Security Issues - PowerPoint PPT Presentation

1 / 37
About This Presentation
Title:

Security Issues

Description:

http://www.cs.purdue.edu/coast/coast.html. Computer Network Research Group ITB. Mailing Lists ... comp.unix.wizards. Computer Network Research Group ITB. Summary ... – PowerPoint PPT presentation

Number of Views:53
Avg rating:3.0/5.0
Slides: 38
Provided by: kip6
Category:
Tags: issues | security

less

Transcript and Presenter's Notes

Title: Security Issues


1
Security Issues
  • Onno W. Purbo
  • Computer Network Research Group
  • Institute of Technology Bandung
  • yc1dav_at_itb.ac.id

2
Perspective ...
  • less then 200 security incident in 1989.
  • about 400 in 1989.
  • about 1400 in 1993.
  • estimated more than 2241 in 1994.
  • Nobody knows the correct statistics on how many
    attacks are actually detected by the sites broken
    into.

3
Layout Firewall
4
What are you trying to protect?
  • Your Data.
  • Your Resources.
  • Your Reputation.

5
What Are You Trying To Protect Against?
  • Type of attacks
  • Intrusion.
  • Denial of Service.
  • Information Theft.

6
Type of Attackers
  • Joyriders.
  • Vandals.
  • Score Keepers.
  • Spies (Industrial Otherwise).
  • Stupidity Accidents.

7
How Can You Protect Your Site
  • No Security.
  • Security Through Obscurity.
  • Host Security.
  • Network Security.
  • No Security Model Can Do It All.

8
What Can A Firewall Do?
  • A firewall is a focus for security decisions.
  • A firewall can enforce security policy.
  • A firewall can log Internet activity efficiently.
  • A firewall limits your exposure.

9
What Cant A Firewall Do?
  • A firewall cant protect you against malicious
    insiders.
  • A firewall cant protect you against connections
    that dont go through it.
  • A firewall cant protect against completely new
    threats.
  • A firewall cant protect against viruses.

10
List of A Must Secure Internet Services
  • Electronic mail (SMTP).
  • File Transfer (FTP).
  • Usenet News (NNTP).
  • Remote Terminal Access (Telnet).
  • World Wide Web Access (HTTP).
  • Hostname / Address lookup (DNS).

11
Security Strategies.
  • Least Privilege.
  • Defense in Depth (multiple security mechanism).
  • Choke Point forces attackers to use a narrow
    channel.
  • Weakest Link.
  • Fail-Safe Stance.
  • Diversity of Defense.
  • Simplicity.

12
Building Firewalls
13
Some Firewall Definitions
  • Firewall
  • A component or set of components that restricts
    access between a protected network and the
    Internet, or between other sets of networks.
  • Host
  • A computer system attached to a network.

14
Firewall Defs Cont ..
  • Bastion Host
  • A computer system that must be highly secured
    because it is vulnerable to attack, usually
    because it is exposed to the Internet and is a
    main point of contact for users of internal
    networks.
  • Dual-homed host
  • A general-purpose computer system that has at
    least two network interfaces (or homes).

15
Firewall Defs Cont ...
  • Packet.
  • The fundamental unit of communication on the
    Internet.
  • Packet filtering.
  • The action a device takes to selectively control
    the flow of data to and from a network.
  • Perimeter network.
  • a network added between a protected network and
    external network, to provide additional layer of
    security.

16
Firewall Defs Cont ...
  • Proxy Server
  • A program that deals with external servers on
    behalf of internal clients. Proxy client talk to
    proxy servers, which relay approved client
    requests on to real servers,and relay answer back
    to clients.

17
Packet Filtering
18
Proxy Services
19
Screened Host Architecture
20
De-Militarized Zone Architecture
21
DMZ With Two Bastion Hosts
22
Its OK
  • Merge Interior Exterior Router
  • Merge Bastion Host Exterior Router
  • Use Mutiple Exterior Router
  • Have Multiple Perimeter Network
  • Use Dual -Homed Hosts Screened Subnets

23
Its Dangerous
  • Use Multiple Interior Router
  • Merge Bastion Host and Interior Router

24
Private IP Address
  • Use within Internal Network
  • Reference RFC 1597
  • IP address alocation
  • Class A 10.x.x.x
  • Class B 172.16.x.x - 172.31.x.x
  • Class C 192.168.0.x - 192.168.255.x

25
Bastion Host
  • It is our presence in Internet.
  • Keep it simple.
  • Be prepared for the bastion host to be
    compromised.

26
Special Kinds of Bastion Hosts
  • Nonrouting Dual-Homed Hosts.
  • Victim Machine.
  • Internal Bastion Hosts.

27
Choosing A Bastion Host
  • What Operating System?
  • Unix
  • How Fast a Machine?
  • 386-based UNIX.
  • MicroVAX II
  • Sun-3

28
Proxy Systems
  • Why Proxying?
  • Proxy systems deal with the insecurity problems
    by avoiding user logins on the dual-homed host
    and by forcing connections through controlled
    software.
  • Its also impossible for anybody to install
    uncontrolled software to reach Internet the
    proxy acts as a control point.

29
Proxy - Reality Illusion
30
Advantages of Proxying
  • Proxy services allow users to access Internet
    services directly
  • Proxy services are good at logging.

31
Disadvantages of Proxying
  • Proxy services lag behind non-proxied services.
  • Proxy services may require different servers for
    each service.
  • Proxy services usually require modifications to
    clients, procedures, or both.
  • Proxy services arent workable for some services.
  • Proxy services dont protect you from all
    protocol weaknesses.

32
Proxying without a Proxy Server
  • Store-and-Forward services naturally support
    proxying.
  • Examples
  • E-mail (SMTP).
  • News (NNTP).
  • Time (NTP).

33
Internet Resources on Security Issues
34
WWW Pages
  • http//www.telstra.com.au/info/security.html
  • http//www.cs.purdue.edu/coast/coast.html

35
Mailing Lists
  • firewalls_at_greatcircle.com
  • ftp//ftp.greatcircle.com/pub/firewalls/
  • http//www.greatcircle.com/firewalls/
  • fwall-users_at_tis.com
  • academic-firewalls_at_net.tamu.edu
  • ftp//net.tamu.edu/pub/security/lists/academic-fir
    ewalls
  • bugtraq_at_fc.net

36
Newsgroups
  • comp.security.announce.
  • comp.security.unix.
  • comp.security.misc.
  • comp.security.firewalls.
  • alt.security.
  • comp.admin.policy.
  • comp.protocols.tcp-ip.
  • comp.unix.admin.
  • comp.unix.wizards

37
Summary
  • In these dangerous times, firewalls are the best
    way to keep your site secure.
  • Although youve got to include other tipes of
    security in the mix, if youre serious about
    connecting to the Internet, firewall should be at
    the very center of your security plans.
Write a Comment
User Comments (0)
About PowerShow.com