1 / 31

A SEMINAR

A SEMINAR. ON. NETWORK SECURITY. BY. ROHIT KAUL CS BITSPILANI. AGENDA. Introduction to Computer Networks. Uses and types. LANs , WANs , MANs. Protocols. Network Security….its need. CONTINUED. Security Areas……. Modes of attack …. Safeguarding the systems.

ina
Download Presentation

A SEMINAR

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. A SEMINAR ON NETWORK SECURITY BY ROHIT KAUL CS BITSPILANI

  2. AGENDA • Introduction to Computer Networks • Uses and types • LANs , WANs , MANs • Protocols • Network Security….its need

  3. CONTINUED.. • Security Areas……. • Modes of attack ….. • Safeguarding the systems.. • Firewalls and other methods • Network Security.. a Hacker’s perspective • Summary and conclusions...

  4. COMPUTER NETWORK???? • Simply an interconnected collection of autonomous computers... • Internet and WWW not networks!!! • Distributed system USES • Primarily resource sharing….

  5. TYPES • LANs , MANs , WANs , Internet PROTOCOLS • To reduce design complexity most networks are organised as layers… • no of layers,names,contents and functions are network specific…..

  6. Host 1 Host 2 Layer 5 Layer 5 Layer 4 Layer 4 Layer n proto col Layer 3 Layer 3 Layer 2 Layer 2 Layer 1 Layer 1 Physical layer

  7. Infact a protocol is an agreement between the communicating parties on how communication is to proceed….. • An analogy.. • Application layer,presentation,session,transport,network,datalink,physical layers…..

  8. SECURITY-ISSUES • NEED • 4 INTERWINED AREAS... NETWORKING NON REPUDIATION INTEGRITY PRIVACY AUTHENTICATION

  9. PRIVACY • Has to do with keeping info out of the hands of unauthorized users • Encryption/Decryption • Secret-key encryption/decryption • public-key encryption/decryption

  10. SECRET KEY METHOD ADV/DISADV

  11. PUBLIC KEY METHOD (eg RSA) ADV/DISADV

  12. DIGITAL SIGNATURE • Authentication deals with whom u r talking to before revealing sensitive info • Integrity control…..no manipulation in data { message received = message sent} • Non repudiations …no impersonification • ( seeming sender=actual sender )

  13. SIGNING THE DOCUMENT HOW DOES IT PRESERVE ALL 3?

  14. UNDER ATTACK!!! • Denial Of Service (DOS) • mail bombing • spam relaying • smurfing • Distributed Denial Of Service (DDOS) • Intrusion attacks

  15. IP spoofing • Malacious programs/scripts • viruses and worms • trojans • vandals • and many more……..

  16. Security Threats telnet company.org username: dan password: I’m Bob. Send Me All Corporate Correspondencewith Cisco. m-y-p-a-s-s-w-o-r-d d-a-n Bob Loss of Privacy Impersonation Deposit $1000 Deposit $ 100 CPU Customer Bank Denial of Service Loss of Integrity

  17. Protection Against Attacks Against DOS/DDOS • Simple call to perpetrator’s ISP • Configure procmail/sendmail • Use spamassassin Against intrusion Encryption algorithms

  18. Configure a Firewall…. What is a FIREWALL???? Analogy with non computer world!! Basically a shield which protects systems from unreliable sources on the internet. …it is a utility,listens to all the ports on the system to open a connection,if detects ..reacts acc to predefined rules.

  19. Allows only selected packets <pkt filter>…. • Ckt gateways and relays... • General Methods • Updating through patches,virus detection,password cracks,port scanners. etc • Shifting from windows to LINUX/UNIX

  20. NETWORK-SECURITY A HACKER'S PERSPECTIVE

  21. IP ADDRESSES… OUR IDENTITY ON THE NET… 32 bit, written normally as 4 decimal nos of 8 bit each < dotted-decimal notation>,,,eg 202.34.12.23 concepts of classes,netmask,subnetmask other notations,etc etc

  22. FINDING OUT IP OF UR SYSTEM.?. Connect to internet,launch MSDOS Type netstat -n at the prompt Active conections: proto local address state TCP 203.94.253.183:1025 ESTABLISHED Ping,netstat,traceroute,WHOIS

  23. FINDING IP OF A REMOTE SYSTEM • Through instant messaging softwares • Through HTTP and scripts • Through internet relay Chat IRC • Through e-mail headers Most common method of getting ips is thru instant mesg softwares like MSN,ICQ,Y

  24. ICQ Xx.xx.xx.xx<---------------->yy.yy.yy.yy MSN Xx.xx.xx.xx----MSN server--yy.yy.yy.yy Transfer file,and use netstat…. Prevention..don’t accept file transfer,use wingate???

  25. IPS BY STUDYING EMAIL HEADERS Return-path:<simran_8@hotmail.com> received:from hotmail.com by jammu.bsnl.net.in (8.9.1/1.1.20.3/5jun04-12:30p.m.) ----------------------------------------------------- X-originating Ip:[202.15.109.174] from:simran”<simran_8@hotmail.com> To:rohit_bits@rediffmail.com -----------------------

  26. GETTING IP USING IRC /Whois nicknameofthevictim /whois swordfish swordfish is rohit@203.23.254.71*rohit koul swordfish on #chatterz swordfish using irc.net GlobalNAPs Quincy,MA swordfish has been idle since……… swordfish…Endof/WHOIS list

  27. I have the IP..so what??? First step sor any hacking attack….. All those attacks discussed before can be implemented…. Apart from getting ip…other imp things..cracking softwares,banner grabbing,breaking encryptions,fingerprinting etc but...

  28. Summary and conclusions • U c I have left a lot untouched… • hash functions,DES,blow fish,detailed desciption of RSA ,hacking methods etc • it is nearly impossible to configure a firewall or create a network that’s 100% fool-proof without compromising on the services to b offered

  29. Security Objective: Balance Business Needs with Risks Security Access Connectivity Performance Ease of Use Manageability Availability Authentication Authorization Accounting Assurance Confidentiality Data Integrity Policy Management

  30. THANK-YOU

  31. ANY QUESTIONS?????

More Related