Network Security Major Problems Network Security Major Problems Why Firewall? Why Firewall? Problems with Firewalls Problems with Firewalls What is.

Slides:



Advertisements
Similar presentations
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Advertisements

IUT– Network Security Course 1 Network Security Firewalls.
ActiveXperts Network Monitor Monitors servers, workstations and devices for availability Alerts and corrects.
Snort & ACID. UTSA IS 6973 Computer Forensics SNORT.
Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.
5-Network Defenses Dr. John P. Abraham Professor UTPA.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Snort: A Network Intrusion Detection Software Matt Gustafson Becky Smith CS691 Semester Project Spring 2003.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.
1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.
Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
INTRUSION DETECTION SYSTEM
Network Perimeter Security Yu Wang. Main Topics Border Router Firewall IPS/IDS VLAN SPAM AAA Q/A.
Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.
1 Guide to Network Defense and Countermeasures Chapter 6.
LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.
1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.
Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.
Day 19. Security Tools Firewalls –Host Based –Network based IDS/IPS –Host Based –Network based –Signature based detection –Anomaly based detection Anti.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
NetFilter – IPtables Firewall –Series of rules to govern what Kind of access to allow on your system –Packet filtering –Drop or Accept packets NAT –Network.
Distributed IDS The implementation of a Distributed Intrusion Detection System over a medium scale open network where the focus is availability of services.
FEATURES & FUNCTIONALITY. Page 2 Agenda Main topics Packet Filter Firewall Application Control Other features.
Module 7: Firewalls and Port Forwarding 1. Overview Firewall configuration for Web Application Hosting Forwarding necessary ports for Web Application.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.
Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.
Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.
Distributed IDS The implementation of a Distributed Intrusion Detection System over a medium scale open network where the focus is availability of services.
CSCI 530 Lab Intrusion Detection Systems IDS. A collection of techniques and methodologies used to monitor suspicious activities both at the network and.
1 Action Automated Security Breach Reporting and Corrections.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
1 實驗九:建置網路安全閘道器 教師: 助教:. 2 Outline  Background  Proxy – Squid  Firewall – IPTables  VPN – OpenVPN  Experiment  Internet gateway  Firewall  VPN.
NETWORK SECURITY USING IPTABLES. TOPICS OF DISCUSSION NETWORK TRAFFIC IN PRESENT SCENARIO !! WHY WE NEED SECURITY ? T TYPE OF ATTACKS & WAYS TO TACKLE.
Firewalling With Netfilter/Iptables. What Is Netfilter/Iptables? Improved successor to ipchains available in linux kernel 2.4/2.6. Netfilter is a set.
IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It.
7400 Samsung Confidential & Proprietary Information Copyright 2006, All Rights Reserved. -0/17- OfficeServ 7400 Enterprise IP Solutions Quick Install Guide.
1 Implementing Monitoring and Reporting. 2 Why Should Implement Monitoring? One of the biggest complaints we hear about firewall products from almost.
Packet Filtering COMP 423. Packets packets datagram To understand how firewalls work, you must first understand packets. Packets are discrete blocks of.
McLean HIGHER COMPUTER NETWORKING Lesson 14 Firewalls & Filtering Comparison of Internet content filtering methods: firewalls, Internet filtering.
Module 7: Advanced Application and Web Filtering.
Intrusion Intrusion Detection Systems with Snort Hailun Yan 564-project.
Network Security Part III: Security Appliances Firewalls.
Security fundamentals Topic 10 Securing the network perimeter.
Network Security Terms. Perimeter is the fortified boundary of the network that might include the following aspects: 1.Border routers 2.Firewalls 3.IDSs.
Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.
Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Security fundamentals
Top 5 Open Source Firewall Software for Linux User
CONNECTING TO THE INTERNET
The Linux Operating System
Securing the Network Perimeter with ISA 2004
Hiding Network Computers Gateways
IS3440 Linux Security Unit 6 Using Layered Security for Access Control
Free Actual Tests Actual Dumps PDF - Dumps4download.co.in.
ISMS Information Security Management System
Figure 1-7: Eavesdropping on a Dialog
Firewalls Routers, Switches, Hubs VPNs
Firewalls Types of Firewalls Inspection Methods Firewall Architecture
Presentation transcript:

Network Security Major Problems Network Security Major Problems Why Firewall? Why Firewall? Problems with Firewalls Problems with Firewalls What is an Intrusion Detector? What is an Intrusion Detector? Problems with Intrusion Detectors Problems with Intrusion Detectors What is a Content Management Firewall? What is a Content Management Firewall? HACKTRAP Features HACKTRAP Features Future Trends Future Trends Demo Demo Topics

Network Security Major Problems Providing information confidentiality. Providing information confidentiality. Providing data integrity. Providing data integrity. Protecting network services availability. Protecting network services availability.

Why Firewall?

Problems with Firewalls Checks packet headers ONLY Checks packet headers ONLY Does NOT detect header intrusions Does NOT detect header intrusions

What is an Intrusion Detector? A tool that detects intrusion attempts. A tool that detects intrusion attempts. Alerts the network administrator with detected intrusions. Alerts the network administrator with detected intrusions.

Problems with Intrusion Detectors Does NOT take permanent actions Does NOT take permanent actions Does NOT block specific IPs and PORTs Does NOT block specific IPs and PORTs

Intrusion Detector

What is a Content Management Firewall? A new approach of firewalls. A new approach of firewalls. Combines the features of BOTH Firewalls and Intrusion Detectors. Combines the features of BOTH Firewalls and Intrusion Detectors. Checks NOT ONLY packet’s header but contents as well. Checks NOT ONLY packet’s header but contents as well. Blocks the source of the detected intrusions. Blocks the source of the detected intrusions.

HACKTRAP A content management firewall IS OUR SOLUTION

HACKTRAP

HACKTRAP Features Three Security Levels Three Security Levels FRA ( Fast Response Action ) Firewall RulesFRA ( Fast Response Action ) Firewall Rules IDS ( Intrusion Detection system ) AlertsIDS ( Intrusion Detection system ) Alerts ISS (Integrated security system) feedback from IDS to FRAISS (Integrated security system) feedback from IDS to FRA

External Network Internal Network ISS FRA IDS HACKTRAP Model Generate FRA

HACKTRAP Features Dynamic Action Generation Dynamic Action Generation FWRule IDSPRule IDMPRule FRActions

Administrator point of viewAdministrator point of view Add and Remove types of attacks. Add and Remove types of attacks. Different types of alerts : popup messages, Data base, XML format,TCP dump format. Different types of alerts : popup messages, Data base, XML format,TCP dump format. Restrict and unrestrict hosts accessing firewall. Restrict and unrestrict hosts accessing firewall. Close and open different services (ports) for outside hosts. Close and open different services (ports) for outside hosts. Developer point of viewDeveloper point of view Intrusions can be easily implemented Intrusions can be easily implemented HACKTRAP Features

Future Work Enhance for better performance. Enhance for better performance. Using iptables with the ipchains. Using iptables with the ipchains. Using ACID to make a good analysis on the intrusion detection output to the data base and display neat graphs representing it. Using ACID to make a good analysis on the intrusion detection output to the data base and display neat graphs representing it. Adding another output modules such as & SMS. Adding another output modules such as & SMS.

Internet LAN Hacker Web Server Unix Server

Internet xy yz x y Packet forwarding And NAT (Masquerading) xy x V Z V

rule4 rule3 rule2 rule1 Input chain rule4 rule3 rule2 Forward chain rule4 rule3 rule2 Output chain router d e m a s q log host Local process DENYACCEPT

+ preprocessorAttacks rules Input chain Forward chain Output chain Log file Samba alert database Alert file

Demo

Internet LAN Hacker Windows Lunix HACKTRAP

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.