1 Host versus Network Security Steven M. Bellovin

Slides:



Advertisements
Similar presentations
Securing Network – Wireless – and Connected Infrastructures
Advertisements

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.
Mobile IP Security Dominic Maguire Research Essay Presentation Communications Infrastructure Module MSc Communications Software, WIT
1 Securing the Net: Where the Holes Are Steven M. Bellovin AT&T Labs – Research
Nasca Internet Ch. 5Internet Ch. 8 Networking and Security Ch. 6 Networking and Security Ch. 8.
Web server security Dr Jim Briggs WEBP security1.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.
Network Address Translation (NAT) CS-480b Dick Steflik.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.
NETWORKING COMPONENTS AN OVERVIEW OF COMMONLY USED HARDWARE Christopher Johnson LTEC 4550.
System Security Basics. Information System Security The protection of information systems against unauthorized access to or modification of information,
Review 2 Chapters 7, 8, 9. 2  Define a network and its purpose.  Explain how communications technologies are used in our every day lives.  Understand.
IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It.
Ch9QQ T F 1.Hacking is an example of unauthorized access. T F 2.A Trojan horse is a type of malware that masquerades as another type of program. T F 3.A.
Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,
1 C12 - March 19, 2008 Business 54 - Introduction to eCommerce Spring 2008 C12 - March 19, 2008.
NETWORKING COMPONENTS Buddy Steele Assignment 3, Part 1 CECS-5460: Summer 2014.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
1 Defense Strategies for DDoS Attacks Steven M. Bellovin
Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.
Introduction to Computers Lesson 8B. home Ways to Connect to the Internet Direct connection Remote terminal connection Gateway connection LAN Modem High-speed.
Virtual Private Networks Ed Wagner CS Overview Introduction Types of VPNs Encrypting and Tunneling Pro/Cons the VPNs Conclusion.
Telecommunications Networking II Lecture 41d Denial-of-Service Attacks.
PREPARED BY : Harsh patel dhruv patel sreejit sundaram.
Virtual Private Networks By: Scott Ayers Stacey Bilodeau David Jordan.
Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.
Confidentiality using Conventional Encryption Chapter 5.
NETWORK DEVICES Ted Lawson LTEC Hub A hub is a device that allows you to connect multiple devices together, which allows them to act as a single.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Computer Network Security Dr. X. OSI stack… again.
Responsible digital citizenship By: Aiden. What is responsible digital citizenship? Responsible digital citizenship is many things. The topics I am covering.
Security on the Internet Norman White ©2001. Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability.
Getting Online, Working Online
Chapter 1: Explore the Network
Virtual Private Networks
Managing Secure Network Systems
TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.
IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It works.
VPN: Virtual Private Network
Outline Basics of network security Definitions Sample attacks
Why Do We Need More Research?
Chapter 5 Electronic Commerce | Security
Introduction to Computers
Welcome To : Group 1 VC Presentation
CCSI 330 Innovative Education- -snaptutorial.com
Security, Cryptography, and Magic
Preventing Denial of Service Attacks
Chapter 5 Electronic Commerce | Security
ISMS Information Security Management System
Figure 1-7: Eavesdropping on a Dialog
Virtual Private Network
Virtual Private Networks
VPN: Virtual Private Network
Unit 36: Internet Server Management
Firewalls and Security
Protocol Application TCP/IP Layer Model
Getting Online, Working Online
Outline Basics of network security Definitions Sample attacks
Getting Online, Working Online
Global One Communications
Introduction to Networking Security
Presentation transcript:

1 Host versus Network Security Steven M. Bellovin

2 What’s a Network Problem? “Hackers Break Into Microsoft’s Network” (Wall Street Journal, 10/27/00) “In the Wake of Web-Site Hacking, No Easy Answers, or Solutions” (New York Times, 2/9/00)

3 Microsoft Break-in A host problem, not a network problem. The network was the vehicle for the attack. “Highway robbery” doesn’t mean that someone stole the pavement...

4 Denial of Service Attacks These attacked the network, not Web sites. A real network problem. Can’t be solved by end-systems, firewalls, etc.

5 Model of the Internet Smart hosts, dumb network. Network’s concern is packet transport. Host’s concern is packet processing.

6 Network Security Issues Availability –Protocol infrastructure (i.e., DNS) –Routing –Link-flooding Theft of Service –Primarily for switched services and shared media

7 Availability “How many backhoes are needed?” “How many backbones are needed?”

8 Host Security Issues Break-ins Data confidentiality Transmission confidentiality Remote user authentication Buggy software

9 Who Does What? ISPs –Provide sufficient redundancy to protect links –Harden infrastructure protocols –Protect their own resources End users –Encryption –Suitable authentication –Firewalls

10 Why ISPs Can’t Protect Users They don’t know what users want to do Your “odd behavior” is my new, cutting- edge application Your “allowed service” is my vulnerability But what of ordinary consumers?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.