UNIT 3 SEMINAR Unit 3 Chapter 3 in CompTIA Security + Course Name – IT Introduction to Network Security Instructor – Jan McDanolds, MS Contact Information: AIM – JMcDanolds – Office Hours: Tuesday 4:00 PM ET and Wednesday 6:00 PM ET
UNIT 2 REVIEW What we covered last week… Chapter 2 Review – Identifying Potential Risks (If you don’t know what you’re up against, how do you prepare for it…) Calculating Attack Strategies Recognizing Common Attacks Identifying TCP/IP Security Concerns Understanding Software Exploitation Understanding OVAL Surviving Malicious Code Understanding Social Engineering Auditing Processes and Files
UNIT 3 What is happening this week… Security heavy-weights go to San Francisco. The RSA Conference 2011 Hot products: rsa.html?source=NWWNLE_nlt_daily_pm_ Keynote videos (also podcasts) notecatalog.htm
CHAPTER 3 Infrastructure and Connectivity Protecting the flow of data… Understanding Infrastructure Security Understanding Network Infrastructure Devices Monitoring and Diagnosing Networks Securing Workstations and Servers Understanding Mobile Devices Understanding Remote Access Securing Internet Connections Understanding Network Protocols Basics of Cabling, Wires and Communications Employing Removable Media
CHAPTER 3 Understanding Infrastructure Security How information flows… Hardware Components Physical devices, such as routers, servers, firewalls, switches, workstations etc. Software Components Includes operating systems, applications, and management software NOC – Network Operations Center
CHAPTER 3 Network Infrastructure Devices Firewall – purpose is to isolate one network from another. Firewalls can be hardware, software, appliances Types: Packet filter, proxy, stateful Inspection Hub Switch Router Modem Remote Access Services Telecom/PBX Systems Virtual Private Networks Wireless Access Points
CHAPTER 3 Monitoring/Diagnosing Networks What you don’t know can hurt you… Network Monitors (sniffers) Intrusion Detection Systems - IDS (discussed later) Field Trips… programs-that-still-serve-great-pranks Back Orifice Nmap ("Network Mapper") is a free utility for network exploration or security auditing. Password Crackers
CHAPTER 3 Securing Workstations and Servers Hardening systems: Both workstations and servers are vulnerable. Remove unused software, services and processes Ensure that all workstations, servers and applications are up to date - Patches, updates, fixes Minimize information dissemination about the system Ex: Lock down configuration settings, use group policies and security templates, disable unneeded functions, evaluate sharing services. Windows Server 2008 – Security Configuration Wizard
CHAPTER 3 Understanding Mobile Devices Who is connecting to your network through a wireless device? Include pagers, PDAs, cell phones, etc. WTLS layer (Wireless Transport Layer Security) WAP (Wireless Access Protocol) Wireless Session Protocol (WSP)
CHAPTER 3 Understanding Remote Access Point-to-Point Protocol (PPP) plus CHAP – Challenge Handshake Authentication Protocol Tunneling Protocols PPTP L2F L2TP Secure Shell IPSec (IP Security used with tunneling protocols) 802.1x Wireless Protocols RADIUS TACACS/+
CHAPTER 3 Securing Internet Connections Ports and Sockets protocols SMTP POP/POP3 IMAP vulnerabilities SPAM Hoaxes Web Secure web connections SSL/TLS HTTP/S Web vulnerabilities ActiveX Buffer Overflows CGI Cookies Cross-site Scripting (XSS) Input validation Java Applets JavaScript Popups Signed Applets SMTP Relay FTP Blind/Anonymous FTP Secure FTP Sharing Files Vulnerabilities
CHAPTER 3 Ports, Sockets and Sniffers Port Scanners: Packet Sniffers:
CHAPTER 3 SNMP and Other TCP/IP Protocols Simple Network Management Protocol (SNMP) Internet Control Message Protocol (ICMP) Internet Group Message Protocol (IGMP) ICMP vulnerability - A denial of service vulnerability exists that could allow an attacker to send a specially crafted Internet Control Message Protocol (ICMP) message to an affected system. l
CHAPTER 3 Cabling, Wires and Communications Coax Unshielded and Shielded Twisted Pair (UTP/STP) Fiber Optic Infrared Radio Frequency Microwave
CHAPTER 3 Removable Media Data on the move… CD-R/DVD-R Diskettes Flash Cards Hard Drives Network Attached Storage Smart Cards Tape Thumb Drives
UNIT 3 Unit 3 Assignment Unit 3 Project 1. Explain the vulnerabilities and mitigations associated with network devices (hardware). 2. Explain the vulnerabilities and mitigations associated with various transmission media such as coax, UTP, fiber, etc.