Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lab #2 NET332 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,

Published byEdmund Green Modified over 8 years ago

Similar presentations

Presentation on theme: "Lab #2 NET332 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,"— Presentation transcript:

1 Lab #2 NET332 By Asma AlOsaimi

2 "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies, many of the attacks cost companies their reputation and cost them millions of pounds. Many attacks are implemented using inside knowledge from previous and even current employees."

3 Part#1: Network Fundamentals

4 Outline cs490ns - cotter4  LANs  LAN Routers / Gateways  Wireless Connection  Firewalls  NAT  Network Protocols  Protocol Analysis

5 Single Machine cs490ns - cotter5  Security Risk: Physical Security  Access to Machine (loss of equipment)  Hack Machine (loss of information)

6 Local Area Networks cs490ns - cotter6  Security Risk: Physical Security  Access to Machine (loss of equipment)  Access to Hub / Switch (loss/ leak of information)  Hack Machine (loss/ leak of information) Hub / Switch

7 Local Area Networks (Routers / Gateways) cs490ns - cotter7 Internet Router / Gateway

8 Local Area Networks (Access Technologies) cs490ns - cotter8  56 Kbps Modem  Establish a point-to-point connection to ISP  Use PPTP (etc.) to establish an internet connection  Private link  DSL  Full Time, Broadband connection  Uses existing telecom facilities  Private link  Cable Modem  Full Time, Broadband connection  Shares existing cable TV facility with others

9 Wireless Connection cs490ns - cotter9 Internet WAP + Router

10 Firewalls cs490ns - cotter10  Provides a mechanism to control / monitor access to the LAN InternetFirewall

11 Network Address Translation cs490ns - cotter11  Many networks configured with private IP addresses (10.0.0.0, 172.16.0.0, 192.168.0.0)  Addresses are not routed.  Must convert to public address for Internet access.  To addresses that are routed.  May also have many hosts sharing limited network addresses.  If only 1 network address, then service is called Port Address Translation - PAT  NAT provides the translation services

12 Network Address Translation cs490ns - cotter12

13 Network Protocols cs490ns - cotter13

14 LAN Physical Layer Protocols cs490ns - cotter14  Ethernet  10base5  10base2  10baseT, 100baseT, 1000baseT  Wireless Networks  802.11a  802.11b  802.11g  Token Ring  etc.

15 WAN Physical Layer Protocols cs490ns - cotter15  Telecommunications  DS0, DS1, DS3  SONET  ISDN  etc.  Metro Area Protocols  Cellular Telephone  FDDI  WiMAX

16 Network Layer Protocols cs490ns - cotter16  Internet Protocol (IP)  Routes packets across the network  Manages packet fragmentation across network  Internet Control Message Protocol (ICMP)  Provides support for IP and TCP  Address Resolution Protocol (ARP)  Provides address resolution between network layer and data link layer addresses.

17 Transport Layer Protocols cs490ns - cotter17  Transmission Control Protocol (TCP)  Provides reliable end-to-end packet transport  Provides packet flow control  User Datagram Protocol (UDP)  Provides simplified end-to-end packet transport  No control overhead  No packet fragmentation

18 Application Layer Protocols cs490ns - cotter18  Support specific network applications  FTP  HTTP( www)  SMTP, POP3,IMAP (E-MAIL)

19 Protocol Analysis cs490ns - cotter19  Packet Sniffers  WireShark (Ethereal)  Etherpeek  EtherDetect  Zx Sniffer  AnalogX PacketMon  Colasoft Capsa  AirMagnet Enterprise (Wireless monitoring)  etc.

20 Summary cs490ns - cotter20  LANs  LAN Routers / Gateways  Wireless Connection  Firewalls  NAT  Network Protocols  Protocol Analysis

21 Part#2:Introduction to security

22 Who is vulnerable? 15-441 Networks Fall 200222  Financial institutions and banks  Internet service providers  Government and defense agencies  Contractors to various government agencies  Multinational corporations  ANYONE ON THE NETWORK

23 Common security attacks and their countermeasures 15-441 Networks Fall 200223  Finding a way into the network  Firewalls  Exploiting software bugs, buffer overflows  Intrusion Detection Systems  Denial of Service  IDS  TCP hijacking  IPSec  Packet sniffing  Encryption (SSH, SSL, HTTPS)  Social problems  Education

24 Common security attacks

25 What is a vulnerable system?  A vulnerability is a weakness in software, hardware that enables the attacker to compromise the confidentiality, integrity or availability of that system.  An attacker can use a vulnerability to compromise a system.  For example a weakness in a protocol allows the attacker to run arbitrary code.  If you understand the vulnerability, it will help you to implement the appropriate security control

26 Part#3: CT1406 LAB

27 Back Track 5 10.170.25.202 Metasploitable (Ubuntu) 10.170.25.100 Windows Server 2008 10.170.25.101 Windows PC 10.170.25.201 CT1406 Lab Setup

28 Pentest ?  A pentest is a method of evaluating and testing the security of a system, network, or application by performing actions that are meant to simulate the actions of a malicious attacker.

29 Metasploit  Metasploit framework provides you with information on security vulnerabilities which can be used to exploit a system.  Penetration testers can also use this tool to launch manual or automated scans.

Download ppt "Lab #2 NET332 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,"

Similar presentations

Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
A+ Guide to Software, 4e Chapter 9 Windows on the Internet.

A+ Guide to Software, 4e Chapter 9 Windows on the Internet.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Presented by Serge Kpan LTEC 4550.020 Network Systems Administration 1.

Presented by Serge Kpan LTEC Network Systems Administration 1.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
In this section, we'll cover one of the foundations of network security issues, It talks about VPN (Virtual Private Networks). What..,Why..,and How….?

In this section, we'll cover one of the foundations of network security issues, It talks about VPN (Virtual Private Networks). What..,Why..,and How….?
1 Computer System Evolution Central Data Processing System: - with directly attached peripherals (card reader, magnetic tapes, line printer). Local Area.

1 Computer System Evolution Central Data Processing System: - with directly attached peripherals (card reader, magnetic tapes, line printer). Local Area.
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.

Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.
1 Last Class! Today: r what have we learned? r where is the networking world going? r question and answers r evaluation.

1 Last Class! Today: r what have we learned? r where is the networking world going? r question and answers r evaluation.
Bob Baker Communications Bob Baker September 1999.

Bob Baker Communications Bob Baker September 1999.
Chapter 15 Networks.

Chapter 15 Networks.
Guide to Computer Network Security

Guide to Computer Network Security
1 Networking A computer network is a collection of computing devices that are connected in various ways in order to communicate and share resources. The.

1 Networking A computer network is a collection of computing devices that are connected in various ways in order to communicate and share resources. The.
Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –

Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –
15-1 Networking Computer network A collection of computing devices that are connected in various ways in order to communicate and share resources Usually,

15-1 Networking Computer network A collection of computing devices that are connected in various ways in order to communicate and share resources Usually,
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.

Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.

Similar presentations

Ads by Google