SlideShare uma empresa Scribd logo

Telecommunications and Network Security Presentation

Wajahat Rajab
Wajahat Rajab
EducaçãoTecnologia
1 de 99
Baixar para ler offline
Telecommunications and Network Security Muhammad Wajahat Rajab
Domain Overview • Deals with digital communication mechanism by concentrating on the security aspect!
Mind Exercises • Divide 30 by half and add ten. What do you get? • A farmer had 17 sheep. All but 9 died. How many alive sheep were left? • Some months have 30 days, some months have 31 days. How many months have 28 days?
Network Concepts
Data Network Types • Local Area Network (LAN) • Wide Area Network (WAN) • What is intranet? • What is extranet?
OSI Reference Model • Adopted by ISO in 1984 • Defines standard protocols for communication and interoperability by using a layered approach • Follows Divide and Conquer Rule?
OSI Reference Model • Advantages – Clarifies the functions of a communication process – Reduces complex networking processes – Promotes interoperability by defining standard interfaces – Aids development – Facilitates easier and more logical troubleshooting
OSI Layers • Application Layer • Presentation Layer • Session Layer • Transport Layer • Network Layer • Data Link Layer • Physical Layer
Application Layer • Serves as the interface between user and the communication technologies – SMTP, FTP, HTTP
Presentation Layer • Ensures communication between different data representations – ASCII, EBCDIC, JPEG, MPEG, GIF
Session Layer • Establishes, maintains and terminates sessions between applications – SQL, RPC
Transport Layer • Provides reliable, transparent transfer of data between end points – TCP, UDP
Network Layer • Provides routing and forwarding functionalities – IP, DHCP
Data Link Layer • Provides reliable transfer of information across the physical link – Ethernet, Token Ring
Physical Layer • Concerned with transmission of unstructured bit streams over physical medium – E1, T1
TCP/IP Model
Topologies
Wireless Networks
FHSS • Frequency Hoping Spread Spectrum – Takes the total bandwidth and splits it into smaller sub- channels
DSSS • Direct Sequence Spread Spectrum – Applies sub-bits to a message • The sub-bits are used to generate a different format of the data before the data are transmitted • The receiving end uses these sub-bits to reassemble the signal into the original data format
OFDM • Orthogonal Frequency Division Multiplexing
Data Link Layer • WLAN technologies and protocols Type Speed Frequency Modulation Description 802.11 1 Mbps 2.4 Ghz DSSS Legacy Protocol 802.11b 11 Mbps 2.4 Ghz DSSS First widely used protocol 802.11a 54 Mbps 5.0 Ghz OFDM Operated in 5 Ghz band 802.11g 54 Mbps 2.4 Ghz OFDM/DSSS 802.11n 150 Mbps 2.4 Ghz OFDM
Security Flaws • No user authentication • No mutual authentication • Flawed encryption protocol – Allows specific bits to be modified • Solution? – 802.11i • Incorporates security measures for the 802.11 standards!
WEP • Wired Equivalent Privacy – Used to provide confidentiality – Uses stream cipher RC4 – Versions • WEP-64 and WEP-128 – 24 bit IV – Authentication Methods • Open System Authentication • Shared Key Authentication
WEP • Open System Authentication – Any client, regardless of its WEP keys, can associate itself with the Access Point – No authentication (in the true sense of the term) occurs – After the association, WEP key needed for encrypting the data frames • At this point, the client needs to have the right key!
WEP • Shared Key Authentication – A four-way challenge-response handshake is used • Client sends an authentication request to the Access Point • Access Point replies with a clear-text challenge • Client encrypts the challenge text using configured WEP key, and sends it back to Access Point • Access Point decrypts the material, and compares it with the sent clear-text – Depending on the success of this comparison, the Access Point sends back a positive or negative response!
WPA • WiFi Protected Access – Uses Temporal Key Integrity Protocol (TKIP) • Adds 48 bit IV value • Implements a frame counter to discourage replay attacks! – Uses EAP via RADIUS Server • For authentication
WPA • WPA Modes – Enterprise Mode • Requires an authentication server • Uses RADIUS protocols for authentication and key distribution • Centralizes management of user credentials – Pre-Shared Key Mode • Does not require an authentication server • Shared secret is used for authentication • Device-oriented management
WPA2 • WiFi Protected Access 2 – Replaces TKIP with CCMP • Counter Mode with Cipher Block Chaining Message Authentication Code Protocol • Uses AES • Provides more robust security
Network Attacks
DNS Poisoning
SYN Flood
ARP Poisoning Request 140.252.13 .1 .2 .3 .4 .5 08:00:20:03:F6:42 00:00:C0:C2:9B:26 Reply 140.252.13 .1 .2 .3 .4 .5 08:00:20:03:F6:42 00:00:C0:C2:9B:26 arp req | target IP: 140.252.13.5 | target eth: ? arp rep | sender IP: 140.252.13.5 | sender eth: 00:34:CD:C2:9F:A0 00:34:CD:C2:9F:A0
Network Sniffing … telnet Router5 User Access Verification Username: squiggie password: Sq%*jkl[;T Router5>ena Password: jhervq5 Router5# Got It !! Router5
IP Spoofing A B C Attacker
DDOS Attack Attacker Innocent handler Victim A Innocent handler Innocent agents Innocent agents Attack Alice NOW !
Smurf Attack 172.15.0.0 Muddasar Yasir 1 ICMP Echo Req Src: Yasir Dest: 172.15.255.255 2 ICMP Echo Reply Dest: Dos Target
Virtual Private Networks
Introduction • A private network that uses a public network to connect remote sites or users together!
Concept
Features of VPN • Security • Reliability • Scalability • Network management • Policy management
VPN Concepts • Encapsulation – Inclusion of one data structure within another structure • Encryption – Hiding of real information • Tunneling – Virtual path that delivers a packet
Tunneling Protocols • PPTP • L2F • L2TP • IPSec
PPTP • Point to Point Tunneling Protocol – Designed for client/server connectivity – Sets up a single point-to-point connection between two computers – Works at the data link layer – Transmits over IP networks only
L2F • Layer 2 Forwarding – Created before L2TP by Cisco – Merged with PPTP, which resulted in L2TP – Provides mutual authentication – No encryption
L2TP • Layer 2 Tunneling Protocol – Hybrid of L2F and PPTP – Sets up a single point-to-point connection between two computers – Works at the data link layer – Transmits over multiple types of networks, not just IP – Combined with IPSec for security
IPSec • Internet Protocol Security – Handles multiple connections at the same time – Provides secure authentication and encryption – Supports only IP networks – Focuses on LAN-to-LAN communication rather than user- to-user – Works at the network layer, and provides security on top of IP – Can work in tunnel mode, meaning the payload and the header are protected, or transport mode, meaning only the payload is protected
Benefits of VPN • Extend geographic connectivity • Improve security • Improve productivity • Simplify network topology • Provide global networking opportunities • Provide broadband networking compatibility • Provide faster ROI (return on investment) than traditional WAN
Intrusion Detection Systems
Introduction • A system that detects and logs – Inappropriate, Incorrect, or Anomalous activity
Types • Network based IDS • Host based IDS
Methods • Pattern matching – Signature based • Anomaly detection – Checks any abnormality • Protocol behavior – Checks correct usage of protocol
Events • True positive – When the IDS sets off an alert and it is a real attack • True negative – When the IDS does not set off an alert and it is normal traffic • False positive – When the IDS sets off an alert and it is normal traffic • False negative – When the IDS does not set off an alert and it is attack traffic
Firewalls
Introduction • A system that prevents unauthorized access – To or from a network • Controls the flow of traffic
Concept
Firewall Types • Packet filtering firewall • Proxy firewall – Application level proxy – Circuit level proxy • Stateful inspection firewall • Dynamic packet filtering firewall • Kernel proxy firewall
Packet Filtering Firewall • Governed by set of directives • Works at network layer • Makes decisions on – Packet’s source IP Address – Packet’s destination IP Address – Network and transport protocol being used – Source and destination ports – The interface being traversed
Packet Filtering Firewall • Ingress Filtering – Blocking inbound traffic • Egress Filtering – Blocking outbound traffic
Application Level Proxy • Contains a proxy agent • Does not allow a direct communication • Operates at the application level • Inspects the content, payload and header! • Can require authentication from the user
Circuit Level Proxy • Creates a circuit between client and the server • Works at session layer • Knows the source and destination addresses and makes access decisions based on the header information • Faster than application level proxy
Stateful Inspection Firewall • Tracks the state of connections • Blocks packets deviating from expected state • Works same as packet filtering firewall but keeps a state table as well! • Works at network and transport layer
Dynamic Packet Filtering
Kernel Proxy Firewalls • Fifth generation firewall! • Creates dynamic, customized TCP/IP stacks for packet evaluation • When a packet arrives, a new virtual network stack is created, which is made up of only the protocol proxies necessary to examine this specific packet properly • Speed of Packet filtering firewalls
Firewall Architectures • Screening Router • Dual Homed Gateways • Screened Host Gateways • Screened Subnet
Screening Router
Screening Router • Screening Router – A router placed between trusted and public networks – Security policy implemented using ACLs – Advantages: • Inexpensive • Simple and completely transparent – Disadvantages • Limited logging functionality • Single point of failure • Uses no user authentication
Dual Homed Gateway
Dual Homed Gateways • A single computer with separate NICs connected to each network • Used to divide internal trusted network from external networks • Advantages: – Operates in a Fail Secure mode – Logging functionality • Disadvantages: – Inconvenience to users – Slower network performance
Screened Host Gateways
Screened Host Gateways • Employs external screening router and internal bastion host • Advantages: – Provides distributed security between two devices – Restricted inbound/outbound access • Disadvantages: – Multiple single point of failures
Screened Subnet
Screened Subnet • Deploys external screening router, internal bastion host and internal screening router • Concept of DMZ • Advantages: – Provides defense in depth • Disadvantages: – Difficult to configure and maintain – Difficult to troubleshoot
Unified Threat Management • Single system with all the solutions • Contains firewall, malware detection and eradication, sensing and blocking of suspicious network probes, and so on… • Requires lot of resources • Reduces network complexity
Why Firewall Security • Remote login • Application backdoors • Operating system bugs • Denial of service • Spam • Source routing
Best Practices • Change the default configurations • ACLs should be simple and direct • Disallow source routing • Close unnecessary ports with dangerous services • Disable unused interfaces • Block directed IP broadcasts • Block incoming packets with internal address (they are spoofed) • Enable logging • Daily checks to ensure security
Thank You!  • Any Questions?
Questions
Question 1 • Which of the following is not a security goal for remote access? A. Reliable authentication of users and systems B. Protection of confidential data C. Easy to manage access control to systems and network resources D. Automated login for remote users
Question 1 • Which of the following is not a security goal for remote access? A. Reliable authentication of users and systems B. Protection of confidential data C. Easy to manage access control to systems and network resources D. Automated login for remote users
Question 2 • Which of the following is the biggest concern with firewall security? A. Internal hackers B. Complex configuration rules leading to misconfiguration C. Buffer overflows D. Distributed denial of service (DDOS) attacks
Question 2 • Which of the following is the biggest concern with firewall security? A. Internal hackers B. Complex configuration rules leading to misconfiguration C. Buffer overflows D. Distributed denial of service (DDOS) attacks
Question 3 • Which of the following should NOT normally be allowed through a firewall? A. SNMP B. SMTP C. HTTP D. SSH
Question 3 • Which of the following should NOT normally be allowed through a firewall? A. SNMP B. SMTP C. HTTP D. SSH
Question 4 • Which type of attack involves the alteration of a packet at the IP level to convince a system that it is communicating with a known entity in order to gain access to a system? A. TCP sequence number attack B. IP spoofing attack C. Piggybacking attack D. Teardrop attack
Question 4 • Which type of attack involves the alteration of a packet at the IP level to convince a system that it is communicating with a known entity in order to gain access to a system? A. TCP sequence number attack B. IP spoofing attack C. Piggybacking attack D. Teardrop attack
Question 5 • Which of the following statements pertaining to packet filtering is incorrect? A. It is based on ACLs B. It is not application dependant C. It operates at the network layer D. It keeps track of the state of a connection
Question 5 • Which of the following statements pertaining to packet filtering is incorrect? A. It is based on ACLs B. It is not application dependant C. It operates at the network layer D. It keeps track of the state of a connection
Question 6 • What is the main characteristic of a multi- homed host? A. It is placed between two routers or firewalls B. It allows IP routing C. It has multiple network interfaces, each connected to separate networks D. It operates at multiple layers
Question 6 • What is the main characteristic of a multi- homed host? A. It is placed between two routers or firewalls B. It allows IP routing C. It has multiple network interfaces, each connected to separate networks D. It operates at multiple layers
Question 7 • One drawback of Application Level Firewall is that it reduces network performance due to the fact that it must analyze every packet and: A. Decide what to do with each application B. Decide what to do with each user C. Decide what to do with each port D. Decide what to do with each packet
Question 7 • One drawback of Application Level Firewall is that it reduces network performance due to the fact that it must analyze every packet and: A. Decide what to do with each application B. Decide what to do with each user C. Decide what to do with each port D. Decide what to do with each packet
Question 8 • Address Resolution Protocol (ARP) interrogates the network by sending out a? A. Broadcast B. Multicast C. Unicast D. Semicast
Question 8 • Address Resolution Protocol (ARP) interrogates the network by sending out a? A. Broadcast B. Multicast C. Unicast D. Semicast
Question 9 • As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and can watch for unusual traffic behavior, such as a new service appearing on the network. What type of intrusion detection system would you select? A. Protocol anomaly based B. Pattern matching C. Stateful matching D. Traffic anomaly-based
Question 9 • As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and can watch for unusual traffic behavior, such as a new service appearing on the network. What type of intrusion detection system would you select? A. Protocol anomaly based B. Pattern matching C. Stateful matching D. Traffic anomaly-based
Question 10 • What refers to legitimate users accessing networked services that would normally be restricted to them? A. Spoofing B. Piggybacking C. Eavesdropping D. Logon abuse
Question 10 • What refers to legitimate users accessing networked services that would normally be restricted to them? A. Spoofing B. Piggybacking C. Eavesdropping D. Logon abuse
Thank You! 

Recomendados

Virtual Private Network(VPN)
Virtual Private Network(VPN)Virtual Private Network(VPN)
Virtual Private Network(VPN)
Abrish06
 
Network monitoring tools
Network monitoring toolsNetwork monitoring tools
Network monitoring tools
QaswarBosan
 
Network Monitoring System
Network Monitoring SystemNetwork Monitoring System
Network Monitoring System
Rofiq Fauzi
 
CISSP Prep: Ch 5. Communication and Network Security (Part 1)
CISSP Prep: Ch 5. Communication and Network Security (Part 1)CISSP Prep: Ch 5. Communication and Network Security (Part 1)
CISSP Prep: Ch 5. Communication and Network Security (Part 1)
Sam Bowne
 
Network forensic
Network forensicNetwork forensic
Network forensic
Manjushree Mashal
 
CISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - CryptographyCISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - Cryptography
Karthikeyan Dhayalan
 
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
Sam Bowne
 
Mail services
Mail servicesMail services
Mail services
Zia Sarwar
 

Recomendados

Virtual Private Network(VPN)
Virtual Private Network(VPN)Virtual Private Network(VPN)
Virtual Private Network(VPN)
Abrish06
 
Network monitoring tools
Network monitoring toolsNetwork monitoring tools
Network monitoring tools
QaswarBosan
 
Network Monitoring System
Network Monitoring SystemNetwork Monitoring System
Network Monitoring System
Rofiq Fauzi
 
CISSP Prep: Ch 5. Communication and Network Security (Part 1)
CISSP Prep: Ch 5. Communication and Network Security (Part 1)CISSP Prep: Ch 5. Communication and Network Security (Part 1)
CISSP Prep: Ch 5. Communication and Network Security (Part 1)
Sam Bowne
 
Network forensic
Network forensicNetwork forensic
Network forensic
Manjushree Mashal
 
CISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - CryptographyCISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - Cryptography
Karthikeyan Dhayalan
 
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
Sam Bowne
 
Mail services
Mail servicesMail services
Mail services
Zia Sarwar
 
Fortinet FortiOS 5 Presentation
Fortinet FortiOS 5 PresentationFortinet FortiOS 5 Presentation
Fortinet FortiOS 5 Presentation
NCS Computech Ltd.
 
E mail forensics
E mail forensicsE mail forensics
E mail forensics
saddamhusain hadimani
 
An overview of access control
An overview of access controlAn overview of access control
An overview of access control
Elimity
 
CISSP - Chapter 3 - Physical security
CISSP - Chapter 3 - Physical securityCISSP - Chapter 3 - Physical security
CISSP - Chapter 3 - Physical security
Karthikeyan Dhayalan
 
Chapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementChapter 11: Information Security Incident Management
Chapter 11: Information Security Incident Management
Nada G.Youssef
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
Wajahat Rajab
 
CISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and PoliciesCISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and Policies
Sam Bowne
 
Information Security Policies and Standards
Information Security Policies and StandardsInformation Security Policies and Standards
Information Security Policies and Standards
Directorate of Information Security | Ditjen Aptika
 
CISSP - Chapter 4 - Network Fundamental
CISSP - Chapter 4 - Network FundamentalCISSP - Chapter 4 - Network Fundamental
CISSP - Chapter 4 - Network Fundamental
Karthikeyan Dhayalan
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
Rajendra Dangwal
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logs
anilinvns
 
Email Forensics
Email ForensicsEmail Forensics
Email Forensics
Gol D Roger
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
SAIKAT BISWAS
 
Network Security
Network SecurityNetwork Security
Network Security
Manoj Singh
 
OSI model and TCP/IP model
OSI model and TCP/IP modelOSI model and TCP/IP model
OSI model and TCP/IP model
Rubal Sagwal
 
SSL And TLS
SSL And TLS SSL And TLS
SSL And TLS
Ghanshyam Patel
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
lalithambiga kamaraj
 
Dmz
Dmz Dmz
Dmz
أحلام انصارى
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system ppt
ashutosh rai
 
User authentication
User authenticationUser authentication
User authentication
CAS
 
Unit08
Unit08Unit08
Unit08
Nurul Nadirah
 
Enterprise campus networks
Enterprise campus networksEnterprise campus networks
Enterprise campus networks
Kishor Satpathy
 

Mais conteúdo relacionado

Mais procurados

Fortinet FortiOS 5 Presentation
Fortinet FortiOS 5 PresentationFortinet FortiOS 5 Presentation
Fortinet FortiOS 5 Presentation
NCS Computech Ltd.
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
Wajahat Rajab
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system ppt
ashutosh rai
 

Mais procurados (20)

Fortinet FortiOS 5 Presentation
Fortinet FortiOS 5 PresentationFortinet FortiOS 5 Presentation
Fortinet FortiOS 5 Presentation
 
E mail forensics
E mail forensicsE mail forensics
E mail forensics
 
An overview of access control
An overview of access controlAn overview of access control
An overview of access control
 
CISSP - Chapter 3 - Physical security
CISSP - Chapter 3 - Physical securityCISSP - Chapter 3 - Physical security
CISSP - Chapter 3 - Physical security
 
Chapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementChapter 11: Information Security Incident Management
Chapter 11: Information Security Incident Management
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
 
CISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and PoliciesCISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and Policies
 
Information Security Policies and Standards
Information Security Policies and StandardsInformation Security Policies and Standards
Information Security Policies and Standards
 
CISSP - Chapter 4 - Network Fundamental
CISSP - Chapter 4 - Network FundamentalCISSP - Chapter 4 - Network Fundamental
CISSP - Chapter 4 - Network Fundamental
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logs
 
Email Forensics
Email ForensicsEmail Forensics
Email Forensics
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
 
Network Security
Network SecurityNetwork Security
Network Security
 
OSI model and TCP/IP model
OSI model and TCP/IP modelOSI model and TCP/IP model
OSI model and TCP/IP model
 
SSL And TLS
SSL And TLS SSL And TLS
SSL And TLS
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
 
Dmz
Dmz Dmz
Dmz
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system ppt
 
User authentication
User authenticationUser authentication
User authentication
 

Semelhante a Telecommunications and Network Security Presentation

Web technologies: recap on TCP-IP
Web technologies: recap on TCP-IPWeb technologies: recap on TCP-IP
Web technologies: recap on TCP-IP
Piero Fraternali
 
02-ProtocolArchitecture william stellings.ppt
02-ProtocolArchitecture william stellings.ppt02-ProtocolArchitecture william stellings.ppt
02-ProtocolArchitecture william stellings.ppt
striker78669
 
Computer design and Architechure and Algorithm
Computer design and Architechure and AlgorithmComputer design and Architechure and Algorithm
Computer design and Architechure and Algorithm
mirzaahmadali
 
Packet Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferencePacket Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing Conference
Cengage Learning
 
wi-fi technology
wi-fi technologywi-fi technology
wi-fi technology
tardeep
 

Semelhante a Telecommunications and Network Security Presentation (20)

Unit08
Unit08Unit08
Unit08
 
Enterprise campus networks
Enterprise campus networksEnterprise campus networks
Enterprise campus networks
 
Web technologies: recap on TCP-IP
Web technologies: recap on TCP-IPWeb technologies: recap on TCP-IP
Web technologies: recap on TCP-IP
 
08. networking-part-2
08. networking-part-208. networking-part-2
08. networking-part-2
 
Internet of Things Protocol - Session 2
Internet of Things Protocol - Session 2Internet of Things Protocol - Session 2
Internet of Things Protocol - Session 2
 
02-ProtocolArchitecture william stellings.ppt
02-ProtocolArchitecture william stellings.ppt02-ProtocolArchitecture william stellings.ppt
02-ProtocolArchitecture william stellings.ppt
 
Computer design and Architechure and Algorithm
Computer design and Architechure and AlgorithmComputer design and Architechure and Algorithm
Computer design and Architechure and Algorithm
 
cn1.ppt
cn1.pptcn1.ppt
cn1.ppt
 
MVA slides lesson 8
MVA slides lesson 8MVA slides lesson 8
MVA slides lesson 8
 
98 366 mva slides lesson 8
98 366 mva slides lesson 898 366 mva slides lesson 8
98 366 mva slides lesson 8
 
MVA slides lesson 2
MVA slides lesson 2MVA slides lesson 2
MVA slides lesson 2
 
IP Signal Distribution
IP Signal DistributionIP Signal Distribution
IP Signal Distribution
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
Packet Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferencePacket Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing Conference
 
Vp ns
Vp nsVp ns
Vp ns
 
TCP/IP
TCP/IPTCP/IP
TCP/IP
 
Case mis ch06
Case mis ch06Case mis ch06
Case mis ch06
 
Network protocol
Network protocolNetwork protocol
Network protocol
 
Wifi
WifiWifi
Wifi
 
wi-fi technology
wi-fi technologywi-fi technology
wi-fi technology
 

Último

Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
Association for Project Management
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
AnaAcapella
 

Último (20)

Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 

Telecommunications and Network Security Presentation

  • 2. Domain Overview • Deals with digital communication mechanism by concentrating on the security aspect!
  • 3. Mind Exercises • Divide 30 by half and add ten. What do you get? • A farmer had 17 sheep. All but 9 died. How many alive sheep were left? • Some months have 30 days, some months have 31 days. How many months have 28 days?
  • 5. Data Network Types • Local Area Network (LAN) • Wide Area Network (WAN) • What is intranet? • What is extranet?
  • 6. OSI Reference Model • Adopted by ISO in 1984 • Defines standard protocols for communication and interoperability by using a layered approach • Follows Divide and Conquer Rule?
  • 7. OSI Reference Model • Advantages – Clarifies the functions of a communication process – Reduces complex networking processes – Promotes interoperability by defining standard interfaces – Aids development – Facilitates easier and more logical troubleshooting
  • 8. OSI Layers • Application Layer • Presentation Layer • Session Layer • Transport Layer • Network Layer • Data Link Layer • Physical Layer
  • 9. Application Layer • Serves as the interface between user and the communication technologies – SMTP, FTP, HTTP
  • 10. Presentation Layer • Ensures communication between different data representations – ASCII, EBCDIC, JPEG, MPEG, GIF
  • 11. Session Layer • Establishes, maintains and terminates sessions between applications – SQL, RPC
  • 12. Transport Layer • Provides reliable, transparent transfer of data between end points – TCP, UDP
  • 13. Network Layer • Provides routing and forwarding functionalities – IP, DHCP
  • 14. Data Link Layer • Provides reliable transfer of information across the physical link – Ethernet, Token Ring
  • 15. Physical Layer • Concerned with transmission of unstructured bit streams over physical medium – E1, T1
  • 19. FHSS • Frequency Hoping Spread Spectrum – Takes the total bandwidth and splits it into smaller sub- channels
  • 20. DSSS • Direct Sequence Spread Spectrum – Applies sub-bits to a message • The sub-bits are used to generate a different format of the data before the data are transmitted • The receiving end uses these sub-bits to reassemble the signal into the original data format
  • 21. OFDM • Orthogonal Frequency Division Multiplexing
  • 22. Data Link Layer • WLAN technologies and protocols Type Speed Frequency Modulation Description 802.11 1 Mbps 2.4 Ghz DSSS Legacy Protocol 802.11b 11 Mbps 2.4 Ghz DSSS First widely used protocol 802.11a 54 Mbps 5.0 Ghz OFDM Operated in 5 Ghz band 802.11g 54 Mbps 2.4 Ghz OFDM/DSSS 802.11n 150 Mbps 2.4 Ghz OFDM
  • 23. Security Flaws • No user authentication • No mutual authentication • Flawed encryption protocol – Allows specific bits to be modified • Solution? – 802.11i • Incorporates security measures for the 802.11 standards!
  • 24. WEP • Wired Equivalent Privacy – Used to provide confidentiality – Uses stream cipher RC4 – Versions • WEP-64 and WEP-128 – 24 bit IV – Authentication Methods • Open System Authentication • Shared Key Authentication
  • 25. WEP • Open System Authentication – Any client, regardless of its WEP keys, can associate itself with the Access Point – No authentication (in the true sense of the term) occurs – After the association, WEP key needed for encrypting the data frames • At this point, the client needs to have the right key!
  • 26. WEP • Shared Key Authentication – A four-way challenge-response handshake is used • Client sends an authentication request to the Access Point • Access Point replies with a clear-text challenge • Client encrypts the challenge text using configured WEP key, and sends it back to Access Point • Access Point decrypts the material, and compares it with the sent clear-text – Depending on the success of this comparison, the Access Point sends back a positive or negative response!
  • 27. WPA • WiFi Protected Access – Uses Temporal Key Integrity Protocol (TKIP) • Adds 48 bit IV value • Implements a frame counter to discourage replay attacks! – Uses EAP via RADIUS Server • For authentication
  • 28. WPA • WPA Modes – Enterprise Mode • Requires an authentication server • Uses RADIUS protocols for authentication and key distribution • Centralizes management of user credentials – Pre-Shared Key Mode • Does not require an authentication server • Shared secret is used for authentication • Device-oriented management
  • 29. WPA2 • WiFi Protected Access 2 – Replaces TKIP with CCMP • Counter Mode with Cipher Block Chaining Message Authentication Code Protocol • Uses AES • Provides more robust security
  • 33. ARP Poisoning Request 140.252.13 .1 .2 .3 .4 .5 08:00:20:03:F6:42 00:00:C0:C2:9B:26 Reply 140.252.13 .1 .2 .3 .4 .5 08:00:20:03:F6:42 00:00:C0:C2:9B:26 arp req | target IP: 140.252.13.5 | target eth: ? arp rep | sender IP: 140.252.13.5 | sender eth: 00:34:CD:C2:9F:A0 00:34:CD:C2:9F:A0
  • 34. Network Sniffing … telnet Router5 User Access Verification Username: squiggie password: Sq%*jkl[;T Router5>ena Password: jhervq5 Router5# Got It !! Router5
  • 36. DDOS Attack Attacker Innocent handler Victim A Innocent handler Innocent agents Innocent agents Attack Alice NOW !
  • 37. Smurf Attack 172.15.0.0 Muddasar Yasir 1 ICMP Echo Req Src: Yasir Dest: 172.15.255.255 2 ICMP Echo Reply Dest: Dos Target
  • 39. Introduction • A private network that uses a public network to connect remote sites or users together!
  • 41. Features of VPN • Security • Reliability • Scalability • Network management • Policy management
  • 42. VPN Concepts • Encapsulation – Inclusion of one data structure within another structure • Encryption – Hiding of real information • Tunneling – Virtual path that delivers a packet
  • 43. Tunneling Protocols • PPTP • L2F • L2TP • IPSec
  • 44. PPTP • Point to Point Tunneling Protocol – Designed for client/server connectivity – Sets up a single point-to-point connection between two computers – Works at the data link layer – Transmits over IP networks only
  • 45. L2F • Layer 2 Forwarding – Created before L2TP by Cisco – Merged with PPTP, which resulted in L2TP – Provides mutual authentication – No encryption
  • 46. L2TP • Layer 2 Tunneling Protocol – Hybrid of L2F and PPTP – Sets up a single point-to-point connection between two computers – Works at the data link layer – Transmits over multiple types of networks, not just IP – Combined with IPSec for security
  • 47. IPSec • Internet Protocol Security – Handles multiple connections at the same time – Provides secure authentication and encryption – Supports only IP networks – Focuses on LAN-to-LAN communication rather than user- to-user – Works at the network layer, and provides security on top of IP – Can work in tunnel mode, meaning the payload and the header are protected, or transport mode, meaning only the payload is protected
  • 48. Benefits of VPN • Extend geographic connectivity • Improve security • Improve productivity • Simplify network topology • Provide global networking opportunities • Provide broadband networking compatibility • Provide faster ROI (return on investment) than traditional WAN
  • 50. Introduction • A system that detects and logs – Inappropriate, Incorrect, or Anomalous activity
  • 51. Types • Network based IDS • Host based IDS
  • 52. Methods • Pattern matching – Signature based • Anomaly detection – Checks any abnormality • Protocol behavior – Checks correct usage of protocol
  • 53. Events • True positive – When the IDS sets off an alert and it is a real attack • True negative – When the IDS does not set off an alert and it is normal traffic • False positive – When the IDS sets off an alert and it is normal traffic • False negative – When the IDS does not set off an alert and it is attack traffic
  • 55. Introduction • A system that prevents unauthorized access – To or from a network • Controls the flow of traffic
  • 57. Firewall Types • Packet filtering firewall • Proxy firewall – Application level proxy – Circuit level proxy • Stateful inspection firewall • Dynamic packet filtering firewall • Kernel proxy firewall
  • 58. Packet Filtering Firewall • Governed by set of directives • Works at network layer • Makes decisions on – Packet’s source IP Address – Packet’s destination IP Address – Network and transport protocol being used – Source and destination ports – The interface being traversed
  • 59. Packet Filtering Firewall • Ingress Filtering – Blocking inbound traffic • Egress Filtering – Blocking outbound traffic
  • 60. Application Level Proxy • Contains a proxy agent • Does not allow a direct communication • Operates at the application level • Inspects the content, payload and header! • Can require authentication from the user
  • 61. Circuit Level Proxy • Creates a circuit between client and the server • Works at session layer • Knows the source and destination addresses and makes access decisions based on the header information • Faster than application level proxy
  • 62. Stateful Inspection Firewall • Tracks the state of connections • Blocks packets deviating from expected state • Works same as packet filtering firewall but keeps a state table as well! • Works at network and transport layer
  • 64. Kernel Proxy Firewalls • Fifth generation firewall! • Creates dynamic, customized TCP/IP stacks for packet evaluation • When a packet arrives, a new virtual network stack is created, which is made up of only the protocol proxies necessary to examine this specific packet properly • Speed of Packet filtering firewalls
  • 65. Firewall Architectures • Screening Router • Dual Homed Gateways • Screened Host Gateways • Screened Subnet
  • 67. Screening Router • Screening Router – A router placed between trusted and public networks – Security policy implemented using ACLs – Advantages: • Inexpensive • Simple and completely transparent – Disadvantages • Limited logging functionality • Single point of failure • Uses no user authentication
  • 69. Dual Homed Gateways • A single computer with separate NICs connected to each network • Used to divide internal trusted network from external networks • Advantages: – Operates in a Fail Secure mode – Logging functionality • Disadvantages: – Inconvenience to users – Slower network performance
  • 71. Screened Host Gateways • Employs external screening router and internal bastion host • Advantages: – Provides distributed security between two devices – Restricted inbound/outbound access • Disadvantages: – Multiple single point of failures
  • 73. Screened Subnet • Deploys external screening router, internal bastion host and internal screening router • Concept of DMZ • Advantages: – Provides defense in depth • Disadvantages: – Difficult to configure and maintain – Difficult to troubleshoot
  • 74. Unified Threat Management • Single system with all the solutions • Contains firewall, malware detection and eradication, sensing and blocking of suspicious network probes, and so on… • Requires lot of resources • Reduces network complexity
  • 75. Why Firewall Security • Remote login • Application backdoors • Operating system bugs • Denial of service • Spam • Source routing
  • 76. Best Practices • Change the default configurations • ACLs should be simple and direct • Disallow source routing • Close unnecessary ports with dangerous services • Disable unused interfaces • Block directed IP broadcasts • Block incoming packets with internal address (they are spoofed) • Enable logging • Daily checks to ensure security
  • 77. Thank You!  • Any Questions?
  • 79. Question 1 • Which of the following is not a security goal for remote access? A. Reliable authentication of users and systems B. Protection of confidential data C. Easy to manage access control to systems and network resources D. Automated login for remote users
  • 80. Question 1 • Which of the following is not a security goal for remote access? A. Reliable authentication of users and systems B. Protection of confidential data C. Easy to manage access control to systems and network resources D. Automated login for remote users
  • 81. Question 2 • Which of the following is the biggest concern with firewall security? A. Internal hackers B. Complex configuration rules leading to misconfiguration C. Buffer overflows D. Distributed denial of service (DDOS) attacks
  • 82. Question 2 • Which of the following is the biggest concern with firewall security? A. Internal hackers B. Complex configuration rules leading to misconfiguration C. Buffer overflows D. Distributed denial of service (DDOS) attacks
  • 83. Question 3 • Which of the following should NOT normally be allowed through a firewall? A. SNMP B. SMTP C. HTTP D. SSH
  • 84. Question 3 • Which of the following should NOT normally be allowed through a firewall? A. SNMP B. SMTP C. HTTP D. SSH
  • 85. Question 4 • Which type of attack involves the alteration of a packet at the IP level to convince a system that it is communicating with a known entity in order to gain access to a system? A. TCP sequence number attack B. IP spoofing attack C. Piggybacking attack D. Teardrop attack
  • 86. Question 4 • Which type of attack involves the alteration of a packet at the IP level to convince a system that it is communicating with a known entity in order to gain access to a system? A. TCP sequence number attack B. IP spoofing attack C. Piggybacking attack D. Teardrop attack
  • 87. Question 5 • Which of the following statements pertaining to packet filtering is incorrect? A. It is based on ACLs B. It is not application dependant C. It operates at the network layer D. It keeps track of the state of a connection
  • 88. Question 5 • Which of the following statements pertaining to packet filtering is incorrect? A. It is based on ACLs B. It is not application dependant C. It operates at the network layer D. It keeps track of the state of a connection
  • 89. Question 6 • What is the main characteristic of a multi- homed host? A. It is placed between two routers or firewalls B. It allows IP routing C. It has multiple network interfaces, each connected to separate networks D. It operates at multiple layers
  • 90. Question 6 • What is the main characteristic of a multi- homed host? A. It is placed between two routers or firewalls B. It allows IP routing C. It has multiple network interfaces, each connected to separate networks D. It operates at multiple layers
  • 91. Question 7 • One drawback of Application Level Firewall is that it reduces network performance due to the fact that it must analyze every packet and: A. Decide what to do with each application B. Decide what to do with each user C. Decide what to do with each port D. Decide what to do with each packet
  • 92. Question 7 • One drawback of Application Level Firewall is that it reduces network performance due to the fact that it must analyze every packet and: A. Decide what to do with each application B. Decide what to do with each user C. Decide what to do with each port D. Decide what to do with each packet
  • 93. Question 8 • Address Resolution Protocol (ARP) interrogates the network by sending out a? A. Broadcast B. Multicast C. Unicast D. Semicast
  • 94. Question 8 • Address Resolution Protocol (ARP) interrogates the network by sending out a? A. Broadcast B. Multicast C. Unicast D. Semicast
  • 95. Question 9 • As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and can watch for unusual traffic behavior, such as a new service appearing on the network. What type of intrusion detection system would you select? A. Protocol anomaly based B. Pattern matching C. Stateful matching D. Traffic anomaly-based
  • 96. Question 9 • As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and can watch for unusual traffic behavior, such as a new service appearing on the network. What type of intrusion detection system would you select? A. Protocol anomaly based B. Pattern matching C. Stateful matching D. Traffic anomaly-based
  • 97. Question 10 • What refers to legitimate users accessing networked services that would normally be restricted to them? A. Spoofing B. Piggybacking C. Eavesdropping D. Logon abuse
  • 98. Question 10 • What refers to legitimate users accessing networked services that would normally be restricted to them? A. Spoofing B. Piggybacking C. Eavesdropping D. Logon abuse