Network Security-1.

1
Overview
 What is security?
 Why do we need security?
 Who is vulnerable?
 Common security attacks and countermeasures
– Firewalls & Intrusion Detection Systems
– Denial of Service Attacks
– TCP Attacks
– Packet Sniffing
– Social Problems

2
What is “Security”
 Dictionary.com says:
– 1. Freedom from risk or danger; safety.
– 2. Freedom from doubt, anxiety, or fear; confidence.
– 3. Something that gives or assures safety, as:
• 1. A group or department of private guards: Call building security
if a visitor acts suspicious.
• 2. Measures adopted by a government to prevent espionage,
sabotage, or attack.
• 3. Measures adopted, as by a business or homeowner, to
prevent a crime such as burglary or assault: Security was lax at
the firm's smaller plant.
…etc.

3
What is “Security”
 Dictionary.com says:
– 1. Freedom from risk or danger; safety.
– 2. Freedom from doubt, anxiety, or fear; confidence.
– 3. Something that gives or assures safety, as:
• 1. A group or department of private guards: Call building security
if a visitor acts suspicious.
• 2. Measures adopted by a government to prevent espionage,
sabotage, or attack.
• 3. Measures adopted, as by a business or homeowner, to
prevent a crime such as burglary or assault: Security was lax at
the firm's smaller plant.
…etc.

4
What is “Security”
 Dictionary.com says:
– 1. Freedom from risk or danger; safety.
– 2. Freedom from doubt, anxiety, or fear; confidence.
– 3. Something that gives or assures safety, as:
• 1. A group or department of private guards: Call building security
if a visitor acts suspicious.
• 2. Measures adopted by a government to prevent espionage,
sabotage, or attack.
• 3. Measures adopted, as by a business or homeowner, to
prevent a crime such as burglary or assault: Security was lax at
the firm's smaller plant.
…etc.

5
What is “Security”
 Dictionary.com says:
– 1. Freedom from risk or danger; safety.
– 2. Freedom from doubt, anxiety, or fear; confidence.
– 3. Something that gives or assures safety, as:
• 1. A group or department of private guards: Call building security
if a visitor acts suspicious.
• 2. Measures adopted by a government to prevent espionage,
sabotage, or attack.
• 3. Measures adopted, as by a business or homeowner, to
prevent a crime such as burglary or assault: Security was lax at
the firm's smaller plant.
…etc.

6
Why do we need security?
 Protect vital information while still allowing
access to those who need it
– Trade secrets, medical records, etc.
 Provide authentication and access control for
resources
– Ex: ACL
 Guarantee availability of resources
– 24/7

7
Who is vulnerable?
 Financial institutions and banks
 Internet service providers
 Pharmaceutical companies
 Government and defense agencies
 Contractors to various government agencies
 Multinational corporations
 ANYONE ON THE NETWORK

8
Common security attacks and
their countermeasures
 Finding a way into the network
– Firewalls
 Exploiting software bugs, buffer overflows
– Intrusion Detection Systems
 Denial of Service
– Ingress filtering, IDS
 TCP hijacking
– IPSec
 Packet sniffing
– Encryption (SSH, SSL, HTTPS)
 Social problems
– Education
9
Categories of Security
 Computer Security
– focusing on creating a secure environment for
the use of computers
– involves four areas of interest: the study of
computer ethics, the development of both
software and hardware protocols, and the
development of best practices
 Network Security
– involves creating an environment in which a
computer network, including all its resources,
which are many; all the data in it both in storage
and in transit;and all its users are secure 10
Categories of Security
 Information Security
– involves the study of not only more detailed
mathematical designs of cryptographic,
communication, transport, and exchange
protocols and best practices but also the state of
both data and information in motion

11
Securing the Computer Network
 Ensuring the security of an object means
protecting the object from unauthorized
access both from within the object and
externally
 In a computer network model, the tangible
objects are the hardware resources in the
system, and the
 intangible object is the information and data
in the system, both in transition and static in
storage.
12
Hardware
 Protecting hardware resources include
protecting:
• End user objects that include the user interface
hardware components such as all client system
input components, including a keyboard, mouse,
touchscreen, light pens, and others
• Network objects like firewalls, hubs, switches,
routers, and gateways which are vulnerable to
hackers
• Network communication channels to prevent
eavesdroppers from intercepting network
communications
13
Software
 Protecting software resources includes
– protecting hardware-based software, operating
systems, server protocols, browsers, application
software, and intellectual property stored on
network storage disks and databases.
– It also involves protecting client software such as
investment portfolios, financial data, real estate
records, images or pictures, and other personal
files commonly stored on home and business
computers.

14
Forms of Protection
 Access Control
– Hardware Access Control Systems
• Access terminal
• Visual event monitoring
• Identification cards
• Biometric identification
• Video surveillance
– Software Access Control Systems
• point-of-access monitoring
• Remote monitoring
15
Forms of Protection
 Authentication
 Confidentiality
 Integrity
 Nonrepudiation

16