Lesson 7: Network Security and Attacks. Computer Security Operational Model Protection = Prevention+ (Detection + Response) Access Controls Encryption.

Slides:



Advertisements
Similar presentations
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Advertisements

Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.
CCNA – Network Fundamentals
CISCO NETWORKING ACADEMY PROGRAM (CNAP)
Chapter 7 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain the need for the transport layer.  Identify.
1 Reading Log Files. 2 Segment Format
Networks, TCP/IP, and Network- Based attacks Lesson 2.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Communicating over the Network Network Fundamentals – Chapter 2.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
OSI Model.
Chapter 1 Read (again) chapter 1.
Introduction To Networking
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
1 CCNA 2 v3.1 Module Intermediate TCP/IP CCNA 2 Module 10.
 The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.
OIS Model TCP/IP Model.
Lecture 8 Modeling & Simulation of Communication Networks.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.
Process-to-Process Delivery:
Network Security Philadelphia UniversityAhmad Al-Ghoul Module 9 TCP/IP Layers and Vulnerabilities  MModified by :Ahmad Al Ghoul  PPhiladelphia.
Module 1: Reviewing the Suite of TCP/IP Protocols.
OSI Model Routing Connection-oriented/Connectionless Network Services.
Presentation on Osi & TCP/IP MODEL
What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.
Characteristics of Communication Systems
1 Semester 2 Module 10 Intermediate TCP/IP Yuda college of business James Chen
SEED Infotech Pvt. Ltd. 1 Networking in Java. SEED Infotech Pvt. Ltd. 2 Objectives of This Session Describe issues related to any type of network using.
Jaringan Komputer Dasar OSI Transport Layer Aurelio Rahmadian.
Review of Operating Systems Networks, and TCP/IP Lesson 2.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Transport Layer Layer #4 (OSI-RM). Transport Layer Main function of OSI Transport layer: Accept data from the Application layer and prepare it for addressing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.
1 7-Oct-15 OSI transport layer CCNA Exploration Semester 1 Chapter 4.
Component 9 – Networking and Health Information Exchange Unit 1-1 ISO Open Systems Interconnection (OSI) This material was developed by Duke University,
Chap 9 TCP/IP Andres, Wen-Yuan Liao Department of Computer Science and Engineering De Lin Institute of Technology
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 OSI Transport Layer Network Fundamentals – Chapter 4.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
CHAPTER 10 Session Hijacking. INTRODUCTION The act of taking over a connection of some sort, for examples, network connection, a modem connection or other.
TCP/IP TCP/IP LAYERED PROTOCOL TCP/IP'S APPLICATION LAYER TRANSPORT LAYER NETWORK LAYER NETWORK ACCESS LAYER (DATA LINK LAYER)
Transmission Control Protocol TCP. Transport layer function.
The Transport Layer application transport network data link physical application transport network data link physical application transport network data.
Packet Protocols University of Sunderland CSEM02 Harry R. Erwin, PhD.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
TCP/IP Honolulu Community College Cisco Academy Training Center Semester 2 Version 2.1.
OS Services And Networking Support Juan Wang Qi Pan Department of Computer Science Southeastern University August 1999.
CHAPTER 9 Sniffing.
Data Communications and Networks
1 Introduction to TCP/IP. 2 OSI and Protocol Stack OSI: Open Systems Interconnect OSI ModelTCP/IP HierarchyProtocols 7 th Application Layer 6 th Presentation.
1 Chapter Overview Network Communications The OSI Reference Model.
1 Chapter Overview Network Communications The OSI Reference Model.
1 Bus topology network. 2 Data is sent to all computers, but only the destination computer accepts 02608c
OSI means Open System Interconnect model. OSI means Open System Interconnect model. Developed by the International Organization for Standardization in.
Page 12/9/2016 Chapter 10 Intermediate TCP : TCP and UDP segments, Transport Layer Ports CCNA2 Chapter 10.
© 2002, Cisco Systems, Inc. All rights reserved..
@Yuan Xue CS 285 Network Security Placement of Security Function and Security Service Yuan Xue Fall 2013.
Cisco I Introduction to Networks Semester 1 Chapter 7 JEOPADY.
Communication Networks NETW 501 Tutorial 2
1 14-Jun-16 S Ward Abingdon and Witney College CCNA Exploration Semester 1 OSI transport layer CCNA Exploration Semester 1 Chapter 4.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 OSI transport layer CCNA Exploration Semester 1 – Chapter 4.
Comparison of Network Attacks COSC 356 Kyler Rhoades.
Roadmap  Introduction to Basics  Computer Network – Components | Classification  Internet  Clients and Servers  Network Models  Protocol Layers.
Application Layer Functionality and Protocols Abdul Hadi Alaidi
OSI LAYERS.
Understand the OSI Model Part 2
Process-to-Process Delivery:
Lecture 2: Overview of TCP/IP protocol
Lecture 3: Secure Network Architecture
Open System Interconnect (OSI).
Presentation transcript:

Lesson 7: Network Security and Attacks

Computer Security Operational Model Protection = Prevention+ (Detection + Response) Access Controls Encryption Firewalls Intrusion Detection Incident Handling

Intrusion detection Firewalls Encryption Authentication Security Design Review Security Integration Services 24 Hr Monitoring Services Remote Firewall Monitoring Vulnerability Assessment Services Vulnerability Scanners Security Operational Model Improve Monitor Secure Evaluate

Protocols A protocol is an agreed upon format for exchanging information. A protocol will define a number of parameters: –Type of error checking –Data compression method –Mechanisms to signal reception of a transmission There are a number of protocols that have been established in the networking world.

OSI Reference Model ISO standard describing 7 layers of protocols –Application: Program-level communication –Presentation: Data conversion functions, data format, data encryption –Session: Coordinates communication between endpoints. Session state maintained for security. –Transport: end-to-end transmission, controls data flow –Network: routes data from one system to the next –Data Link: Handles passing of data between nodes –Physical: Manages the transmission media/HW connections You only have to communicate with the layer directly above and below

TCP/IP Protocol Suite TCP/IP refers to two network protocols used on the Internet: –Transmission Control Protocol (TCP) –Internet Protocol (IP) TCP and IP are only two of a large group of protocols that make up the entire “suite” A “real-world” application of the layered concept. There is not a one-to-one relationship between the layers in the TCP/IP suite and the OSI Model.

OSI and TCP/IP comparison OSI Model Application Presentation Session Transport Network Data-link Physical TCP/IP Protocol Suite NFS FTP, Telnet, SSH, SMTPSMB HTTP, NNTP RPC TCP,UDP IPICMP ARP Physical Application-level protocols Network-level protocols

TCP/IP Protocol Suite User Process User Process User Process User Process TCPUDP IP HW Interface RARPARP ICMPIGMP Media

Encapsulation of data User Data Appl header Application data TCP header Application data TCP header IP header Application data TCP header IP header Ethernet header Ethernet trailer Ethernet Frame IP Datagram TCP segment application TCP IP Ethernet driver Ethernet

Establishment of a TCP connection (“3-way Handshake”) client Server SYN Client sends connection request, Specifying a port to connect to On the server. client Server SYN/ACK Server responds with both an acknowledgement and a queue for the connection. client Server ACK Client returns an acknowledgement and the circuit is opened.

IP Ethernet X.25 Frame Relay SLIP IPXATMArcnet Appletalk PPP Telnet FTPSNMPSMTPNFSDNSTFTPNTP RIP BGP SMDS Layer 6/7: Applications Layer 5: Session Layer 4: Transport Layer 3: Network Layer 2 & 1: Data Link & Physical RETAIL BANKING B2B MEDICAL WHOLESALEl Windows X IGP EGP TCPUDPIGMPICMP IP Centric Network...

Twenty-six years after the Defense Department created the INTERNET as a means of maintaining vital communications needs in the event of nuclear war, that system has instead become the weak link in the nations defense” USA Today - 5 Jun 1996 True hackers don't give up. They explore every possible way into a network, not just the well known ones. The hacker Jericho. By failing to prepare, you are preparing to fail. Benjamin Franklin

“Popular” and receive a great deal of media attention. Attempt to exploit vulnerabilities in order to: –Access sensitive data (e.g. credit card #’s) –Deface the web page –Disrupt, delay, or crash the server –Redirect users to a different site Typical Net-based Attacks -- Web

Typical Net-based attacks -- Sniffing Essentially eavesdropping on the network Takes advantage of the shared nature of the transmission media. Passive in nature (i.e. just listening, not broadcasting) The increased use of switching has made sniffing more difficult (less productive) but has not eliminated it (e.g. DNS poisoning will allow you to convince target hosts to send traffic to us intended for other systems)

Typical Net-Based Attacks – Spoofing, Hijacking, Replay Spoofing attacks involve the attacker pretending to be someone else. Hijacking involves the assumption of another systems role in a “conversation” already taking place. Replay occurs when the attacker retransmits a series of packets previously sent to a target host.

Typical Net-Based Attacks – Denial of Service DOS and Distributed DOS (DDOS) attacks have received much attention in the media in the last year due to some high-profile attacks. Types: –Flooding – sending more data than the target can process –Crashing – sending data, often malformed, designed to disable the system or service –Distributed – using multiple hosts in a coordinated attack effort against a target system.

A Distributed DoS in Action Client Hacker Broadcast Host Broadcast Host Master Host Master Host Broadcast Host Broadcast Host Broadcast Host Master Control Programs Broadcast Agents Registration Phase *Hello**Hello* VerifyRegistration PONGPONGpng The Internet

The Attack Phase Target Client Hacker Broadcast Host Broadcast Host Broadcast Host Broadcast Host Broadcast Host Broadcast Agents The InternetAttackTargetAttackTarget AttackTarget UDP Flood Attack Attack Attack Attack

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.