1 / 21

TCOM 562 – Network Security Fundamentals

TCOM 562 – Network Security Fundamentals. Fall 04 Jerry Martin gmartin@gmu.edu. General Information. Text book – Hackproofing Your Network Course is overview

garin
Download Presentation

TCOM 562 – Network Security Fundamentals

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TCOM 562 – Network Security Fundamentals Fall 04 Jerry Martin gmartin@gmu.edu

  2. General Information • Text book – Hackproofing Your Network • Course is overview • Lectures – attendance is important because I don’t believe in reading slides, slide bullets are talking points E-mail is preferred method of communication and is mandatory method for homework submission • Assignments • Case Studies (3) • Due approximately once a month (9/20, 10/12, 11/8) • Limited to 1 page, single spaced, if over 1½ pages, lose 1 point

  3. General Information • Topics for each assignment are a specific best commercial practice • Format – 1st paragraph – describe best practice 2nd paragraph – discuss benefits 3rd paragraph – discuss disadvantages 4th paragraph – discuss ease of implementation, likelihood of acceptance • Must be own words,no right or wrong answers • Late submissions get no points • All submissions are by e-mail

  4. General Information • Research Paper • 7 – 10 pages, double spaced • Select a topic from one of the weeks and submit for approval NLT 11 Oct • Due 6 Dec, submit via e-mail • Ensure sources are properly cited (e.g. Turabian), no more than 40% can be verbatim text • Don’t just describe topic, use analytical thinking • Late submissions get no points

  5. General Information • Tests • Midterm – 25 Oct, Final – 20 Dec • Format • 40 multiple choice, T/F; 4 short answer questions • Exam is 2 hours, NO lecture after test • Grading • Case studies (15%) – 5 points each • Paper (15%) – 30 points • Midterm (35%) – 100 points • Comprehensive Final (35%) – 100 points

  6. General Information • Flow for course • Common taxonomy, definition of terms • National policy and concerns • Threats • Defensive tools and measures • Continuity of operations/attack recovery • Legal and privacy issues and challenges

  7. THE WAY IT WAS THEN

  8. AND SO IT GROWS NOW? COLOR THE WORLD BLUE

  9. INTERNET…..INFORMATION SUPER HIGHWAY *A NETWORK OF NETWORKS *ONE OF THE MOST VALUABLE RESOURCES OF THE INFORMATION AGE *PROVIDES ACCESS TO USER NETWORKS *RUNS WITHOUT SINGLE ENTITY IN CHARGE

  10. TODAY’S NETWORK ENVIRONMENT”Interconnectivity” Packet Switch File Server LANs Bridge Other Networks Router Gateway Internet Hosts

  11. A Common Language • Terms key to entire course, use them extensively • For orderly examination, divided into four general categories • E – environment • G – government • U – underground • M – miscellaneous • Then look at Sandia Lab’s incident processing flow

  12. A Common Language • Environment • /8 /16 /24 /32 • Root • *ix • Internet v4 • Internet v6 • Dark fiber • GSRs • ISPs/Tier 1s

  13. A Common Language • Government • *PCIPB • OCS • *DHS (www.dhs.gov) • IAIP • NCSD • NIPC • FedCIRC • NCS • *DoJ/CCIPS (www.doj.gov/ccips) • ECTF

  14. A Common Language • More government • CERT-CC (www.cert.org) • CIP • HSC • *PDD 63/HSPD-7 • CWIN • JTF-GNO

  15. Understanding the Culture • News Stories • Defacement Mirrors • Hacker Magazines (phrack, 2600) • Hacker-oriented Internet Sites • Internet Relay Chat • Non-Profit and Commercial Computer “Security” Companies • Hacking Conferences (“Cons”) “The internet is our playground, it’s our side of the tracks. When you step into it, claim your own corner of cyberspace, and put up your house... Don’t expect not to arouse our curiosity.” - United Loan Gunmen

  16. A Common Language • Underground • Hacker • Cracker • Blackhat • Miscreant • Script kiddie • Click kiddie • Nicks • Idents

  17. A Common Language • Underground continued…. • Eblish • L33t • Hax0r • Pax0r • 0day • 0wned • Malware • Pop a box • Phish

  18. HPVAC Information Assurance is a continuous process. As the threat evolves, so must our Counter Measures “ It’s Cyber Guerilla Warfare” HACKING PHREAKING VIRI ANARCHY CARDING/CELLULAR

  19. A Common Language • Still more underground mayhem • *DDoS • *Sploits • *Vulns • *Bot/botnet/botherd • Bounce • Proxy • Post docs • *Zombie/soldier

  20. A Common Language • And now the rest… • White hat • Gray hat • *Paypal • “Cuckoo’s Egg” • Listserves • ISACs • *CCV • PGP • Fingerprint • Net flows

  21. A Common Language • More miscellaneous • ARIN • RIPE • APNIC • ICANN • IANA • FIRST • NANOG • Bugtraq • RFCs • Out of band

More Related