Lab #2 NET332 By Asma AlOsaimi
"Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies, many of the attacks cost companies their reputation and cost them millions of pounds. Many attacks are implemented using inside knowledge from previous and even current employees."
Part#1: Network Fundamentals
Outline cs490ns - cotter4 LANs LAN Routers / Gateways Wireless Connection Firewalls NAT Network Protocols Protocol Analysis
Single Machine cs490ns - cotter5 Security Risk: Physical Security Access to Machine (loss of equipment) Hack Machine (loss of information)
Local Area Networks cs490ns - cotter6 Security Risk: Physical Security Access to Machine (loss of equipment) Access to Hub / Switch (loss/ leak of information) Hack Machine (loss/ leak of information) Hub / Switch
Local Area Networks (Routers / Gateways) cs490ns - cotter7 Internet Router / Gateway
Local Area Networks (Access Technologies) cs490ns - cotter8 56 Kbps Modem Establish a point-to-point connection to ISP Use PPTP (etc.) to establish an internet connection Private link DSL Full Time, Broadband connection Uses existing telecom facilities Private link Cable Modem Full Time, Broadband connection Shares existing cable TV facility with others
Wireless Connection cs490ns - cotter9 Internet WAP + Router
Firewalls cs490ns - cotter10 Provides a mechanism to control / monitor access to the LAN InternetFirewall
Network Address Translation cs490ns - cotter11 Many networks configured with private IP addresses ( , , ) Addresses are not routed. Must convert to public address for Internet access. To addresses that are routed. May also have many hosts sharing limited network addresses. If only 1 network address, then service is called Port Address Translation - PAT NAT provides the translation services
Network Address Translation cs490ns - cotter12
Network Protocols cs490ns - cotter13
LAN Physical Layer Protocols cs490ns - cotter14 Ethernet 10base5 10base2 10baseT, 100baseT, 1000baseT Wireless Networks a b g Token Ring etc.
WAN Physical Layer Protocols cs490ns - cotter15 Telecommunications DS0, DS1, DS3 SONET ISDN etc. Metro Area Protocols Cellular Telephone FDDI WiMAX
Network Layer Protocols cs490ns - cotter16 Internet Protocol (IP) Routes packets across the network Manages packet fragmentation across network Internet Control Message Protocol (ICMP) Provides support for IP and TCP Address Resolution Protocol (ARP) Provides address resolution between network layer and data link layer addresses.
Transport Layer Protocols cs490ns - cotter17 Transmission Control Protocol (TCP) Provides reliable end-to-end packet transport Provides packet flow control User Datagram Protocol (UDP) Provides simplified end-to-end packet transport No control overhead No packet fragmentation
Application Layer Protocols cs490ns - cotter18 Support specific network applications FTP HTTP( www) SMTP, POP3,IMAP ( )
Protocol Analysis cs490ns - cotter19 Packet Sniffers WireShark (Ethereal) Etherpeek EtherDetect Zx Sniffer AnalogX PacketMon Colasoft Capsa AirMagnet Enterprise (Wireless monitoring) etc.
Summary cs490ns - cotter20 LANs LAN Routers / Gateways Wireless Connection Firewalls NAT Network Protocols Protocol Analysis
Part#2:Introduction to security
Who is vulnerable? Networks Fall Financial institutions and banks Internet service providers Government and defense agencies Contractors to various government agencies Multinational corporations ANYONE ON THE NETWORK
Common security attacks and their countermeasures Networks Fall Finding a way into the network Firewalls Exploiting software bugs, buffer overflows Intrusion Detection Systems Denial of Service IDS TCP hijacking IPSec Packet sniffing Encryption (SSH, SSL, HTTPS) Social problems Education
Common security attacks
What is a vulnerable system? A vulnerability is a weakness in software, hardware that enables the attacker to compromise the confidentiality, integrity or availability of that system. An attacker can use a vulnerability to compromise a system. For example a weakness in a protocol allows the attacker to run arbitrary code. If you understand the vulnerability, it will help you to implement the appropriate security control
Part#3: CT1406 LAB
Back Track Metasploitable (Ubuntu) Windows Server Windows PC CT1406 Lab Setup
Pentest ? A pentest is a method of evaluating and testing the security of a system, network, or application by performing actions that are meant to simulate the actions of a malicious attacker.
Metasploit Metasploit framework provides you with information on security vulnerabilities which can be used to exploit a system. Penetration testers can also use this tool to launch manual or automated scans.