Tài liệu Network Security I CSCI 4971 / 6968 doc

LINK DOWNLOAD MIỄN PHÍ TÀI LIỆU "Tài liệu Network Security I CSCI 4971 / 6968 doc": http://123doc.vn/document/1035411-tai-lieu-network-security-i-csci-4971-6968-doc.htm

Definitions
•
Computer Security
-
generic name for
Computer

Security
generic

name

for

the collection of tools designed to protect
data and to thwart hackers
data

and

to

thwart

hackers
• Network Security - measures to protect
data during their transmission
data

during

their

transmission
• Internet Security - measures to protect
dt d i thit i i
d
a
t
a
d
ur
i
ng
th
e
i
r
t
ransm
i
ss
i
on over a
collection of interconnected networks
5
Standards Organizations
Standards

Organizations

National Institute of Standards &

National

Institute

of

Standards

&

Technology (NIST)

Internet Society (ISOC)

Internet

Society

(ISOC)
International Telecommunication Union
Tl i ti St d di ti
T
e
l
ecommun
i
ca
ti
on
St
an
d
ar
di
za
ti
on
Sector (ITU-T)
International Organization for
Standardization (ISO)
Example
XXX bank wants to provide web banking
XXX

bank

wants

to

provide

web

banking

service to its customers. They have
alread
y

p
ro
g
rammed web
p
a
g
es and
yp g p g
applications. Every customer has an id
and password to access their account
if ti
i
n
f
orma
ti
on.
– What are the threats?
Wh t th it h i t t
–
Wh
a
t
are
th
e secur
it
y mec
h
an
i
sms
t
o preven
t

them?
What are the security services?
7
–
What

are

the

security

services?
Case Study
Attacker
Banking Server
Bank Customer
Internet
Bank Network
Internet
Web Serve
r
Bank

Network
Dial-up
A
8
A
ccess
Server
Security Attacks
•
Passive attacks
-
eavesdropping on, or
Passive

attacks
eavesdropping

on,

or

monitoring of, transmissions to:
– obtain message contents, or
– Intercept, or monitor traffic flows
• Active attacks – modification of data stream to:
– masquerade of one entity as some other
– fabricate a message
–
replay previous messages
– modify messages in transit
denial of service
9
–
denial

of

service
Threats
Banking Server
Attacker
Bank Customer
Attacker
Bank Network
Bank

Network
carrier
Web Serve
r
Customer
ISP
Bank ISP
10
Internet
Backbone
carrier
carrier
Targets
• Customer computer
–
DoS
– Malicious codes: Virus, Worms
– Attacker may take control of computer
Ct
WbS i ti
•
C
us
t
omer
–
W
e
b

S
erver commun
i
ca
ti
on
– Eavesdropping
– Man-in-the-middle
dif i j t d d l t
•mo
dif
y,
i
n
j
ec
t
an
d

d
e
l
e
t
e messages
– Session hijacking
– DoS: SYN attack
•
Internet Infrastructure
•
Internet

Infrastructure
– Eavesdropping
– BGP attacks
–
Router OS attacks
11
–
Router

OS

attacks
–DoS
Targets (cont.)
• Web Server
–
Stack smashin
g
g
– Portable programs
– IP spoofing
– Unsafe Services
–
Malicious codes: Virus and worms
– DoS: SYN attack, ping flooding
• Bank Network and Servers
–
Use backdoor to access
– Eavesdropping
– Man-in-the-middle : Web Server to Banking Server
Session hijacking
–
Session

hijacking
–DoS
– DNS attack
–
Use unsafe services in other servers
12
–
Use

unsafe

services

in

other

servers
– Install malicious codes in other servers
Targets (cont.)
• DNS servers
– DNS cache poisoning
– DNS DoS
13
Customer Computer
• Physical security
• Strong passwords
• OS security patches
•
Application security patches
•
Application

security

patches
• Unsafe services
– telnet, ftp, nfs
– rpc, remote commands (rlogin, rsh, …)
– dns, web
• Browser confi
g
uration
g
– Not to accept mobile codes automatically
– Selection of strongest crypto algorithms as default
•
Personnel Firewall
14
•
Personnel

Firewall
– Not a Swiss cheese! must be carefully configured
• Virus guard and scanners