Lab #2 NET332 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,

Slides:



Advertisements
Similar presentations
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Advertisements

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
A+ Guide to Software, 4e Chapter 9 Windows on the Internet.
Firewalls and Intrusion Detection Systems
Presented by Serge Kpan LTEC Network Systems Administration 1.
IS Network and Telecommunications Risks
In this section, we'll cover one of the foundations of network security issues, It talks about VPN (Virtual Private Networks). What..,Why..,and How….?
1 Computer System Evolution Central Data Processing System: - with directly attached peripherals (card reader, magnetic tapes, line printer). Local Area.
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.
1 Last Class! Today: r what have we learned? r where is the networking world going? r question and answers r evaluation.
Bob Baker Communications Bob Baker September 1999.
Chapter 15 Networks.
Guide to Computer Network Security
1 Networking A computer network is a collection of computing devices that are connected in various ways in order to communicate and share resources. The.
Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –
15-1 Networking Computer network A collection of computing devices that are connected in various ways in order to communicate and share resources Usually,
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.
1 Protocol Interaction (ISO’s Open Systems Interconnection (OSI model)) the 7 layers.
1.  A protocol is a set of rules that governs the communications between computers on a network.  Functions of protocols:  Addressing  Data Packet.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
15-1 More Chapter 15 Goals Compare and contrast various technologies for home Internet connections Explain packet switching Describe the basic roles of.
Chapter 15 Networks. Chapter Goals Types of networks Topologies Open Systems Home Internet connections 15-2.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Lab #2 CT1406 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
Hands-On Microsoft Windows Server 2003 Networking Chapter Three TCP/IP Architecture.
Networking Computer network A collection of computing devices that are connected in various ways in order to communicate and share resources Usually,
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 3: TCP/IP Architecture.
A+ Guide to Software Managing, Maintaining and Troubleshooting THIRD EDITION Chapter 12 Windows on the Internet.
A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 19 PCs on the Internet.
Honeypot and Intrusion Detection System
TCP/IP and the Internet ARPANET (1969) –R&D network funded by DARPA. –Packet Switching Survive nuclear war. –Experimental to operational (1975). –Not suitable.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Computer Communication & Networks Lecture # 02 Nadeem Majeed Choudhary
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
15-1 Networking Computer network A collection of computing devices that are connected in various ways in order to communicate and share resources.
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications ◦The client requested data.
1 TCP/IP, Addressing and Services S. Hussain Ali M.S. (Computer Engineering) Department of Computer Engineering King Fahd University of Petroleum and Minerals.
Computer Security Workshops Networking 101. Reasons To Know Networking In Regard to Computer Security To understand the flow of information on the Internet.
Secure Wired Local Area Network( LAN ) By Sentuya Francis Derrick ID Module code:CT3P50N BSc Computer Networking London Metropolitan University.
TCP/IP Protocol Architecture CSE 3213 – Fall
Network Security Part III: Security Appliances Firewalls.
1 Chapter Overview Network Communications The OSI Reference Model.
1 Chapter Overview Network Communications The OSI Reference Model.
Module 11: Designing Security for Network Perimeters.
1 Bus topology network. 2 Data is sent to all computers, but only the destination computer accepts 02608c
FIREWALLS What Is A Firewall? A computer firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality.
Slide #1 CIT 380: Securing Computer Systems TCP/IP.
 1DT014 Datakommunikation I › (Thur) 9-14 › Polacksbacken, Skrivsal  9 Questions › 5 Short questions › 4 Long questions.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
The OSI Model. Understanding the OSI Model In early 1980s, manufacturers began to standardize networking so that networks from different manufacturers.
COMPUTER NETWORKS Hwajung Lee. Image Source:
Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.
Network Devices and Firewalls Lesson 14. It applies to our class…
Network Security 1. Overview What is security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures Firewalls & Intrusion.
Network Security SUBMITTED BY:- HARENDRA KUMAR IT-3 RD YR. 1.
Defining Network Infrastructure and Network Security Lesson 8.
Lab #2 NET332 By Asma AlOsaimi.
CompTIA Security+ Study Guide (SY0-401)
Lec 2: Protocols.
Security in Networking
CompTIA Security+ Study Guide (SY0-401)
Packet Sniffing.
Introduction An introduction to the software and organization of the Internet Lab.
Guide to Computer Network Security
Internet protocol stack
Presentation transcript:

Lab #2 NET332 By Asma AlOsaimi

"Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies, many of the attacks cost companies their reputation and cost them millions of pounds. Many attacks are implemented using inside knowledge from previous and even current employees."

Part#1: Network Fundamentals

Outline cs490ns - cotter4  LANs  LAN Routers / Gateways  Wireless Connection  Firewalls  NAT  Network Protocols  Protocol Analysis

Single Machine cs490ns - cotter5  Security Risk: Physical Security  Access to Machine (loss of equipment)  Hack Machine (loss of information)

Local Area Networks cs490ns - cotter6  Security Risk: Physical Security  Access to Machine (loss of equipment)  Access to Hub / Switch (loss/ leak of information)  Hack Machine (loss/ leak of information) Hub / Switch

Local Area Networks (Routers / Gateways) cs490ns - cotter7 Internet Router / Gateway

Local Area Networks (Access Technologies) cs490ns - cotter8  56 Kbps Modem  Establish a point-to-point connection to ISP  Use PPTP (etc.) to establish an internet connection  Private link  DSL  Full Time, Broadband connection  Uses existing telecom facilities  Private link  Cable Modem  Full Time, Broadband connection  Shares existing cable TV facility with others

Wireless Connection cs490ns - cotter9 Internet WAP + Router

Firewalls cs490ns - cotter10  Provides a mechanism to control / monitor access to the LAN InternetFirewall

Network Address Translation cs490ns - cotter11  Many networks configured with private IP addresses ( , , )  Addresses are not routed.  Must convert to public address for Internet access.  To addresses that are routed.  May also have many hosts sharing limited network addresses.  If only 1 network address, then service is called Port Address Translation - PAT  NAT provides the translation services

Network Address Translation cs490ns - cotter12

Network Protocols cs490ns - cotter13

LAN Physical Layer Protocols cs490ns - cotter14  Ethernet  10base5  10base2  10baseT, 100baseT, 1000baseT  Wireless Networks  a  b  g  Token Ring  etc.

WAN Physical Layer Protocols cs490ns - cotter15  Telecommunications  DS0, DS1, DS3  SONET  ISDN  etc.  Metro Area Protocols  Cellular Telephone  FDDI  WiMAX

Network Layer Protocols cs490ns - cotter16  Internet Protocol (IP)  Routes packets across the network  Manages packet fragmentation across network  Internet Control Message Protocol (ICMP)  Provides support for IP and TCP  Address Resolution Protocol (ARP)  Provides address resolution between network layer and data link layer addresses.

Transport Layer Protocols cs490ns - cotter17  Transmission Control Protocol (TCP)  Provides reliable end-to-end packet transport  Provides packet flow control  User Datagram Protocol (UDP)  Provides simplified end-to-end packet transport  No control overhead  No packet fragmentation

Application Layer Protocols cs490ns - cotter18  Support specific network applications  FTP  HTTP( www)  SMTP, POP3,IMAP ( )

Protocol Analysis cs490ns - cotter19  Packet Sniffers  WireShark (Ethereal)  Etherpeek  EtherDetect  Zx Sniffer  AnalogX PacketMon  Colasoft Capsa  AirMagnet Enterprise (Wireless monitoring)  etc.

Summary cs490ns - cotter20  LANs  LAN Routers / Gateways  Wireless Connection  Firewalls  NAT  Network Protocols  Protocol Analysis

Part#2:Introduction to security

Who is vulnerable? Networks Fall  Financial institutions and banks  Internet service providers  Government and defense agencies  Contractors to various government agencies  Multinational corporations  ANYONE ON THE NETWORK

Common security attacks and their countermeasures Networks Fall  Finding a way into the network  Firewalls  Exploiting software bugs, buffer overflows  Intrusion Detection Systems  Denial of Service  IDS  TCP hijacking  IPSec  Packet sniffing  Encryption (SSH, SSL, HTTPS)  Social problems  Education

Common security attacks

What is a vulnerable system?  A vulnerability is a weakness in software, hardware that enables the attacker to compromise the confidentiality, integrity or availability of that system.  An attacker can use a vulnerability to compromise a system.  For example a weakness in a protocol allows the attacker to run arbitrary code.  If you understand the vulnerability, it will help you to implement the appropriate security control

Part#3: CT1406 LAB

Back Track Metasploitable (Ubuntu) Windows Server Windows PC CT1406 Lab Setup

Pentest ?  A pentest is a method of evaluating and testing the security of a system, network, or application by performing actions that are meant to simulate the actions of a malicious attacker.

Metasploit  Metasploit framework provides you with information on security vulnerabilities which can be used to exploit a system.  Penetration testers can also use this tool to launch manual or automated scans.