachment  May infect a template file like normal.dot and then execute when user presses a certain combination of keys

18 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Worm  Most common worm programs use e-mail to replicate and spread to other computers  Common safeguard against worms is setting up a dedicated mail server

19 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Phishing  E-mail can appear as if it’s from a legitimate company, such as a credit card company  E-mail requests user’s personal information, such as social security number or bank account PIN  Phony web sites that look authentic, but have slightly different domain names

20 Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. As a network administrator, you are in charge of educating company employees on the dangers of phishing. What might you tell the employees concerning detecting and handling a phishing attack? Applied Networking

21 I N CLASS LAB Roberts 72 & 73 N EXT C LASS November 6 th, 2013 Labsim Homework 8.2.2-8.2.4

Download ppt "Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network."

Similar presentations

Network Security.

Network Security.
Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.

Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Computer Viruses.

Computer Viruses.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.

1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.
Malicious Attacks Angela Ku Adeline Li Jiyoung You Selena Yuen.

Malicious Attacks Angela Ku Adeline Li Jiyoung You Selena Yuen.
Threats To A Computer Network

Threats To A Computer Network
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.

S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.
Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.

Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Similar presentations

Ads by Google