Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lesson 7: Network Security and Attacks. Computer Security Operational Model Protection = Prevention+ (Detection + Response) Access Controls Encryption.

Published byArabella Austin Modified over 8 years ago

Similar presentations

Presentation on theme: "Lesson 7: Network Security and Attacks. Computer Security Operational Model Protection = Prevention+ (Detection + Response) Access Controls Encryption."— Presentation transcript:

1 Lesson 7: Network Security and Attacks

2 Computer Security Operational Model Protection = Prevention+ (Detection + Response) Access Controls Encryption Firewalls Intrusion Detection Incident Handling

3 Intrusion detection Firewalls Encryption Authentication Security Design Review Security Integration Services 24 Hr Monitoring Services Remote Firewall Monitoring Vulnerability Assessment Services Vulnerability Scanners Security Operational Model Improve Monitor Secure Evaluate

4 Protocols A protocol is an agreed upon format for exchanging information. A protocol will define a number of parameters: –Type of error checking –Data compression method –Mechanisms to signal reception of a transmission There are a number of protocols that have been established in the networking world.

5 OSI Reference Model ISO standard describing 7 layers of protocols –Application: Program-level communication –Presentation: Data conversion functions, data format, data encryption –Session: Coordinates communication between endpoints. Session state maintained for security. –Transport: end-to-end transmission, controls data flow –Network: routes data from one system to the next –Data Link: Handles passing of data between nodes –Physical: Manages the transmission media/HW connections You only have to communicate with the layer directly above and below

6 TCP/IP Protocol Suite TCP/IP refers to two network protocols used on the Internet: –Transmission Control Protocol (TCP) –Internet Protocol (IP) TCP and IP are only two of a large group of protocols that make up the entire “suite” A “real-world” application of the layered concept. There is not a one-to-one relationship between the layers in the TCP/IP suite and the OSI Model.

7 OSI and TCP/IP comparison OSI Model Application Presentation Session Transport Network Data-link Physical TCP/IP Protocol Suite NFS FTP, Telnet, SSH, SMTPSMB HTTP, NNTP RPC TCP,UDP IPICMP ARP Physical Application-level protocols Network-level protocols

8 TCP/IP Protocol Suite User Process User Process User Process User Process TCPUDP IP HW Interface RARPARP ICMPIGMP Media

9 Encapsulation of data User Data Appl header Application data TCP header Application data TCP header IP header Application data TCP header IP header Ethernet header Ethernet trailer Ethernet Frame IP Datagram TCP segment application TCP IP Ethernet driver Ethernet

10 Establishment of a TCP connection (“3-way Handshake”) client Server SYN Client sends connection request, Specifying a port to connect to On the server. client Server SYN/ACK Server responds with both an acknowledgement and a queue for the connection. client Server ACK Client returns an acknowledgement and the circuit is opened.

11 IP Ethernet802.5802.4802.3X.25 Frame Relay SLIP IPXATMArcnet Appletalk PPP Telnet FTPSNMPSMTPNFSDNSTFTPNTP RIP BGP 802.6 SMDS Layer 6/7: Applications Layer 5: Session Layer 4: Transport Layer 3: Network Layer 2 & 1: Data Link & Physical RETAIL BANKING B2B MEDICAL WHOLESALEl Windows X IGP EGP TCPUDPIGMPICMP IP Centric Network...

12 Twenty-six years after the Defense Department created the INTERNET as a means of maintaining vital communications needs in the event of nuclear war, that system has instead become the weak link in the nations defense” USA Today - 5 Jun 1996 True hackers don't give up. They explore every possible way into a network, not just the well known ones. The hacker Jericho. By failing to prepare, you are preparing to fail. Benjamin Franklin

13 “Popular” and receive a great deal of media attention. Attempt to exploit vulnerabilities in order to: –Access sensitive data (e.g. credit card #’s) –Deface the web page –Disrupt, delay, or crash the server –Redirect users to a different site Typical Net-based Attacks -- Web

14 Typical Net-based attacks -- Sniffing Essentially eavesdropping on the network Takes advantage of the shared nature of the transmission media. Passive in nature (i.e. just listening, not broadcasting) The increased use of switching has made sniffing more difficult (less productive) but has not eliminated it (e.g. DNS poisoning will allow you to convince target hosts to send traffic to us intended for other systems)

15 Typical Net-Based Attacks – Spoofing, Hijacking, Replay Spoofing attacks involve the attacker pretending to be someone else. Hijacking involves the assumption of another systems role in a “conversation” already taking place. Replay occurs when the attacker retransmits a series of packets previously sent to a target host.

16 Typical Net-Based Attacks – Denial of Service DOS and Distributed DOS (DDOS) attacks have received much attention in the media in the last year due to some high-profile attacks. Types: –Flooding – sending more data than the target can process –Crashing – sending data, often malformed, designed to disable the system or service –Distributed – using multiple hosts in a coordinated attack effort against a target system.

17 A Distributed DoS in Action Client Hacker Broadcast Host Broadcast Host Master Host Master Host Broadcast Host Broadcast Host Broadcast Host Master Control Programs Broadcast Agents Registration Phase *Hello**Hello* VerifyRegistration PONGPONGpng The Internet

18 The Attack Phase Target Client Hacker Broadcast Host Broadcast Host Broadcast Host Broadcast Host Broadcast Host Broadcast Agents The InternetAttackTargetAttackTarget AttackTarget UDP Flood Attack Attack Attack Attack

Download ppt "Lesson 7: Network Security and Attacks. Computer Security Operational Model Protection = Prevention+ (Detection + Response) Access Controls Encryption."

Similar presentations

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.

Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.
CCNA – Network Fundamentals

CCNA – Network Fundamentals
CISCO NETWORKING ACADEMY PROGRAM (CNAP)

CISCO NETWORKING ACADEMY PROGRAM (CNAP)
Chapter 7 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain the need for the transport layer.  Identify.

Chapter 7 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain the need for the transport layer.  Identify.
1 Reading Log Files. 2 Segment Format

1 Reading Log Files. 2 Segment Format
Networks, TCP/IP, and Network- Based attacks Lesson 2.

Networks, TCP/IP, and Network- Based attacks Lesson 2.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Communicating over the Network Network Fundamentals – Chapter 2.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Communicating over the Network Network Fundamentals – Chapter 2.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.

Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
OSI Model.

OSI Model.
Chapter 1 Read (again) chapter 1.

Chapter 1 Read (again) chapter 1.
Introduction To Networking

Introduction To Networking
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
1 CCNA 2 v3.1 Module 10. 2 Intermediate TCP/IP CCNA 2 Module 10.

1 CCNA 2 v3.1 Module Intermediate TCP/IP CCNA 2 Module 10.
 The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.

 The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.
OIS Model TCP/IP Model.

OIS Model TCP/IP Model.
Lecture 8 Modeling & Simulation of Communication Networks.

Lecture 8 Modeling & Simulation of Communication Networks.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.

Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.
Process-to-Process Delivery:

Process-to-Process Delivery:

Similar presentations

Ads by Google