Transcript View File

Network Security
Lecture 1
Course Overview
http://web.uettaxila.edu.pk/CMS/coeCCNbsSp09/index.asp
Waleed Ejaz
[email protected]
1
Overview





Goal of this course
Grading
Prerequisites
Tentative Schedule
Security Goals
2
Goal of This Course





Comprehensive course on network security
Includes both theory and practice
Theory: Cryptography, Hashes, key exchange,
Email Security, Web Security
Practice: Hacking and Anti-Hacker techniques
Graduate course: (Advanced Topics)


Lot of independent reading and writing
Project/Survey paper
3
CERT



Computer emergency response team (CERT)
Security is a #1 concern about Internet.
Significant industry and government investment in
security
4
Prerequisites

Computer Communication & Networks
5
Prerequisites










ISO/OSI reference model
TCP/IP protocol stack
Full-Duplex vs half-duplex
UTP vs Wireless
Cyclic Redundancy Check (CRC)
CRC Polynomial
Ethernet
IEEE 802 MAC Addresses
Bridging and Routing
IEEE 802.11 LAN
6
Prerequisites (contd.)











IP Address
Subnets
Private vs Public Addresses
Address Resolution Protocol (ARP)
Internet Control Message Protocol (ICMP)
Routing - Dijkstra's algorithm
Transport Control Protocol (TCP)
User Datagram Protocol (UDP)
TCP connection setup
TCP Checksum
Hypertext Transfer Protocol (HTTP)
7
Text Book

Charlie Kaufman, Radia
Perlman, and Mike Speciner,
"Network Security: Private
Communication in a Public
World," 2nd Edition, Prentice
Hall, 2002, ISBN: 0130460192.
8
Reference Book

Cryptography and Network
Security, by William Stallings,
Prentice Hall, 4th Edition, 2006

Few topics from this book will be followed
during this course.
All relevant material will be provided as
notes or as part of the class slides.

9
Course Outline











Course Overview
Security Concepts
TCP/IP Security Attacks
Security Key Cryptography (Chapter 3)
Modes of Operation (Chapter 4)
Hashes and Message Digest (Chapter 5)
Public Key Cryptography (Chapter 6)
Authentication: Passwords, Biometrics (Chapter 10)
Kerberos (Chapter 14)
Public Key Infrastructure (Chapter 15)
IPSec (Chapter 17)
10
Course Outline (contd.)










Internet Key Exchange (IKE) (Chapter 18)
Web Security: SSL/TLS (Chapter 19)
Email Security: PGP (Chapter 22)
Firewalls (Chapter 23)
VPNs
DNS Security
Network Access Controls: AAA
Wireless Security
Intrusion Detection
DMZ (LAN->WAN)
11
Grading





Assignments
Quizzes
Grand Quiz
Labs
Final Exam
5
10
10
25
100
12
Term Project




A survey paper on a network security topic
 " Wireless Network Security
 " Key Exchange Protocols
 " Comprehensive Survey: Technical Papers, Industry
Standards, Products
A real attack and protection exercise on the security of a system
(web server, Mail server, …) – Groups of 2 students
(Hacker and Administrator)
Recent Developments: Last 5 to 10 years ⇒ Not in books
Better ones may be submitted to magazines or journals
13
Project Schedule






Topic Selection/Proposal
References Due
Outline Due
First Draft/Demo Due
Reviews/comments Returned
Final Report Due
14
Office Hours





Thursday: 1:30 PM to 3:00 PM
Office: Room 9
Contact Office: +92-51-9047573
Best way to communicate with me in other then
office hours is email:
[email protected]
15
FAQs





Yes, I do use “curve”. Your grade depends upon the
performance of the rest of the class.
All homeworks are due on the following Friday unless
specified otherwise.
Any late submissions, if allowed, will *always* have a
penalty.
All exams are closed-book and extremely time limited.
Exams consist of numerical and may be multiple-choice
(truefalse) questions.
16
Security Goals

Security Goals




Confidentiality: Need access control,
Cryptography, Existence of data
Integrity: No change, content, source, prevention
mechanisms, detection mechanisms
Availability: Denial of service attacks,
Confidentiality, Integrity and Availability (CIA)
17
Security Attacks
Security Attacks
Snooping
Modification
Traffic Analysis
Masquerading
Threat to Confidentiality
Replaying
Denial of Service
Threat to Availability
Repudiation
Threat to Integrity
18
Passive Versus Active Attacks
Bob
Alice

Alice and Bob want to communicate in
presence of adversaries

Adversaries:


Passive – just looking
Active – may change msgs
19
Categorization of passive and active
attacks
Attacks
Passive/Active
Threatening
Snooping
Traffic Analysis
Passive
Confidentiality
Modification
Masquerading
Replaying
Repudiation
Active
Integrity
Denial of Service
Active
Availability
20
Student Questionnaire











Name: _________________________________________
Email: _________________________________________
Phone: _________________________________________
Degree: ______________ Expected Date: _________________
Technical Interest Area(s): _____________________________
Prior networking related courses/activities:________________
Prior security related courses: _________________________
If you have a laptop or desktop, it’s operating system: _______
Do you have a WiFi interface? _____
I agree to abide by the rules and will not use the techniques on any
computer other than mine or Network security lab.
Signature: _______________________ Date: _____________
21
Lab Home Work 1: Gathering Information











Learn about IPconfig, ping, arp, nslookup, whois, tracert, netstat, route, hosts
file
1. Find the IP addresses of www.google.com
2. Modify the hosts file to map www.google.com to 128.252.166.33 and do a
google search. Remove the modification to the host file and repeat.
3. Find the domain name of 128.272.165.7 (reverse the address and add
.inaddr. arpa)
4. Find the owner of www.google.com domain
5. Find route from your computer to www.google.com
6. Find the MAC address of your computer
7. Print your ARP cache table. Find a server on your local network. Change its
ARP entry in your computer to point to your computer’s MAC address. Print new
ARP cache table. Now use the service and see what happens.
8. Print your routing table and explain each line (up to line #20 if too many)
9. What is the number of packets sent with “destination unreachable”
10. Find the location of 128.252.166.33 (use www.ipaddresslocation.org)
22
Quiz 0: Prerequisites

1.
2.
3.
4.
5.
6.
7.
8.
9.
10.

True or False?
Subnet mask of 255.255.255.254 will allow 254 nodes on the
LAN.
Time to live (TTL) of 8 means that the packet can travel at most 8
hops.
IP Address 128.256.210.12 is an invalid IP address
CRC Polynomial x32+x15+1 will produce a 32 bit CRC.
DHCP server is required for dynamic IP address assignment
DNS helps translate an name to MAC address
Port 80 is used for FTP.
IPv6 addresses are 32 bits long.
New connection setup message in TCP contains a syn flag.
192.168.0.1 is a public address.
Marks = Correct Answers _____ - Incorrect Answers _____ =
______
23
Quiz 0: Prerequisites (Solution)

1.
2.
3.
4.
5.
6.
7.
8.
9.
10.

True or False?
Subnet mask of 255.255.255.254 will allow 254 nodes on the
LAN. False
Time to live (TTL) of 8 means that the packet can travel at most 8
hops. True
IP Address 128.256.210.12 is an invalid IP address. True
CRC Polynomial x32+x15+1 will produce a 32 bit CRC. True
DHCP server is required for dynamic IP address assignment. True
DNS helps translate an name to MAC address. False
Port 80 is used for FTP. False
IPv6 addresses are 32 bits long. False
New connection setup message in TCP contains a syn flag. True
192.168.0.1 is a public address. False
Marks = Correct Answers _____ - Incorrect Answers _____ =
______
24
Questions!
25