IT652

Network Security and Encryption

[3 1 0 4]

By
Bhadreshsinh Gohil
Who is This?
Instagram CEO_Kevin Systrom_Story
Why to Study this subject?
Job Requirements?
Web Application Tester
Syllabus
• Overview: Services, Mechanisms, Attacks, OSI Security Architecture, Model for
Network Security
• Classical Encryption Techniques: Symmetric Cipher Model, Substitution
Techniques, Transposition Techniques, Steganography
• Symmetric Ciphers: Block Ciphers and the Data Encryption Standard,
Confidentiality using Symmetric Encryption
• Asymmetric Ciphers: Public Key Cryptography and RSA, Elliptic Curve
cryptography, Key Management;
Other Public Key cryptosystems
• Integrity: MAC, Hash Functions and Digital Signatures
• IPSec: Architecture of IPSec, Encapsulating Security Payload, Authentication
Header
What is Network ?
#Fix the Problem
Google Server-1999 – First Production server
#The Internet
What is Security?
Exam in China
What is Encryptions?
Overview of N/w Sec.
Services
• Types of Services
• Web Services
• Mobile Application Services
Case study 1
Case Study 2
Case Study 3
Case Study 4 and many more…
Mechanisms
• feature designed to detect, prevent, or recover from a security
attack
• no single mechanism that will support all services required
• however one particular element underlies many of the security
mechanisms in use:
• cryptographic techniques
Attacks
• any action that compromises the security of information owned by an
organization
• information security is about how to prevent attacks, or failing that,
to detect attacks on information-based systems
• often threat & attack used to mean same thing
• have a wide range of attacks
• can focus of generic types of attacks
• passive
• active
Passive Attacks
Active Attacks
OSI Security Architecture
• Physical and Data Link Level
• Network and Transport Level
• Session Layer
• Presentation and Application Layer
Model for Network Security
Module 1 Completed…
How to Earn money?
#whoami
• Asst. Prof. at Gujarat Technological University

• Principal Investigator of NVIDIA Education Center

• Writer at PenTest Magazine and Haking9 Magazine

• Education Background: Diploma, B.E. and M.E. in Network Security.

• https://about.me/bhadu.gohil
#What is nginx? Engine X..
NGINX | High Performance Load Balancer, Web Server, & Reverse Proxy
#What is nginx?
#What is nginx?
#Cent OS 7
# Get root access first and update-upgrade
system
(su) (yum update && upgrade) apt-get
# Add Nginx Repository and install nginx
Yum install epel-release(Extra Packages
for Enterprise Linux) yum install nginx
#Start Nginx and put it at start up service

systemctl start nginx systemctl enable nginx

#Add Firewall Rules
#Check your ipaddress
#Check on browser for nginx servcie
#Secure your web server first
#Create the Password File
#Create the Password File with openssl
#Unix Password Algorithm
#Check the password file
#Configure Nginx Password Authentication
#Restart the nginx service
#Check on browser
# About fail2ban
• intrusion prevention framework

• commonly used to block connection attempts after a number of failed

tries.

• operates by monitoring log files for certain type of entries

#Add Repository for fail2ban

yum install epel-release

#Install fail2ban and fail2ban daemon
#yum install fail2ban fail2ban-systemd
#Copy the default file of jail
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
#Adjusting the General Settings within
Fail2Ban

nano /etc/fail2ban/jail.local
#ignore ip
#bantime, findtime and maxretry
#Changing Defaults
#update the SELinux policies
yum update -y selinux-policy*
#Start the firewall service
systemctl enable firewalld

systemctl start firewalld

#Start Fail2ban Service
systemctl enable fail2ban

systemctl start fail2ban

#Configuring Fail2Ban to Monitor Nginx Logs
#Enabled jail for nginx-http-auth
Nano /etc/fail2ban/jail.local

[nginx-http-auth]

enabled = true
filter = nginx-http-auth
port = http,https
logpath = /var/log/nginx/error.log
#Create the filter for nginx-http-auth
• Cd /etc/fail2ban/filter.d/

• Nano nginx-http-auth

• Add below line in failregex

• ^ \[error\] \d+\d+: \*\d+ no user/password was provided for basic

authentication, client: <HOST>, server: \S+, request: "\S+ \S+
HTTP/\d+\.\d+", host: "\S+"\s*$
#Nginx-http-auth
#Activating your Nginx Jails by restarting
fail2ban
#Getting Info About Enabled Jails
fail2ban-client status
#iptables –S (Check the firewall rules)
#Check the status of nginx-http-auth jail
#Testing Fail2Ban Policies
#Try to check from other machine
#Try to check from other machine
#Access through browser and give wrong
password
#Not able to connect
#Check fail2ban client status
#Not able to get reply
#Hot to unban
fail2ban-client set nginx-http-auth unbanip 192.168.13.131
#Conclusion
• Block anyone trying to run scripts (.pl, .cgi, .exe, etc)
• Block anyone trying to use the server as a proxy
• Block anyone failing to authenticate using nginx basic authentication
• Block anyone failing to authenticate using our application's log in
page
• Block bad bots
• Limit the number of connections per session
Thanks