Académique Documents
Professionnel Documents
Culture Documents
PRESENTED BY
Sri Vallabh
Aida Janciragic
Sashidhar Reddy
Topics of Discussion
Questions to consider
What are we trying to protect?
What operations are authorized?
What is security parameter?
Principles continued
Security Problems
1. Any user can access network traffic
2. Diskette drives on the client
workstations
3. PCs with modem connections
4. Insufficient training to authorized users
Continued
Possible Countermeasures
1. Introduction of an authentication system
for each user
2. Installation of virus detection software
and configuration monitors
3. Installation of temper resistant hardware
4. Security awareness training for
authorized users
Stage 2:Private Networks plus Read-only
Web Server
Security Problems
1. All the problems in stage 1
2. Denial of service attack
3. Unauthorized change to data on web
server
4. Web address spoofing
Continued
Possible Countermeasures
1. Use a reliable web server package
2. Keep abreast of the advisories provided
by CERT(Computer Emergency
Response Team), FIRST(Forum of
Incident Response Teams)
3. Proper maintenance of web server
Stage 3:Private Nets Plus Forms-Based
WWW Server
Security Problems
1. Compromise of order information
2. Spoofing of order information
3. Loss of control over the web site
4. Customer information stored on ISP
host.
Continued
Possible Countermeasures
1. Using a secure web server like HTTP
2. Double checking the CGI scripts
3. Customer authentication
Stage 4:Internet Service through Firewall
with Forms-Based WWW Server
Security Problems
1. Attacks on internal systems via misconfigured
firewalls
2. Importing of malicious software or
exporting of sensitive information via
properly configured firewall
3. Compromise of identity of correspondents
4. Back doors into internal networks
Continued
Possible Countermeasures
1. Proper firewall configuration
2. Vigilant management of firewall and the
website
3. Provide proper awareness of security to
the internal users
Stage 5:Virtual Private Networks
Security Problems
1. Contamination of internal database via
actions of cooperating companies
2. Service delays/denial for intranet traffic
due to Internet/ISP problems
3. Compromise or delay of intranet traffic
due to crypto mismanagement
4. Compromise of internal traffic patterns
Continued
Possible Countermeasures
1. Using proper encryption methodology
2. Avoid same company as ISP all the sites
Network Security Policy and Services
Network
Sniffing
War Dialing
Protocol
Data-link-layer security
Network-layer security
Transport-layer security
IP origin forgery
Above the application layer
Symmetric
DES ( Digital Encryption Standard)
Digital Signatures
Security in TCP/IP Protocol Stack
Session Encryption
IP Layer Encryption
Relative Location of Security in TCP/IP Protocol Stack
SSL Protocol Operation
IP Security Scenario
The Kerberos Architecture
Kerberos Ticket
Granting
Service
Network Based
Network Security Monitor, Network
IDS, Net Ranger, Tripwire etc
Host Based
Probes of host ports, password guessing
etc
Taxonomy of Malicious Programs
Security Management Tools
Internet
Trust
Types of Firewalls
SOCKS
Firewall
Protected Internet
Network
SOCKS daemon
on firewall parses
request, checks Target of
access control communication
rules, and makes sends information
connection (proxy); back through SOCKS
Socksified daemon, which routes it
user app asks copy data back in through
firewall. to the user desktop.
SOCKS daemon for
circuit