1 / 30

Lesson 10 – SECURING YOUR NETWORK

Lesson 10 – SECURING YOUR NETWORK. OVERVIEW. Security devices Internal security External security Viruses and other malicious software. SECURITY DEVICES. Firewall: System enforcing security policy between two Networks . Security devices. Proxy Server:

gaius
Download Presentation

Lesson 10 – SECURING YOUR NETWORK

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lesson 10 – SECURING YOUR NETWORK

  2. OVERVIEW • Security devices • Internal security • External security • Viruses and other malicious software

  3. SECURITY DEVICES • Firewall: System enforcing security policy between two Networks.

  4. Security devices • Proxy Server: Server acting as a proxy (an anonymous intermediary) for Network users.

  5. Security devices • Packet filter: Enables users to set criteria for allowed and disallowed packets.

  6. INTERNAL SECURITY Securing Network from internal threats like: • Accessing information inappropriately. • Accessing other users’ files. • Impersonating other users. • Performing criminal activities on systems. • Packet “sniffing” on the Network.

  7. Internal security • Account security • File and directory permissions • Practices and user education

  8. Account security • Process of managing the user accounts enabled on the Network.

  9. Account security To manage security: • Remove the guest account. • Rename the default name for the administrative account. • Remove access to Network resources. • Work closely with HR/legal departments. • Review newly assigned permissions.

  10. Account security To maintain password security: • Get users to change their Network password regularly. • Set the reuse policy. • Have passwords that are at least eight characters long. • Establish thresholds.

  11. File and directory permissions • Control access to files and directories by using built-in permissions.

  12. File and directory permissions Generic directory roles: • Create only • Read only • Change • Full control

  13. Practice and user education • Inform users what is expected of them in terms of security. • Discuss security issues with new employees. • Have users acknowledge their understanding. • Periodically audit users’ security actions. • Review the NOS’ security logs.

  14. EXTERNAL SECURITY • Process of securing the Network from external threats.

  15. External security Types of threats: • Front-door threats • Back-door threats • Denial of service

  16. Front-door threats • Arise when a user from outside the company finds a user password and logs on to the Network.

  17. Front-door threats Solutions: • Separate Network resources accessed from and outside the LAN. • Control users accessing LAN from outside the LAN. • Set up a separate remote access account for remote users. • Set up user accounts to use dial-back. • Change password when employee with broad access resigns.

  18. Back-door threats • Software or hardware bugs in the Network’s OS enabling an outsider to crack the Network’s security.

  19. Back-door threats Solutions: • Host the company’s web site on an external server. • Implement a firewall router. • Review security settings for the web server. • Place web server for non-employees outside the firewall.

  20. Denial of service • Attacks that deny service to the Network.

  21. Denial of service Solutions: • Keep various Network software “current”. • Disallow Internet Control Message Protocol (ICMP) traffic service.

  22. Denial of service • Demilitarized Zone (DMZ): The area between computers placed between the firewall an connection to an external Network.

  23. VIRUSES AND OTHER MALICIOUS SOFTWARE

  24. Virus • Program that spreads by infecting other files with a copy of itself. • Files infected by viruses include program files (.COM, .EXE, and .DLL).

  25. Worm • Program that propagates by sending copies of itself to other computers. • Spreads by attaching to e-mails along with a message.

  26. Trojan horse • Program that claims to do something interesting and performs malicious actions in the background.

  27. Logic bomb • Malicious piece of programming code inserted into a normal program. • Can be timed to erase key files.

  28. SUMMARY Internal security: • Account security • Account password security • File and directory permissions

  29. Summary External security: • Front-door threats • Back-door threats • Denial of service

  30. Summary Viruses and other malicious software: • Viruses • Worms • Trojan horses • Logic bombs

More Related