1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

Slides:

Advertisements

Similar presentations

Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.

Advertisements

CISCO NETWORKING ACADEMY Chabot College ELEC Transport Layer (4)

Computer Security and Penetration Testing

IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Firewalls and Intrusion Detection Systems

Controlling access with packet filters and firewalls.

© Wiley Inc All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 2: Internet Protocols.

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Institute of Technology Sligo - Dept of Computing Semester 2 Chapter 9 The TCP/IP Protocol Suite Paul Flynn.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

Chapter 2 Networking Overview. Figure 2.1 Generic protocol layers move data between systems.

COEN 252: Computer Forensics Router Investigation.

Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.

Network Security1 – Chapter 3 – Device Security (B) Security of major devices: How to protect the device against attacks aimed at compromising the device.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)

Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.

Module 1: Reviewing the Suite of TCP/IP Protocols.

CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

OSI Model Routing Connection-oriented/Connectionless Network Services.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

CCNA Guide to Cisco Networking Fundamentals Fourth Edition

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.

Overview: Identify the Internet protocols and standards Identify common vulnerabilities and countermeasures Identify specific IIS/WWW/FTP concerns Identify.

Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e

Chapter 6: Packet Filtering

– Chapter 5 – Secure LAN Switching

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

11 SECURING COMMUNICATIONS Chapter 7. Chapter 7: SECURING COMMUNICATIONS2 CHAPTER OBJECTIVES  Explain how to secure remote connections.  Describe how.

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 19 PCs on the Internet.

Network Security1 – Chapter 5 – Secure LAN Switching Layer 2 security –Port security –IP permit lists –Protocol filtering –Controlling LAN floods (using.

Chapter 9 & 10 TCP/IP. TCP/IP Model Application Transport Internet Internet Access.

FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.

Access Control List (ACL)

CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications ◦The client requested data.

Packet Protocols University of Sunderland CSEM02 Harry R. Erwin, PhD.

© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.

CHAPTER 9 Sniffing.

Data Communications and Networks Chapter 10 – Network Hardware and Software ICT-BVF8.1- Data Communications and Network Trainer: Dr. Abbes Sebihi.

TCP/IP MODEL   Short overview for OSI model;  What is TCP/IP model?;  How is divided;  The TCP/IP structure;  The Application Layer;  The Transport.

TCP/IP (Transmission Control Protocol / Internet Protocol)

Lesson 7: Network Security and Attacks. Computer Security Operational Model Protection = Prevention+ (Detection + Response) Access Controls Encryption.

Security fundamentals Topic 10 Securing the network perimeter.

Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:

Understanding Protocol Security LESSON Security Fundamentals.

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 1 Essential TCP/IP Network Protocols and.

Page 12/9/2016 Chapter 10 Intermediate TCP : TCP and UDP segments, Transport Layer Ports CCNA2 Chapter 10.

Access Control List (ACL) W.lilakiatsakun. Transport Layer Review (1) TCP (Transmission Control Protocol) – HTTP (Web) – SMTP (Mail) UDP (User Datagram.

Hands-On Ethical Hacking and Network Defense Chapter 2 TCP/IP Concepts Review Last modified

Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.

Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos

Security fundamentals

Working at a Small-to-Medium Business or ISP – Chapter 8

Chapter 3 Understanding the OSI Model

Domain 4 – Communication and Network Security

How data travels through a network The Internet

Chapter 4 Core TCP/IP Protocols

– Chapter 3 – Device Security (B)

– Chapter 3 – Device Security (B)

OSI Reference Model Kashif Ishaq.

Presentation transcript:

1 Chapter 6 Network Security Threats

2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and IP protocols and their weaknesses Identify other protocols within the TCP/IP Protocol suite and their weaknesses Understand the threats to wireless networks

3 Packet Sniffers Capture network traffic Can view unencrypted traffic Can be installed on compromised systems as software utility Can only capture network traffic passed on the same network segment

4 Packet Sniffers Security solutions –Restrict physical access to network inputs –Protect systems to ensure sniffers cannot be installed –Use switches instead of hubs –Use encryption

5 TCP/IP Revisited – TCP Communication Processes

6

7 Immediate termination (without handshake) TCP reset RST message

8 Attacks on TCP, UDP, and IP – Spoofing

9 Security solutions Secure proxies Ingress filtering Apply latest patches to systems and network devices

10 Attacks on TCP, UDP, and IP – Teardrop

11 Attacks on TCP, UDP, and IP – Teardrop Security solutions Apply the latest patches to systems and network devices

12 Attacks on TCP, UDP, and IP – DoS Attacks SYN flood Uses SYN packets to initiate connections Source addresses spoofed as another address Land Uses SYN packets to initiate connections Source addresses spoofed as specific target system

13 Attacks on TCP, UDP, and IP – DoS Attacks Fraggle UDP echo requests Source addresses spoofed as specific target system FIN flood Uses SYN packets to initiate connections Source addresses spoofed as another address

14 Attacks on TCP, UDP, and IP – DoS Attacks

15 Attacks on TCP, UDP, and IP – DoS Attacks Security solution Configure network devices to drop SYN connections after a certain amount of time Configure network devices to drop FIN connections after a certain amount of time Disable UDP echo Disable unnecessary services

16 TCP/IP Protocol Suite

17 TCP/IP Protocol Suite

18 TCP/IP Protocol Suite

19 TCP/IP Protocol Suite

20 TCP/IP Protocol Suite – Security Solutions HTTP Apply security patches Check scripts and other input on Web applications Use SSL encryption SMTP and POP3 Apply security patches Disable open mail relays

21 TCP/IP Protocol Suite – Security Solutions FTP communication processes

22 TCP/IP Protocol Suite – Security Solutions FTP communication processes

23 TCP/IP Protocol Suite – Security Solutions FTP and TFTP Apply security patches Use SCP instead Disallow anonymous FTP or heavily restrict access to anonymous users Disable TFTP on all systems

24 TCP/IP Protocol Suite – Security Solutions Telnet Apply security patches Use SSH instead Restrict commands available to Telnet users Disable Telnet on critical systems

25 TCP/IP Protocol Suite – Security Solutions DNS Apply security patches Block incoming DNS traffic NetBT Apply security patches Disable NetBT on any systems facing the Internet

26 TCP/IP Protocol Suite – Security Solutions SNMP Apply security patches Upgrade to v3 Change SNMP community strings LDAP Apply security patches Disable LDAP on Internet-facing systems

27 TCP/IP Protocol Suite – Security Solutions Finger Disable NNTP Apply security patches ICMP Disable incoming ICMP Disable broadcasts

28 TCP/IP Protocol Suite – Security Solutions ARP and RARP Use static ARP tables Encryption options IPSec Tunnel Transport PPTP – is a modification of PPP (Point-to- Point Protocol) L2TP – is a combination of PPTP and Cisco Systems’ Layer 2 Forwarding Protocol

29 Wireless Networks Wireless access point (WAP) – provides both the transmitter and receiver for wireless network communications Wireless Encryption Protocol (WEP) – is a Data Link layer protocol that was developed to add encryption to the b wireless network standard Security solutions VPN server MAC authentication

30 Summary Sniffers can listen to network traffic sent over a network. In the wrong hands, a sniffer can capture user IDs, passwords, or other sensitive information. TCP has several handshake processes that establish, reset, and close network communications. The TCP/IP protocol suite is the most popular set of network protocols in use today. The popularity of the suite is due, in large part, to its scalability, universality, and interoperability.

31 Summary The foundation of the TCP/IP protocol suite comprises the TCP, UDP, and IP protocols. Many other protocols are included: HTTP, HTTPS, SMTP, POP3, FTP, TFTP, Telnet, DNS, NetBT, LDAP, Finger, NNTP, ICMP, ARP, and RARP. All protocols have a variety of weaknesses, so it is important to develop security solutions that protect data while in transit over networks. Wireless networks are becoming more popular in the IT environment but have some inherent vulnerabilities. These weaknesses should be addressed in order to securely transmit data and protect wired networks.