Presentation is loading. Please wait.

Presentation is loading. Please wait.

Other Security Issues Multi-Layer Security Firewalls Total Security Intrusion Detection Trust.

Published byAsher Welch Modified over 8 years ago

Similar presentations

Presentation on theme: "Other Security Issues Multi-Layer Security Firewalls Total Security Intrusion Detection Trust."— Presentation transcript:

1 Other Security Issues Multi-Layer Security Firewalls Total Security Intrusion Detection Trust

2 2 Multi-Layer Security zSecurity Can be Applied at Multiple Layers Simultaneously yApplication layer security for database, e- mail, etc. yTransport layer: SSL yInternet layer: IPsec (Chapter 9, Module F) yData link layer: PPTP, L2TP (Module F) yPhysical layer: locks

3 3 Multi-Layer Security zApplying security at 2 or more layers is good yIf security is broken at one layer, the communication will still be secure zHowever, ySecurity slows down processing yMulti-Layer security slows down processing at each layer

4 4 Firewalls zFirewall sits between the corporate network and the Internet yPrevents unauthorized access from the Internet yFacilitates internal users’ access to the Internet OK No Firewall Access only if Authenticated

5 5 Firewalls zPacket Filter Firewalls yExamine each incoming IP packet yExamine IP and TCP header fields yIf bad behavior is detected, reject the packet yNo sense of previous communication: analyzes each packet in isolation IP Firewall IP Packet

6 6 Firewalls zApplication (Proxy) Firewalls yFilter based on application behavior yDo not examine packets in isolation: use history xIn HTTP, for example, do not accept a response unless an HTTP request has just gone out to that site Application

7 7 Firewalls zApplication (Proxy) Firewalls yHide internal internet addresses yInternal user sends an HTTP request yHTTP proxy program replaces user internet address with proxy server’s IP address, sends to the webserver HTTP Request Request with Proxy Server’s IP Address

8 8 Firewalls zApplication (Proxy) Firewalls yWebserver sends response to proxy server, to proxy server IP address yHTTP proxy server sends the IP packet to the originating host yOverall, proxy program acts on behalf of the internal user Response to Proxy Server’s IP Address HTTP Response

9 9 Firewalls zWhy Hide Internal IP Addresses? yThe first step in an attack usually is to find potential victim hosts ySniffer programs read IP packet streams for IP addresses of potential target hosts yWith proxy server, sniffers will not learn IP addresses of internal hosts False IP Address Host IP Address Sniffer

10 10 Firewalls zApplication Firewalls yNeed a separate program (proxy) for each application yNot all applications have rules that allow filtering

11 11 Total Security zNetwork Security is Only Part zServer Security yHackers can take down servers with denial- of-service attack yHacker can log in as root user and take over the server ySteal data, lock out legitimate users, etc.

12 12 Total Security zServer Security yOccasionally, weakness are discovered in server operating systems yThis knowledge is quickly disseminated yKnown security weaknesses

13 13 Total Security zServer Security yServer operating system (SOS) vendors create patches yMany firms do not download patches yThis makes them vulnerable to hackers, who quickly develop tools to probe for and then exploit known weaknesses

14 14 Total Security zClient PC Security yKnown security weaknesses exist but patches are rarely downloaded yUsers often have no passwords or weak passwords on their computer yAdversaries take over client PCs and can therefore take over control over SSL, other secure communication protocols

15 15 Total Security zApplication Software yMay contain viruses xMust filter incoming messages yDatabase and other applications can add their own security with passwords and other protections

16 16 Total Security zManaging Users yOften violate security procedures, making technical security worthless ySocial engineering: attacker tricks user into violating security procedures

17 17 Intrusion Detection zIntrusion detection software to detect and report intrusions as they are occurring zNeeded yLets organization stop intruders so that intruders do not have unlimited time to probe for weaknesses yHelps organization assess security threats yAudit logs list where intruder has been: vital in legal prosecution

18 18 Trust zSystem A may trust System B yNot check closely for security problems yThis reduces security processing costs yIf trusted system is taken over, disaster xCan exploit systems that trust it System A System B No Close Check Trust

19 19 Trust zIf System A trusts System B and System B trusts System C, System A often trusts system C yExtreme disaster if highly trusted system is taken over xCan exploit many trusting systems A B C Trust

Download ppt "Other Security Issues Multi-Layer Security Firewalls Total Security Intrusion Detection Trust."

Similar presentations

Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Chapter 12 Network Security.

Chapter 12 Network Security.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.
Guide to Computer Network Security

Guide to Computer Network Security
Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.
By: Colby Shifflett Dr. Grossman Computer Science 420 12/01/2009.

By: Colby Shifflett Dr. Grossman Computer Science /01/2009.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

Similar presentations

Ads by Google