security in computing security in networks. i.threats in networks a. vulnerabilities 1.anonymity...
TRANSCRIPT
Security in ComputingSecurity in Computing
Security in Networks
I.I. Threats in networksThreats in networks
A. Vulnerabilities
1. Anonymity
2. Shared resources
3. Size (many points of attack)
4. Complexity
5. Unknown perimeter
6. Unknown path
I.I. Threats in networksThreats in networks
B. Attackers
1. for the challenge
2. for money, reward, espionage; organised crime because of reward
3. for ideology
I.I. Threats in networksThreats in networks
C. Steps in an attack
1. reconnaissance
a) port scan
b) social engineering
2. attacking the network itself: eavesdropping and active wiretapping
3. attacking the infrastructure: protocol attacks
I.I. Threats in networksThreats in networks4. attacking an endpoint
a) defeating authentication1) guessing (spoofing); masquerade,
phishing, hijacking; man-in-the middle attack
b) defeating confidentiality
1) delivery problems
c) defeating integrity
1) message forgery
2) noise
I.I. Threats in networksThreats in networksd) website attacks
1) defacement
2) buffer overflow on a host of server
3) compromising applications on a host server, e.g.:
http:// www.CDs-r-us.com/buy.asp?i1=459012&p1=1599
http:// www.CDs-r-us.com/buy.asp?i1=459012&p1=1599&i2=365217&p2=1499
I.I. Threats in networksThreats in networks
e) denial of service
1) flooding
2) distributed denial of service
I.I. Threats in networksThreats in networksf) hostile code
1) active code (or mobile code)
2) bots (or robots) – similar to Distributed denial of Service
3) script kiddies – people who download and run attack scripts – simple scripts for many of the popular attacks
II.II. Network controlsNetwork controlsA. Architecture
1) segmented (idea similar to OS) – one server to handle Http, another for application code , another to handle DB request
2) redundant – function to run on more than one node
3) protected against single points of failure – fault tolerance
4) segment controlled by firewall
II.II. Network controlsNetwork controls
A. Encryption
1. link – encryption at layer 1 and 2 of the OSI model
2. end-to-end – security from one end of transmission to the other
3. “virtual” private network – a sense of a “private” although part of public network
4. IPSEc (IP Layer) - similar to SSL
II.II. Network controlsNetwork controlsC. Content integrity check (detect, not
prevent)
1. error codes, checksums, cryptographic checksums
D. Authentication
E. Wireless security protocols
1. WEP (Wired Equivalent Privacy)
2. WPA - WPA2 extends WPA (WiFi Protected Access) – alternative to WEP
III.III. OtherOtherA. Firewalls
B. Intrusion detection systems
C. Secure email