Escolar Documentos
Profissional Documentos
Cultura Documentos
Access: is the ability for an intruder to gain access to a device for which the intruder does not have an
account or a password.
Entering or accessing systems usually involves running a hack, script, or tool that exploits a
known vulnerability of the system or application being attacked.
Introduction to Network Security
Denial of Service: (DoS) is when an attacker disables or corrupts networks, systems, or services with the
intent to deny services to intended users.
DoS attacks involve either crashing the system or slowing it down to the point that it is unusable.
But DoS can also be as simple as deleting or corrupting information. In most cases, performing the
attack involves simply running a hack or script. For these reasons, DoS attacks are the most feared.
Worms, Viruses and Trojan Horse: Malicious software can be inserted onto a host to damage or corrupt a
system, replicate itself, or deny access to networks, systems, or services. Common names for this type of
software are worms, viruses, and Trojan horses.
Introduction to Network Security
General Mitigation Techniques:
Device Hardening:
When a new operating system is installed on a computer, the security settings are set to the default values.
In most cases, this level of security is inadequate. The simple steps that should be taken that apply to most
operating systems:
Access to system resources should be restricted to only the individuals that are authorized to use those
resources.
Any unnecessary services and applications should be turned off and uninstalled, when possible.
Introduction to Network Security
General Mitigation Techniques
Antivirus Software :
protect against known viruses & trojan applications: it does this in two ways
It scans files, comparing their contents to known viruses in a virus dictionary. Matches are flagged in a
manner defined by the end user.
It monitors suspicious processes running on a host that might indicate infection. This monitoring may
include data captures, port monitoring, and other methods.
Operating System Patches
The most effective way to mitigate a worm and its variants is to download security updates from the
operating system vendor and patch all vulnerable systems.
Introduction to Network Security
General Mitigation Techniques:
Personal Firewall
Personal computers connected to the Internet through a dialup connection, DSL, or cable modems are as vulnerable
as corporate networks.
Personal firewalls reside on the PC of the user and attempt to prevent attacks.
Personal firewalls are not designed for LAN implementations, such as appliance-based or server-based firewalls,
and they may prevent network access if installed with other networking clients, services, protocols, or adapters.
Some personal firewall software vendors include McAfee, Norton, Symantec, and Zone Labs.
Introduction to Network Security
General Mitigation Techniques:
Intrusion Detection and Prevention
Intrusion detection systems (IDS) detect attacks against a network and send logs to a management console.
Intrusion prevention systems (IPS) prevent attacks against the network and should provide the following
active defense mechanisms in addition to detection:
Prevention-Stops the detected attack from executing.
Reaction-Immunizes the system from future attacks from a malicious source.
Either technology can be implemented at a network level or host level, or both for maximum protection.
Encryption and Privacy
Maintaining privacy in our personal communications is something everyone desires. Encryption is a means to
achieve that privacy. It was invented for that very purpose.
Encryption is the process of scrambling a message so that only the intended recipient can read it.
Cryptography has a long history dating back at least as far as Julius Caesar, modern cryptographic techniques
, including many of those used in the internet are based on advances made in the past 30 years.
Cryptography is used to ensure confidentiality of messages
Cryptographic techniques allow a sender to disguise data so that an intruder can gain no information from the
intercepted data. however the receiver must be able to recover the original data from the disguised data.
The language of cryptography
Alices Bobs
K encryption
A K decryption
key B key
plaintext: abcdefghijklmnopqrstuvwxyz
ciphertext: mnbvcxzasdfghjklpoiuytrewq
K K
A-B A-B
symmetric key crypto: Bob and Alice share know same (symmetric) key: K
e.g., key is knowing substitution pattern in mono alphabetic substitution cipher
Public key cryptography
symmetric key crypto
requires sender, receiver know shared secret key
public key cryptography
radically different approach
- Bobs private
K
B key
-
Bobs message, m K B Bobs private -
K B(m)
key
Dear Alice
Bobs message,
Oh, how I have missed public key m, signed
you. I think of you all the
time! (blah blah blah) encryption (encrypted) with
algorithm his private key
Bob
Digital Signatures (more)
suppose Alice receives msg m, digital signature KB(m) -
Alice verifies m signed by Bob by applying Bobs public key KB to
KB(m) then checks
+ KB-(KB(m) ) = m. -
if KB(K+B(m)- ) = m, whoever signed m must have used Bobs private
key.