Vous êtes sur la page 1sur 20

Topic 8 - Security Software Computer Networks

V1.0 Visuals Handout Page 1


NCC Education Limited V1.0
Computer Networks
Topic 8:
Security Software
NCC Education Limited V1.0
Computer Networks
Topic 8 Lecture 1:
Network Security Threats
Security Software Topic 8 - 8.3
Scope and Coverage
This topic will cover:
Network security threats
Security countermeasures
Securitysoftware
NCC Education Limited V1.0
Security software
Installing and configuring security software
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 2
Security Software Topic 8 - 8.4
Learning Outcomes
By the end of this topic, students will be able to:
Understand threats to the security of a network
Describe a range of security countermeasures
Install and configure essential software security
NCC Education Limited V1.0
Install and configure essential software security
measures
Security Software Topic 8 - 8.5
Tasks of Network Security
Must ensure the network offers:
Privacy
Integrity
NCC Education Limited V1.0
Availability
Security Software Topic 8 - 8.6
Network Privacy
Network security should ensure that only
authorised users can access network services.
Transmitted data cannot be accessed by
unauthorised users and/or is unintelligible to
NCC Education Limited V1.0
unauthorised users.
There are consequences if privacy is breached.
Embarrassment
Financial loss
Company secrets
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 3
Security Software Topic 8 - 8.7
Network Integrity
Network security should ensure that data
transmitted on the network:
Is not lost
Is not modified
NCC Education Limited V1.0
Is not modified
Is not corrupted
Security Software Topic 8 - 8.8
Network Availability
Network security should ensure that the network is
available for use:
When needed
Providingthe required services
NCC Education Limited V1.0
Providing the required services
Security Software Topic 8 - 8.9
Network Security Problems
Software
Protocol design
System configurations
Actions of people
NCC Education Limited V1.0
Actions of people
Accidents & natural events
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 4
Security Software Topic 8 - 8.10
Security Threats
Eavesdropping
Man-in-the-Middle
Replay
Virus
Trojan
NCC Education Limited V1.0
Worm
Traffic Analysis
Physical attacks/damage
Phishing
Denial of Service
Security Software Topic 8 - 8.11
Eavesdropping
Gaining access to information when not authorised
to do so
Can involve using an authorised users computer
Could involve sophisticated approaches to listening
NCC Education Limited V1.0
p pp g
into the network
In wireless networks, the signal can reach outside
the physical boundaries of an organisation and be
easy to access.
Security Software Topic 8 - 8.12
Man-in-the-Middle - 1
A third party pretends to be one of the parties in a
two-way conversation.
Allows third party to listen to both sides of a
conversation
NCC Education Limited V1.0
Can modify information before transmission
Messages that use a store and forward
transmission method are particularly vulnerable.
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 5
Security Software Topic 8 - 8.13
Man-in-the-Middle - 2
NCC Education Limited V1.0
Security Software Topic 8 - 8.14
Replay Attack
Attacker stores a set of messages for later use
Can include username and password combinations
Can be an attack on:
NCC Education Limited V1.0
Privacy
Integrity
Availability
Security Software Topic 8 - 8.15
Virus
A malicious program that attacks a single computer
or a network.
Often attached to other files
Attachments to emails
NCC Education Limited V1.0
Embedded in image files
Now also on mobile phones
Some are not malicious as they do no real harm
but are just created for mischief.
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 6
Security Software Topic 8 - 8.16
Trojan
Often a program that appears harmless
Used to gain unauthorised access to:
Networks
NCC Education Limited V1.0
Networks
Files
Data
Usernames & passwords
Security Software Topic 8 - 8.17
Worm
A worm is a program that can:
Reproduce
Execute independently
Travel across network connections
NCC Education Limited V1.0
A virus is dependent upon the transfer of files
between computers to spread.
A worm can execute completely independently and
spread on its own accord through network
connections.
Security Software Topic 8 - 8.18
Traffic Analysis
Involves analysing the traffic on the network and
identifying important business information, such as:
Customers
Key personnel
NCC Education Limited V1.0
y p
General business information
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 7
Security Software Topic 8 - 8.19
Physical Threats - 1
May be deliberate or accidental
Deliberate:
Fire
NCC Education Limited V1.0
Fire
Theft
Deliberate damage
Security Software Topic 8 - 8.20
Physical Threats - 2
Accidental
Earthquake
Fire
Flood
NCC Education Limited V1.0
Flood
Lightning
Power failure
Equipment failure
Security Software Topic 8 - 8.21
Phishing
Emails that claim to be from a legitimate
organisation
Intended to fool a recipient into disclosing:
Usernames &passwords
NCC Education Limited V1.0
Usernames & passwords
Bank details
PIN numbers
Often used for fraud by purchasing items or
accessing bank accounts
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 8
Security Software Topic 8 - 8.22
Denial of Service
An attack on network availability
Network is flooded with requests
Service is slowed or completely interrupted
Canuse many sources to flood the network
NCC Education Limited V1.0
Can use many sources to flood the network
Distributed Denial of Service
Results in large time delays, loss of customers, etc.
Costs the targeted organisation money
NCC Education Limited V1.0
Computer Networks
Topic 8 Lecture 2:
Security Countermeasures
Security Software Topic 8 - 8.24
Countermeasures
Authentication
Encryption
Digital signatures
Anti-virus
NCC Education Limited V1.0
Anti virus
Physical countermeasures
Firewall
Firewalls will be discussed in detail in the next
topic
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 9
Security Software Topic 8 - 8.25
Authentication
Identifies the person or system attempting to
connect to the network
Determines whether they are allowed to access the
network
NCC Education Limited V1.0
Usually involves a challenge or challenges to the
user
The user supplies a response to each challenge
If correct, they are authenticated
Security Software Topic 8 - 8.26
Authentication Methods
Username and password
Personal information
PIN
Biometrics
NCC Education Limited V1.0
Biometrics
Smart card
Security Software Topic 8 - 8.27
Encryption
Involves changing the information into a form that
can only be recognised by the sender and intended
recipient
If the signal is intercepted by a third party, it should
be unintelligible
NCC Education Limited V1.0
be unintelligible.
The message is manipulated using a cipher or
encryption algorithm and deciphered at the
receiving end.
Encryption is a mathematical tool.
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 10
Security Software Topic 8 - 8.28
Private & Public Keys
Private key encryption involves sender and
receiver both having the key:
Need to distribute the key without unauthorised
users having access to it
Repeated use of the same key makes it easier to
k
NCC Education Limited V1.0
crack.
Public key encryption involves two keys:
The key used to encrypt is different from the key
used to decrypt.
The encryption key is made public, hence the
name
Security Software Topic 8 - 8.29
Digital Signatures - 1
A digital signature provides assurance to the
recipient of a digital document transmitted over a
network that:
The document comes from the person that claims
NCC Education Limited V1.0
to have sent it
The contents have not been modified since it was
sent
Security Software Topic 8 - 8.30
Digital Signatures - 2
Closely related to digital certificates that are on
the Internet
A Certificate Authority attests the origins of a
website, piece of software, etc.
NCC Education Limited V1.0
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 11
Security Software Topic 8 - 8.31
Using Digital Signatures
A hashing function is used to create a
mathematical summary of the document.
Sender uses a private key to encrypt the summary
Recipient calculates the same summary using the
same hashing function
NCC Education Limited V1.0
g
Recipient uses the senders public key to decrypt
the signature
If the summary calculated by the recipient matches
the summary by decoding the signature, then the
document is genuine
Security Software Topic 8 - 8.32
Virus Protection
Software protects against viruses, trojans, etc.
New viruses are continually being created.
Battle to protect from new viruses never ends
Virus writers, hackers etc. look to exploit
vulnerabilities in:
NCC Education Limited V1.0
vulnerabilities in:
Operating systems
Software
Anti-virus software vendors are quick to create
updates to match the attackers.
Security Software Topic 8 - 8.33
Using Virus Protection
Install anti-virus software on all networked
machines.
Keep virus definitions up to date.
Update all software, including operating systems,
NCC Education Limited V1.0
p , g p g y ,
on networked machines to fix any security holes.
Educate all users not to open files from non-trusted
sources.
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 12
Security Software Topic 8 - 8.34
Physical Countermeasures
Physically protecting the network by:
Choosing good quality hardware and equipment
Having well installed cabling
Install fire prevention and detection equipment
Keeping wiring&equipment closets locked
NCC Education Limited V1.0
Keeping wiring & equipment closets locked
Preventing unauthorised access to building and
rooms
Using CCTV etc.
Have a data back-up and recovery procedure as
well
Security Software Topic 8 - 8.35
The Security Policy
Most large organisations have a security policy.
Focuses attention on the importance of security
Shows management backing
Often includes key policies for users:
NCC Education Limited V1.0
Often includes key policies for users:
Acceptable use policy
Authorisation levels
Roles and responsibilities
Security Software Topic 8 - 8.36
Acceptable Use Policy
A set of rules that lay out how the network may be
used
New users should be asked to sign their
acceptance of the policy before being provided with
NCC Education Limited V1.0
network access
Ideally, this should outline the sanctions on users
who break the policy
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 13
Security Software Topic 8 - 8.37
Authorisation
Authorisation is the function of specifying access
rights to resources for authorised users
A network should have a policy whereby users are
granted access to resources based upon their
grade department etc
NCC Education Limited V1.0
grade, department, etc.
This can be done in a number of ways, e.g.
Individually
Allocating user to a domain and allocating access
rights to a domain
Security Software Topic 8 - 8.38
Roles and Responsibilities
A security policy should allocate specific functions
to specific job roles.
Roles should be allocated in such a way that fraud
is made difficult.
NCC Education Limited V1.0
Actual roles and responsibilities depend upon:
Function of the organisation
Size of the organisation
Security Software Topic 8 - 8.39
Business Continuity
Network security should also include an analysis of
the impact of network failure
Provision should be made to deal with network
failure
NCC Education Limited V1.0
Mirrors of data and websites
Temporary switchboards
A balance of cost against effects of network failure
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 14
NCC Education Limited V1.0
Computer Networks
Topic 8 Lecture 3:
Security Software
Security Software Topic 8 - 8.41
Network Security Software
Network security software covers many categories
including:
Intrusion detection software
Antivirus software
NCC Education Limited V1.0
Vulnerability scanners
Packet sniffers
Firewalls
Security Software Topic 8 - 8.42
Intrusion Detection Software (IDS)
Such software prevents any suspicious software
from intruding into a computer system
Purpose is:
NCC Education Limited V1.0
p
To identify possible threats
To prepare a report or log about the threats
To furnish this report to the security administrator
To attempt to stop any loss due to the threat
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 15
Security Software Topic 8 - 8.43
Antivirus Software
Really should be called anti-malware
Prevents malicious software from attacking system
Most use signatures of viruses that have been
designed earlier
NCC Education Limited V1.0
Can prevent suspicious programs from taking
control of the computer if they find code similar to
code present in its virus directory
Continuously update their virus database when a
new code or virus appears on a network
Security Software Topic 8 - 8.44
Vulnerability Scanners
Computer programthat looks for weaknesses in:
Computers
Computer systems
Networks
NCC Education Limited V1.0
Networks
Applications
Purpose is to assess the vulnerabilities present in
one or more targets
Security Software Topic 8 - 8.45
Packet Sniffers
Software or hardware that can intercept and log
traffic passing over a digital network or part of a
network
As data streams flow across the network, the
iff t h k t d
NCC Education Limited V1.0
sniffer captures each packet and can:
decode the packet's raw data
show the values of various fields in the packet
analyse a packets content according to the
appropriate specifications.
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 16
Security Software Topic 8 - 8.46
Firewalls
A firewall can be implemented both as hardware
and software.
It acts as a filter that permits authorised messages
to and froma systemwhilst blocking unauthorised
NCC Education Limited V1.0
to and from a system whilst blocking unauthorised
messages.
We will examine firewalls in detail in the next topic.
Security Software Topic 8 - 8.47
Security Risks
Threats that lead to a loss in any form to an
individual or an organisation
Such losses may include:
Loss of privacy
NCC Education Limited V1.0
Identity theft
Financial loss
Negative impact on customer relations
Loss or damage of confidential data or information
Loss in profitability
Security Software Topic 8 - 8.48
Managing Security Risks
This can be modelled as a three stage process:
Identify and analyse security risks
Risk assessment
Risk management
NCC Education Limited V1.0
Risk management
Most security risk management systems are
designed to comply with international standards
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 17
Security Software Topic 8 - 8.49
Identify & Analyse Risks
The purpose of risk identification and analysis is to
understand the possible threats that can be used
against any possible vulnerability in the security
architecture of the organisation.
NCC Education Limited V1.0
Organisations often have multiple layers of
security.
Vulnerability scanners can be used for this
purpose.
Security Software Topic 8 - 8.50
Risk Assessment
Identifies problems
Measures the likelihood of the security threat
Measures the impact of a security threat
A combination of probability of the threat and its
NCC Education Limited V1.0
A combination of probability of the threat and its
impact determine how important each threat is to
an organisation.
Security Software Topic 8 - 8.51
Risk Management
Designing security measures against known and
possible threats is time consuming and expensive.
Most information security risk management
systems are designed to comply with international
standards
NCC Education Limited V1.0
standards.
These attempt to build safe and sound information
transfer methods and environments.
Continuous updating of these systems makes them
expensive and time consuming.
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 18
Security Software Topic 8 - 8.52
International Standards
ISO/IEC 27001 Information Security
Auditable international standard which defines the
requirements for an Information Security
Management System (ISMS)
NCC Education Limited V1.0
Designed to ensure the selection of adequate and
proportionate security controls
Helps to protect your information assets and give
confidence to customers
Security Software Topic 8 - 8.53
Balancing Risks
Every organisation needs to decide what level of
security it needs
The two extremes are:
Total security, difficult to use
NCC Education Limited V1.0
Total security, difficult to use
Total access, not secure
A policy needs to define howsecurity will be
enforced
Security Software Topic 8 - 8.54
Spam
Blocking spam is one of the biggest challenges that
organisations face.
Studies suggest that over 90% of all email traffic is
spam.
Software filters can be deployed to limit the amount
NCC Education Limited V1.0
Software filters can be deployed to limit the amount
of spam.
Hardware is available for this purpose, known as
an anti spam appliance, and is usually operating
system independent.
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 19
Security Software Topic 8 - 8.55
Small Business Security
There are a number of security features that are
ideal for a small to medium sized business:
A fairly strong firewall
Strongantivirus software and Internet Security
Software
NCC Education Limited V1.0
Software
Use strong passwords and change on a monthly basis
When using a wireless connection, use a very strong
password
Raise awareness about physical security to employees
Use tools to monitor the network traffic
Security Software Topic 8 - 8.56
College Security
Extra features are ideal for colleges and schools:
A firewall that allows authorised users access from
the outside and inside
Wireless connections that lead to firewalls
Compliance with laws and guidelines on Internet
NCC Education Limited V1.0
Compliance with laws and guidelines on Internet
access for children
Supervision of network to guarantee updates
Constant supervision by teachers, librarians, and
administrators to guarantee protection against
attacks and also to supervise users
Security Software Topic 8 - 8.57
Security Software Vendors
There are many
Some software is free
Some is expensive
What does the college use?
NCC Education Limited V1.0
What does the college use?
Is it the best available?
Topic 8 - Security Software Computer Networks
V1.0 Visuals Handout Page 20
Security Software Topic 8 - 8.58
References
Price B. (ed) (2003). Networking Complete, 3
rd
edition, Sybex.
Tanenbaum, A.S. & Weatherall, D.J . (2010).
Computer Networks, 5
th
edition, Pearson
NCC Education Limited V1.0
Education.
International Organization for Standardization:
http://www.iso.org
Security Software Topic 8 - 8.59
Topic 8 Security Software
NCC Education Limited V1.0
Any Questions?