Download presentation
Presentation is loading. Please wait.
Published byBernard Wilson Modified over 9 years ago
1
Network Security
2
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives Give examples of common network security breaches and vulnerabilities. Differentiate between symmetrical and asymmetrical encryption. Recall the role of a Certificate Authority (CA). Compare RADIUS and TACACS+. Compare authentication protocols.
3
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives Summarize the characteristics of a secure password. Give examples of how a firewall can be used to secure network access. Recall the purpose of various computer and network security tools.
4
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Network Security Network security comprises authentication and encryptionauthentication Authentication is typically accomplished through a user name and password Other forms of authentication are digital certificates, smart cards, and biometrics
5
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Hackers, Crackers, and Intruders Exact meaning of hacker depends on the context in which it is used and by whom Cracker typically means anyone who gains access to a computer system with intent to do harm or play pranks Cracker For sake of clarity, the textbook uses term intruder
6
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Unprotected Network Shares Network shares with minimal or no security plus remote access enabled on a computer are a security breach waiting to happen Hacker tools can probe and access available network shares
7
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Social Engineering Relies on the gullibility of a network user and his or her respect for authority Caller: Hello. This is Bob down at IMS operations conducting as security check. We believe we may have an intruder in our system. Joe Gullible: Yes. What Can I do To help ? Caller: Well Joe, I need to look at your PC files to see if there have been any possible intrusions. I need your username and password. Joe Gullible : Sure. My username is Jgullible and my Password is toocool
8
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Open Ports Common way for intruders to gain access to a system Administrators should close all unused ports Third-party utility or the netstat utility can be used to check for open ports
9
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Zero Configuration (Zeroconf) Standard Developed by the IEEE Advantage Enables a network device to automatically configure itself for a network Disadvantage Makes a network less secure
10
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Denial of Service (DoS) One of the most common attacks on a server Can overload a server to the point that it crashes or is not able to complete a legitimate user request
11
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Man in the Middle (MITM) Intruder intercepts network transmission, reads it, then places it back on route to its destination Contents may or may not be modified MITM can also be used for a replay attackreplay attack Using an IP or MAC address from a previous network transmission to make an unauthorized connection.
12
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Spoofing Example: Using a valid IP address to fool a server Example: Using a bogus IP address and ID when sending unsolicited e-mail
13
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Smurf Attack A type of DoS To deal with a DoS attack Configure the computer firewall not to respond to ICMP (Internet Control Message Protocol) echo requests Configure routers not to forward ICMP echo requests to broadcast addresses in the network
14
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Trojan Horse Example: Free download that contains malicious code That code could contain virus, worm, or backdoorbackdoor Example: Can imitate legitimate logon screen When user logs on, name and password are sent to unauthorized user
15
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. E-Mail Attachments Source of most commonly encountered viruses Malicious code can be programmed into attachment When recipient opens attachment, malicious program is activated
16
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. As a network administrator, you are in charge of educating company employees on the dangers of e-mail attachments. What might you tell the employees concerning e-mail attachments and the prevention of infecting their computers and the network with malware? Applied Networking
17
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Macro Virus Series of common keystrokes can be linked to a virus Can be sent as e-mail attachment and is launched when recipient opens attachment May infect a template file like normal.dot and then execute when user presses a certain combination of keys
18
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Worm Most common worm programs use e-mail to replicate and spread to other computers Common safeguard against worms is setting up a dedicated mail server
19
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Phishing E-mail can appear as if it’s from a legitimate company, such as a credit card company E-mail requests user’s personal information, such as social security number or bank account PIN Phony web sites that look authentic, but have slightly different domain names
20
Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. As a network administrator, you are in charge of educating company employees on the dangers of phishing. What might you tell the employees concerning detecting and handling a phishing attack? Applied Networking
21
I N CLASS LAB Roberts 72 & 73 N EXT C LASS November 6 th, 2013 Labsim Homework 8.2.2-8.2.4
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.