340 likes | 467 Views
Ensuring Network Security. Planning for Security. 4 major threats Unauthorized access Electronic tampering Theft –data and hardware Intentional/unintentional damage. 10. Managing Security. Threat identification What am I trying to protect? What do I need to protect data from?
E N D
Planning for Security • 4 major threats • Unauthorized access • Electronic tampering • Theft –data and hardware • Intentional/unintentional damage
10 Managing Security Threat identification What am I trying to protect? What do I need to protect data from? How likely is the threat? What is the cost of breached security? How can I protect data cost effectively?
Helpful sites • CERT (Computer Emergency Response Team) • http://www.cert.org • BugTraq • Subscription service • Rootshell ( all systems large numbers of reports) • http://slashdot.org/articles/98/10/28/228210.shtml • Security focus ( all systems) • http://www.securityfocus.com) • http://cve.mitre.org/
3 security traps • Security through obscurity works in the reverse • Social engineering, fishing for information does work, educate the users • Physical security, stops accidents and theft of data and parts
Level of Security • Setting Policies • Establish rules,regulations and policies • Set the tone and guide the users • Train the users on the policies • Prevention • Take a proactive approach • Authentication • Keep the data safe from unauthorized access • Network authentication is the first line of defense
Secure the Equipment • Isolate and lockup servers • Protect from accidental and deliberate tampering • Secure the cables • Keep intruders away from cable • Limit physical access to network • Benefit of isolated cable is a reduction in RFI
Security Models • Password Protected Shares • Share level security • Security information attached to resource • Applies to every user of resource • Windows 95 model • Access Permissions • User level security • Access to the resource is checked against a user-access database on the server • Users have passwords but resources have permissions • Assigning permissions is done through groups
Security Enhancements • Firewalls • Combination of hardware and software • Protection from external threat • Prevent direct communication with systems outside the network • Communication is routed through a proxy server • Proxy filters and discards requests or data not considered appropriate • Network activity is audited • Tracks • Logon attempts- failed and successful • Connection and disconnection from resources and systems • Disables accounts • Creation,deletion,opening and closing files • Events and modifications, including password changes
Enhancements…. • Diskless computers • Boot ROM on NIC • No disk to store data or copy to and from • Data Encryption • Best encryption is hardware based • Translation standard is Data Encryption Standard (DES) • Specifies key to decryption • Have to transfer key • Commercial COMSEC Endorsement Program (CCEP) • Newer standard may replace DES • Approved vendors can incorporate classified algorithms in communication systems
Computer Viruses • Boot sector virus • First sector of floppy or disk • Executes on boot • Copies to other media • File infector • Activates when a file is used • Companion virus– uses name of real program with different extension • Macro virus- written as a macro for application • Attaches to files accessed by the application • Polymorphic Virus- changes appearance on replication • Stealth virus- hides from detection • Intercepts the probe and returns false information
Virus Propagation • Internet has opened new pathways for spread of viruses • E-mail is major source • Sends itself to addresses in address books • Trojan horse temps victims • Any means of information exchange provides potential path
Consequences of Viruses • System won’t boot • Data is corrupted • Erratic operation • Lost partitions on disk • Reformatted drive • More than one misbehaving workstations • Denial of service attacks
Virus prevention • Good antivirus software • Warn • Stop activation • Remove • Repair • Check spread • Prevention • No unauthorized access • Well planned access and privilege assignments • User profiles • Software load policy • Virus protection rules and training
10 Implementing Security Setup the security system Make it as fool proof as possible Train network users about: Why security exists How to use security Consequences of noncompliance
10 Maintaining Security Monitor security to assure that: It is accomplishing its goals It is working as intended Modify as needed The best laid plans……
Healthy Environment • Recognize the effect of the environment • Climatic- cold, humidity, office • Degradation is usually over time not sudden
Create the Right Environment • Temperature • Avoid cycles of hot and cold • Humidity • High -Promotes corrosion and thus friction temperature • Low– promotes static discharge • 50-70 percent is good • Dust and smoke • Acts as insulator and conductor • Human factors • Industrial Factors • Noise, EMI, vibration
Site Disaster • Anything that causes you to lose data • Recovery is hardware and DATA replacement
10 Avoiding Data Loss Tape backup Uninterruptible power supply (UPS) Fault-tolerant systems Disk mirroring Disk striping with parity
10 Tape Backup First line of defense against data loss Regular scheduled backups Schedule, assign personnel, signoff log Verify success of backup Use a safe tape storage location Test the restore ability of the tapes
Implementing Backup System • If you can’t get along without it … back it up • Tape drive should have capacity to backup the largest server • Backup methods • Full-marks as backed up • Copy- does not mark • Incremental- backs up and marks files changed since last backup • Daily copy – modified that day, no mark • Differential- changed since last backup no mark • Maintain a backup log
10 UPS Uninterruptible power supply Battery to keep server running when power fails Built in conditioning & surge protection Not for laser printers-high current draw
10 Fault Tolerant Systems Raid technology Levels Level 0 Striping 64k blocks divided equally across disk– no redundancy 2-32 drives Large logical disk Level 1 Disk mirroring Two drives, single controller Disk duplexing Two drives, two controllers Disadvantage is disk space required Level 2 Striping with ECC Block is distributed across stripes
Disk Mirroring Duplicates a Partition on Another Physical Disk 21
Raid continued • Level 3 ECC as Parity • Requires parity disk • Level 4 Disk striping with large blocks • Full block to each disk and parity disk • Level 5 striping with parity • 3-32 drives • Parity written across all disks for each stripe • Level 10 Mirrored drive arrays • Mirrored stripe set • Sector sparing • Hot fix of bad sectors • Utility to notify administrator
10 Fault Tolerant Systems
Clustering • Group of systems work as one using shared devices. Control can be passed to another system if one system fails. • Clustering is an enhancement to fault tolerant systems not a replacement.
Optical Drives and Disks • Permanent backups • CD-Rom • Most common form of optical • ISO 9660 specification defines format standard • 650 MB • DVD • 5 formats • DVD-R- 3.95 GB single sided and 7.9 double • WORM • MO- magneto-optical • PCR- phase change rewritable
Disaster Recovery • Focus on factors you can control • Determine best prevention • Enforce preventative measures • Revise prevention measures • Perform PM on hardware and software • Train • Preparation • Inventory- insurance and replacement • Backup • Store offsite • To recover from disaster: • Make a disaster-recovery plan • Implement the plan • TEST the plan!