Network Security

Outline
• Need for Network Security
• What is Network Security
• Security in Application, Transport and Network Layer
• Network Security for Business
• NMAP for Network Scanning
 Need for Network Security
• In this modern era organizations
greatly rely on computer networks to
share information throughout the
organization in an efficient and
productive manner.

• Organizational computer networks are

now becoming a large and new
systems assuming that each staff
member has a dedicated workstation.

• A large scale company would have a

few thousand workstations and many
servers on the network.
 Need for Network Security (2)
• It is likely that these workstations
may not be centrally managed nor
would they have parameter
protection.

• They have a variety of operating

systems hardware software and
protocols with different level of cyber
awareness among users now imagine
these thousands of workstations on
company networks are directly
connected to the Internet.

• This sort of unsecured Network

becomes a target for an attack which
holds valuable information and
displays vulnerabilities
 What is Network Security
• Network security consists of policies
and practices adopted to prevent and
monitor, unauthorized access, misuse,
modification or denial of a computer
network and network accessible
resources.

• Only network security can protect you

from a Trojan horses or viruses.

• Network security involves the

authorization of access to data in a
network which is controlled by the
network administrator
 What is Network Security (2)
• Users choose or are assigned an ID
and password or other authenticating
information that allows them to
access to information and programs
within their authority.

• Network security coverage

transactions and communications
among businesses government
agencies and individuals two
networks can be private such as
within the company and others which
might be open to public access

• It does as title explains it secures the

network as well as protecting and
overseeing operations being done
 Vulnerabilities in TCP / IP
Why the need for network security arose so
the TCP/IP protocol ?
• The major protocol used for
communication was created in 1980s as
an internet working solution with very
little concern for security aspects it was
developed for a communication in the
limited trusted Network however or a
period this protocol became the de facto
standard for the unsecured internet
communication

• Now some of the common security

vulnerabilities of TCP/IP protocol suits
are as follows:
 Vulnerabilities in TCP / IP (2)
• Firstly, HTTP is an application layer
protocol in tcp/ip used for transfer files
that make up the web pages for the web
server. These transfers are done in plain
network security for text and an intruder
can easily read the data packets
exchanged between server and a client.

• Another HTTP vulnerability is a weak

authentication between the client and the
web server. During the initialization of
the session, the vulnerability can lead to
a session hijacking attack where the
attacker steals an HTTP session of the
legitimate user.
 Vulnerabilities in TCP / IP (3)
• Thirdly TCP protocol vulnerability is
the three-way handshake for connection
establishment an attacker can launch a
denial of service attack called flooding.
To exploit this vulnerability, he
establishes a lot of half-open sessions by
not completing the handshake and this
leads to server overloading and
eventually a crash.

• Fourth, vulnerability is that the IP layer

is susceptible to many vulnerabilities in
itself. Through an IP protocol header
modification, an attacker can launch an
IP spoofing attack that can be a serious
conundrum to your business.
 Other Limitations
• Now apart from the full
vulnerabilities mentioned, many other
security vulnerabilities exist in TCP
IP protocol family in design as well in
its implementation incidentally in
TCP IP based network
communication.

• If one layer is hacked, the other layers

do not become aware of the attack
and the entire communication gets
compromised.

• Hence there is need to employ a

security controls at each layer to
ensure full proof security.
 The CIA Triad
The primary goal of network
security are
1. Confidentiality
2. Integrity
3. Availability

These three pillars of network

security are often represented
as a CIA triangle
 The CIA Triad (2)
• Confidentiality
To protect precious data from unauthorized
person. It makes sure that data is available
only to the intended and authorized people.

• Integrity
The goal of integrity is the maintenance and
assurance of accuracy and consistency of
data. The functions of integrity is to make
sure that data is reliable and is not changed
by unauthorized people.

• Availability
To make sure that data network and this
resources are continuously available to the
legitimate user when they require it
Achieving Network Security
Application Layer Security
 Client Server Architecture
• Various business services are now
offered online through client-server
applications.
• The most popular form are web
applications and email.
• In both applications the client
communicates to the designated server
and obtain services.
• While using a service from any server
application, the client and server
exchange lot of information on the
underlying internet.
• Internet we are aware of the fact that
these information transactions are
vulnerable to various attacks.
• Many real-time security protocols have
been designed
 Client Server Architecture (2)
Objectives of Security Protocols
Such protocols need to provide at
least the following primary objectives

1. The parties can negotiate

interactively to authenticate each
other.
2. Establish a secret session key
before exchanging information
on a network.
3. The exchange information must
be in encrypted form
 Client Server Architecture (2)
Working of Security Protocols

Interestingly these protocols work at

different layers of networking model.
For example,
• The s mime protocol works at an
application layer
• The SSL protocol is developed to
work at the transport layer
• The IPSec protocol works at the
network layer
Email Architecture
 Email Architecture
As many of the application layer information is mostly through emails or web server architectures,
we're going to choose email for this one.

How to Send E-mail

• The simplest way of sending an email would be sending a message directly from the sender's
machine to the recipients machine
• In this case, it is essential for both machines to be running on the network simultaneously
• However, this setup is impractical as users may occasionally connect to their machines to the
network.
• Hence the concept of setting up email servers arrived in the set of the mail is sent to the email
server which is permanently available on the network
• When the recipients machine connects to their network, it reads the mail from the mail server.
Email Security
 PGP
• Now security services such as privacy, authentication, message integrity
and non-repudiation are usually provided by using public key
cryptography.
• Now pretty good privacy or PGP is an email encryption scheme.
• It has become the de facto standard for providing security services for
email communication
Application Layer Security
Transport Layer Security
 Need

Consider an example of shopping from a website

 Need for Security
• For example, if the transaction did not
use confidentiality then an attacker
could obtain your payment card
information.

• The attacker can then make purchases at

your expense.

• If no data integrity was used in the

communication, an attacker could
modify order in terms of type or
quantity of goods.

• Lastly if no server authentication was

used a server could display the website
and his famous logo but the site could
be malicious site maintained by an
attacker
 SSL
• SSL (Secure Sockets Layer) is a
standard security protocol for
establishing encrypted links
between a web server and a
browser in an online
communication.

• The usage of SSL technology

ensures that all data transmitted
between web server and browser
remains encrypted
Salient Features of SSL
How Does it Work?
How Does it Work?
Network Layer Security
Need
IPsec Overview
How Does IPSec Work?
IPSec Policies
Benefits of Network Security in a Business
THANK YOU