Network Security

1
Network Security
2
Network
network is a collection of computers and devices
connected by communications channels that
facilitates communications among users and allows
users to share resources with other users
.   Types of Networks Local Area Network
(LAN) Wide Area Network (WAN) Metropolitan Area
Network (MAN)
3
What is network security ?
 Network security consists of the technologies
and processes that are deployed to protect
internal networks from external threats The
primary goal of network security is to provide
controls at all points along the network
perimeter which allow access to the internal
network and only let traffic pass if that traffic
is authorized, valid, and of acceptable risk
4
Why do we need security?

• Protect vital information while still allowing
  access to those who need it Trade secrets,
  medical records, etc.
• Provide authentication and access control for
  resources
• Guarantee availability of resources

5
Network Security Risks

• Denial of Service
• Attacks on the availability of networks or
  computer systems
• Information theft
• Attacks on confidential information
• (e.g., customer private information, credit card
  information, etc.)

6
Network Security Risks

• Intrusion
• Unauthorized access to a network or computer
  system that could compromise the integrity and/or
  availability of critical systems and data
• Reputation
• Confidence of customers, business partners, etc.
  is lost. This is perhaps the biggest risk that
  Businesses face

7
Access Network
An access network is that part of a
communications network which connects subscribers
to their immediate service provider.
8
Access Network
Network Access Server (NAS) A device that
functions as an access control point for users in
remote locations connecting to a company's
internal network or to an ISP. The NAS is meant
to act as a gateway to guard access to a
protected resource. This can be anything from a
telephone network, to printers, to the Internet.
9
Network Operating System
Network operating systems typically are used to
run computers that act as servers. They provide
the capabilities required for network operation.
Network operating systems are also designed for
client computers and provide functions so the
distinction between network operating systems and
stand alone operating systems is not always
obvious.
10
Network Operating System
Network Operating System Examples Windows NT
server Windows 2003 server
11
Hackers
Hacker someone who attempts to break into
computer systems to damage it, or for the purpose
of getting illegitimate access to resources
12
Hackers
How can hackers break into computer system
? Hackers gain access to your computer through
unguarded ports in your network system hackers,
Usually they use a selection of specialist
software to identify weaknesses, like sub seven
, Net Bus etc
13
Hackers
To get their intermediate base they use purpose
built programs called Trojans and backdoors. It
may be disguised as a game or some other kind of
executable program .
14
Cryptography
Cryptography is the science of concealing the
meaning of a message from unintended
recipients Only the intended recipient is able to
read and understand the message
15
Cryptography
An encryption algorithm (or a cipher) is a method
of encryption and decryption. All modern
algorithms use a key to control encryption and
decryption a message can be decrypted only if
the key matches the encryption key . Good
cryptographic systems should always be designed
so that they are as difficult to break as possible
16
Cryptography
Example Alice wants to send a message to Bob
that nobody else can read
17
Cryptography
key
key
Meet me at noon
Phhw ph dw qrrq
Meet me at noon
Alice
Bob
Encrypt
Dencrypt
18
Network viruses
A network virus is a self-contained program (or
set of programs) that can spread copies of itself
across networks, including the Internet.
19
Network viruses
In many cases, network viruses exploit
vulnerabilities in the operating system or other
installed programs. and they can use legitimate
network ports, such as port 80 (HTTP) and Local
Area Network (LAN) or even over the Internet to
spread. Some of the most famous network
viruses are Nimda and SQLSlammer .
20
Network viruses
Nimda is a virus that caused traffic slowdowns as
it rippled across the Internet, It quickly spread
within 22 minutes . Methods of infection via
email via open network shares via browsing of
compromised web sites
21
Damages of network viruses
Ability to quickly degrade the performance of a
network, totally disabling important devices,
programs and network connections and operating
other programs such as (dos)and even sending
themselves over the internet via emails or
attachment.  Once the infection spreads, fully
Elimination often becomes difficult.
22
Wireless Network Security

• The "open air" nature of wireless radio signals
  posses challenges for securing wireless computer
  networks.
• Security features like
• WEP
• WPA
• MAC

23
WEP (Wired Equivalent Privacy 128-bit)

• WEP is an OSI Data Link layer (Layer 2) security
  technology that can be turned "on" or "off.
• WEP was designed to give wireless networks the
  equivalent level of privacy protection .

24
WPA - Wi-Fi Protected Access

• WPA can scramble or "encrypt" network traffic so
  that its contents can not easily be
• deciphered by snoopers.

25
MAC (Wireless Media Access Control )

• Wireless routers and access points (APs)
  incorporate access control features such as MAC
  address filtering that deny network requests from
  unwanted clients.

26
Network Access Control

• There are three main techniques that can provide
  single log-in across multiple computers
• 1- host-to-host authentication,
• 2- authentication servers,
• 3- user-to-host authentication.

27
Access Control

• Host-to-Host Authentication. users authenticate
  themselves once to a host computer. That computer
  then authenticates itself to other computers.
• Authentication Servers. the users authenticate
  themselves to the authentication server. This
  computer then authenticates the user to other
  host computers

28
Access Control

• User-to-Host requires the user to log-in to each
  host computer.