Technology Update TSAG Meeting 10/10/02. Announcements: DNS Cleanup Send periodic ICMP ping probes to all DNS entries (8/26- 9/13) Correlate data obtained.

Slides:

Advertisements

Similar presentations

Technology Update TSAG Meeting 8/8/02. Announcements: Account Cleanup  Number of Accounts: 41,338  Number of Faculty/Staff:~ 3,000  Number of Students:~30,000(~

Advertisements

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.

Module 5: Configuring Access for Remote Clients and Networks.

Windows XP Service Pack 2 Deployment Dave Lee West Campus.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.

Technology Update TSAG Meeting 9/12/02. Announcements: Mandatory Password Changes Coming in October! (Postponed) End of BootP (November 1) DNS Cleanup.

Technology Update TSAG Meeting 6/13/02. Announcements: DNS Naming and Cleanup (coming!)  imap: , mail, mail1, mailsrv1  telnet, csun1: csun2, hp9k2,

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Technology Update TSAG Meeting 11/13/03. Rollout of Portal and SOLAR ( Portal and SOLAR are part of the.

Technology Update TSAG Meeting 3/13/03. Announcements: Disaster Recovery Test:[Bill]  (2/18-19) Networking Infrastructure: DNS, DHCP, Authentication.

Technology Update TSAG Meeting 2/13/03. Announcements: Self-Service Account Utility Available Disaster Recovery Test:  (2/18-19)

Technology Update TSAG Meeting 11/14/02. Announcements: Spam Open Forum  Monday November 18, 2pm-3pm  OV Presentation Room Campus Operations Center:

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

Update and Discussions on Technology Initiatives TSAG Meeting 4/11/02.

TSAG Meeting 3/14/02 Update on Current Technology Initiatives.

Technology Update TSAG Meeting 7/11/02. Announcements: DNS Naming and Cleanup (coming!)  imap: , mail, mail1, mailsrv1  telnet, csun1: csun2, hp9k2,

COEN 252: Computer Forensics Router Investigation.

Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Secure Remote Access to an Internal Web Server Christian Gilmore, David Kormann, and Aviel D. Rubin ATT Labs - Research “The security policy usually amounts.

1 Enabling Secure Internet Access with ISA Server.

Chapter 11: Dial-Up Connectivity in Remote Access Designs

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

©2006 Academic Computing Services, NJIT ©2011 Academic Computing Services, NJIT Academic Computing Services Efficient Use of Computing at NJIT.

1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

FIREWALL Mạng máy tính nâng cao-V1.

Module 8: Managing Client Configuration and Connectivity.

Chapter 6: Packet Filtering

Csci5233 Computer Security1 Bishop: Chapter 27 System Security.

Technology Update TSAG Meeting 4/8/04. Announcements IPX and Appletalk being phased out Friday June (Last day of academic year)

Module 9: Configuring IPsec. Module Overview Overview of IPsec Configuring Connection Security Rules Configuring IPsec NAP Enforcement.

Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

Denial-of-Service Attacks Justin Steele Definition “A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate.

--Harish Reddy Vemula Distributed Denial of Service.

Chapter 8: Configuring Networking. Exploring the Network and Sharing Center 2.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.

Module 5: Configuring Access for Remote Clients and Networks.

1 實驗九：建置網路安全閘道器教師：助教：. 2 Outline  Background  Proxy – Squid  Firewall – IPTables  VPN – OpenVPN  Experiment  Internet gateway  Firewall  VPN.

Module 8: Planning and Troubleshooting IPSec. Overview Understanding Default Policy Rules Planning an IPSec Deployment Troubleshooting IPSec Communications.

Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.

Page 1 Chapter 11 CCNA2 Chapter 11 Access Control Lists : Creating ACLs, using Wildcard Mask Bits, Standard and Extended ACLs.

TSAG Meeting 1/09/02 Update on Current Technology Initiatives Steven Fitzgerald.

Technology Update TSAG Meeting 12/12/02. Announcements: Campus Operations Center: Holiday Hours  Christmas: 12/22-1/1 8am-5pm Coverage  On Call Coverage:

CERN - European Organization for Nuclear Research Beyond ACB – VPN’s FOCUS June 13 th, 2002 Frédéric Hemmer & Denise Heagerty- IT Division.

1 Week #5 Routing and NAT Network Overview Configuring Routing Configuring Network Address Translation Troubleshooting Routing and Remote Access.

Security fundamentals Topic 10 Securing the network perimeter.

Technology Update TSAG Meeting 6/10/04. Old Voic System New Voic System installed on May 17 Remaining Issues:  Migrating calling trees  Some.

Interactive Connectivity Establishment : ICE

DoS/DDoS attack and defense

Firewalls. Intro to Firewalls Basically a firewall is a barrier to keep destructive forces away from your computer network.

#InnovateIT. WEBROLE.0.CONTOSO.CLOUDAPP.NET

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

What's a Firewall? A security system that acts as a protective boundary between a network and the outside world Isolates computer from the internet using.

Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.

Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.

Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.

Comparison of Network Attacks COSC 356 Kyler Rhoades.

Microsoft Windows NT 4.0 Authentication Protocols

Module 8: Networking Services

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

Firewall Exercise.

Firewalls Purpose of a Firewall Characteristic of a firewall

Designing IIS Security (IIS – Internet Information Service)

Presentation transcript:

Technology Update TSAG Meeting 10/10/02

Announcements: DNS Cleanup Send periodic ICMP ping probes to all DNS entries (8/26- 9/13) Correlate data obtained from probes (9/16-9/19) Inform TSAG of DNS names to be deleted (  10/7)  Purge all 501 defunct DNS names (  10/18) Account Cleanup: Collecting information from you.  Number of Accounts: 41,338  Number of Faculty/Staff:~ 3,000  Number of Students:~30,000(~ 8K ???) Experimental IRC chat room established for the Helpdesk.  hostname:irc.csun.edu  chat room:#helpdesk

Network Access Control: Purpose:  To limit DDOS attacks launch at and from the campus  To address Copyright Infringement problems  To reduce the amount of SPAM received and generated  Et cerate Some Outcomes:  Large amounts of available bandwidth has been reclaimed  Triage time for potential network problems reduced  A much more stable computing infrastructure Initial Goal:  To deploy a Firewall around the Campus in which only “Internet Servers” are accessible from off-campus. Internet Server: A server that intentionally provides one or more services to individuals off campus

A One Year Anniversary Slide Current Problems:  SPAM generated on campus  Denial of Service (DOS) (e.g., port scans)  Copyright Infringement being addressed by… Stop gap approach  Blocking port 25 (SMTP) from open labs  Blocking incoming traffic to Housing (TSAG slide from Oct 11, 2001)

Network Access Control: Recent Changes to Inbound Traffic:  Many units have put in requests to apply/refine ACLs fro there areas: Oviatt Library, Education, Sierra Hall, Jerome Richfield, FOB, University Hall, A&R, A&F, …  Example of available bandwidth reclaimed time Application of Subnet Blocking

Proposed Edge ACL Changes Block all inbound ports in the range: Block all inbound ports assigned to the following protocols:  hp-3000-telnet: 2564  tl1-*: (e.g., tl1-telnet)  scpi-*: (e.g., scpi-telnet)  Pcanywhere: 5631 and 5632 Target date: October 4  11 Next step: Block all inbound connections to non-Internet Servers.

Virtual Private Networking Purpose: To provide a seamless, secure, entry point to campus resources. VPN users are not affected by ACLs applied at the Campus/Internet boundary. Preproduction Service Installed: vpn.csun.edu Authenticates using your Campus Account, i.e., it works with the campus directory! Clients available:

What does the VPN do? Encrypted Traffic: