SlideShare uma empresa Scribd logo

02 introduction to network security

Transferir como PPTX, PDF
Joe McCarthy
Joe McCarthy
1 de 22
TCSS 431: Network Security Class Meeting 2a: Introduction to Network Security Joe McCarthy
Network Security close to home
Hacked Yahoo mail accounts Subject: hi how are you? Date: Sat, 23 Oct 2010 00:43:49 -0700 (PDT) From: * <*@yahoo.com> To: *@gmail.com, *@nokia.com, *@stanford.edu, *@baylegal.org … http://villarentalbyowner.com/index0314.php
Hacked Yahoo mail accounts Subject: this account has a virus - feel free to block it Date: Tue, 19 Oct 2010 15:46:27 -0700 (PDT) From: * <*@yahoo.com> To: * <*@gmail.com> Dear friends and colleagues, Some time earlier this year, my yahoo email account "contracted" a virus. As a result of it, my address book is being used to send spam emails to all of you which appear as if they are coming from me. They typically contain links to web sites, promotions, meds, etc. I am very sorry about this annoying cycle. I have tried to correct the problem through Yahoo's customer support. There doesn't seem to be any immediate remedy, as the emails don't originate from me any more. All I can hope is that this eventually wears itself off. Please feel free to block *@yahoo.com. I am switching to using *@gmail.com as my private email. I am also available at *@nokia.com. Thanks, *
A few words (& images) aboutPassword Security … some combination of upper and lowercase characters as well as numbers and a few ascii characters at least 13 characters in length … (Example: tH3w0rldi5round!1!) http://blogs.computerworld.com/17547/a_formula_approach_to_generating_passwords http://www.passwordmeter.com/
Textbook update Network Security: Private Communication in a Public World, 2/E Kaufman, Perlman & Speciner Prentice Hall, 2003 Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, 2/E Skoudis & Liston Prentice Hall, 2006
Another perspectiveon Network Security Network Security Essentials:Applications and Standards, 4/E William Stallings ISBN-10: 0136108059 ISBN-13: 9780136108054 Publisher: Prentice Hall Copyright: 2011 Format: Paper; 432 pp Published: 03/12/2010 http://williamstallings.com/NetSec/NetSec4e.html
The Security Requirements Triad Computer Security The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)
Security Requirements Confidentiality Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. Integrity Guarding against information modifications or destruction, including ensuring information non-repudiation and authenticity. Availability Ensuring timely and reliable access to and use of information
Security Attacks, Mechanisms & Services Security Attack Any action that compromises the security of information Security Mechanism A process / device that is designed to detect, prevent or recover from a security attack. Security Service A service intended to counter security attacks, typically by implementing one or more mechanisms.
Threats & Attacks … but threat and attack used nearly interchangeably
Security Threats / Attacks … …
Security Threats / Attacks
Passive Attacks
Active Attacks (1)
Active Attacks (2)
Security Services (X.800) Authentication The assurance that the communicating entity is the one it claims to be Access Control The prevention of unauthorized use of a resource who can have access to a resource, under what conditions access can occur, what those accessing the resource are allowed to do Data Confidentiality The protection of data from unauthorized disclosure Data Integrity The assurance that data received are exactly as sent by an authorized entity (i.e., contains no modification, insertion, deletion or replay). Non-Repudiation Provides protection against denial by one of the entities involved in a communication of having participated in all/part of the communication.
Security Mechanisms (X.800)
Model for Network Security
Coarse Outline Whirlwind tour of Computer Networks Computer Hack Reloaded: Anatomy of an Attack Phase 1: Reconnaissance Phase 2: Scanning Phase 3: Gaining Access Phase 4: Maintaining Access Phase 5: Covering Tracks and Hiding Network Security: Mechanisms & Services Special Topics
Some Network Humor http://www.amazon.com/Story-About-Ping-Marjorie-Flack/product-reviews/0140502416
Some Network Humor $ ping google.com PING google.com (66.102.7.104): 56 data bytes 64 bytes from 66.102.7.104: icmp_seq=0 ttl=53 time=55.990 ms 64 bytes from 66.102.7.104: icmp_seq=1 ttl=53 time=44.317 ms 64 bytes from 66.102.7.104: icmp_seq=2 ttl=53 time=45.687 ms 64 bytes from 66.102.7.104: icmp_seq=3 ttl=53 time=44.993 ms 64 bytes from 66.102.7.104: icmp_seq=4 ttl=53 time=45.481 ms ^C --- google.com ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 44.317/47.294/55.990/4.374 ms $ ping amazon.com PING amazon.com (72.21.214.128): 56 data bytes ^C --- amazon.com ping statistics --- 10 packets transmitted, 0 packets received, 100% packet loss $

Recomendados

Network Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and TechniquesNetwork Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and Techniqueswaqasahmad1995
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityComputing Cage
 
Network Security
Network SecurityNetwork Security
Network SecurityRaymond Jose
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architectureuniversity of education,Lahore
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network securityIGZ Software house
 
Network management and security
Network management and securityNetwork management and security
Network management and securityAnkit Bhandari
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsFat-Thing Gabriel-Culley
 
Network security for E-Commerce
Network security for E-CommerceNetwork security for E-Commerce
Network security for E-CommerceHem Pokhrel
 

Recomendados

Network Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and TechniquesNetwork Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and Techniqueswaqasahmad1995
 
Introduction to Network Security
Introduction to Network SecurityIntroduction to Network Security
Introduction to Network SecurityComputing Cage
 
Network Security
Network SecurityNetwork Security
Network SecurityRaymond Jose
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architectureuniversity of education,Lahore
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network securityIGZ Software house
 
Network management and security
Network management and securityNetwork management and security
Network management and securityAnkit Bhandari
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsFat-Thing Gabriel-Culley
 
Network security for E-Commerce
Network security for E-CommerceNetwork security for E-Commerce
Network security for E-CommerceHem Pokhrel
 
Network Security Issues
Network Security IssuesNetwork Security Issues
Network Security IssuesAfreenYousaf
 
Network security ppt
Network security pptNetwork security ppt
Network security pptOECLIB Odisha Electronics Control Library
 
Data Network Security
Data Network SecurityData Network Security
Data Network SecurityAtif Rehmat
 
Network security
Network securityNetwork security
Network securityNkosinathi Lungu
 
Chapter 01
Chapter 01Chapter 01
Chapter 01nathanurag
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & AttacksNetwax Lab
 
Types of attacks
Types of attacksTypes of attacks
Types of attacksVivek Gandhi
 
Computer Network Security
Computer Network SecurityComputer Network Security
Computer Network SecuritySachithra Gayan
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security pptSAIKAT BISWAS
 
Network security
Network securityNetwork security
Network securityquest university nawabshah
 
Modern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeModern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeIkhtiar Khan Sohan
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewMohamed Loey
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Network Security Research Paper
Network Security Research PaperNetwork Security Research Paper
Network Security Research PaperPankaj Jha
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1osama elfar
 
Ethical hacking ppt
Ethical hacking pptEthical hacking ppt
Ethical hacking pptNitesh Dubey
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Network security
Network securityNetwork security
Network securityAli Kamil
 
Network Security 1st Lecture
Network Security 1st LectureNetwork Security 1st Lecture
Network Security 1st Lecturebabak danyal
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITYafaque jaya
 
Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardChapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardShafaan Khaliq Bhatti
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threadssrivijaymanickam
 

Mais conteúdo relacionado

Mais procurados

Network Security Issues
Network Security IssuesNetwork Security Issues
Network Security IssuesAfreenYousaf
 
Data Network Security
Data Network SecurityData Network Security
Data Network SecurityAtif Rehmat
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & AttacksNetwax Lab
 
Computer Network Security
Computer Network SecurityComputer Network Security
Computer Network SecuritySachithra Gayan
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security pptSAIKAT BISWAS
 
Modern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeModern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeIkhtiar Khan Sohan
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewMohamed Loey
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Network Security Research Paper
Network Security Research PaperNetwork Security Research Paper
Network Security Research PaperPankaj Jha
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1osama elfar
 
Ethical hacking ppt
Ethical hacking pptEthical hacking ppt
Ethical hacking pptNitesh Dubey
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
 
Network security
Network securityNetwork security
Network securityAli Kamil
 
Network Security 1st Lecture
Network Security 1st LectureNetwork Security 1st Lecture
Network Security 1st Lecturebabak danyal
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITYafaque jaya
 

Mais procurados (20)

Network Security Issues
Network Security IssuesNetwork Security Issues
Network Security Issues
 
Network security ppt
Network security pptNetwork security ppt
Network security ppt
 
Data Network Security
Data Network SecurityData Network Security
Data Network Security
 
Network security
Network securityNetwork security
Network security
 
Chapter 01
Chapter 01Chapter 01
Chapter 01
 
Network Security & Attacks
Network Security & AttacksNetwork Security & Attacks
Network Security & Attacks
 
Types of attacks
Types of attacksTypes of attacks
Types of attacks
 
Computer Network Security
Computer Network SecurityComputer Network Security
Computer Network Security
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
 
Network security
Network securityNetwork security
Network security
 
Modern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeModern Network Security Issue and Challenge
Modern Network Security Issue and Challenge
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: Overview
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Network Security Research Paper
Network Security Research PaperNetwork Security Research Paper
Network Security Research Paper
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1
 
Ethical hacking ppt
Ethical hacking pptEthical hacking ppt
Ethical hacking ppt
 
Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security Chapter 1 Introduction of Cryptography and Network security
Chapter 1 Introduction of Cryptography and Network security
 
Network security
Network securityNetwork security
Network security
 
Network Security 1st Lecture
Network Security 1st LectureNetwork Security 1st Lecture
Network Security 1st Lecture
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
 

Destaque

Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardChapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardShafaan Khaliq Bhatti
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threadssrivijaymanickam
 
block ciphers
block ciphersblock ciphers
block ciphersAsad Ali
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Securitybabak danyal
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & preventionPriSim
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Aes (advance encryption standard)
Aes (advance encryption standard) Aes (advance encryption standard)
Aes (advance encryption standard) Sina Manavi
 
AES-Advanced Encryption Standard
AES-Advanced Encryption StandardAES-Advanced Encryption Standard
AES-Advanced Encryption StandardPrince Rachit
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)Haris Ahmed
 

Destaque (14)

Chapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption StandardChapter 3: Block Ciphers and the Data Encryption Standard
Chapter 3: Block Ciphers and the Data Encryption Standard
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threads
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption Techniques
 
block ciphers
block ciphersblock ciphers
block ciphers
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Security
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internet
 
Network Attacks
Network AttacksNetwork Attacks
Network Attacks
 
Computer Security Threats
Computer Security ThreatsComputer Security Threats
Computer Security Threats
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Aes (advance encryption standard)
Aes (advance encryption standard) Aes (advance encryption standard)
Aes (advance encryption standard)
 
AES-Advanced Encryption Standard
AES-Advanced Encryption StandardAES-Advanced Encryption Standard
AES-Advanced Encryption Standard
 
Data Encryption Standard (DES)
Data Encryption Standard (DES)Data Encryption Standard (DES)
Data Encryption Standard (DES)
 
Network security
Network securityNetwork security
Network security
 

Semelhante a 02 introduction to network security

Security in network computing
Security in network computingSecurity in network computing
Security in network computingManoj VNV
 
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Cengage Learning
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture NotesFellowBuddy.com
 
ethical hacking report
ethical hacking report ethical hacking report
ethical hacking reportAkhilesh Patel
 
3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security3 Most Common Threats Of Information Security
3 Most Common Threats Of Information SecurityAna Meskovska
 
VTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notesVTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notesJayanth Dwijesh H P
 

Semelhante a 02 introduction to network security (20)

Security in network computing
Security in network computingSecurity in network computing
Security in network computing
 
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Techn...
 
Physical Layer Essay
Physical Layer EssayPhysical Layer Essay
Physical Layer Essay
 
Network security
Network security Network security
Network security
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Aspects of Network Security
Aspects of Network SecurityAspects of Network Security
Aspects of Network Security
 
Network security
Network securityNetwork security
Network security
 
System Security
System SecuritySystem Security
System Security
 
Insecurity vssut
Insecurity vssutInsecurity vssut
Insecurity vssut
 
Information Security Lecture Notes
Information Security Lecture NotesInformation Security Lecture Notes
Information Security Lecture Notes
 
ethical hacking report
ethical hacking report ethical hacking report
ethical hacking report
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Computer security
Computer securityComputer security
Computer security
 
Hack the hack
Hack the hackHack the hack
Hack the hack
 
Network security
Network securityNetwork security
Network security
 
NetworkSecurity
NetworkSecurityNetworkSecurity
NetworkSecurity
 
hacker culture
hacker culturehacker culture
hacker culture
 
3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security
 
VTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notesVTU network security(10 ec832) unit 6 notes
VTU network security(10 ec832) unit 6 notes
 
Types of Cyber Crimes and Security Threats
Types of Cyber Crimes and Security ThreatsTypes of Cyber Crimes and Security Threats
Types of Cyber Crimes and Security Threats
 

Mais de Joe McCarthy

Situated Social Computing 20110622
Situated Social Computing 20110622Situated Social Computing 20110622
Situated Social Computing 20110622Joe McCarthy
 
Alone Together: Human-Robot Interaction
Alone Together: Human-Robot InteractionAlone Together: Human-Robot Interaction
Alone Together: Human-Robot InteractionJoe McCarthy
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacksJoe McCarthy
 
Toward Hybrid Computing
Toward Hybrid ComputingToward Hybrid Computing
Toward Hybrid ComputingJoe McCarthy
 
Technology Education in an Urban Metropolitan University
Technology Education in an Urban Metropolitan UniversityTechnology Education in an Urban Metropolitan University
Technology Education in an Urban Metropolitan UniversityJoe McCarthy
 
Hybrid Design Practices - Technology in Downtown Disney
Hybrid Design Practices - Technology in Downtown DisneyHybrid Design Practices - Technology in Downtown Disney
Hybrid Design Practices - Technology in Downtown DisneyJoe McCarthy
 
UbiComp 2009 Town Hall
UbiComp 2009 Town HallUbiComp 2009 Town Hall
UbiComp 2009 Town HallJoe McCarthy
 
Ubicomp2009 Opening Remarks
Ubicomp2009 Opening RemarksUbicomp2009 Opening Remarks
Ubicomp2009 Opening RemarksJoe McCarthy
 
Situated Community Technology C&T 2009
Situated Community Technology C&T 2009Situated Community Technology C&T 2009
Situated Community Technology C&T 2009Joe McCarthy
 
CoCollage Digital Cities 6
CoCollage Digital Cities 6CoCollage Digital Cities 6
CoCollage Digital Cities 6Joe McCarthy
 
CoCollage UW iSchool 20090515
CoCollage UW iSchool 20090515CoCollage UW iSchool 20090515
CoCollage UW iSchool 20090515Joe McCarthy
 
CoCollage Overview
CoCollage OverviewCoCollage Overview
CoCollage OverviewJoe McCarthy
 
Proactive Displays CSCW2008
Proactive Displays CSCW2008Proactive Displays CSCW2008
Proactive Displays CSCW2008Joe McCarthy
 
UbiComp 2008 Closing
UbiComp 2008 ClosingUbiComp 2008 Closing
UbiComp 2008 ClosingJoe McCarthy
 
Situated Computing U Korea Forum 20080924 Draft
Situated Computing U Korea Forum 20080924 DraftSituated Computing U Korea Forum 20080924 Draft
Situated Computing U Korea Forum 20080924 DraftJoe McCarthy
 
Ubicomp 2008 Opening
Ubicomp 2008 OpeningUbicomp 2008 Opening
Ubicomp 2008 OpeningJoe McCarthy
 
UbiComp2008 Town Hall
UbiComp2008 Town HallUbiComp2008 Town Hall
UbiComp2008 Town HallJoe McCarthy
 
Proactive Displays, UW DUB group, 16 July 2008
Proactive Displays, UW DUB group, 16 July 2008Proactive Displays, UW DUB group, 16 July 2008
Proactive Displays, UW DUB group, 16 July 2008Joe McCarthy
 
Proactive Displays IIIA 20080627
Proactive Displays IIIA 20080627Proactive Displays IIIA 20080627
Proactive Displays IIIA 20080627Joe McCarthy
 

Mais de Joe McCarthy (20)

Situated Social Computing 20110622
Situated Social Computing 20110622Situated Social Computing 20110622
Situated Social Computing 20110622
 
Alone Together: Human-Robot Interaction
Alone Together: Human-Robot InteractionAlone Together: Human-Robot Interaction
Alone Together: Human-Robot Interaction
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacks
 
Toward Hybrid Computing
Toward Hybrid ComputingToward Hybrid Computing
Toward Hybrid Computing
 
Technology Education in an Urban Metropolitan University
Technology Education in an Urban Metropolitan UniversityTechnology Education in an Urban Metropolitan University
Technology Education in an Urban Metropolitan University
 
Hybrid Design Practices - Technology in Downtown Disney
Hybrid Design Practices - Technology in Downtown DisneyHybrid Design Practices - Technology in Downtown Disney
Hybrid Design Practices - Technology in Downtown Disney
 
UbiComp 2009 Town Hall
UbiComp 2009 Town HallUbiComp 2009 Town Hall
UbiComp 2009 Town Hall
 
Ubicomp2009 Opening Remarks
Ubicomp2009 Opening RemarksUbicomp2009 Opening Remarks
Ubicomp2009 Opening Remarks
 
CoCollage C&T2009
CoCollage C&T2009CoCollage C&T2009
CoCollage C&T2009
 
Situated Community Technology C&T 2009
Situated Community Technology C&T 2009Situated Community Technology C&T 2009
Situated Community Technology C&T 2009
 
CoCollage Digital Cities 6
CoCollage Digital Cities 6CoCollage Digital Cities 6
CoCollage Digital Cities 6
 
CoCollage UW iSchool 20090515
CoCollage UW iSchool 20090515CoCollage UW iSchool 20090515
CoCollage UW iSchool 20090515
 
CoCollage Overview
CoCollage OverviewCoCollage Overview
CoCollage Overview
 
Proactive Displays CSCW2008
Proactive Displays CSCW2008Proactive Displays CSCW2008
Proactive Displays CSCW2008
 
UbiComp 2008 Closing
UbiComp 2008 ClosingUbiComp 2008 Closing
UbiComp 2008 Closing
 
Situated Computing U Korea Forum 20080924 Draft
Situated Computing U Korea Forum 20080924 DraftSituated Computing U Korea Forum 20080924 Draft
Situated Computing U Korea Forum 20080924 Draft
 
Ubicomp 2008 Opening
Ubicomp 2008 OpeningUbicomp 2008 Opening
Ubicomp 2008 Opening
 
UbiComp2008 Town Hall
UbiComp2008 Town HallUbiComp2008 Town Hall
UbiComp2008 Town Hall
 
Proactive Displays, UW DUB group, 16 July 2008
Proactive Displays, UW DUB group, 16 July 2008Proactive Displays, UW DUB group, 16 July 2008
Proactive Displays, UW DUB group, 16 July 2008
 
Proactive Displays IIIA 20080627
Proactive Displays IIIA 20080627Proactive Displays IIIA 20080627
Proactive Displays IIIA 20080627
 

02 introduction to network security

  • 1. TCSS 431: Network Security Class Meeting 2a: Introduction to Network Security Joe McCarthy
  • 3. Hacked Yahoo mail accounts Subject: hi how are you? Date: Sat, 23 Oct 2010 00:43:49 -0700 (PDT) From: * <*@yahoo.com> To: *@gmail.com, *@nokia.com, *@stanford.edu, *@baylegal.org … http://villarentalbyowner.com/index0314.php
  • 4. Hacked Yahoo mail accounts Subject: this account has a virus - feel free to block it Date: Tue, 19 Oct 2010 15:46:27 -0700 (PDT) From: * <*@yahoo.com> To: * <*@gmail.com> Dear friends and colleagues, Some time earlier this year, my yahoo email account "contracted" a virus. As a result of it, my address book is being used to send spam emails to all of you which appear as if they are coming from me. They typically contain links to web sites, promotions, meds, etc. I am very sorry about this annoying cycle. I have tried to correct the problem through Yahoo's customer support. There doesn't seem to be any immediate remedy, as the emails don't originate from me any more. All I can hope is that this eventually wears itself off. Please feel free to block *@yahoo.com. I am switching to using *@gmail.com as my private email. I am also available at *@nokia.com. Thanks, *
  • 5. A few words (& images) aboutPassword Security … some combination of upper and lowercase characters as well as numbers and a few ascii characters at least 13 characters in length … (Example: tH3w0rldi5round!1!) http://blogs.computerworld.com/17547/a_formula_approach_to_generating_passwords http://www.passwordmeter.com/
  • 6. Textbook update Network Security: Private Communication in a Public World, 2/E Kaufman, Perlman & Speciner Prentice Hall, 2003 Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, 2/E Skoudis & Liston Prentice Hall, 2006
  • 7. Another perspectiveon Network Security Network Security Essentials:Applications and Standards, 4/E William Stallings ISBN-10: 0136108059 ISBN-13: 9780136108054 Publisher: Prentice Hall Copyright: 2011 Format: Paper; 432 pp Published: 03/12/2010 http://williamstallings.com/NetSec/NetSec4e.html
  • 8. The Security Requirements Triad Computer Security The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications)
  • 9. Security Requirements Confidentiality Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. Integrity Guarding against information modifications or destruction, including ensuring information non-repudiation and authenticity. Availability Ensuring timely and reliable access to and use of information
  • 10. Security Attacks, Mechanisms & Services Security Attack Any action that compromises the security of information Security Mechanism A process / device that is designed to detect, prevent or recover from a security attack. Security Service A service intended to counter security attacks, typically by implementing one or more mechanisms.
  • 11. Threats & Attacks … but threat and attack used nearly interchangeably
  • 12. Security Threats / Attacks … …
  • 17. Security Services (X.800) Authentication The assurance that the communicating entity is the one it claims to be Access Control The prevention of unauthorized use of a resource who can have access to a resource, under what conditions access can occur, what those accessing the resource are allowed to do Data Confidentiality The protection of data from unauthorized disclosure Data Integrity The assurance that data received are exactly as sent by an authorized entity (i.e., contains no modification, insertion, deletion or replay). Non-Repudiation Provides protection against denial by one of the entities involved in a communication of having participated in all/part of the communication.
  • 19. Model for Network Security
  • 20. Coarse Outline Whirlwind tour of Computer Networks Computer Hack Reloaded: Anatomy of an Attack Phase 1: Reconnaissance Phase 2: Scanning Phase 3: Gaining Access Phase 4: Maintaining Access Phase 5: Covering Tracks and Hiding Network Security: Mechanisms & Services Special Topics
  • 21. Some Network Humor http://www.amazon.com/Story-About-Ping-Marjorie-Flack/product-reviews/0140502416
  • 22. Some Network Humor $ ping google.com PING google.com (66.102.7.104): 56 data bytes 64 bytes from 66.102.7.104: icmp_seq=0 ttl=53 time=55.990 ms 64 bytes from 66.102.7.104: icmp_seq=1 ttl=53 time=44.317 ms 64 bytes from 66.102.7.104: icmp_seq=2 ttl=53 time=45.687 ms 64 bytes from 66.102.7.104: icmp_seq=3 ttl=53 time=44.993 ms 64 bytes from 66.102.7.104: icmp_seq=4 ttl=53 time=45.481 ms ^C --- google.com ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 44.317/47.294/55.990/4.374 ms $ ping amazon.com PING amazon.com (72.21.214.128): 56 data bytes ^C --- amazon.com ping statistics --- 10 packets transmitted, 0 packets received, 100% packet loss $