Network Architecture - International & Access Foundation Programmes
Document Details
Uploaded by IssueFreeRadon6091
Technological University Dublin
Nevan Bermingham
Tags
Summary
This presentation discusses network architecture, focusing on network security concepts such as firewalls, TCP/UDP ports, and various attack types. It details the role of firewalls as security measures and explains different attacks like denial-of-service and packet sniffing.
Full Transcript
INTERNATIONAL & ACCESS FOUNDATION PROGRAMMES COMPUTER SCIENCE MODULE Semester I Part 5 Networks: Network Security © Nevan Bermingham Overview What is network security? Why do we need network security? Who is vulnerable? Common security attacks a...
INTERNATIONAL & ACCESS FOUNDATION PROGRAMMES COMPUTER SCIENCE MODULE Semester I Part 5 Networks: Network Security © Nevan Bermingham Overview What is network security? Why do we need network security? Who is vulnerable? Common security attacks and countermeasures Firewalls & Intrusion Detection Systems Denial of Service Attacks TCP Attacks (Spoofing) Packet Sniffing Social Engineering Why do we need security? Protect vital information while still allowing access to those who need it Trade secrets, medical records, personal data etc. Provide authentication and access control for resources Login, Passwords, Biometrics Guarantee availability of resources Uptime 99.995% reliability Firewalls Basic problem – many network applications and protocols have security problems that are fixed over time Difficult for users to keep up with changes and keep host secure Solution Administrators limit access to end hosts by using a firewall Firewall is kept up-to-date by administrators Firewalls A firewall is like a castle with a drawbridge Only one point of access into the network This can have positives and negatives Can be hardware or software Some routers come with firewall functionality Unix systems, Windows XP/7/8 and Mac OS X have built in software firewalls Firewalls Internet Firewall Firewall DMZ (De-Militarized Zone) Web server, email Intranet server, web proxy, etc Firewalls Used to filter packets based on rules These are called packet filtering firewalls There are other types too, but they will not be discussed Here is what a computer with a default Windows 7 install looks like: 135/tcp open loc-srv 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1025/tcp open NFS-or-IIS 3389/tcp open ms-term-serv 5000/tcp open UPnP Transmission Control Protocol (TCP) & User Datagram Protocol (UDP) - PORTS In the internet protocol suite, a port is an endpoint of communication in an operating system. 1024 well-known port numbers are reserved by convention to identify specific service types on a host A port is always associated with an IP address of a host Example http://www.example.com:8080 http://72.56.123.233:80/ List of register ports Transmission Control Protocol (TCP) & User Datagram Protocol (UDP) - PORTS Typical TCP Ports 21: File Transfer Protocol (FTP) 22: Secure Shell (SSH) 23: Telnet remote login service 25: Simple Mail Transfer Protocol (SMTP) 53: Domain Name System (DNS) service 80: Hypertext Transfer Protocol (HTTP) used in the World Wide Web 110: Post Office Protocol (POP3) 119: Network News Transfer Protocol (NNTP) 123: Network Time Protocol (NTP) 143: Internet Message Access Protocol (IMAP) 161: Simple Network Management Protocol (SNMP) 194: Internet Relay Chat (IRC) 443: HTTP Secure (HTTPS) Types of Attack Intrusion Detection – Used to monitor for “suspicious activity” on a network Based on well known patterns of behavior Dictionary Attack – Brute Force Dictionary attack on the passwords Denial of Service Make a network service unusable, usually by overloading the server or network TCP Attacks create IP packets and routers process them purely based on destination address alone End hosts may lie about other fields which do not affect delivery Attacker can insert malicious data into the TCP stream, and the recipient will believe it came from the original Types of Attack Packet Sniffing Affects any broadcast-based medium (cable, wifi, etc) A Host listens to the data (plain text data – passwords) Solution is to encrypt the data Secure Sockets Layer (SSL) for https addresses - Web browsers know how to trust HTTPS websites based on certificate authorities IPSec - Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. Social Engineering People can be just as dangerous as unprotected computer systems People can be lied to, manipulated, bribed, threatened, harmed, tortured, etc. to give up valuable information Example - “Your account has been hacked, please resend
