Introduction to Secure Shell Greg Porter Data Processing Manager USPFO For California.

Slides:

Advertisements

Similar presentations

Module X Session Hijacking

Advertisements

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Network Security Introduction Security technologies protect mission-critical networks from corruption and intrusion. Network security enables new business.

Are you secured in the network ?: a quick look at the TCP/IP protocols Based on: A look back at “Security Problems in the TCP/IP Protocol Suite” by Steven.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

Nassau Community College

Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

SSH: An Internet Protocol By Anja Kastl IS World Wide Web Standards.

Secure Shell Client. SSH program allows you to: Access another computer over a network Execute commands on a remote machine Move files from one machine.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Telnet/SSH Tim Jansen, Mike Stanislawski. TELNET is short for Terminal Network Enables the establishment of a connection to a remote system, so that the.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

Web server security Dr Jim Briggs WEBP security1.

Virtual Private Networks Shamod Lacoul CS265 What is a Virtual Private Network (VPN)? A Virtual Private Network is an extension of a private network.

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

Beyond Security Ltd. Port Knocking Beyond Security Noam Rathaus CTO Sunday, July 11, 2004 Presentation on.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.

Getting Connected to NGS while on the Road… Donna V. Shaw, NGS Convocation.

SSH Secure Login Connections over the Internet

Telnet/SSH: Connecting to Hosts Internet Technology1.

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )

Workshop 1: Introduction to TCP/IP

Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.

Week 2 File Systems & Unix Commands. File System Hierarchy.

Computation for Physics 計算物理概論 Introduction to Linux.

Linux Networking and Security Chapter 11 Network Security Fundamentals.

The Truth About Protecting Passwords COEN 150: Intro to Information Security Mary Le Carol Reiley.

Csci5233 Computer Security1 Bishop: Chapter 27 System Security.

1 Defining Network Security Security is prevention of unwanted information transfer What are the components? –...Physical Security –…Operational Security.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Andreas Steffen, , 11-SSH.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen M. Liebi Institute for Internet Technologies and Applications.

Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.

CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The.

CHAPTER 10 Session Hijacking. INTRODUCTION The act of taking over a connection of some sort, for examples, network connection, a modem connection or other.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

Module 5: Configuring Access for Remote Clients and Networks.

BZUPAGES.COM. What is a VPN VPN is an acronym for Virtual Private Network. A VPN provides an encrypted and secure connection "tunnel" path from a user's.

CSCE 815 Network Security Lecture 26 SSH and SSH Implementation April 24, 2003.

Network Security Introduction Light stuff – examples with Alice, Bob and Trudy Serious stuff - Security attacks, mechanisms and services.

Wireless Networking & Security Greg Stabler Spencer Smith.

BASIC INTERNET PROTOCOLS: http, ftp, telnet. Mirela Walczak.

Secure Shell (SSH) Presented By Scott Duckworth April 19, 2007.

CHAPTER 9 Sniffing.

REMOTE LOGIN. TEAM MEMBERS AMULYA GURURAJ 1MS07IS006 AMULYA GURURAJ 1MS07IS006 BHARGAVI C.S 1MS07IS013 BHARGAVI C.S 1MS07IS013 MEGHANA N. 1MS07IS050 MEGHANA.

Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.

Security and Firewalls Ref: Keeping Your Site Comfortably Secure: An Introduction to Firewalls John P. Wack and Lisa J. Carnahan NIST Special Publication.

Protocols COM211 Communications and Networks CDA College Olga Pelekanou

Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.

Database Security David Nguyen. Dangers of Internet  Web based applications open up new threats to a corporation security  Protection of information.

Firewalls2 By using a firewall: We can disable a service by throwing out packets whose source or destination port is the port number for that service.

By Chris Zachor CS 650.  Introduction  SSH Overview  Scenarios  How To:  Results  Conclusion.

SECURE SHELL MONIKA GUPTA COT OUTLINE What is SSH ? What is SSH ? History History Functions of Secure Shell ? Functions of Secure Shell ? Elements.

SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.

@Yuan Xue CS 285 Network Security Fall 2012 Yuan Xue.

Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.

Secure Communications ● Cleartext vs. encryption and encapsulation ● Protocols not to use ● SSH – scp/ftp – SSH tunnelling ● VPN.

TCP Sliding Windows For each TCP connection each hosts keep two Sliding Windows, send sliding window, and receive sliding window to make sure the correct.

TCP/IP Utilities Richard Goldman May 29, 2003.

SECURE SHELL MONIKA GUPTA COT 4810.

File Transfer Protocol

Virtual Private Networks

SSH: SECURE LOGIN CONNECTIONS OVER THE INTERNET

SSH – the practical solution

Presentation transcript:

Introduction to Secure Shell Greg Porter Data Processing Manager USPFO For California

What Me, Worry? Network based attacks on the upswing DOD systems are a particular focus –‘Innocuous Hackers’ - Bored teenagers? –‘Military Hackers’ - Hostile nations attack critical infostructures –‘Professional or Contract Hackers’ - May focus on financial or procurement systems to gain an competitive edge

Current System Communication Critical infostructures, particularly at the USPFO, rely upon network protocols not designed for security Specifically, Telnet and FTP exchange passwords and information in cleartext

The Net Reacts… Telnet, FTP and other insecure services replaced by Secure Shell Open Protocol - Internet Draft Implemented both commercially and Open Source

What Secure Shell Does Log into, execute commands on, and moves files from/to a remote computer Provides strong authentication –Not tied to a particular authentication method, can use most common ones Provides secure communication –Not tied to a particular encryption method, can use most common ones

Secure Shell Protects Against: Interception of cleartext passwords and data IP Spoofing, where an intruder pretends to be a trusted host IP Source Routing, where intruder packets masquerade with a friendly source address DNS Spoofing, where an intruder forges name server records SSH never trusts the net; somebody hostile who has taken over the network can only force SSH to disconnect, but cannot decrypt or play back the traffic, or hijack the connection

Implementation Server side –Unix implementation free and straightforward –Other platforms commercially supported Client side –Unix clients - Free and readily available –Windows clients - Available commercially

Recommendations Direct affected users to implement Secure Shell. Fund nationwide purchase of Windows clients. Explore replacing services on other platforms (i.e. NT) with Secure Shell. California has extensively tested the Secure NetTerm Windows client ( This works with all NGB applications in common use at USPFOs. Cost: About $25 a seat (for 500 clients). Bulk discounts available.