Chapter 12 Communications Security & Countermeasures

Slides:



Advertisements
Similar presentations
LAN Devices 5.3 IT Essentials.
Advertisements

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Security in IEEE wireless networks Piotr Polak University Politehnica of Bucharest, December 2008.
Security Awareness Chapter 5 Wireless Network Security.
Chapter Extension 7 How the Internet Works © 2008 Prentice Hall, Experiencing MIS, David Kroenke.
Security Awareness: Applying Practical Security in Your World
Chapter 9 Connecting to and Setting up a Network
Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.
Chapter Extension 8 Understanding and Setting up a SOHO Network © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
A Guide to major network components
Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –
Demonstration of Wireless Insecurities Presented by: Jason Wylie, CISM, CISSP.
Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.
1 Chapter Overview Subnet. What is a subnet When you break a network into a few smaller networks, you have created several subnets Like IP address where.
ITGS Networks Based on the textbook “Information Technology in a Global Society for the IB Diploma” by Stuart Gray.
Securing a Wireless Network
4: Addressing Working At A Small-to-Medium Business or ISP.
Module 4 - Networking MIS5122: Enterprise Architecture for the IT Auditor.
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
1 Network Security Revisited ITEC 370 George Vaughan Franklin University.
A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e
Wireless Networks Tamus, Zoltán Ádám
Wireless Network Security Dr. John P. Abraham Professor UTPA.
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
15-1 Networking Computer network A collection of computing devices that are connected in various ways in order to communicate and share resources.
NETWORKING COMPONENTS AN OVERVIEW OF COMMONLY USED HARDWARE Christopher Johnson LTEC 4550.
Network Addresses, Switches and Routing Bob Bradley IS361 Fall 2005 Chapter 1 Part 2.
CTC 228 – Computer Networks Fall 2015 Instructor: Robert Spengler.
Networking Components Daniel Rosser LTEC Network Hub It is very difficult to find Hubs anymore Hubs sends data from one computer to all other computers.
Security fundamentals Topic 10 Securing the network perimeter.
CSC 116 – Computer Networks Fall 2015 Instructor: Robert Spengler.
1 Internet Protocols To support the Internet and all its services, many protocols are necessary Some of the protocols that we will look at: –Internet Protocol.
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
Chapter 1-4 Home Networking. Introduction Setting up a home network is probably one of the first networks that the student sets up. This is an exciting.
Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Introduction to Networking Technologies Wireless Security.
Windows Vista Configuration MCTS : Advanced Networking.
 Two wireless gateways for home use that I choose are : - Linksys Wireless-G ADSL Home Gateway WAG354G - WAG160N Wireless-N ADSL2+ Gateway  The wireless.
Ad Hoc – Wireless connection between two devices Backbone – The hardware used in networking Bandwidth – The speed at which the network is capable of sending.
Defining Network Infrastructure and Network Security Lesson 8.
Security fundamentals
CS101 Home Network Basics.
By: Hunza, Omar and Anum Chapter 4 pg(76-79).
Chapter Objectives In this chapter, you will learn:
Network fundamentals Unit 10
Chapter 1 Introduction to Networking
Fundamentals of Information Systems, Sixth Edition
Instructor Materials Chapter 6 Building a Home Network
Intro to MIS – MGS351 Network Basics
Networking for Home and Small Businesses – Chapter 5
CONNECTING TO THE INTERNET
Chapter 1 Communication Networks and Services
5G MOBILE TECHNOLOGY By J.YOGESH 08M31A0425.
Securing A Wireless Network
Welcome to the Cloud Chapter 1 Panko and Panko
Semester 1 Cisco Discovery JEOPADY Chapter 3.
Installing and Troubleshooting Networks
Basic Computer Network
CSE 4905 Network Security Overview
Introduction to Computers
Computer Networks 9/17/2018 Computer Networks.
Teaching Computing to GCSE
Networking for Home and Small Businesses – Chapter 5
Chapter 11 Securing Network Components
Basic Computer Network
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 4: Planning and Configuring Routing and Switching.
AbbottLink™ - IP Address Overview
What’s New In WatchGuard Wi-Fi Cloud v8.6
An Introduction to Wireless Router Setups
Presentation transcript:

Chapter 12 Communications Security & Countermeasures CISSP Study Guide BIS 4113/6113

Wireless (Wi-Fi) Network Types Standard Frequency Potential Speed Range Spectrum 802.11b 2.4 GHz 11 Mbps 50 m DSSS (Spread across range) 802.11a 5 GHz 54 Mbps 20 -25 m OFDM (Orthogonal Freq. MP) 802.11g 802.11n (2009) 2.4 and 5 GHz (MIMO) 600 Mbps 200 m 802.11ac (2013) 1.3 Gbps Wide channel

Types of WLAN Security Service Set Identifier (SSID) PAGES 458-459 Service Set Identifier (SSID) Transmitted by “beacon frame” Included as plain text Easy to break Wired Equivalent Privacy (WEP) Requires that user enter a key manually (to NIC and AP) Short key (40-128 bits)  Easy to break by “brute force” Extensible Authentication Protocol (EAP) WEP keys created dynamically after correct login Requires a login (with password) to a server Wi-Fi Protected Access (WPA) – new standard A longer key, changed for every packet Still requires a passphrase, could be guessed

Packet Sniffing / Eavesdropping

WiFi Security Procedure PAGE 462 1. Change admin default password 2. Disable SSID broadcast 3. Change default SSID 4. Enable MAC filtering (whitelist if less than 20 clients) 5. Enable highest form of authentication/encryption available 6. Monitor traffic using firewall and/or IDS 7. Require VPN connections

Physical Ethernet Media Types 1.        PAGES 474-475 Physical Ethernet Media Types Name Maximum Data Rate  Cables 10Base-5 10 Mbps Coaxial 10Base-2 10Base-T UTP cat 3, UTP cat 5 100Base-T 100 Mbps UTP cat 5, fiber 1000Base-T 1 Gbps UTP cat 5, UTP cat 5e, UTP cat 6, fiber 10 GbE 10 Gbps UTP cat 5e, UTP cat 6, UTP cat 7, fiber 40 GbE 40 Gbps fiber

Network Taps http://www.ciena.com/insights/articles/How-to-hack-an-optical-fiber-in-minutes-and-how-you-can-secure-it.html

VIRTUAL PRIVATE NETWORKS PAGE 517 VIRTUAL PRIVATE NETWORKS How might you have used a VPN in the past? Remote Access Remote Communication Anonymous Web Browsing Avoid Geo-Blocking Gaming

VPN Architecture Internet ISP Access Server VPN Device Office Telephone Line VPN Device Employee’s Home Internet Backbone VPN Tunnel VPN Tunnel Office VPN Device Backbone

VPN Encapsulation of Packets Packet from the client computer Packet in transmission through the Internet PPP IP TCP SMTP ATM IP L2TP PPP IP TCP SMTP ISP Telephone Line Access Server VPN Device Employee’s Home Packet from the VPN VPN Tunnel PPP IP TCP SMTP Outgoing packets from the VPN are sent through specially designed routers or switches. Internet VPN Device Access Server VPN Encapsulation of Packets Backbone

Regular VPN (no split tunnel) “Split Tunneling” Enables more efficient routing of high-bandwidth traffic Regular VPN (no split tunnel) Split Tunnel

NETWORK ADDRESS TRANSLATION PAGE 525 NETWORK ADDRESS TRANSLATION Hides identity of internal client computers Efficiently allocates IP addresses internally using only a few “public” addresses 10.0.0.1 Internet 10.0.0.2 130.18.86.1 10.0.0.3

Dynamic NAT: To communicate with outside world, traversing an NAT-enabled device (firewall, router, etc.) The combo of address and port is written to NAT table and ensures the return traffic reaches the appropriate source. It is difficult for an outsider to directly contact a host behind the NAT device, since the table entry is established and deleted in the same session. Source:

Network address translation Are you using NAT? IPConfig: Have an private IP address? and still interact with the Internet? Have a private IP address? but your IP address and an IP-checked address are different? YES YES NO YES Private IP addresses: Class A 10.0.0.0 – 10.255.255.255 Class B 172.16.0.0. – 172.31.255.255 Class C 192.168.0.0. – 192.168.255.255

Not a private IP address Uh oh…

IPv4 Addresses 4 byte (32 bit) addresses Dotted decimal notation Strings of 32 binary bits Dotted decimal notation Example: 128.192.56.1 1 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 1 64 16 4 1 128 32 8 2 Sum up the values of the 1 bits: 32 + 16 + 8 = 56

Hiding IP addresses Spoofing HTTP Forward Proxy Proxy Chaining Works much like NAT Caches frequently requested content Proxy Chaining TOR (underground proxy system) Valid and illegal reasons IP Traceback Technology Forward Proxy

Circuit switching / packet switching “Permanent,” point-to-point connection Three Phases of Communication Often take the form of “dedicated circuits” Packet Switching Attempts to alleviate two shortcomings Circuit reserved by the packet, not the connection

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.