Network Security

Module Codes: CSN11111 & CSN11118 (D/L)

Dr. Sanaullah Jan

Marking Your Attendance
§ On-Campus Students (CSN11111) Must check-in for all
timetabled learning events
§ Can quickly and easily check-in via the Edinburgh Napier
App or by visiting myaccount.napier.ac.uk
§ ONLY for on-campus students
§ Reference Video
https://youtu.be/UNHea97wIQc
Marking Your Attendance
One Time Code
ONLY for on-campus students

Drop-in Lecture
Tuesday 17th September 2024
09:00 to 11:00 hrs
 Start
Recording!
Network Security
CSN11111/8
Module Introduction
Teaching Team
Lecturers
Dr Sana Ullah Jan – Module Leader
Office: D30
Email/Microsoft Teams: [email protected]

Dr Thomas Tan
Office D29; Tel: 0131 4552822;
Email/Microsoft Teams: [email protected]

Dr. Isam Wadhaj

Office D30; Tel: 0131 4552721;
Email/Microsoft Teams: [email protected]
Teaching Team
Demonstrator

Mr Jordan Wylie
Email/Microsoft Teams: [email protected]
Module Delivery
CSN11111 Network Security
§ Mode: On-Campus / In-Person
§ Lectures
§ Room: E13
§ Time: Tuesday 09:00 to 11:00
§ Labs
§ Room: JKCC Clusters 11 and 12
§ Time: Tuesday 11:00 to 13:00
All on-campus students are required to attend the lectures and labs
in-person.
 Teaching Schedule
CSN11111 Network Security
Tuesday 09:00 to 11:00 of each teaching week Tuesday 11:00 to 13:00 of each teaching week
Week Date
Lecturer Lecture Lab Teacher Lab
1 10/09/2024 Induction Week (No Lecture/Lab Activity)
2 17/09/2024 Sanaullah Introduction Isam, Sanaullah Online Resources/ENVL & Cisco Intro
3 24/09/2024 Thomas Network Threats Thomas Networking and Vulnerabilities
4 01/10/2024 Thomas Access Control/Authentication Thomas AAA
5 08/10/2024 Thomas Firewalls I Thomas Firewalls I - Packet Filtering
6 15/10/2024 Isam Firewalls II Isam Firewalls II - Perimeter Stateful Firewalls
*Closed-book in-class Test 1
7 22/10/2024 *No activity from 12:00 to 14:00
*Coursework - Briefing
8 29/10/2024 Sanaullah Cryptography and Security Protocols Sanaullah Cryptography & SSL; Firewalls - configure ASA with ASDM
9 05/11/2024 Isam VPNs Isam VPNs
10 12/11/2024 Sanaullah Intrusion Detection and Prevention Systems Sanaullah IPS Sensors
11 19/11/2024 Thomas IDPS and Machine Learning Thomas Snort and Cisco IDPS Sensors & ML Lab
12 26/11/2024 Isam Layer 2 Security Isam Layer 2 Security
13 03/12/2024 Guest Lecture (Subject to availability) *Closed-book in-class Test 2
14 10/12/2024 *No activity this week
15 17/12/2024 *Coursework hand-in (Deadline 15 December 2023, 17:00)
Module Delivery
CSN11118 Network Security (D/L)
§ Mode: Online
§ Lectures
§ Room: E13
§ Time: Tuesday 09:00 to 11:00
§ Labs
§ Room: JKCC Clusters 11 and 12
§ Time: Tuesday 11:00 to 13:00
D/L students are NOT required to but are welcome to join lecture sessions
online.
Teaching Schedule
CSN11118 Network Security (D/L)
Support Session for DL Students
Tuesday at 18.30 to 19.45 Hrs
Engagement and Support: Week Date Lecturer
§ Weekly online support 1 10/09/2024 N/A
session via MS Teams 2 17/09/2024 Sanaullah
(Tuesday 18:30 – 19:45) 3 24/09/2024 Thomas
4 01/10/2024 Thomas
§ Drop-in Discussion and Q&A 5 08/10/2024 Thomas
session 6 15/10/2024 Isam
7 22/10/2024 N/A
8 29/10/2024 Sanaullah
9 05/11/2024 Isam
10 12/11/2024 Sanaullah
11 19/11/2024 Thomas
12 26/11/2024 Isam
13 03/12/2024 N/A
14 10/12/2024 N/A
15 17/12/2024 N/A
Assessments
§ Two closed-books assessments (50%)
§ Test 1 – Week 7 (25%)
§ Test 2 – Week 13 (25%)
§ Coursework Assignment (50%)
§ Due in Week 15
§ Materials covered in all lectures and labs
§ Report – around 3000 words

Feedback
§ Written Feedback
§ Within three weeks after attempt/due date
Module Contents
§ Introduction. Networking Concepts; Network Security Concepts; Network Threats and Attacks; Network
Defense - Perimeter, Defense in Depth
§ Firewalls. Types - Host, Network; Technologies - Static packet filtering; Stateful packet filtering; Multilayer
firewall; Architectures; Polices; and Implementation and Deployment.
§ Intrusion Detection and Prevention Systems (IDPS). Types; Alert Monitoring and Sensor
Tuning; behavioural analysis, in-line/out-of-line.
§ Access Control and Authentication. Trust and Identity; Attacks; Models - Access Control
Models; Network Device Access Control; AAA, Layer 2; Device Hardening.
§ Remote Access and VPNs. Cryptography; Types - L2, L3 and L4/5; Technologies; IPSec and SSL.
§ CCNA Certification - CIA; Attacks on CIA; Data Classification; Law and Ethics; Network policies; Risk
Management and Secure Network Design; Security in the SDLC; Cisco self-defending network; Secure
Administration.
§ CCNA Certification - Secure Infrastructure and Extending Security. Cisco Layer 2 Security; Cisco IOS
Firewalls. Cisco IOS IPS; Cisco VPN and Cryptographic Solutions; Digital Signatures and PKI.
Learning Outcomes

1. Develop an advanced knowledge, and critically evaluate, key network security

principles and methods.

2. Develop analytical skills related to the academic principles and practical skills
required to implement and support a complex network infrastructures, with
regards to security.

3. Research, Design, implement, evaluate and critically analyse a system to a

given set of network security requirement
Recommended Reading
§ Security
1. Whitman, M. E., & Mattord, H. J. (2016). Principles of information security (5th edition.). Cengage
Learning.
2. Stallings, W. (2017). Cryptography and network security : principles and practice (Seventh edition.).
Pearson Education Limited.
3. Pfleeger, C. P., Pfleeger, S. L., & Margulies, J. (2015). Security in computing (Fifth edition.). Pearson.
4. Schneier, B. (2015). Secrets and Lies digital security in a networked world. (15th anniversary edition.).
John Wiley & Sons Incorporated.
5. Burns, B. (2012). Security power tools . VLeBooks.
6. Gollmann, D. (2011). Computer security (3rd ed.). Chichester: Wiley.
§ Cryptography
1. Kohno, T., Ferguson, N., & Schneier, B. (2010). Cryptography engineering : design principles and
practical applications . Wiley.
2. Schneier, B. (2015). Applied cryptography : protocols, algorithms, and source code in C (20th
anniversary edition.). Wiley.
§ Firewalls
1. Cheswick, W. R., Rubin, A. D., & Bellovin, S. M. (2003). Firewalls and Internet Security: Repelling the
Wily Hacker (2nd ed.). Addison Wesley Professional.
Recommended Reading
§ Machine Learning
1. Zaki, M. J., & Meira, W. (2020). Data mining and machine learning : fundamental concepts and
algorithms (Second edition.). Cambridge University Press.
2. Géron, A. (2019). Hands-on machine learning with Scikit-learn, Keras, and TensorFlow : concepts,
tools, and techniques to build intelligent systems (Second edition.). O’Reilly Media.
§ Networking
1. Anderson, A., & Benedetti, R. (2009). Head first networking (1st edition). O’Reilly Media.
2. Fall, K. R., & Stevens, W. R. (2012). TCP/IP illustrated : Volume 1, The protocols. (2nd ed. / Kevin R.
Fall, W. Richard Stevens.). Addison-Wesley.
3. Kurose, J. F., & Ross, K. W. (2017). Computer networking : a top-down approach (Seventh edition,
Global edition.). VLeBooks.
§ CCNA Security
1. Santos, O., & Stuppi, J. (2015). CCNA security 210-260 official cert guide (1st edition). Cisco Press.
Introduction to
Network Security
Lecture 1
Contents
§ Security Principles
§ Networking Basics
§ Logical Layers
§ Ethernet Frame
§ IP Dataframe
§ TCP Segement Frame
§ Network Device
§ Router Configuration
Key Principles of Security
Weaknesses and Vulnerabilities
§ Virus
§ A piece of code – attach to programs, disks or computer memory to propagate itself.
Carry a payload with an action
§ Worm
§ Replicate – use email/network facilities to spread
§ Trojan horse
§ Pretend to be a useful utility to convince user for installation
§ Spyware
§ Gather and send user’s information to a central site.
§ Hoax
§ No code, rely on gullibility of users – use emotional subjects (e.g., last wish); ask
users to forward messages
Networking – Logical Layers
Networking – Protocols
Ethernet Frame
IP Datagram Format
 IP Datagram Format
Header Field Description Header Field Description

Version Indicates the format of the Internet header (4 Internet Header Length Specifies the length of the Internet header
bits) (IHL) in 32-bit words (4 bits)
Type of Service Provides an indication of the abstract Total Length Specifies the length of the datagram,
parameters of the quality of service desired (8 measured in octets (16 bits
bits)
Identification Value assigned by the sender to aid in Flags Various control flags (3 bits)
assembling the fragments (16 bits)
Fragment Offset Indicates where in the datagram this fragment Time to Live Indicates the maximum time the datagram
belongs (13 bits) is allowed to remain in the Internet system
(8 bits)
Protocol Indicates the next level protocol used (8 bits) Header Checksum A checksum on the header (16 bits)

Source Address The source IP address (32 bits) Destination Address The destination IP address (32 bits)

Options The Options field is variable in length Padding Internet header padding used to ensure
that the Internet header ends on a 32-bit
boundary
Network IP Address
TCP Segment Format
TCP – 3 Way Handshake
Network Devices
Network Devices
Router
Network Devices
Switch
Network Devices
Firewall
Cisco Symbols
Example
Device Configuration
Router Configuration

§ A basic router configuration should contain the following:

§ Router name - Host name should be unique
§ Banner - At a minimum, banner should warn against unauthorized use
§ Passwords - Use strong passwords
§ Interface configurations - Specify interface type, IP address and subnet mask.
Describe purpose of interface. Issue no shutdown command. If DCE serial
interface issue clock rate command.
§ After entering in the basic configuration, the following tasks should be completed
§ Verify basic configuration and router operations.
§ Save the changes on a router
Verification of Configuration

§ Issue the show running-config command

§ Save the basic router configuration by Issuing the copy running-config startup-
config command
§ Additional commands that will enable you to further verify router configuration are:
§ Show running-config - Displays configuration currently in RAM
§ Show startup-config - Displays configuration file NVRAM
§ Show IP route - Displays routing table
§ Show interfaces - Displays all interface configurations
§ Show IP interface brief - Displays abbreviated interface configuration information
Cisco Device Command Modes

Router>

Router#

Router(config)
Switching Command Modes
User Exec ßà Privileged Exec
Switching Command Modes
Privileged Exec ßà Global Configuration
Global Configuration ßà Interface Configuration
Cisco Router Password
Cisco Router Passwords
§ To increase the security of passwords, the following Cisco IOS
commands should be utilized:
§ Enforce minimum password length: security passwords min-length.
§ Disable unattended connections: exec-timeout.
§ Encrypt config file passwords: service password-encryption.
Cisco Router - Banner
§ Banner messages should be used to warn would-be intruders that
they are not welcome on your network.
§ Banners are important, especially from a legal perspective.
§ Intruders have been known to win court cases because they did not
encounter appropriate warning messages.
§ Choosing what to place in banner messages is extremely important and
should be reviewed by legal counsel before being implemented.
§ Never use the word “welcome” or any other familiar or similar greeting that
may be misconstrued as an invitation to use the network.
Introduction to Network
Security

Conclusion