Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Network Security Lecture 1 Course Overview Waleed Ejaz

Published byNeil Richards Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Network Security Lecture 1 Course Overview Waleed Ejaz"— Presentation transcript:

1 1 Network Security Lecture 1 Course Overview http://web.uettaxila.edu.pk/CMS/coeCCNbsSp09/index.asp Waleed Ejaz waleed.ejaz@uettaxila.edu.pk

2 2 Overview Goal of this course Grading Prerequisites Tentative Schedule Security Goals

3 3 Goal of This Course Comprehensive course on network security Includes both theory and practice Theory: Cryptography, Hashes, key exchange, Email Security, Web Security Practice: Hacking and Anti-Hacker techniques Graduate course: (Advanced Topics)  Lot of independent reading and writing  Project/Survey paper

4 4 CERT Computer emergency response team (CERT) Security is a #1 concern about Internet. Significant industry and government investment in security

5 5 Prerequisites Computer Communication & Networks

6 6 Prerequisites ISO/OSI reference model TCP/IP protocol stack Full-Duplex vs half-duplex UTP vs Wireless Cyclic Redundancy Check (CRC) CRC Polynomial Ethernet IEEE 802 MAC Addresses Bridging and Routing IEEE 802.11 LAN

7 7 Prerequisites (contd.) IP Address Subnets Private vs Public Addresses Address Resolution Protocol (ARP) Internet Control Message Protocol (ICMP) Routing - Dijkstra's algorithm Transport Control Protocol (TCP) User Datagram Protocol (UDP) TCP connection setup TCP Checksum Hypertext Transfer Protocol (HTTP)

8 8 Text Book Charlie Kaufman, Radia Perlman, and Mike Speciner, "Network Security: Private Communication in a Public World," 2nd Edition, Prentice Hall, 2002, ISBN: 0130460192.

9 9 Reference Book Cryptography and Network Security, by William Stallings, Prentice Hall, 4th Edition, 2006 Few topics from this book will be followed during this course. All relevant material will be provided as notes or as part of the class slides.

10 10 Course Outline Course Overview Security Concepts TCP/IP Security Attacks Security Key Cryptography (Chapter 3) Modes of Operation (Chapter 4) Hashes and Message Digest (Chapter 5) Public Key Cryptography (Chapter 6) Authentication: Passwords, Biometrics (Chapter 10) Kerberos (Chapter 14) Public Key Infrastructure (Chapter 15) IPSec (Chapter 17)

11 11 Course Outline (contd.) Internet Key Exchange (IKE) (Chapter 18) Web Security: SSL/TLS (Chapter 19) Email Security: PGP (Chapter 22) Firewalls (Chapter 23) VPNs DNS Security Network Access Controls: AAA Wireless Security Intrusion Detection DMZ (LAN->WAN)

12 12 Grading Assignments5 Quizzes10 Grand Quiz10 Labs25 Final Exam100

13 13 Term Project A survey paper on a network security topic  " Wireless Network Security  " Key Exchange Protocols  " Comprehensive Survey: Technical Papers, Industry Standards, Products A real attack and protection exercise on the security of a system (web server, Mail server, …) – Groups of 2 students (Hacker and Administrator) Recent Developments: Last 5 to 10 years ⇒ Not in books Better ones may be submitted to magazines or journals

14 14 Project Schedule Topic Selection/Proposal References Due Outline Due First Draft/Demo Due Reviews/comments Returned Final Report Due

15 15 Office Hours Thursday: 1:30 PM to 3:00 PM Office: Room 9 Contact Office: +92-51-9047573 Best way to communicate with me in other then office hours is email: waleed.ejaz@uettaxila.edu.pk

16 16 FAQs Yes, I do use “curve”. Your grade depends upon the performance of the rest of the class. All homeworks are due on the following Friday unless specified otherwise. Any late submissions, if allowed, will *always* have a penalty. All exams are closed-book and extremely time limited. Exams consist of numerical and may be multiple-choice (truefalse) questions.

17 17 Security Goals  Confidentiality: Need access control, Cryptography, Existence of data  Integrity: No change, content, source, prevention mechanisms, detection mechanisms  Availability: Denial of service attacks, Confidentiality, Integrity and Availability (CIA)

18 18 Security Attacks Snooping Traffic Analysis Modification Masquerading Replaying Repudiation Traffic Analysis Snooping Traffic Analysis Snooping Traffic Analysis Snooping Traffic Analysis Snooping Traffic Analysis Snooping Traffic Analysis Security Attacks Snooping Traffic Analysis Security Attacks Snooping Traffic Analysis Security Attacks Snooping Traffic Analysis Security Attacks Snooping Traffic Analysis Modification Security Attacks Snooping Traffic AnalysisMasquerading Modification Security Attacks Snooping Traffic Analysis Replaying Masquerading Modification Security Attacks Snooping Traffic Analysis Threat to Confidentiality Threat to Availability Threat to Integrity Denial of Service

19 19 Passive Versus Active Attacks Alice and Bob want to communicate in presence of adversaries  Adversaries: Passive – just looking Active – may change msgsAlice Bob

20 20 Categorization of passive and active attacks AttacksPassive/ActiveThreatening Snooping Traffic Analysis PassiveConfidentiality Modification Masquerading Replaying Repudiation ActiveIntegrity Denial of ServiceActiveAvailability

21 21 Student Questionnaire Name: _________________________________________ Email: _________________________________________ Phone: _________________________________________ Degree: ______________ Expected Date: _________________ Technical Interest Area(s): _____________________________ Prior networking related courses/activities:________________ Prior security related courses: _________________________ If you have a laptop or desktop, it’s operating system: _______ Do you have a WiFi interface? _____ I agree to abide by the rules and will not use the techniques on any computer other than mine or Network security lab. Signature: _______________________ Date: _____________

22 22 Lab Home Work 1: Gathering Information Learn about IPconfig, ping, arp, nslookup, whois, tracert, netstat, route, hosts file 1. Find the IP addresses of www.google.comwww.google.com 2. Modify the hosts file to map www.google.com to 128.252.166.33 and do a google search. Remove the modification to the host file and repeat.www.google.com 3. Find the domain name of 128.272.165.7 (reverse the address and add.inaddr. arpa) 4. Find the owner of www.google.com domainwww.google.com 5. Find route from your computer to www.google.comwww.google.com 6. Find the MAC address of your computer 7. Print your ARP cache table. Find a server on your local network. Change its ARP entry in your computer to point to your computer’s MAC address. Print new ARP cache table. Now use the service and see what happens. 8. Print your routing table and explain each line (up to line #20 if too many) 9. What is the number of packets sent with “destination unreachable” 10. Find the location of 128.252.166.33 (use www.ipaddresslocation.org)www.ipaddresslocation.org

23 23 Quiz 0: Prerequisites True or False? 1. Subnet mask of 255.255.255.254 will allow 254 nodes on the LAN. 2. Time to live (TTL) of 8 means that the packet can travel at most 8 hops. 3. IP Address 128.256.210.12 is an invalid IP address 4. CRC Polynomial x 32 +x 15 +1 will produce a 32 bit CRC. 5. DHCP server is required for dynamic IP address assignment 6. DNS helps translate an name to MAC address 7. Port 80 is used for FTP. 8. IPv6 addresses are 32 bits long. 9. New connection setup message in TCP contains a syn flag. 10. 192.168.0.1 is a public address. Marks = Correct Answers _____ - Incorrect Answers _____ = ______

24 24 Quiz 0: Prerequisites (Solution) True or False? 1. Subnet mask of 255.255.255.254 will allow 254 nodes on the LAN. False 2. Time to live (TTL) of 8 means that the packet can travel at most 8 hops. True 3. IP Address 128.256.210.12 is an invalid IP address. True 4. CRC Polynomial x 32 +x 15 +1 will produce a 32 bit CRC. True 5. DHCP server is required for dynamic IP address assignment. True 6. DNS helps translate an name to MAC address. False 7. Port 80 is used for FTP. False 8. IPv6 addresses are 32 bits long. False 9. New connection setup message in TCP contains a syn flag. True 10. 192.168.0.1 is a public address. False Marks = Correct Answers _____ - Incorrect Answers _____ = ______

25 25 Questions!

Download ppt "1 Network Security Lecture 1 Course Overview Waleed Ejaz"

Similar presentations

PJC CCNA Semester 2 Ver. 3.0 by William Kelly

PJC CCNA Semester 2 Ver. 3.0 by William Kelly
CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 25 Introduction to Computer Networks.

CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 25 Introduction to Computer Networks.
Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.

Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.
IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.

IST 201 Chapter 9. TCP/IP Model Application Transport Internet Network Access.
Computer Networking Revision Dr Sandra I. Woolley.

Computer Networking Revision Dr Sandra I. Woolley.
SYSTEM ADMINISTRATION Chapter 19

SYSTEM ADMINISTRATION Chapter 19
ECE 355 Introduction to Computer Networks and Data Communications

ECE 355 Introduction to Computer Networks and Data Communications
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 ECSE-6961 Internet Protocols Shivkumar Kalyanaraman Rensselaer Polytechnic Institute

Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 ECSE-6961 Internet Protocols Shivkumar Kalyanaraman Rensselaer Polytechnic Institute
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Internet Protocols ECSE:6961 Shivkumar Kalyanaraman Rensselaer Polytechnic Institute

Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Internet Protocols ECSE:6961 Shivkumar Kalyanaraman Rensselaer Polytechnic Institute
Chapter 2 Internet Protocol DoD Model Four layers: – Process/Application layer – Host-to-Host layer – Internet layer – Network Access layer.

Chapter 2 Internet Protocol DoD Model Four layers: – Process/Application layer – Host-to-Host layer – Internet layer – Network Access layer.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Chapter 23: ARP, ICMP, DHCP IS333 Spring 2015.

Chapter 23: ARP, ICMP, DHCP IS333 Spring 2015.
Prepared By E.Musa Alyaman1 Networking Theory Chapter 1.

Prepared By E.Musa Alyaman1 Networking Theory Chapter 1.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.

Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.

1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
Chapter Overview TCP/IP Protocols IP Addressing.

Chapter Overview TCP/IP Protocols IP Addressing.
Wireshark and TCP/IP Basics ACM SIG-Security Lance Pendergrass.

Wireshark and TCP/IP Basics ACM SIG-Security Lance Pendergrass.

Similar presentations

Ads by Google