Lecture 7 Network & ISP security. Firewall Simple packet-filters Simple packet-filters evaluate packets based solely on IP headers. Source-IP spoofing.

Slides:



Advertisements
Similar presentations
Point Protection 111. Check List AAA to the Network Devices Controlling Packets Destined to the Network Devices Config Audits.
Advertisements

Prepare your NOC 111. SP’s/ISP’s NOC Team Every SP and ISP needs a NOC Anyone who has worked or run a NOC has their own list of what should be in a NOC.
FIREWALLS Chapter 11.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
Security Firewall Firewall design principle. Firewall Characteristics.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Chapter 11 Firewalls.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Firewalls1 Firewalls Mert Özarar Bilkent University, Turkey
Security Issues on Distributed Systems 7 August, 1999 S 1 Prepared by : Lorrien K. Y. Lau Student I.D. : August 1999 The Chinese University.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Data Security in Local Networks using Distributed Firewalls
Controls for Information Security
Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.
COEN 252: Computer Forensics Router Investigation.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
TCP/IP Addressing Design. Objectives Choose an appropriate IP addressing scheme based on business and technical requirements Identify IP addressing problems.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Chapter 20 Firewalls.
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.
1 Pertemuan 13 IDS dan Firewall Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Alberto Rivai Teknologi pemantauan jaringan internet untuk pendeteksian dini terhadap ancaman dan gangguan Alberto Rivai
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Firewall Technologies Prepared by: Dalia Al Dabbagh Manar Abd Al- Rhman University of Palestine
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Firewall Security.
Module 7: Advanced Application and Web Filtering.
Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.
Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Security fundamentals Topic 10 Securing the network perimeter.
1 Firewall Rules. 2 Firewall Configuration l Firewalls can generally be configured in one of two fundamental ways. –Permit all that is not expressly denied.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Firewall – Survey  Purpose of a Firewall  To allow ‘proper’ traffic and discard all other traffic  Characteristic of a firewall  All traffic must go.
1 NES554: Computer Networks Defense Course Overview.
Role Of Network IDS in Network Perimeter Defense.
(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,
COSC513 Final Project Firewall in Internet Security Student Name: Jinqi Zhang Student ID: Instructor Name: Dr.Anvari.
SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.
Lecture 12 Page 1 CS 136, Spring 2009 Network Security: Firewalls CS 136 Computer Security Peter Reiher May 12, 2009.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Chapter 13 Network Security Auditing Antivirus Firewalls Authentication Authorization Encryption.
Security fundamentals
CompTIA Security+ Study Guide (SY0-401)
Working at a Small-to-Medium Business or ISP – Chapter 8
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
CompTIA Security+ Study Guide (SY0-401)
6.6 Firewalls Packet Filter (=filtering router)
Network Security: IP Spoofing and Firewall
* Essential Network Security Book Slides.
Firewalls Purpose of a Firewall Characteristic of a firewall
IS4680 Security Auditing for Compliance
Introduction to Network Security
Presentation transcript:

Lecture 7 Network & ISP security

Firewall Simple packet-filters Simple packet-filters evaluate packets based solely on IP headers. Source-IP spoofing attacks generally aren't blocked by packet-filters, and since allowed packets are literally passed through the firewall, packets with "legitimate" IP headers but dangerous data payloads (as in buffer- overflow attacks) can often be sent intact to "protected" targets.

Stateful packet filtering

Application-layer proxies A proxying firewall acts as an intermediary in all transactions that traverse it (see figure). proxying firewalls are often called "application- layer" proxies because, unlike other types of proxies that enhance performance but not necessarily security, proxying firewalls usually have a large amount of application-specific intelligence about the services they broker.

Placing Firewall "Inside Versus Outside" Architecture Because public services such as SMTP, DNS, and HTTP must either be sent through the firewall to internal servers or hosted on the firewall itself the risk of server compromising is increased. As result the DMZ (DeMilitarized Zone) network is used.

The "Three-Homed Firewall" DMZ Architecture

A Weak Screened-Subnet Architecture Rarely used Lack of firewall is the weak point obsolete

A Strong Screened-Subnet Architecture

2) Secure Resources Firewall, Encryption, Authentication, Audit 1) ISP’s Security Policy 3) Monitor and Respond Intrusion Detection, work the incidence, 4) Test, Practice, Drill Vulnerability Scanning 5) Manage and Improve Post Mortem, Analyze the Incident, modify the plan/procedures What Do ISPs Need to Do? Security incidence are a normal part of an ISP’s operations!

PREPARATION Prep the network Create tools Test tools Prep procedures Train team Practice IDENTIFICATION How do you know about the attack? What tools can you use? What’s your process for communication? CLASSIFICATION What kind of attack is it? TRACEBACK Where is the attack coming from? Where and how is it affecting the network? REACTION What options do you have to remedy? Which option is the best under the circumstances? POST MORTEM What was done? Can anything be done to prevent it? How can it be less painful in the future? Six Phases of Incident Response

The Old World: Router Perspective Policy enforced at process level (VTY ACL, SNMP ACL, etc.) Some early features such as ingress ACL used when possible “untrusted” telnet, snmp Attacks, junk Router CPU

The New World: Router Perspective Central policy enforcement, prior to process level Granular protection schemes On high-end platforms, hardware implementations “untrusted” telnet, snmp Attacks, junk Router CPU Protection

Secure Routing Route Authentication Configure Routing Authentication Signs Route Updates Verifies Signature Campus SignatureRoute Updates Certifies Authenticity of Neighbor and Integrity of Route Updates

References examplee%20ppt&source=web&cd=10&ved=0CHEQFjAJ&url=http%3A%2F%2 Fwww.nanog.org%2Fmeetings%2Fnanog36%2Fpresentations%2Fgreene.ppt& ei=6usCT8rmAsfQ4QSN6_GCDw&usg=AFQjCNHw7IRd4CrNra6tKN- R_3Dfp7D_Ig&cad=rja Joseph G. Boyce Dan W. Jennings, Information Assurance - Managing Organizational IT Security Risks, Elsevier Science, security.htmlhttps:// security.html blog/167-encrypted-data-hacked.htmlhttp:// blog/167-encrypted-data-hacked.html a-data-center?page=3http:// a-data-center?page=3

Any wall have some weak points

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.