Description
It talks about the vulnerabilities in the systems and kinds of internet threats like firewall intrusion, DoS, Hijacking, virus etc.
Internet Security
• A network of networks • A logic network composed of a set of autonomous sub networks connected by gateways • Open architecture • Different protocols for physical transmission • A single protocol suite for the network and transport layers
? Dictionary.com
?
says:
1. Freedom from risk or danger; safety. ? 2. Freedom from doubt, anxiety, or fear; confidence. ? 3. Something that gives or assures safety, as:
? ?
?
1. A group or department of private guards: Call building security if a visitor acts suspicious. 2. Measures adopted by a government to prevent espionage, sabotage, or attack. 3. Measures adopted, as by a business or homeowner, to prevent a crime such as burglary or assault: Security was lax at the firm's smaller plant.
…etc.
3
? Protect
?
vital information while still allowing access to those who need it
Trade secrets, medical records, etc.
? Provide
?
authentication and access control for resources
Ex: AFS
4
? Financial
institutions and banks ? Internet service providers ? Pharmaceutical companies ? Government and defense agencies ? Contractors to various government agencies ? Multinational corporations ? ANYONE ON THE NETWORK
5
?
?
Finding a way into the network
?
Firewalls Intrusion Detection Systems Ingress filtering, IDS IPSec Encryption (SSH, SSL, HTTPS) Education
6
Exploiting software bugs, buffer overflows
?
?
?
Denial of Service
?
TCP hijacking
?
?
?
Packet sniffing
?
Social problems
?
High Sophistication of Hacker Tools
Technical Knowledge Required Low
1980
1990
2000
-from Cisco Systems
The Need for Web Security
7
HACKED WWW HOMEPAGES
CIA HOMEPAGE
DOJ HOMEPAGE
USAF
The Need for Web Security
HOMEPAGE
11/29/96
8
? ? ? ? ? ? ?
?
?
Money, profit Access to additional resources Experimentation and desire to learn “Gang” mentality Psychological needs Self-gratification Personal vengeance Emotional issues Desire to embarrass the target
The Need for Web Security
9
?A
? ?
firewall is like a castle with a drawbridge
Only one point of access into the network This can be good or bad
? Can
? ?
be hardware or software
Ex. Some routers come with firewall functionality ipfw, ipchains, pf on Unix systems, Windows XP and Mac OS X have built in firewalls
15-441 Networks Fall 2002
10
Internet
DMZ
Web server, email server, web proxy, etc
Firewall Firewall
Intranet
15-441 Networks Fall 2002
11
? Basic
problem – many network applications and protocols have security problems that are fixed over time
? ?
Difficult for users to keep up with changes and keep host secure Solution
?
?
Administrators limit access to end hosts by using a firewall Firewall is kept up-to-date by administrators
12
? Used
?
to monitor for “suspicious activity” on a network
Can protect against known software exploits, like buffer overflows
15-441 Networks Fall 2002
13
Spam
?Spam is the e-mail equivalent of the junk mail (pamphlets, menus, shopping flyers) that fill your non-Internet mailbox every day. ?Spam is simply any piece of unsolicited e-mail: it may be sent to just you, or it may be sent to a million others--either way it's spam if you didn't ask for it. ?The term "spam" originated, as do many geeky concepts, from a Monty Python skit[www.detritus.org/spam/skit.html]. ?Lists of 100,000s or even millions of e-mail addresses are available for purchase which can then be used to send out that many spam messages in a few minutes. Even if only a minute fraction of people respond, spam is still the most cost-efficient marketing method in existence.
? The
Internet works only because we implicitly trust one another ? It is very easy to exploit this trust ? The same holds true for software ? It is important to stay on top of the latest CERT security advisories to know how to patch any security holes
15-441 Networks Fall 2002
15
doc_562248101.pptx
It talks about the vulnerabilities in the systems and kinds of internet threats like firewall intrusion, DoS, Hijacking, virus etc.
Internet Security
• A network of networks • A logic network composed of a set of autonomous sub networks connected by gateways • Open architecture • Different protocols for physical transmission • A single protocol suite for the network and transport layers
? Dictionary.com
?
says:
1. Freedom from risk or danger; safety. ? 2. Freedom from doubt, anxiety, or fear; confidence. ? 3. Something that gives or assures safety, as:
? ?
?
1. A group or department of private guards: Call building security if a visitor acts suspicious. 2. Measures adopted by a government to prevent espionage, sabotage, or attack. 3. Measures adopted, as by a business or homeowner, to prevent a crime such as burglary or assault: Security was lax at the firm's smaller plant.
…etc.
3
? Protect
?
vital information while still allowing access to those who need it
Trade secrets, medical records, etc.
? Provide
?
authentication and access control for resources
Ex: AFS
4
? Financial
institutions and banks ? Internet service providers ? Pharmaceutical companies ? Government and defense agencies ? Contractors to various government agencies ? Multinational corporations ? ANYONE ON THE NETWORK
5
?
?
Finding a way into the network
?
Firewalls Intrusion Detection Systems Ingress filtering, IDS IPSec Encryption (SSH, SSL, HTTPS) Education
6
Exploiting software bugs, buffer overflows
?
?
?
Denial of Service
?
TCP hijacking
?
?
?
Packet sniffing
?
Social problems
?
High Sophistication of Hacker Tools
Technical Knowledge Required Low
1980
1990
2000
-from Cisco Systems
The Need for Web Security
7
HACKED WWW HOMEPAGES
CIA HOMEPAGE
DOJ HOMEPAGE
USAF
The Need for Web Security
HOMEPAGE
11/29/96
8
? ? ? ? ? ? ?
?
?
Money, profit Access to additional resources Experimentation and desire to learn “Gang” mentality Psychological needs Self-gratification Personal vengeance Emotional issues Desire to embarrass the target
The Need for Web Security
9
?A
? ?
firewall is like a castle with a drawbridge
Only one point of access into the network This can be good or bad
? Can
? ?
be hardware or software
Ex. Some routers come with firewall functionality ipfw, ipchains, pf on Unix systems, Windows XP and Mac OS X have built in firewalls
15-441 Networks Fall 2002
10
Internet
DMZ
Web server, email server, web proxy, etc
Firewall Firewall
Intranet
15-441 Networks Fall 2002
11
? Basic
problem – many network applications and protocols have security problems that are fixed over time
? ?
Difficult for users to keep up with changes and keep host secure Solution
?
?
Administrators limit access to end hosts by using a firewall Firewall is kept up-to-date by administrators
12
? Used
?
to monitor for “suspicious activity” on a network
Can protect against known software exploits, like buffer overflows
15-441 Networks Fall 2002
13
Spam
?Spam is the e-mail equivalent of the junk mail (pamphlets, menus, shopping flyers) that fill your non-Internet mailbox every day. ?Spam is simply any piece of unsolicited e-mail: it may be sent to just you, or it may be sent to a million others--either way it's spam if you didn't ask for it. ?The term "spam" originated, as do many geeky concepts, from a Monty Python skit[www.detritus.org/spam/skit.html]. ?Lists of 100,000s or even millions of e-mail addresses are available for purchase which can then be used to send out that many spam messages in a few minutes. Even if only a minute fraction of people respond, spam is still the most cost-efficient marketing method in existence.
? The
Internet works only because we implicitly trust one another ? It is very easy to exploit this trust ? The same holds true for software ? It is important to stay on top of the latest CERT security advisories to know how to patch any security holes
15-441 Networks Fall 2002
15
doc_562248101.pptx