190 likes | 363 Views
Network Plus Security Review. 1/28/2010. 1/28/2010. Identify and Describe Security Risks. People Phishing Passwords Transmissions Man in middle Packet sniffing Port scanners Protocols NOS updates Internet Access Spyware Bots Social media. Network Security Technology. Firewalls
E N D
Network PlusSecurity Review 1/28/2010 1/28/2010
Identify and Describe Security Risks • People • Phishing • Passwords • Transmissions • Man in middle • Packet sniffing • Port scanners • Protocols • NOS updates • Internet Access • Spyware • Bots • Social media
Network Security Technology • Firewalls • Router Access Lists • Stateless and Stateful • Intruder Detection and Prevention • Proxy Servers
Router Access Lists (cont’d.) ACL instructs router Permit or deny traffic according to variables: Network layer protocol (IP, ICMP) Transport layer protocol (TCP, UDP) Source IP address Source netmask Destination IP address Destination netmask TCP, UDP port number 25
Intrusion Detection and Prevention Port mirroring Port configured to send copy of all traffic to another port for monitoring purposes IDS (intrusion detection system) Logs potential problems IPS (Intrusion Prevention System Block potential problems Denial-of-service, smurf attacks 27
DMZ In computer security, a DMZ, or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external services to a larger untrusted network, usually the Internet. An external attacker only has access to equipment in the DMZ, rather than any other part of the network.
Proxy Servers (cont’d.) Figure 12-5 A proxy server used on a WAN Network+ Guide to Networks, 5th Edition 40
Encryption • Use of keys to scramble data to prevent eavesdropping • Symmetric vs Asymmetric keys • Encryption systems
Public (Asymmetric) Key Encryption Data encrypted using two keys Private key: user knows Public key: anyone may request Public key server Freely provides users’ public keys Uses Certificate Authority to verify certificate Asymmetric encryption Requires two different keys Used with SSL and TLS Used by HTTPS and SSH 51
IPSec (Internet Protocol Security) Defines encryption, authentication, key management Works at Network layer for TCP/IP transmissions Native IPv6 standard Difference from other methods Encrypts data by adding security information to all IP packet headers Transforms data packets Operates at Network layer (Layer 3) Used by L2TP VPN connections 63
IPSec (cont’d.) Figure 12-9 Placement of a VPN concentrator on a WAN 66
Network Authentication • Allow a user to login to a server or service without revealing the user password to packet sniffers. • Requires some form of encryption • Secure Login Systems
Authentication Protocols Authentication Process of verifying a user’s credentials Grant user access to secured resources Authentication protocols Rules computers follow to accomplish authentication Several authentication protocol types RADIUS/TACACS PAP CHAP EAP and 802.1x (EAPoL) Used in WPA2 (802.11x) Kerberos 67
802.1x (EAPoL) (cont’d.) Figure 12-15 802.1x authentication process 81
Wireless Network Security Wireless Susceptible to eavesdropping War driving Effective for obtaining private information Forms of Wireless Encryption WEP 802.11i Uses EAPoL WPA WPA2 Based on 802.11i Uses AES and CCMP encryption 84
WPA and WPA2 • WPA (Wi-Fi Protected Access) • Subset of 802.11i • Same authentication as 802.11i • TKIP keys • Uses RC4 encryption rather than AES • Has been cracked • WPA2 • Follows 802.11i • Uses AES security • Replaces WPA2 • Uses CCMP
The End Network+ Guide to Networks, 5th Edition Network+ Guide to Networks, 5th Edition