SlideShare uma empresa Scribd logo

Information Security Lesson 5 - Network Infrastructure - Eric Vanderburg

Transferir como PPT, PDF
Eric Vanderburg
Eric Vanderburg

Information Security Lesson 5 - Network Infrastructure - Eric Vanderburg

Tecnologia
1 de 30
Information Security Chapter 5 Securing the Network Infrastructure Information Security © 2006 Eric Vanderburg
Cabling • Cable Plant – Network infrastructure • Cable Characteristics – – – – – – – – – Bandwidth Rating Max Segment Length Segments per network Devices per segment Interference Susceptibility (EMI & RFI) Connection Hardware Cable Grade (PVC or Plenum Grade Teflon) Bend radius Cost (Material, Installation, & Maintenance) Information Security © 2006 Eric Vanderburg
Coaxial Cable (Coax) • Thicknet (10base5) – – – – ½ inch thick RG-11 or RG-8 Vampire tap AUI (Attachment Unit Interface) - 15 pin DB-15 • Thinnet (10base2) – BNC (British Naval Connector) – 50 ohms impedance – RG-58 • Coax for Broadband (RG-59, 75 Ohm) Information Security © 2006 Eric Vanderburg
Twisted Pair • Twists reduce crosstalk • UTP (Unshielded Twisted Pair) 10baseT • STP (Shielded Twisted Pair) – Foil wrapped around wires • Phone line (RJ-11) • TP Network cable (RJ-45) • 100 Meter max length Information Security © 2006 Eric Vanderburg
Twisted Pair Categories • • • • • • • • Cat1 – voice only, before 1982 Cat2 – 4 wires, 4Mbps Cat3 – 4 wires, 10Mbps, 3 twists/foot Cat4 – 8 wires, 16Mbps Cat5 – 8 wires, 100Mbps Cat5e – 8 wires, 1Gbps, full-duplex, 100MHz* Cat6 – 8 wires, 1Gbps, 250MHz*, larger, more sensitive Cat7 – 8 wires, shielded, 1Gbps, 600MHz*, individually shielded pairs • *Easier to detect defects with higher frequencies Information Security © 2006 Eric Vanderburg
Fiber Optic • • • • • • • • • Signal sent by light No eavesdropping No interference Two cables needed for full duplex Surrounded by Kevlar Max length: 2-100 km 1Gbps & 10Gbps implementations Difficult to install Expensive (Cable, Install, Maintenance) Information Security © 2006 Eric Vanderburg
Fiber Optic Connectors ST (Straight Tip) SC (Straight Connection) LC (Link Control) MIC (Medium Interface Connector) MT-RJ two cables in one RJ-45 clone SMA (Subminiature Type A) Information Security © 2006 Eric Vanderburg
Fiber Optic cable types • Single mode – – – – Laser based Spans longer distance One piece of glass Core: 2-9 microns • Multi-mode – – – – LED based Shorter distance Multiple pieces of glass Core: 25-200 microns Information Security © 2006 Eric Vanderburg
Quick Comparison Type Length Bandwidth Installation Interference Cost UTP 100 meters 10Mbps-1Gbps Easy High Cheapest STP 100 meters 16Mbps-1Gbps Moderate Moderate Moderate Thinnet 185 meters 10Mbps Easy Moderate Cheap Thicknet 500 meters 10Mbps Hard Low Expensive 2-100 kilometers 100Mbps-10Gbps Moderate None Most Expensive Fiber Information Security © 2006 Eric Vanderburg
Sniffers • Captures all data packets that travel on a network. • Designed for use in network diagnostics • Hard to trace because it is passive • Can be used to find passwords or other sensitive information • Mitigate with switched networks • Protect the physical environment • Watch out for comprimised hosts Information Security © 2006 Eric Vanderburg
Removable Media • Optical Media – CD – DVD • Magnetic Media – – – – Floppy disk Hard drive Micro drive Tape • Flash Media – USB Stick, CF (non microdrive), SD, MMC, SmartMedia, Game cartridge, PCMCIA, Rom Chips Information Security © 2006 Eric Vanderburg
Securing Removable Media • Encrypt USB Sticks • Disable or lock USB ports on the computer • Physical check that devices are not brought in Information Security © 2006 Eric Vanderburg
Terms • Workstation • Server • Terminal Information Security © 2006 Eric Vanderburg
Server Types • • • • • • • • Domain Controller Application Server File Server Print Server Communication Server Web Server Mail Server Name Server Information Security © 2006 Eric Vanderburg
Server Vendors • • Sun Microsystems Microsoft – Solaris – Looking Glass – Windows NT – Windows 2000 – Windows 2003 • • • Linux (Various Distributions) Novell Netware OS/2 • Apple – Mac OSX Server • FreeBSD • NeXT Operating Systems Microsoft Linux UNIX BSD NeXT MacOSX NetWare v1-5 Mac OS 1-9 NetWare 6 Information Security © 2006 Eric Vanderburg OS/2
Equipment • Repeater • Hubs – Active (powered – regenerates signal) – Passive (unpowered) • Bridge – Translation bridge – translates differing frame types for different architectures (ATM, Ethernet) • Router – Reduces the broadcast domain – Looks at packets – Can filter by packets Information Security © 2006 Eric Vanderburg
Equipment • Switches – Cut-through switching – reads only the first part of the frame to forward it. – Store & forward switching • Reads entire frame before forwarding. Also does error checking using the CRC field, discards if errors. • Saves bandwidth because bad frames are not forwarded. Requires faster switches • Fragment free switching – reads enough to know it is not a malformed or damaged frame – – – – Reduces the collision domain Looks at frames VLANs (Virtual LAN) Core switch – central to the network. Other switches connect into it – Workgroup switch – connects to network nodes Information Security © 2006 Eric Vanderburg
Network Management • SNMP (Simple Network Management Protocol) – Agents – MIB (Management Information Base) – Ports 161 & 162 UDP – SNMP enabled devices are called managed devices Information Security © 2006 Eric Vanderburg
Securing Network Devices • Create a custom logon prompt to remove any info about the device • Disable HTTP or SNMP access if they are not used – If used, try SSL instead of HTTP – Use SNMP version 3 • Limit access to certain machines or subnets • Log activity • Encrypt management communications Information Security © 2006 Eric Vanderburg
Communication Devices • Modem (Modulator / Demodulator) • DSL (Digital Subscriber Line) – uses phone lines on a much higher frequency. Dedicated line. • Cable Modem – faster max speed but a shared medium • Central Office (CO) or Head in – local connection point where a neighborhood of connections terminate and are connected into the ISP’s network. • Always-on connections can be tempting for attackers. Firewalls are a must. Information Security © 2006 Eric Vanderburg
Remote Access • RAS (Remote Access Server) – A computer that allows others to connect into it. – Modem – VPN • Protect using – Authentication – Privileges – Account lockout policies – Firewalls & ACL Information Security © 2006 Eric Vanderburg
File Browsing • UNC (Universal Naming Convention) – Windows shares are named computernamesharename Information Security © 2006 Eric Vanderburg
Telcos • PBX (Private Branch Exchange) – private switching station for voice and data services • PBX attacks – Data modification – Denial of service – Information disclosure – Traffic analysis – where calls go to and from, frequency, time – Theft of service Information Security © 2006 Eric Vanderburg
Network Security Devices • Firewalls – filters packets based on criteria such as an ACL or a rule base • Routers can serve this purpose but they are not as efficient as a dedicated device • Personal firewall (host based) • Enterprise software firewall – designed to run on a powerful machine that analyzes all network traffic running through it. • Hardware firewall – engineered to be able to process packets quickly and efficiently. Information Security © 2006 Eric Vanderburg
Firewalls • Packet filtering – Stateless – allows or denies packets based on rules – Stateful – keeps a state table of outgoing connections and allows corresponding incoming connections. • Advanced firewalls – Antivirus scanning – Content filtering – looks at web sites and such. Could use a database from another vendor which is updated regularly. Enable and disable types of content – Application layer firewall – looks at many packets together to determine whether to let them in. Information Security © 2006 Eric Vanderburg
Firewalls • DMZ (Demilitarized Zone) – area that is closer to the untrusted network than the rest of the LAN. Used for services made available to the Internet. • These servers may reside there: – Web server – Email server – RAS server – FTP server – Proxy server Information Security © 2006 Eric Vanderburg
IDS (Intrusion Detection System) • Monitors the packets on the network for signatures. – Network based - Looks at the overall flow. Positioned where a lot of traffic flows – Host based – resides on one machine and monitors the data coming to that machine. It may communicate with a central device. (Agent based) – Active IDS – can take action when an attack happens. – Passive IDS – alerts the administrator when there is an attack. – Anomaly based IDS or IPS (Intrusion Prevention System) – looks at behavior rather than signatures. May result in more positives. Information Security © 2006 Eric Vanderburg
Other concepts • • • • Intranet Extranet NAT (Network Address Translation) Honeypot Information Security © 2006 Eric Vanderburg
Acronyms • • • • • • • • CD-ROM, Compact Disk Read Only Memory CD-R, Compact Disk Recordable CD-RW, Compact Disk Rewritable DMZ, Demilitarized Zone DSL, Digital Subscriber Line DVD, Digital Versatile Disk DVD-R, Digital Versatile Disk Recordable DVD-RAM, Digital Versatile Disk Random Access Memory • DVD-RW, Digital Versatile Disk Rewritable • IDS, Intrusion Detection System Information Security © 2006 Eric Vanderburg
Acronyms • • • • • • • • • • MIB, Management Information base NAT, Network Address Translation PAT, Port Address Translation PBX, Private Branch Exchange RAS, Remote Access Server STP, Shielded Twisted Pair SNMP, Simple Network Management Protocol UNC, Universal Naming Convention UTP, Unshielded Twisted pair VLAN, Virtual Local Area Network Information Security © 2006 Eric Vanderburg

Recomendados

Secure Communications
Secure CommunicationsSecure Communications
Secure Communicationschriscavallo
 
Information Security Lesson 7 - Remote Access - Eric Vanderburg
Information Security Lesson 7 - Remote Access - Eric VanderburgInformation Security Lesson 7 - Remote Access - Eric Vanderburg
Information Security Lesson 7 - Remote Access - Eric VanderburgEric Vanderburg
 
Market Trend And Korenix IIoT Vision - 2018
Market Trend And Korenix IIoT Vision - 2018Market Trend And Korenix IIoT Vision - 2018
Market Trend And Korenix IIoT Vision - 2018Jiunn-Jer Sun
 
Network Security Through FIREWALL
Network Security Through FIREWALLNetwork Security Through FIREWALL
Network Security Through FIREWALLTheCreativedev Blog
 
Seminar
SeminarSeminar
SeminarAbhinav Kushwah
 
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and FeaturesZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and FeaturesZyxel Communications Corp.
 
Wall mounted ip network adapter t 7806
Wall mounted ip network adapter t 7806Wall mounted ip network adapter t 7806
Wall mounted ip network adapter t 7806Trimatrik Multimedia
 
Meletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis MPhil/MRes/BSc
 

Recomendados

Secure Communications
Secure CommunicationsSecure Communications
Secure Communicationschriscavallo
 
Information Security Lesson 7 - Remote Access - Eric Vanderburg
Information Security Lesson 7 - Remote Access - Eric VanderburgInformation Security Lesson 7 - Remote Access - Eric Vanderburg
Information Security Lesson 7 - Remote Access - Eric VanderburgEric Vanderburg
 
Market Trend And Korenix IIoT Vision - 2018
Market Trend And Korenix IIoT Vision - 2018Market Trend And Korenix IIoT Vision - 2018
Market Trend And Korenix IIoT Vision - 2018Jiunn-Jer Sun
 
Network Security Through FIREWALL
Network Security Through FIREWALLNetwork Security Through FIREWALL
Network Security Through FIREWALLTheCreativedev Blog
 
Seminar
SeminarSeminar
SeminarAbhinav Kushwah
 
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and FeaturesZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and FeaturesZyxel Communications Corp.
 
Wall mounted ip network adapter t 7806
Wall mounted ip network adapter t 7806Wall mounted ip network adapter t 7806
Wall mounted ip network adapter t 7806Trimatrik Multimedia
 
Meletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis MPhil/MRes/BSc
 
How to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregationHow to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregationWestermo Network Technologies
 
GSM Part-20
GSM Part-20GSM Part-20
GSM Part-20Techvilla
 
Wall mounted ip network adapter t 7805 a
Wall mounted ip network adapter t 7805 aWall mounted ip network adapter t 7805 a
Wall mounted ip network adapter t 7805 aTrimatrik Multimedia
 
How to migrate legacy serial devices to IP broadband
How to migrate legacy serial devices to IP broadbandHow to migrate legacy serial devices to IP broadband
How to migrate legacy serial devices to IP broadbandWestermo Network Technologies
 
Databook 2016-151224-a3
Databook 2016-151224-a3Databook 2016-151224-a3
Databook 2016-151224-a3DrayTek
 
Webinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communicationsWebinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communicationsWestermo Network Technologies
 
Mobile Video Architecture project
Mobile Video Architecture projectMobile Video Architecture project
Mobile Video Architecture projectTransit-Protect
 
Draytek Databook 2015 v2
Draytek Databook 2015 v2Draytek Databook 2015 v2
Draytek Databook 2015 v2DrayTek
 
Digistor standalone NVR - Info tech Middle East
Digistor standalone NVR - Info tech Middle EastDigistor standalone NVR - Info tech Middle East
Digistor standalone NVR - Info tech Middle EastAli Shoaee
 
Intoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture PresentationIntoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture Presentationsaddepalli
 
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpChanges to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpPine Cove Consulting
 
1000281 en 2
1000281 en 21000281 en 2
1000281 en 2nguyenlam123
 
Juniper Networks SRX Branch Solutions
Juniper Networks SRX Branch SolutionsJuniper Networks SRX Branch Solutions
Juniper Networks SRX Branch SolutionsAltaware, Inc.
 
Air vision ds
Air vision dsAir vision ds
Air vision dsLamarck Sousa
 
LoRaWAN for IoT
LoRaWAN for IoTLoRaWAN for IoT
LoRaWAN for IoTStavros Kalapothas
 
Low-Power Wide Area - Overview
Low-Power Wide Area - OverviewLow-Power Wide Area - Overview
Low-Power Wide Area - OverviewM2M Alliance e.V.
 
DrayTek switch_management_intro
DrayTek switch_management_introDrayTek switch_management_intro
DrayTek switch_management_introDrayTek
 
Databook 2017 v2
Databook 2017 v2Databook 2017 v2
Databook 2017 v2DrayTek
 
An Overview of LoRA, Sigfox, and IEEE 802.11ah
An Overview of LoRA, Sigfox, and IEEE 802.11ahAn Overview of LoRA, Sigfox, and IEEE 802.11ah
An Overview of LoRA, Sigfox, and IEEE 802.11ahFaheem Zafari
 
Networking Concepts Lesson 01 - Intro - Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric VanderburgNetworking Concepts Lesson 01 - Intro - Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric VanderburgEric Vanderburg
 
Network security & information security maintainence modified
Network security & information security maintainence modifiedNetwork security & information security maintainence modified
Network security & information security maintainence modifiedKeerthan Shetty
 
Networking Concepts Lesson 03 - Media - Eric Vanderburg
Networking Concepts Lesson 03 - Media - Eric VanderburgNetworking Concepts Lesson 03 - Media - Eric Vanderburg
Networking Concepts Lesson 03 - Media - Eric VanderburgEric Vanderburg
 

Mais conteúdo relacionado

Mais procurados

How to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregationHow to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregationWestermo Network Technologies
 
Wall mounted ip network adapter t 7805 a
Wall mounted ip network adapter t 7805 aWall mounted ip network adapter t 7805 a
Wall mounted ip network adapter t 7805 aTrimatrik Multimedia
 
How to migrate legacy serial devices to IP broadband
How to migrate legacy serial devices to IP broadbandHow to migrate legacy serial devices to IP broadband
How to migrate legacy serial devices to IP broadbandWestermo Network Technologies
 
Databook 2016-151224-a3
Databook 2016-151224-a3Databook 2016-151224-a3
Databook 2016-151224-a3DrayTek
 
Webinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communicationsWebinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communicationsWestermo Network Technologies
 
Mobile Video Architecture project
Mobile Video Architecture projectMobile Video Architecture project
Mobile Video Architecture projectTransit-Protect
 
Draytek Databook 2015 v2
Draytek Databook 2015 v2Draytek Databook 2015 v2
Draytek Databook 2015 v2DrayTek
 
Digistor standalone NVR - Info tech Middle East
Digistor standalone NVR - Info tech Middle EastDigistor standalone NVR - Info tech Middle East
Digistor standalone NVR - Info tech Middle EastAli Shoaee
 
Intoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture PresentationIntoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture Presentationsaddepalli
 
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpChanges to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpPine Cove Consulting
 
Juniper Networks SRX Branch Solutions
Juniper Networks SRX Branch SolutionsJuniper Networks SRX Branch Solutions
Juniper Networks SRX Branch SolutionsAltaware, Inc.
 
Low-Power Wide Area - Overview
Low-Power Wide Area - OverviewLow-Power Wide Area - Overview
Low-Power Wide Area - OverviewM2M Alliance e.V.
 
DrayTek switch_management_intro
DrayTek switch_management_introDrayTek switch_management_intro
DrayTek switch_management_introDrayTek
 
Databook 2017 v2
Databook 2017 v2Databook 2017 v2
Databook 2017 v2DrayTek
 
An Overview of LoRA, Sigfox, and IEEE 802.11ah
An Overview of LoRA, Sigfox, and IEEE 802.11ahAn Overview of LoRA, Sigfox, and IEEE 802.11ah
An Overview of LoRA, Sigfox, and IEEE 802.11ahFaheem Zafari
 
Networking Concepts Lesson 01 - Intro - Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric VanderburgNetworking Concepts Lesson 01 - Intro - Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric VanderburgEric Vanderburg
 

Mais procurados (20)

How to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregationHow to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregation
 
GSM Part-20
GSM Part-20GSM Part-20
GSM Part-20
 
Wall mounted ip network adapter t 7805 a
Wall mounted ip network adapter t 7805 aWall mounted ip network adapter t 7805 a
Wall mounted ip network adapter t 7805 a
 
How to migrate legacy serial devices to IP broadband
How to migrate legacy serial devices to IP broadbandHow to migrate legacy serial devices to IP broadband
How to migrate legacy serial devices to IP broadband
 
Databook 2016-151224-a3
Databook 2016-151224-a3Databook 2016-151224-a3
Databook 2016-151224-a3
 
Webinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communicationsWebinar how to prepare for the sunset of 2G and 3G cellular communications
Webinar how to prepare for the sunset of 2G and 3G cellular communications
 
Mobile Video Architecture project
Mobile Video Architecture projectMobile Video Architecture project
Mobile Video Architecture project
 
Draytek Databook 2015 v2
Draytek Databook 2015 v2Draytek Databook 2015 v2
Draytek Databook 2015 v2
 
Digistor standalone NVR - Info tech Middle East
Digistor standalone NVR - Info tech Middle EastDigistor standalone NVR - Info tech Middle East
Digistor standalone NVR - Info tech Middle East
 
Intoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture PresentationIntoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture Presentation
 
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can HelpChanges to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
Changes to Priority 2 E-Rate: How Pine Cove Consulting and Sophos Can Help
 
1000281 en 2
1000281 en 21000281 en 2
1000281 en 2
 
Juniper Networks SRX Branch Solutions
Juniper Networks SRX Branch SolutionsJuniper Networks SRX Branch Solutions
Juniper Networks SRX Branch Solutions
 
Air vision ds
Air vision dsAir vision ds
Air vision ds
 
LoRaWAN for IoT
LoRaWAN for IoTLoRaWAN for IoT
LoRaWAN for IoT
 
Low-Power Wide Area - Overview
Low-Power Wide Area - OverviewLow-Power Wide Area - Overview
Low-Power Wide Area - Overview
 
DrayTek switch_management_intro
DrayTek switch_management_introDrayTek switch_management_intro
DrayTek switch_management_intro
 
Databook 2017 v2
Databook 2017 v2Databook 2017 v2
Databook 2017 v2
 
An Overview of LoRA, Sigfox, and IEEE 802.11ah
An Overview of LoRA, Sigfox, and IEEE 802.11ahAn Overview of LoRA, Sigfox, and IEEE 802.11ah
An Overview of LoRA, Sigfox, and IEEE 802.11ah
 
Networking Concepts Lesson 01 - Intro - Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric VanderburgNetworking Concepts Lesson 01 - Intro - Eric Vanderburg
Networking Concepts Lesson 01 - Intro - Eric Vanderburg
 

Destaque

Network security & information security maintainence modified
Network security & information security maintainence modifiedNetwork security & information security maintainence modified
Network security & information security maintainence modifiedKeerthan Shetty
 
Networking Concepts Lesson 03 - Media - Eric Vanderburg
Networking Concepts Lesson 03 - Media - Eric VanderburgNetworking Concepts Lesson 03 - Media - Eric Vanderburg
Networking Concepts Lesson 03 - Media - Eric VanderburgEric Vanderburg
 
Recording formats and_editing_softwares
Recording formats and_editing_softwaresRecording formats and_editing_softwares
Recording formats and_editing_softwaresAzizur Rahman
 
Network Security Offering by GSS America
Network Security Offering by GSS AmericaNetwork Security Offering by GSS America
Network Security Offering by GSS AmericaGss America
 
Soft computing and artificial intelligence techniques for intrusion
Soft computing and artificial intelligence techniques for intrusionSoft computing and artificial intelligence techniques for intrusion
Soft computing and artificial intelligence techniques for intrusionAlexander Decker
 
Information & network security certifications
Information & network security certificationsInformation & network security certifications
Information & network security certificationsHamid Hasanabadi
 
Artificial intelligence original
Artificial intelligence originalArtificial intelligence original
Artificial intelligence originalSaila Sri
 
Advanced Computing Techonologies
Advanced Computing TechonologiesAdvanced Computing Techonologies
Advanced Computing TechonologiesKathirvel Ayyaswamy
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network securityNEHA PATEL
 
Information and Network Security
Information and Network SecurityInformation and Network Security
Information and Network SecurityMaulik Togadiya
 
Conventional Encryption NS2
Conventional Encryption NS2Conventional Encryption NS2
Conventional Encryption NS2koolkampus
 
NetworkSecurity.ppt
NetworkSecurity.pptNetworkSecurity.ppt
NetworkSecurity.pptDreamMalar
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 

Destaque (17)

Network security & information security maintainence modified
Network security & information security maintainence modifiedNetwork security & information security maintainence modified
Network security & information security maintainence modified
 
Networking Concepts Lesson 03 - Media - Eric Vanderburg
Networking Concepts Lesson 03 - Media - Eric VanderburgNetworking Concepts Lesson 03 - Media - Eric Vanderburg
Networking Concepts Lesson 03 - Media - Eric Vanderburg
 
Recording formats and_editing_softwares
Recording formats and_editing_softwaresRecording formats and_editing_softwares
Recording formats and_editing_softwares
 
Network Security Offering by GSS America
Network Security Offering by GSS AmericaNetwork Security Offering by GSS America
Network Security Offering by GSS America
 
Soft computing and artificial intelligence techniques for intrusion
Soft computing and artificial intelligence techniques for intrusionSoft computing and artificial intelligence techniques for intrusion
Soft computing and artificial intelligence techniques for intrusion
 
Information & network security certifications
Information & network security certificationsInformation & network security certifications
Information & network security certifications
 
Artificial intelligence original
Artificial intelligence originalArtificial intelligence original
Artificial intelligence original
 
Wire Less
Wire LessWire Less
Wire Less
 
Advanced Computing Techonologies
Advanced Computing TechonologiesAdvanced Computing Techonologies
Advanced Computing Techonologies
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network security
 
Network security
Network securityNetwork security
Network security
 
Information and Network Security
Information and Network SecurityInformation and Network Security
Information and Network Security
 
Basics of Soft Computing
Basics of Soft Computing Basics of Soft Computing
Basics of Soft Computing
 
Conventional Encryption NS2
Conventional Encryption NS2Conventional Encryption NS2
Conventional Encryption NS2
 
Soft computing
Soft computingSoft computing
Soft computing
 
NetworkSecurity.ppt
NetworkSecurity.pptNetworkSecurity.ppt
NetworkSecurity.ppt
 
Network Security
Network SecurityNetwork Security
Network Security
 

Semelhante a Information Security Lesson 5 - Network Infrastructure - Eric Vanderburg

CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)Sam Bowne
 
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)Sam Bowne
 
Designing Local Area Network
Designing Local Area NetworkDesigning Local Area Network
Designing Local Area Networkzaisahil
 
wirelesssecurity materialwirelesssecurity materialwirelesssecurity material
wirelesssecurity materialwirelesssecurity materialwirelesssecurity materialwirelesssecurity materialwirelesssecurity materialwirelesssecurity material
wirelesssecurity materialwirelesssecurity materialwirelesssecurity materialNune SrinivasRao
 
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...cmstiernberg
 
MeshDynamics Mesh Networks- High Level Overview
MeshDynamics Mesh Networks- High Level OverviewMeshDynamics Mesh Networks- High Level Overview
MeshDynamics Mesh Networks- High Level OverviewMeshDynamics
 
Enterprise campus networks
Enterprise campus networksEnterprise campus networks
Enterprise campus networksKishor Satpathy
 
internet network for o level
internet network for o level internet network for o level
internet network for o level Samit Singh
 
Zero Trust for Private 5G and Edge
Zero Trust for Private 5G and EdgeZero Trust for Private 5G and Edge
Zero Trust for Private 5G and EdgeRebekah Rodriguez
 
Information Security Lesson 13 - Advanced Security - Eric Vanderburg
Information Security Lesson 13 - Advanced Security - Eric VanderburgInformation Security Lesson 13 - Advanced Security - Eric Vanderburg
Information Security Lesson 13 - Advanced Security - Eric VanderburgEric Vanderburg
 
Information Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric VanderburgInformation Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric VanderburgEric Vanderburg
 
A better connected world - Beijer Sales Kit 2017
A better connected world - Beijer Sales Kit 2017A better connected world - Beijer Sales Kit 2017
A better connected world - Beijer Sales Kit 2017Jiunn-Jer Sun
 

Semelhante a Information Security Lesson 5 - Network Infrastructure - Eric Vanderburg (20)

Airheads barcelona 2010 securing wireless la ns
Airheads barcelona 2010 securing wireless la nsAirheads barcelona 2010 securing wireless la ns
Airheads barcelona 2010 securing wireless la ns
 
Accessing remote networks
Accessing remote networksAccessing remote networks
Accessing remote networks
 
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
 
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)
CNIT 125 Ch 5 Communication & Network Security (part 2 of 2)
 
Designing Local Area Network
Designing Local Area NetworkDesigning Local Area Network
Designing Local Area Network
 
wirelesssecurity materialwirelesssecurity materialwirelesssecurity material
wirelesssecurity materialwirelesssecurity materialwirelesssecurity materialwirelesssecurity materialwirelesssecurity materialwirelesssecurity material
wirelesssecurity materialwirelesssecurity materialwirelesssecurity material
 
Networking
NetworkingNetworking
Networking
 
Basic networking
Basic networkingBasic networking
Basic networking
 
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
 
Hardware firewall
Hardware firewallHardware firewall
Hardware firewall
 
Ethernet basics
Ethernet basicsEthernet basics
Ethernet basics
 
MeshDynamics Mesh Networks- High Level Overview
MeshDynamics Mesh Networks- High Level OverviewMeshDynamics Mesh Networks- High Level Overview
MeshDynamics Mesh Networks- High Level Overview
 
Enterprise campus networks
Enterprise campus networksEnterprise campus networks
Enterprise campus networks
 
internet network for o level
internet network for o level internet network for o level
internet network for o level
 
Network Concepts
Network ConceptsNetwork Concepts
Network Concepts
 
Zero Trust for Private 5G and Edge
Zero Trust for Private 5G and EdgeZero Trust for Private 5G and Edge
Zero Trust for Private 5G and Edge
 
Information Security Lesson 13 - Advanced Security - Eric Vanderburg
Information Security Lesson 13 - Advanced Security - Eric VanderburgInformation Security Lesson 13 - Advanced Security - Eric Vanderburg
Information Security Lesson 13 - Advanced Security - Eric Vanderburg
 
Computer Networks .pdf
Computer Networks .pdfComputer Networks .pdf
Computer Networks .pdf
 
Information Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric VanderburgInformation Security Lesson 4 - Baselines - Eric Vanderburg
Information Security Lesson 4 - Baselines - Eric Vanderburg
 
A better connected world - Beijer Sales Kit 2017
A better connected world - Beijer Sales Kit 2017A better connected world - Beijer Sales Kit 2017
A better connected world - Beijer Sales Kit 2017
 

Mais de Eric Vanderburg

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveEric Vanderburg
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgEric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityEric Vanderburg
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...Eric Vanderburg
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatEric Vanderburg
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEric Vanderburg
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology managementEric Vanderburg
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technologyEric Vanderburg
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEric Vanderburg
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challengesEric Vanderburg
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: RoboticsEric Vanderburg
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercisesEric Vanderburg
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemEric Vanderburg
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsEric Vanderburg
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgEric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgEric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgEric Vanderburg
 

Mais de Eric Vanderburg (20)

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
 

Último

So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 

Último (20)

So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 

Information Security Lesson 5 - Network Infrastructure - Eric Vanderburg

  • 1. Information Security Chapter 5 Securing the Network Infrastructure Information Security © 2006 Eric Vanderburg
  • 2. Cabling • Cable Plant – Network infrastructure • Cable Characteristics – – – – – – – – – Bandwidth Rating Max Segment Length Segments per network Devices per segment Interference Susceptibility (EMI & RFI) Connection Hardware Cable Grade (PVC or Plenum Grade Teflon) Bend radius Cost (Material, Installation, & Maintenance) Information Security © 2006 Eric Vanderburg
  • 3. Coaxial Cable (Coax) • Thicknet (10base5) – – – – ½ inch thick RG-11 or RG-8 Vampire tap AUI (Attachment Unit Interface) - 15 pin DB-15 • Thinnet (10base2) – BNC (British Naval Connector) – 50 ohms impedance – RG-58 • Coax for Broadband (RG-59, 75 Ohm) Information Security © 2006 Eric Vanderburg
  • 4. Twisted Pair • Twists reduce crosstalk • UTP (Unshielded Twisted Pair) 10baseT • STP (Shielded Twisted Pair) – Foil wrapped around wires • Phone line (RJ-11) • TP Network cable (RJ-45) • 100 Meter max length Information Security © 2006 Eric Vanderburg
  • 5. Twisted Pair Categories • • • • • • • • Cat1 – voice only, before 1982 Cat2 – 4 wires, 4Mbps Cat3 – 4 wires, 10Mbps, 3 twists/foot Cat4 – 8 wires, 16Mbps Cat5 – 8 wires, 100Mbps Cat5e – 8 wires, 1Gbps, full-duplex, 100MHz* Cat6 – 8 wires, 1Gbps, 250MHz*, larger, more sensitive Cat7 – 8 wires, shielded, 1Gbps, 600MHz*, individually shielded pairs • *Easier to detect defects with higher frequencies Information Security © 2006 Eric Vanderburg
  • 6. Fiber Optic • • • • • • • • • Signal sent by light No eavesdropping No interference Two cables needed for full duplex Surrounded by Kevlar Max length: 2-100 km 1Gbps & 10Gbps implementations Difficult to install Expensive (Cable, Install, Maintenance) Information Security © 2006 Eric Vanderburg
  • 7. Fiber Optic Connectors ST (Straight Tip) SC (Straight Connection) LC (Link Control) MIC (Medium Interface Connector) MT-RJ two cables in one RJ-45 clone SMA (Subminiature Type A) Information Security © 2006 Eric Vanderburg
  • 8. Fiber Optic cable types • Single mode – – – – Laser based Spans longer distance One piece of glass Core: 2-9 microns • Multi-mode – – – – LED based Shorter distance Multiple pieces of glass Core: 25-200 microns Information Security © 2006 Eric Vanderburg
  • 9. Quick Comparison Type Length Bandwidth Installation Interference Cost UTP 100 meters 10Mbps-1Gbps Easy High Cheapest STP 100 meters 16Mbps-1Gbps Moderate Moderate Moderate Thinnet 185 meters 10Mbps Easy Moderate Cheap Thicknet 500 meters 10Mbps Hard Low Expensive 2-100 kilometers 100Mbps-10Gbps Moderate None Most Expensive Fiber Information Security © 2006 Eric Vanderburg
  • 10. Sniffers • Captures all data packets that travel on a network. • Designed for use in network diagnostics • Hard to trace because it is passive • Can be used to find passwords or other sensitive information • Mitigate with switched networks • Protect the physical environment • Watch out for comprimised hosts Information Security © 2006 Eric Vanderburg
  • 11. Removable Media • Optical Media – CD – DVD • Magnetic Media – – – – Floppy disk Hard drive Micro drive Tape • Flash Media – USB Stick, CF (non microdrive), SD, MMC, SmartMedia, Game cartridge, PCMCIA, Rom Chips Information Security © 2006 Eric Vanderburg
  • 12. Securing Removable Media • Encrypt USB Sticks • Disable or lock USB ports on the computer • Physical check that devices are not brought in Information Security © 2006 Eric Vanderburg
  • 13. Terms • Workstation • Server • Terminal Information Security © 2006 Eric Vanderburg
  • 14. Server Types • • • • • • • • Domain Controller Application Server File Server Print Server Communication Server Web Server Mail Server Name Server Information Security © 2006 Eric Vanderburg
  • 15. Server Vendors • • Sun Microsystems Microsoft – Solaris – Looking Glass – Windows NT – Windows 2000 – Windows 2003 • • • Linux (Various Distributions) Novell Netware OS/2 • Apple – Mac OSX Server • FreeBSD • NeXT Operating Systems Microsoft Linux UNIX BSD NeXT MacOSX NetWare v1-5 Mac OS 1-9 NetWare 6 Information Security © 2006 Eric Vanderburg OS/2
  • 16. Equipment • Repeater • Hubs – Active (powered – regenerates signal) – Passive (unpowered) • Bridge – Translation bridge – translates differing frame types for different architectures (ATM, Ethernet) • Router – Reduces the broadcast domain – Looks at packets – Can filter by packets Information Security © 2006 Eric Vanderburg
  • 17. Equipment • Switches – Cut-through switching – reads only the first part of the frame to forward it. – Store & forward switching • Reads entire frame before forwarding. Also does error checking using the CRC field, discards if errors. • Saves bandwidth because bad frames are not forwarded. Requires faster switches • Fragment free switching – reads enough to know it is not a malformed or damaged frame – – – – Reduces the collision domain Looks at frames VLANs (Virtual LAN) Core switch – central to the network. Other switches connect into it – Workgroup switch – connects to network nodes Information Security © 2006 Eric Vanderburg
  • 18. Network Management • SNMP (Simple Network Management Protocol) – Agents – MIB (Management Information Base) – Ports 161 & 162 UDP – SNMP enabled devices are called managed devices Information Security © 2006 Eric Vanderburg
  • 19. Securing Network Devices • Create a custom logon prompt to remove any info about the device • Disable HTTP or SNMP access if they are not used – If used, try SSL instead of HTTP – Use SNMP version 3 • Limit access to certain machines or subnets • Log activity • Encrypt management communications Information Security © 2006 Eric Vanderburg
  • 20. Communication Devices • Modem (Modulator / Demodulator) • DSL (Digital Subscriber Line) – uses phone lines on a much higher frequency. Dedicated line. • Cable Modem – faster max speed but a shared medium • Central Office (CO) or Head in – local connection point where a neighborhood of connections terminate and are connected into the ISP’s network. • Always-on connections can be tempting for attackers. Firewalls are a must. Information Security © 2006 Eric Vanderburg
  • 21. Remote Access • RAS (Remote Access Server) – A computer that allows others to connect into it. – Modem – VPN • Protect using – Authentication – Privileges – Account lockout policies – Firewalls & ACL Information Security © 2006 Eric Vanderburg
  • 22. File Browsing • UNC (Universal Naming Convention) – Windows shares are named computernamesharename Information Security © 2006 Eric Vanderburg
  • 23. Telcos • PBX (Private Branch Exchange) – private switching station for voice and data services • PBX attacks – Data modification – Denial of service – Information disclosure – Traffic analysis – where calls go to and from, frequency, time – Theft of service Information Security © 2006 Eric Vanderburg
  • 24. Network Security Devices • Firewalls – filters packets based on criteria such as an ACL or a rule base • Routers can serve this purpose but they are not as efficient as a dedicated device • Personal firewall (host based) • Enterprise software firewall – designed to run on a powerful machine that analyzes all network traffic running through it. • Hardware firewall – engineered to be able to process packets quickly and efficiently. Information Security © 2006 Eric Vanderburg
  • 25. Firewalls • Packet filtering – Stateless – allows or denies packets based on rules – Stateful – keeps a state table of outgoing connections and allows corresponding incoming connections. • Advanced firewalls – Antivirus scanning – Content filtering – looks at web sites and such. Could use a database from another vendor which is updated regularly. Enable and disable types of content – Application layer firewall – looks at many packets together to determine whether to let them in. Information Security © 2006 Eric Vanderburg
  • 26. Firewalls • DMZ (Demilitarized Zone) – area that is closer to the untrusted network than the rest of the LAN. Used for services made available to the Internet. • These servers may reside there: – Web server – Email server – RAS server – FTP server – Proxy server Information Security © 2006 Eric Vanderburg
  • 27. IDS (Intrusion Detection System) • Monitors the packets on the network for signatures. – Network based - Looks at the overall flow. Positioned where a lot of traffic flows – Host based – resides on one machine and monitors the data coming to that machine. It may communicate with a central device. (Agent based) – Active IDS – can take action when an attack happens. – Passive IDS – alerts the administrator when there is an attack. – Anomaly based IDS or IPS (Intrusion Prevention System) – looks at behavior rather than signatures. May result in more positives. Information Security © 2006 Eric Vanderburg
  • 28. Other concepts • • • • Intranet Extranet NAT (Network Address Translation) Honeypot Information Security © 2006 Eric Vanderburg
  • 29. Acronyms • • • • • • • • CD-ROM, Compact Disk Read Only Memory CD-R, Compact Disk Recordable CD-RW, Compact Disk Rewritable DMZ, Demilitarized Zone DSL, Digital Subscriber Line DVD, Digital Versatile Disk DVD-R, Digital Versatile Disk Recordable DVD-RAM, Digital Versatile Disk Random Access Memory • DVD-RW, Digital Versatile Disk Rewritable • IDS, Intrusion Detection System Information Security © 2006 Eric Vanderburg
  • 30. Acronyms • • • • • • • • • • MIB, Management Information base NAT, Network Address Translation PAT, Port Address Translation PBX, Private Branch Exchange RAS, Remote Access Server STP, Shielded Twisted Pair SNMP, Simple Network Management Protocol UNC, Universal Naming Convention UTP, Unshielded Twisted pair VLAN, Virtual Local Area Network Information Security © 2006 Eric Vanderburg