Presentation is loading. Please wait.

Presentation is loading. Please wait.

SAFE AND SOUND. INTRODUCTION Elements of Security Auditing Elements of Security Auditing Applications to Customers Network Applications to Customers Network.

Published byGriffin Curtis Modified over 8 years ago

Similar presentations

Presentation on theme: "SAFE AND SOUND. INTRODUCTION Elements of Security Auditing Elements of Security Auditing Applications to Customers Network Applications to Customers Network."— Presentation transcript:

1 SAFE AND SOUND

2 INTRODUCTION Elements of Security Auditing Elements of Security Auditing Applications to Customers Network Applications to Customers Network

3 Modular Approach User layer…….Server layer……..Network layer User layer…….Server layer……..Network layer …………..interconnects (cabling)…………… …………..interconnects (cabling)……………

4 User Layer Thin-clients, or physically-secure workstations Thin-clients, or physically-secure workstations Login + passworded access Login + passworded access Access only to relevant services, applications Access only to relevant services, applications Run background malware prevention software Run background malware prevention software

5 Server Layer Remove unnecessary services Remove unnecessary services User groups to match physical topology User groups to match physical topology Don’t run services as root / admin Don’t run services as root / admin Run OS as read-only Run OS as read-only

6 Network Layer Backup IOS, OS, data Distribute & centralise topology (failover, and ordered & documented design & layout) Use firewalls & logging Use IDS, IPS, traffic monitoring

7 Cabling Use more secure cable types Use more secure cable types Use patch-panels and colour-coding Use patch-panels and colour-coding Layouts that make testing, fault-finding easy Layouts that make testing, fault-finding easy

8 Security Considerations

9 Network Threats Viruses Viruses Tend to be inadvertently activated Tend to be inadvertently activated ….or may be installed deliberately ….or may be installed deliberately

10 Network Threats Worms Worms Travel the internet, scanning for vulnerabilities Travel the internet, scanning for vulnerabilities Often disrupt networks by flooding, forking Often disrupt networks by flooding, forking

11 Network Threats Spiders and webbots Spiders and webbots Can be used maliciously – Can be used maliciously – Automated signups, website duplication, spam Automated signups, website duplication, spam

12 Network Threats Trojans Trojans Masquerade as regular software Masquerade as regular software Tend to allow attacker to control infected machine Tend to allow attacker to control infected machine

13 Network Threats Spyware and Phishing Spyware and Phishing Information stealing, user profiling Information stealing, user profiling Used in advert targeting, spam, ID theft Used in advert targeting, spam, ID theft

14 Network Threats Spam Spam Can contain other malware Can contain other malware Congests networks Congests networks

15 Network Threats Delete traces of intrusions Delete traces of intrusions Alter logs Alter logs Forensics get-around Forensics get-aroundBombs

16 Solutions for Customer Separate physical network for WAN access Separate physical network for WAN access Honeypot to track & ID intrusions Honeypot to track & ID intrusions Monitoring station for internal LANs Monitoring station for internal LANs

17 Solutions for Customer Honeypot Honeypot Mimics internal network or DMZ Mimics internal network or DMZ Allows profiling of network threats Allows profiling of network threats

18 Solutions for Customer SAN - storage area network SAN - storage area network RAID 40 : RAID level 4 & RAID level 0 4 – block striping with parity: failure tolerant & faster rebuilds 0 – striping: faster writes

19 Solutions for Customer RAID 40 RAID 40

20 Tenable’s Security Center Each node is a router, hosts behind router

21 Advisor Parallel co-ordinate plot of firewall logs

22 Flamingo Port scan 1 source manytargets

23 Rumint Visualisation Jamming Attack

24 Psad Nachi worm network behaviour Red nodes are ICMP packets

25 Web server log, Raju Varghese Spider attack on web server from single IP Red colouration indicates 5xx status codes

26 f i n Network monitoring visualisations from: Network monitoring visualisations from: http://www.secviz.org/category/image- galleries/graph-exchange http://www.secviz.org/category/image- galleries/graph-exchange

Download ppt "SAFE AND SOUND. INTRODUCTION Elements of Security Auditing Elements of Security Auditing Applications to Customers Network Applications to Customers Network."

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
IT security Are you protected against hackers?. Why are we in danger?  The Internet is worldwide, publicly accessible  More and more companies and institutes.

IT security Are you protected against hackers?. Why are we in danger?  The Internet is worldwide, publicly accessible  More and more companies and institutes.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
LittleOrange Internet Security an Endpoint Security Appliance.

LittleOrange Internet Security an Endpoint Security Appliance.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Network Perimeter Security Yu Wang. Main Topics Border Router Firewall IPS/IDS VLAN SPAM AAA Q/A.

Network Perimeter Security Yu Wang. Main Topics Border Router Firewall IPS/IDS VLAN SPAM AAA Q/A.
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.

Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.

Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.

Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.

Similar presentations

Ads by Google