Network Defense and Countermeasures PDF
Document Details
Uploaded by FunCarnelian1260
North Carolina Central University
2019
Chuck Easttom
Tags
Summary
This document presents an introduction to network security, outlining common dangers, security terminology, and approaches to securing networks. It includes a discussion of various network concepts such as protocols, IP addresses, and the OSI model. Additional elements involve assessing and classifying threats according to function, likely attacks, and the importance of legal issues.
Full Transcript
Network Defense and Countermeasures by Chuck Easttom Chapter 1: Introduction to Network Security Objectives Identify the most common dangers to networks Understand basic networking Employ basic security terminology Find the best approach to network security...
Network Defense and Countermeasures by Chuck Easttom Chapter 1: Introduction to Network Security Objectives Identify the most common dangers to networks Understand basic networking Employ basic security terminology Find the best approach to network security for your organization Evaluate the legal issues that will affect your work as a network administrator Use resources available for network security © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 2 Introduction The growth of the Internet has brought many ways in which networks can be compromised and data stolen. Legislators are working to prevent identity theft and ways to reduce the effects of viruses and worms such as MyDoom, MSBlaster, and others. © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 3 The Basics of a Network You need to understand the following: Basic network structure Data packets IP addresses Uniform Resource Locators MAC addresses Protocols Basic Network Utilities The OSI Model © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 4 Basic Network Structure The fundamental purpose of networks is for communication Part of the network structure includes: NICs, hubs, switches, routers, and firewalls Network architecture comprises the format in which these devices are connected © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 5 Data Packets This is the package that holds the data and transmission information Ultimately formatted in binary Size ranges between 32 and 65,000 bytes Information included in packets: Source and destination (IP Address) information Packet size (in bytes) and type (e.g. Ethernet) Data and other header information © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 6 IP Addresses IPv4 is a series of four three-digit numbers separated by periods: 107.22.98.129 There are network classes A through E that determine the IP range for the first byte Certain ranges are private, for use within networks IPv6 uses a 128-bit address and hex numbering. Example: 3FFE:B000:800:2:C © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 7 Uniform Resource Locators URLs are text-based web addresses, such as www.chuckeasttom.com, that translate into Internet IP addresses Translation is performed by Domain Name Service (DNS) servers © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 8 MAC Addresses MAC addresses are unique hardware addresses Every NIC in the world has a unique MAC address Six-byte hexadecimal numbers Address Resolution Protocol (ARP) converts IP addresses to MAC addresses © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 9 Protocols Types/standards of network communication are called protocols Examples include FTP, SSH, Telnet, SMTP WhoIS, DNS, tFTP HTTP, POP3, NNTP NetBIOS, IRC, HTTPS SMB, ICMP © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 10 Basic Network Utilities ipconfig ping tracert netstat © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 11 The Open Systems Interconnect (OSI) Model © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 12 What Does This Mean for Security? There are three points of attack: The data itself The network connection points The people © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 13 Assessing Likely Threats to the Network Extreme, ill-informed attitudes about security threats can lead to poor decisions These are the two ends of the spectrum There is no real threat, nothing to worry about Extreme alarm: all hackers are experts and out to break into my network © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 14 Assessing Likely Threats to the Network No real threat: Fosters a laissez-faire attitude toward security Promotes a reactive approach to security Security measures are not put in place until after a breach has occurred This approach must be avoided at all costs © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 15 Assessing Likely Threats to the Network Is the world full of hackers out to get me? Yes, they exist, but not to the extent publicized Lesser skilled hackers are more pervasive They target smaller companies Usually experts seek high profile networks Financial and ideological gain are the targets © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 16 Assessing Likely Threats to the Network The only practical approach is the realistic one This approach is a moderate solution to the two extremes Assessment is a complex task Many factors need to be addressed © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 17 Classifying Threats by Function Intrusion Malware Cracking Viruses Social engineering Worms War-dialing Trojan horses War-driving Spyware Blocking Cookies Ley loggers Denial of Service (DoS) Distributed Denial of Service (DDoS) © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 18 Likely Attacks Administrators should ask: What are the realistic dangers? What are the most likely attacks for our network? What are some common vulnerabilities? What is the likelihood of an attack? © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 19 Threat Assessment Factors Attractiveness of the system (discussed earlier) The nature of the information on the system Traffic to the system (security devices in place) © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 20 Threat Assessment A numerical scale can be assigned to each factor Attractiveness (A): 1–10 Information content (I): 1–10 Security devices (S): 1–10 The equation is: (A + I) – S = V Where V equals Vulnerability score Lower score indicates lower risk © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 21 Understanding Security Terminology Hacking terminology Security terminology White hat hackers Firewall Black hat hackers Proxy server Gray hat hackers Intrusion-detection Script kiddy system Cracker Access control Ethical hacker or sneaker Non-repudiation Phreaking Auditing © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 22 Helpful Websites for Security Terminology www.yourwindow.to/information%2Dsecurity/ www.ietf.org/rfc/rfc2828.txt © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 23 Approaching Network Security Proactive versus reactive Perimeter: Focus is on perimeter devices; internal devices are still vulnerable Layered: Focus includes both perimeter and individual computers within the network Hybrid: Combination of multiple security paradigms © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 24 Network Security and the Law Sarbanes-Oxley (SOX) Computer Security Act of 1987 Health Insurance Portability and Accountability Act (HIPAA) © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 25 Using Security Resources CERT (www.cert.org/) Microsoft Security TechCenter (https://technet.microsoft.com/en-us/security) F-Secure Corporation (www.f-secure.com/) SANS Institute (www.sans.org/) ` © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 26 Summary Most common dangers to networks are viruses, worms, and trojan horses Basic security terminology: Hacking terms: Deal with people and activities Security terms: Deal with devices and policies Approaches to securing your network: Proactive versus reactive Perimeter Layered Hybrid © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 27 Summary Legal issues: SOX HIPAA State-specific legislation regarding computer crimes Resources available for network security: CERT Microsoft Security TechCenter F-Secure Corporation SANS institute © 2019 by Pearson Education, Inc. Chapter 1 Introduction to Network Security 28
