Presentation is loading. Please wait.

Presentation is loading. Please wait.

CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test.

Published byBeverly Mason Modified over 8 years ago

Similar presentations

Presentation on theme: "CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test."— Presentation transcript:

1 CTC228 Nov 16 2015

2 Today... Catching up with group projects URLs and DNS Nmap Review for Test

3 Chap 8 Group project Research ESXi and explain how it is different from Vmware Workstation.

4 Nov 2 Group project Answer the following questions: 1. Explain the difference between SSH and Telnet. What are they used for? Which one is preferable? Why? 2. Imagine you are the administrator of a network for a major movie studio. Your network is designed to be used only for FTP. Lately, the file transfers have been running slowly. You examine the logs and see lots of connections to outside IP addresses on port 80 and 443. What is happening? Why is the network running slowly? 3. What type of hypervisor is Vmware Workstation? What type of hypervisor is Virtualbox? Why? BONUS QUESTION: SSH uses TCP port 22. Would it be a good idea if SSH used UDP instead? Why or why not?

5 Group project Nov 4 1. You are in charge of building a network for your company. There are 500 employees that need to share many large files internally but very rarely need to connect to the Internet. What can you do to avoid having to pay for 500 separate Internet connections? How/Why does your solution work?  2. Your company network is slowing down because all the employees are using Facebook and YouTube at work. What device can you install on the network to block this? Describe how you will configure this device.  BONUS QUESTION: If you are on a Linux system and have only READ access to a file that contains executable code you want to run, is there any way you can run the code in the file? If yes, how? If no, why not?

6 Nov 9 Group projects  1. There is a school policy that says all students must do their own homework and cannot share work. Alice completes her homework and stores it on a class computer in her private directory. Bob uses the class computer and notices he is able to read Alice's files. Bob copies Alice's homework into his own directory. Since Bob was able to copy the file, was there a breach of the policy? Why or why not?  Bonus question: Would ARP spoofing work across the Internet? Could a remote attacker create a MITM situation between your home computer and your home router? Why or why not?

7 Today... Catching up with group projects URLs and DNS Nmap Review for Test

8 Important Distinction  What is the difference between the Internet and the world wide web (a.k.a. “the web”)?  The world wide web (delivered over HTTP) is just one possible service that can be run over the Internet

9 Chap 8: HTTP Client

10 Structure of a URL (a.k.a. “web address”) Protocol://host/path Example http://www.cheese.com/feta/http://www.cheese.com/feta/ http://www.insecure.org/index.html By default, a file called “index.html” is usually loaded But the Internet uses IP addresses, so how is a URL converted to an IP address?

11 Answer: the Domain Name System

12 Today... Catching up with group projects URLs and DNS Nmap Review for Test

13 Nmap, my favorite network tool Stands for “Network Mapper” Scans TCP/UDP ports on computers Can determine OS, versions, vulnerabilities, etc. By default nmap scans 1000 most common TCP ports

14 ...but you can still get in trouble.

15 How nmap scans

16

17 Basic nmap

18 Nmap with options

19 Nmap's GUI is called Zenmap

20 What can we tell about this guy?

21 Nmap can do UDP too

22 UDP not listening on a port

23 UDP open|filtered on a port

24 Today... Catching up with group projects URLs and DNS Nmap Break, then Review for Test

25 Virtual machine hypervisors

26 TCP and UDP port assignments 0 – 1023: Well-known ports Reserved for specific uses 1024 – 49151 : Registered ports Registered for specific purposes 49152 – 65535: Ephemeral ports Dynamically allocated

27 Common TCP and UDP Ports 22 (TCP)– SSH 23 (TCP)– Telnet 53 (UDP) – DNS 80 (TCP) – HTTP 443 (TCP) – HTTPS

28 Firewalls Limit inbound/outbound traffic based on rules  Rules usually based on IP addresses and ports Can be host-based or network-based Originally just “packet filters” Later came “stateful” firewalls Modern ones can be “application” level...

29 Chapter 10: Security Policies * A policy is a human-language document that describes who can access what.  In order to write it, you need to know: WHAT you are trying to protect WHO you are trying to protect it from  Notice we don't mention specifically HOW STUFF WILL BE PROTECTED in the policy A mechanism is something that enforces a policy

30 Symmetric Key

31 Asymmetric Key (a.k.a. public key cryptography)

32 MITM: A better diagram

Download ppt "CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test."

Similar presentations

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.
 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Intrusion Detection Systems By: William Pinkerton and Sean Burnside.

Intrusion Detection Systems By: William Pinkerton and Sean Burnside.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.
IS 247 Introduction to Web Application Development Tim Wu.

IS 247 Introduction to Web Application Development Tim Wu.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Application Layer PART VI.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Application Layer PART VI.
M2M Gateway Features Jari Lahti, CTO www.violasystems.com.

M2M Gateway Features Jari Lahti, CTO
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.
The Internet!!. The Internet is not the only network! Can connect a bunch of computers without connecting to the Internet, and those computers can communicate.

The Internet!!. The Internet is not the only network! Can connect a bunch of computers without connecting to the Internet, and those computers can communicate.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
Day15 IP Space/Setup. IP Suite of protocols –TCP –UDP –ICMP –GRE… Gives us many benefits –Routing of packets over internet –Fragmentation/Reassembly of.

Day15 IP Space/Setup. IP Suite of protocols –TCP –UDP –ICMP –GRE… Gives us many benefits –Routing of packets over internet –Fragmentation/Reassembly of.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)

1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)
Intranet, Extranet, Firewall. Intranet and Extranet.

Intranet, Extranet, Firewall. Intranet and Extranet.

Similar presentations

Ads by Google