1 / 52

Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World. Chapter 5: Network Security. Objectives. Give an overview of how networks work List and describe three types of network attacks Explain how network defenses can be used to enhance a network security perimeter

rich
Download Presentation

Security Awareness: Applying Practical Security in Your World

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Awareness: Applying Practical Security in Your World Chapter 5: Network Security

  2. Objectives • Give an overview of how networks work • List and describe three types of network attacks • Explain how network defenses can be used to enhance a network security perimeter • Tell how a wireless local area network (WLAN) functions and list some of its security features Security Awareness: Applying Practical Security in Your World

  3. Network Security • Computer networks in organizations are prime targets for hackers. • Computer networks are also found in homes • The growth of home networks has resulted in more attacks Security Awareness: Applying Practical Security in Your World

  4. How Networks Work • Personal computers  Isolated from other computers (See Figure 5-1) • Function limited to the hardware, software, and data on that one computer • Computer network  Interconnected computers and devices (See Figure 5-2) • Sharing increases functionality, reduces costs, and increases accuracy Security Awareness: Applying Practical Security in Your World

  5. How Networks Work (continued) Security Awareness: Applying Practical Security in Your World

  6. How Networks Work (continued) Security Awareness: Applying Practical Security in Your World

  7. Types of Networks • Local area network (LAN)  A network of computers located relatively close to each other • Wide area network (WAN)  A network of computers geographically dispersed Security Awareness: Applying Practical Security in Your World

  8. Types of Networks (continued) Security Awareness: Applying Practical Security in Your World

  9. Transmitting Data • Protocols  Sets of rules used by sending and receiving devices to transmit data • Both sender and receiver must use same set of rules • Transmission Control Protocol/Internet Protocol (TCP/IP)  Most common protocol in use • IP Address  Unique number assigned to each device on a TCP/IP network that identifies it from all other devices • Data is divided into smaller units called packets for transmission through a network(See Figure 5-4) Security Awareness: Applying Practical Security in Your World

  10. Figure 5-4 Security Awareness: Applying Practical Security in Your World

  11. Devices on a Network • Different types of equipment perform different functions • Many devices are responsible for sending packets through the LAN or across a WAN • Router  Directs packets “toward” their destination • Network perimeter  Line of defense around a network made up of products, procedures and people (See Figure 5-5) Security Awareness: Applying Practical Security in Your World

  12. Devices on a Network (continued) Security Awareness: Applying Practical Security in Your World

  13. Network Attacks • Hackers attack network perimeters in different ways • Attacks include:Denial of Service (DoS)Man-in-the-MiddleSpoofing Security Awareness: Applying Practical Security in Your World

  14. Denial of Service (DoS) • Normal conditions  Computers contact a server with a request • Denial of Service (DoS)  Server is flooded with requests, making it unavailable to legitimate users(See Figure 5-6) • Attacking computers programmed not to reply to the server’s response • Server “holds the line open” for each request (See Figure 5-7) and eventually runs out of resources as more requests are received Security Awareness: Applying Practical Security in Your World

  15. Denial of Service (DoS) (continued) Security Awareness: Applying Practical Security in Your World

  16. Denial of Service (DoS) (continued) Security Awareness: Applying Practical Security in Your World

  17. Distributed Denial of Service (DDoS) • Distributed Denial of Service (DDoS)  Variant of a DoS that uses many computers to attack a target • Hacker finds a handler • Special software is loaded on the handler and it searches for zombies • Software is loaded on the zombies without the user’s knowledge • Eventually that hacker instructs all zombies to flood a particular server Security Awareness: Applying Practical Security in Your World

  18. Man-in-the-Middle • Man-in-the-Middle  Two computers are tricked into thinking they are communicating with each other when there is actually a hidden third party between them (See Figure 5-8) • Communications can be monitored or modified Security Awareness: Applying Practical Security in Your World

  19. Man-in-the-Middle (continued) Security Awareness: Applying Practical Security in Your World

  20. Spoofing • Spoofing  Pretending to be the legitimate owner • IP Address Spoofing  False IP address inserted into packets • ARP Spoofing  ARP table changed to redirect packets (See Figure 5-10) • ARP table  Address Resolution Protocol table stores list of MAC addresses and corresponding IP addresses (See Figure 5-9) • MAC Address*  Media Access Control address is the hardware address of the Network Interface Card (NIC) Security Awareness: Applying Practical Security in Your World

  21. Spoofing (continued) Security Awareness: Applying Practical Security in Your World

  22. Spoofing (continued) Security Awareness: Applying Practical Security in Your World

  23. Network Defenses • Three groups of networks defenses:DevicesConfigurationsCountermeasures Security Awareness: Applying Practical Security in Your World

  24. Devices • Firewalls  Designed to prevent malicious packets from entering • Typically outside the security perimeter (See Figure 5-11) • Software based  Runs as a local program to protect one computer (personal firewall) or as a program on a separate computer (network firewall) to protect the network • Hardware based  separate devices that protect the entire network (network firewalls) Security Awareness: Applying Practical Security in Your World

  25. Devices (continued) Security Awareness: Applying Practical Security in Your World

  26. Devices (continued) • Firewall rule base  AKA Access control list (ACL)  Establishes what action the firewall should take when it receives a packet • Allow • Block • Prompt Should reflect the organization's security policy Security Awareness: Applying Practical Security in Your World

  27. Devices (continued) • Stateless packet filtering  Allows or denies packets based strictly on the rule base • Stateful packet filtering  Keeps a record of the state of a connection • Makes decisions based on the rule base and the connection Security Awareness: Applying Practical Security in Your World

  28. Devices (continued) • Intrusion Detection System (IDS)  Examines the activity on a network • Goal is to detect intrusions and take action • Two types of IDS: • Host-based IDS  Installed on a server or other computers (sometimes all) • Monitors traffic to and from that particular computer • Network-based IDS  Located behind the firewall and monitors all network traffic (See Figure 5-12) Security Awareness: Applying Practical Security in Your World

  29. Devices (continued) Security Awareness: Applying Practical Security in Your World

  30. Devices (continued) • Network Address Translation (NAT) Systems  Hides the IP address of network devices • Located just behind the firewall (See Figure 5-13) • NAT device uses an alias IP address in place of the sending machine’s real one (See Figure 5-14) • “You cannot attack what you can’t see” Security Awareness: Applying Practical Security in Your World

  31. Devices (continued) Security Awareness: Applying Practical Security in Your World

  32. Devices (continued) Security Awareness: Applying Practical Security in Your World

  33. Devices (continued) • Proxy Server  Operates similar to NAT, but also examines packets to look for malicious content • Replaces the protected computer’s IP address with the proxy server’s address • Protected computers never have a direct connection outside the network • The proxy server intercepts requests (See Figure 5-15) • Acts “on behalf of” the requesting client Security Awareness: Applying Practical Security in Your World

  34. Devices (continued) Security Awareness: Applying Practical Security in Your World

  35. Network Design • The key to effective network design is a single point of entry into a network  Difficult to maintain • Employees or others may bypass security by installing unauthorized entry points (See Figure 5-16) • Common design tools:Demilitarized Zones (DMZ)Virtual Private Networks (VPNs) Security Awareness: Applying Practical Security in Your World

  36. Network Design (continued) Security Awareness: Applying Practical Security in Your World

  37. Network Design (continued) • Demilitarized Zones (DMZ)  Another network that sits outside the secure network perimeter • Outside users can access the DMZ, but not the secure network (See Figure 5-17) • Some DMZs use two firewalls (See Figure 5-18) • This prevents outside users from even accessing the internal firewall  Provides an additional layer of security Security Awareness: Applying Practical Security in Your World

  38. Network Design (continued) Security Awareness: Applying Practical Security in Your World

  39. Network Design (continued) Security Awareness: Applying Practical Security in Your World

  40. Network Design (continued) • Virtual Private Networks (VPNs)  A secure network connection over a public network (See Figure 5-19) • Allows mobile users to securely access information • Sets up a unique connection called a tunnel Security Awareness: Applying Practical Security in Your World

  41. Network Design (continued) Security Awareness: Applying Practical Security in Your World

  42. Network Design (continued) • Advantages of VPNs: • Low cost • Flexibility • Security • Standards Security Awareness: Applying Practical Security in Your World

  43. Network Design (continued) • Honeypots  Computer located in a DMZ and loaded with files and software that appear to be authentic, but are actually imitations (See Figure 5-21) • Intentionally configured with security holes • Goals: • Direct attacker’s attention away from real targets • Examine the techniques used by hackers Security Awareness: Applying Practical Security in Your World

  44. Network Design (continued) Security Awareness: Applying Practical Security in Your World

  45. Components of a WLAN • Wireless network interface card (WNIC)  Card inserted into the wireless device that sends and receives signals from the access point • Access point (AP)  Acts as the base station and is connected to the wired network • Multiple access points allow ease of roaming (See Figure 5-22) Security Awareness: Applying Practical Security in Your World

  46. Components of a WLAN (continued) Security Awareness: Applying Practical Security in Your World

  47. Security in a WLAN • WLANs include a different set of security issues • Steps to secure: • Turn off broadcast information • MAC address filtering • WEP encryption • Password protect the access point • Physically secure the access point • Use enhanced WLAN security standards whenever possible Security Awareness: Applying Practical Security in Your World

  48. Summary • A computer network allows users to share hardware, programs and data. • Two types of computer networks are: • Local area network (LAN)  computers all close together • Wide area network (WAN)  Computers geographically dispersed • On most networks, each computer or device must be assigned a unique address called the IP address. Security Awareness: Applying Practical Security in Your World

  49. Summary (continued) • Hackers attacks network perimeters in several ways: • Denial of Service (DoS) • Distributed Denial of Service (DDoS) • Man-in-the-Middle • Spoofing Security Awareness: Applying Practical Security in Your World

  50. Summary (continued) • There are devices that can be installed to make the network perimeter more secure. • Firewalls • Hardware or software based • Intrusion-detection system (IDS) • Host-based or network-based • Network Address Translation (NAT) • Proxy server Security Awareness: Applying Practical Security in Your World

More Related