Presentation is loading. Please wait.

Presentation is loading. Please wait.

Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.

Published byZavier Harvard Modified over 9 years ago

Similar presentations

Presentation on theme: "Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002."— Presentation transcript:

1 net security - budi rahardjo Overview of Network Security Budi Rahardjo budi@indocisc.com http://budi.insan.co.id Presented @ CISCO seminar 13 March 2002

2 net security - budi rahardjo Security Holes www.bank.co.id Internet Web Site Users ISP Network sniffed, attacked Trojan horse - Applications (database, Web server) hacked - OS hacked 1.System (OS) 2.Network 3.Applications (db) Holes Userid, Password, PIN, credit card #

3 net security - budi rahardjo Focus on this presentation

4 net security - budi rahardjo Sescurity Aspect Physical Personnel Technical, data, network Policy and procedures

5 net security - budi rahardjo Security Services Confidentiality / Privacy Integrity Authentication Availability Non-repudiation Access Control

6 net security - budi rahardjo Types of network attack Interruption –DoS attack, network flooding Interception –Sniffed (password) Modification –Trojan horse Fabrication –Spoofed packets

7 net security - budi rahardjo Reality Check IP v.4 is not secure. Spoofing is easy Tools (scripts) to exploit are available More home users are connected 24 hours/day with DSL, cable modem Need collaboration among network providers –Ingres filter @ border routers

8 net security - budi rahardjo Interruption Attack Denial of Service (DoS) attack –Exhaust bandwidth, network flooding –Possible to spoofed originating address –Tools: ping broadcast, smurf, synk4, various flood utilities Protection: –Little we can do if we are under attacked –Filter at router for outgoing packet, filter attack orginiating from our site

9 net security - budi rahardjo More interruption attack Distributed Denial of Service (DDoS) attack –Flood your network with spoofed packets from many sources –Based on SubSeven trojan, “phone home” via IRC once installed on a machine. Attacker knows how many agents ready to attack. –Then, ready to exhaust your bandwidth –See Steve Gibson’s paper http://grc.com

10 net security - budi rahardjo Interception Attack Sniffer to capture password and other sensitive information Tools: tcpdump, ngrep, linux sniffer, dsniff, trojan (BO, Netbus, Subseven) Protection: segmentation, switched hub

11 net security - budi rahardjo Modification Attack Modify, change information/programs Examples: Virus, Trojan, attached with email or web sites Protection: anti virus, filter at mail server, integrity checker (eg. tripwire)

12 net security - budi rahardjo Fabrication Attack Spoofing address is easy Examples: –Fake mails, spoofed packets Tools: various packet construction kit Protection: filter outgoing packets at router

13 net security - budi rahardjo Protection Firewall –Static vs Stateful Packet Filter –Circuit gateway, application level gateway Intrusion Detection System (IDS) –Host vs Network based Policy –Privacy issues, AUP, cyberlaw, best practice, what to do if your site is probed?

14 net security - budi rahardjo Firewall – Static Packet Filter Inspect packets based on rules –Source, destination address, port Strength: –fast, can be implemented with Linux box Weakness: can be fooled, changing order, fragmentation, little information (for logging), IP spoofing, does not inspect payload, difficult to configure (lots of rules), stateless

15 net security - budi rahardjo Firewall - Stateful Remembers the state of packets Strength: better inspection, can be implemented with Linux box Weaknesses: slower?/faster?, needs more resources, IP spoofing, does not inspect payload, still difficult to configure

16 net security - budi rahardjo Instrusion Detection System Monitor system for anomaly Monitor host or network? Hybrid Difficult to monitor if stealth and slow Tools example: snort

17 net security - budi rahardjo Policy The hardest thing to do is dealing with people Policy, Standard Operating Procedure is overlooked

18 net security - budi rahardjo More reading materials My Books: Handbook Security http://budi.insan.co.id Security focus http://www.securityfocus.com Securiteam http://www.securiteam.com SANS: http://www.sans.org and many more …

Download ppt "Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002."

Similar presentations

IT Security Assurance Management of Network and User Behavior Budi Rahardjo INDOCISC - ID-CERT -

IT Security Assurance Management of Network and User Behavior Budi Rahardjo INDOCISC - ID-CERT -
Network Security Essentials Chapter 11

Network Security Essentials Chapter 11
Intrusion Detection System(IDS) Overview Manglers Gopal Paliwal Gopal Paliwal Roshni Zawar Roshni Zawar SenthilRaja Velu SenthilRaja Velu Sreevathsa Sathyanarayana.

Intrusion Detection System(IDS) Overview Manglers Gopal Paliwal Gopal Paliwal Roshni Zawar Roshni Zawar SenthilRaja Velu SenthilRaja Velu Sreevathsa Sathyanarayana.
 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.

Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Case Studies for Projects. Network Audit A brief description of the systems (via fingerprinting, if black box is used) Network perimeter should be described.

Case Studies for Projects. Network Audit A brief description of the systems (via fingerprinting, if black box is used) Network perimeter should be described.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.

1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
Firewall Slides by John Rouda

Firewall Slides by John Rouda

Similar presentations

Ads by Google