1 / 33

Part 2 Implementing Network Security

Part 2 Implementing Network Security . Malware Types of infections Encryption Systems Preventing Packet Theft Operating System Closing loopholes Wireless Configuration User error. Malware Types. Virus Spyware Trojan Worms. Virus and Spyware. Virus. Spyware. Independent software

giulio
Download Presentation

Part 2 Implementing Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Part 2Implementing Network Security • Malware • Types of infections • Encryption Systems • Preventing Packet Theft • Operating System • Closing loopholes • Wireless Configuration • User error

  2. Malware Types • Virus • Spyware • Trojan • Worms

  3. Virus and Spyware Virus Spyware Independent software Loaded by running a program The spyware program runs in memory as a separate service and can often be seen in Task Manager Root Kits can mask their presence from the operating system and do show up in Task Manager Hardest to get rid of Can get around anti-virus and spyware programs • Modifies code in existing program • Email, word processor, game • Memory resident • Self-replicating • When a virus is in your computer’s memory it will look for other programs to infect across drives • Macros in documents and Email attachments • May contain payload • Damage to data or software on the computer • Send spam emails

  4. Trojans and Worms Trojans Worms Programs that reproduce themselves across networks using a port scanner type technology Use open ports and security flaws in Operating System software to copy themselves May deliver virus or spyware Often fill up memory or consume network bandwidth Best defense - Keep your OS up-to-date • Software that enters a system or network under the guise of another program. • Can create backdoors that allow unauthorized access for outside sources. • May come with installation software. • Backup system before installation. • May open ports not normally used by your computer. • May steal keystrokes or install spyware.

  5. Defense against Malware • Install anti-virus and anti-spyware software • Microsoft Security Essentials or Defender • Norton, AVG, others • Install updates and patches to operating system and software • Use Windows Update and set to automatic • Avoid loading unnecessary browser plug-ins • Java Applets are safest as they run in a “sandbox” separate from OS • Configure browser to avoid Javascript and ActiveX controls • Avoid running software from other people’s removable drives • USB • Do not open email attachments • Be sure attachment file is not executable or contain macros • RTF document files and JPG picture files are OK • Avoid from unknown source

  6. Preventing EavesdroppingEncryption • Uses keys and algorithms to scramble data to prevent eavesdropping and reading from packet sniffers • Symmetric and Asymmetric keys • Encryption systems

  7. Private (Symmetric) Key Encryption • Data encrypted using single key • Known by sender and receiver • Symmetric encryption • Same key used during both encryption and decryption

  8. Private Key Encryption Systems DES (Data Encryption Standard) Most popular private key encryption IBM developed (1970s) 56-bit key: secure at the time Triple DES Weaves 56-bit key three times AES (Advanced Encryption Standard) Weaves 128, 160, 192, 256 bit keys through data multiple times Uses Rijndael algorithm More secure than DES Much faster than Triple DES Replaced DES in high security level situations Used by WPA2

  9. IPSec • Network layer security • Uses Symmetric keys • Encrypts all upper layer application data. • Built into IPv6 • May use a variety of algorithms including Triple DES and AES • Used with Virtual Private Networks (VPNs)

  10. VPN • Tunnel used to securely connect devices across the Internet in much the same way as a dedicated or dial-up line. • Protocols • PPTP • Microsoft, minimal encryption • L2TP • Cisco • Uses IPSec

  11. Public (Asymmetric) Key Encryption • Asymmetric encryption • Requires two different keys • Data encrypted using two keys – called a Key Pair • Private key: • only server knows • Public key: • anyone may request • Certificate Authority • Publicly accessible host • Freely provides users’ public keys • VeriSign • Secure Socket Layers (SSL)

  12. SSL/TLS Data Encryption Systems • HTTPS • Port 443 • Secure Shell (SSH) • Port 22 • Replaces Telenet • Secure Copy (SCP) • Replaces FTP – Uses TLS/SSL • SSL-VPN • Used to create a secure VPN tunnel from the Web browser.

  13. Network Authentication • Allow a user to login to a server or service without revealing the user password to packet sniffers. • PAP (Password Authentication Protocol) used with dialup • Used by some Email systems such as Outlook • Does not encrypt data so is not secure for use across Internet • Requires some form of encryption • Secure Login Systems • CHAP • MSCHAP

  14. Authentication Protocols Authentication Grant user access to secured resources Authentication protocols Rules computers follow to accomplish authentication Several authentication protocol types PAP (clear text password – insecure, exposes user id to hackers) CHAP (password is used encrypt a challenge message – secure for RAS) MSCHAP (Microsoft version) EAP and 802.1x (EAPoL) – IEEE 802.11i standard used in WPA2 EAP-TTLS – used by Public Key Encryption RADIUS/TACACS – Single source authentication on RADIUS server – used in Enterprise networks Uses 802.1x or IEEE 802.11i

  15. Email Security • Web based email • Uses HTTPS for encryption of authentication and data • www.hotmail.com • POP Client based email (Outlook) • Downloads all messages from server • No Encryption of data • By default Outlook and other Email clients using POP (Post Office Protocol) send login credentials in clear text exposing your password. • Securing POP based Email clients (Outlook) • Configure secure ports – must be supported by server • POP3 secure email port = 995 • SMTP secure email port = 465

  16. Configuring Outlook Secure Ports

  17. 802.1x (EAPoL)Secure Authentication • Codified by IEEE • Uses Extensible Authentication Protocol standard • Primarily used with wireless networks • Originally designed for wired LAN • EAPoL (EAP over LAN) • Only defines process for authentication • Commonly used with RADIUS authentication • Also called Port based authentication

  18. Wireless Security Options

  19. Wireless Network Security Wireless Susceptible to eavesdropping and unauthorized access Change default SSID and consider disabling SSID broadcast Implement MAC Address filtering Select location to reduce exposure to outside world War driving Effective for obtaining private information Forms of Wireless Encryption WEP Uses fixed key with RC4 encryption. Not secure. WPA Uses TKIP to dynamically change key for each transmission. WPA2 Based on 802.11i Uses more advanced AES and CCMP key encryption

  20. WEP (Wired Equivalent Privacy) 802.11 standard security None by default SSID: only item required WEP Requires authentication to access WAP Uses a single private key for entire session Encrypt data in transit Keys may be “cracked” using software No longer considered secure from Eavesdropping or packet sniffing

  21. WPA and WPA2 • WPA (Wi-Fi Protected Access) • Subset of 802.11i • Same authentication as 802.11i • Uses RC4 encryption with TKIP key • Has been cracked • WPA2 • Follows 802.11i • Uses AES security with CCMP key • Personal version uses WAP for authentication • Enterprise version uses RADIUS server for authentication

  22. Maximum Wireless Security Settings • Locate WAP away from public • Change Administrative password • Disable SSID broadcast • Set to 802.11a (less traffic) • Set security to WPA2 • Setup MAC address filtering • Does not encrypt traffic, but restricts who can use the WAP

  23. Setting Wireless Security

  24. Windows Security Restrict Administrator Access Login with normal user account for day to day work Provide strong passwords Keep software updated with latest patches User Account Control (ACL) On Windows 7 and higher Check system Log files Event Viewer

  25. Passwords Tips Change system default passwords Do not use familiar information or dictionary words Dictionary attack Use long passwords Letters, numbers, special characters Do not write down or share Change frequently Use different passwords for different applications

  26. User Account Control • Allows you to perform administrative functions from a normal user account by entering administrator password. • Eliminates need to be logged in as Administrator • Will require verification for any administrative action • Can be turned on or off

  27. Turning UAC On/Off • Open Control Panel • Click on User Accounts • Click on Change User Account Setting • Set desired level • Click OK

  28. Logon Restrictions For Domain accounts, set on additional restrictions Time of day Total time logged on Source address Unsuccessful logon attempts

  29. Risks Associated with People Half of all security breaches Human errors, ignorance, omissions You should be sure your customers aware of these threats Insecure passwords Passwords should be at least 8 characters and combine upper and lower case along with one or more numbers. Use different passwords for multiple sites Change passwords frequently Phishing Techniques to fake people into giving up personal Information

  30. Phishing Techniques • Email scams • Fake messages from a Web siteSocial engineering • Strategies to fake a person into giving personal information • Glean access to authentication information • Pose as someone needing information • Phone Scams • Phishing • Trojans

  31. Risks Associated Social Media Social media (Facebook, mailing lists, forums) Provide hackers user information

  32. Risks Associated with Protocols and Software Includes Transport, Session, Presentation, and Application layers Networking protocols and software risks TCP/IP security flaws OS Problems Apply latest updates Install Anti-virus software Restrict access to Administrator account Use secure passwords

  33. Any Questions ???

More Related