Escolar Documentos
Profissional Documentos
Cultura Documentos
ON
CONTACT DETAILS
RAMSWAROOP SINGH T V SHIVA
BRANCH: CSE BRANCH: CSE
ROLL NO: 05C71A0547 ROLL NO: 05C71A0539
CONTACT NO: 9966952101 CONTACT NO: 9985009956
EMAIL ID:ram_fr_547@yahoo.co.in
ELLENKI COLLEGE OF ENGG. & TECH., PATEL GUDA
Abstract
Network security is a complicated subject, historically only tackled by well-
trained and experienced experts. However, as more and more people become ``wired'', an
increasing number of people need to understand the basics of security in a networked
world. This document was written manager in mind, explaining the concepts needed to
read through the hype in the marketplace and understand risks and how to deal with them.
2
there are some specific security requirements, • Hash Functions: Uses a mathematical
including: transformation to irreversibly "encrypt"
• prrivacy/confidentiality: Ensuring
that no one can read the message except
the intended receiver.
• Non-repudiation: A mechanism to
prove that the sender really sent this
message. Cryptography, then, not only
protects data from theft or alteration, but
can also be used for user authentication.
3
1. Secret Key Cryptography encrypt to different cipher text in a stream
cipher.
encrypts one block of data at a time using the and one-way encryption, are algorithms that,
same key on each block. In general, the same in some sense, use no key (Figure 1C).
plain text block will always encrypt to the Instead, a fixed-length hash value is computed
same cipher text when using the same key in a based upon the plaintext that makes it
block cipher whereas the same plaintext will impossible for either the contents or length of
4
the plaintext to be recovered. Hash algorithms Types of authority
are typically used to provide a digital
• Establish identity: Associate, or bind, a
fingerprint of a file's contents often used to
public key to an individual, organization,
ensure that the file has not been altered by an
corporate position, or other entity.
intruder or virus. Hash functions are also
• Assign authority: Establish what actions
commonly employed by many operating
the holder may or may not take based
systems to encrypt passwords. Hash functions,
upon this certificate.
then, help preserve the integrity of a file.
• Secure confidential information (e.g.,
4. TRUST MODELS
encrypting the session's symmetric key for
Secure use of cryptography requires trust. data confidentiality).
While secret key cryptography can ensure
------------------------------------------------
message confidentiality and hash codes can
ensure integrity, none of this works without ----------------------------
trust. In SKC, PKC solved the secret
distribution problem. There are a number of Todays latest used cryptographic
trust models employed by various techniques:Hash algorithms that are in
cryptographic schemes.
common use today include:Message Digest
• The web of trust employed by Pretty Good (MD) algorithms
Privacy (PGP) users, who hold their own Secure Hash Algorithm (SHA)
set of trusted public keys.
5
Hellman for key exchange and digital ( spam ) to thousands of users . This is
signatures. And much more techniques used. done quite often by redirecting the e-
Time is the only true test of good mail through the SMTP server of an
cryptography; any cryptographic scheme that unsuspecting host , making the actual
stays in use year after year is most likely a sender of the spam difficult to trace.
good one. The strength of cryptography lies in • Operating system bugs - Like
the choice (and management) of the keys; applications , some operating systems
longer keys will resist attack better than Have backdoors . Others provide remote
shorter keys access with insufficient security
Encrypt and decrypt messages using any of controls or have bugs that an
the classical substitution ciphers discussed, experienced hacker can take advantage
both by hand and with the assistance of of .
programs.
understand the concepts of language • Denial of service - You have probably
redundancy and unicity distance. heard this phrase used in news reports
on the attacks on major Web sites .
This type of attack is nearly Impossible
Different types of threats to network:
to counter . What happens is that the
hacker sends a request to the server to
• Application backdoors - Some
connect to it . When the server
programs have special features that
responds with an acknowledgement and
allow for remote access . Others
tries to establish a session , it cannot
contain bugs that provide a backdoor ,
find the system that made the request .
or hidden access , that provides some
By inundating a server with these
level of control of the program.
unanswerable session requests , a
hacker causes the server to slow to a
• SMTP session hijacking - SMTP is
crawl or eventually crash.
the most common method of Sending
e-mail over the Internet . By gaining
• E-mail bombs - An e-mail bomb is
access to a list of e- mail Addresses , a
usually a personal attack . Someone
person can send unsolicited junk e-mail
sends you the same e-mail hundreds or
6
thousands of times until your e-mail • Redirect bombs - Hackers can use
system cannot accept any more ICMP to change ( redirect ) the Path
messages . information takes by sending it to a
different router . This is one of the
• Macros - To simplify complicated ways that a denial of service attack is
procedures , many applications allow set up.
you to create a script of commands
Network security can be done by
that the application can run . This
various methods.
script is known as a macro . Hackers
have taken advantage of this to create 1. Virtual Private Network:
their own macros that , depending on
the application , can destroy your data A virtual private network ( VPN ) is a way to
or crash your computer . use a public telecommunication infrastructure
, such as the Internet , to provide remote
• Viruses - Probably the most well-known offices or individual users with secure
threat is computer viruses . A virus is a access to their organization's network. A
small program that can copy itself to virtual private network can be contrasted
other computers . This way it can with an expensive system of owned or
spread quickly from one system to the leased lines that can only be used by one
next. Viruses range from harmless organization. The goal of a VPN is to
messages to erasing all of your data . provide the organization with the same
capabilities , but at a much lower cost
7
Implementation of network security by
VPN.
8
Step 4. - The destination Security server EMBED PBrush
receives the encrypted data and decrypts. The
Security server then forwards the decrypted
data packets onto the corporate network. Any
information sent back to the Remote user is
also encrypted before being sent over the
Internet.
3.IPSec -
Internet Protocol Security Protocol (IPSec)
provides enhanced security features such as
better encryption algorithms and more
2.Firewalls:
comprehensive authentication . IPSec has
A firewall provides a strong barrier
two encryption modes : tunnel and
between your private network and the
transport . Tunnel encrypts the header and
Internet . You can set firewalls to restrict
the payload of each packet while transport
the number of open ports , what type of
only encrypts the payload. Only systems
packets are passed through and which
that are IPSec compliant can take advantage
protocols are allowed through . You
of this Protocol . Also , all devices must
should already have a good firewall in
use a common key and the firewalls of
place before you implement a VPN , but
each network must have very similar
a firewall can also be used to terminate
security policies set up. IPSec can encrypt
the VPN sessions.
data between various devices , such as :
9
Router to router
Firewall to router
PC to router
PC to server
servers are used for more secure access in Unix TCP/IP Software. Computing & Science
a remote-access VPN environment . When a Technical Report No. 117, AT&T Bell
10