Transcript of network
Network Security
12-1
Physical Protection of Assets
and Security
PPA is
done using the following means:
• Locks
• Barriers
• Guards
Security
•
•
•
•
is provided for the following:
Computer processing
Large databases
Communication networks
Preventing a hacker from breaking into your
computer
12-2
3-things to know in security
Why
networks need security?
How to provide security!
Types of security threats
Network (NW)-Controls
Primary goal of the NW-Security
To protect the data and application-SW
12-3
Introduction
For many people, security means
preventing unauthorized access, such as
preventing a hacker from breaking into
your computer.
Security is more than that, it also
includes being able to recover
from temporary service problems, or
from natural disasters.
12-4
Security Threats to -----!
Software(SW)
Hardware(HW)
Files
and database
Data communication circuits
Threats are from different sources:
External and internal hacking
External—disaster, vandalism, fraud, theft
Personal errors, dishonesty, incompetence
12-5
Introduction
12-6
Why Networks Need Security
In recent years, organizations have become
increasingly dependent on the data communication
networks for their daily business communications,
database retrieval, distributed data processing, and
the internetworking of LANs.
The losses associated with security failures can be
huge.
More important than direct theft losses are the
potential losses from the disruption of applications
systems that run on computer networks.
12-7
2-Types of Security Threats
Category-1:
3-Ds
--due to fire, flood, power-loss,circuit failure & virus-• Disruption
• Destruction
• Disaster
Category-2:
Unauthorized access
• Refers to intruders
• External hackers
• Internal hackers
12-8
What an intruder will achieve!
Gain
•
•
•
•
knowledge and Change files
To Commit fraud, threat
To destroy information
To injure the organization
To sadistic thrill for his misadventure
12-9
Types of Security Threats
Category-1: 3-Ds!
Disruptions (means what!)
• are the loss or reduction in NW-service.
• Could be minor, temporary and due to
• Switch-failure or circuit-cut
Destructions
(of data):
• are caused by and/or result in the disruption
• could be due to virus or else
• Could be due to crash of hard-disk
Disasters
(of network):
destroy host computers, sections of the NW
Could be manmade or natural
12-10
Natural and Man-made disasters
Principal causes which are responsible for the
Category-1: 3-D Threats:
Fires
Floods
Earthquakes
Mudslides
Storms
Tornadoes
Terrorist attacks
--All these can destroy buildings and networks--12-11
What the 3-Ds do!
Give
rise to interruptions in the NW-Service
Cause loss of data due to NW-failure
FTS = Fault Tolerant Server
Contains many redundant components
(which) help prevent the NW-failure
Disk-Duplexing
• Is a disk-mirroring concept
• Provides backup against NW-failure
• (so that) even if the disk-controller fails, the
server continues to operate
12-12
What are the 3-S!
Smaller
Smarter
Simpler,
Sophisticated
The NW-HW/SW being produced now always
keep these 3-things in mind when
developing their products.
12-13
Types of Security Threats
Category-2: UA
Category-2:
Unauthorized Access is often viewed as hackers
gaining access to organizational data files and
resources.
• External intruders
• Internal intruders
• Eavesdropping
---(I.e, listening secretly to a private conversation--Keep in mind, however, that most unauthorized
access incidents involve employees.
12-14
Network Controls
Developing a secure network means developing
controls---i.e, mechanisms that reduce or eliminate
both Cat-1 and Cat-2 threats to network security.
There are 3-types of controls:
• Preventative controls---restrain, stop a person
from acting or hinder an event from occurring.
• Detective controls---reveal or discover any kind
of unwanted events.
• Corrective controls---rectify an unwanted event
or a trespass.
PDC-controls should be periodically verified & tested
12-15
Network Controls
6-
areas need NW-Controls in a network
Data Communication
•
•
•
•
•
•
Client computers
Host/server computers (mini/mainframe/LANs)
Communication circuits
NW-devices and components
NW-Software
Application-Software
12-16
Network Controls
It
is important to remember that it is not enough to
just establish a series of controls; someone or some
department must be accountable for the control and
security of the network.
PDC-Controls
must be reviewed periodically to be
sure that they are still useful, and should be:
• Verified - ensuring that the control is still present
• Tested - determining whether the control is
working as originally specified.
(PDC = Preventive, Detective and Corrective)
12-17
RISK ASSESSMENT
12-18
Risk Assessment
One
key step in developing a secure-NW is to
conduct a risk assessment:
• This assigns a level of risk to various threats
to the network security by comparing the
nature of the threats to the controls designed
to reduce them.
Threat could mean:
• Theft of data
• Destruction of data
• Damage to NW-HW, NW-SW and NW-Circuits
12-19
7 Most Common Threats to NW
Virus-----------------------87%
Device
failure------------52%
Internal hacker-----------51%
Equipment theft----------48%
External hacker----------30%
Natural disaster----------28%
Industrial espionage----10%
12-20
About Computer Viruses
Cause
destruction of data
Cause unwanted events/nuisances
Attach themselves to some programs
(and as a result) the viruses spread
How to prevent the spread of Viruses
Don’t share diskettes (37% due to sharing)
Don’t copy files or disks of unknown origin
Be careful about downloading files from the Web
Install ant-virus SW in your computer
12-21
Developing a Control
Spreadsheet
To be sure that the data communications
network and microcomputer workstations
have the necessary controls and that these
controls offer adequate protection, it is best
to build a control spreadsheet.
12-22
Developing a Control
Spreadsheet
Threats
Components
Disruption, Destruction, Disaster
Power Circuit
Fire Flood Loss Failure Virus
Unauthorized Access
External Internal
Intruder Intruder Eavesdrop
Host Computers
Client Computers
Communication Circuits
Network Devices
Network Software
People
12-23
Threats
A threat to the data communications network
is any potential adverse occurrence that
can do harm, interrupt the systems using
the network, or cause a momentary loss to
the organizations.
Once the threats are identified they must be
ranked on their importance.
12-24
Threats
12-25
Network Components
The next step is to identify the network
components. A network component is one
of the individual pieces that compose the
data communications network. They include:
•
•
•
•
•
•
Servers
Client computers
Communications circuits
Network devices
Network software
Application software
12-26
Identify and Document the
Controls
Once the specific network threats and
controls have been identified, you can
begin working on the network controls.
Begin by considering the network
component and the specific threat, and
then describe each control that prevents,
detects or corrects that threat.
12-27
Identify and Document the
Controls
Threats
Components
Host Computers
Disruption, Destruction, Disaster
Power Circuit
Fire Flood Loss Failure Virus
1,2
1,3
4
1,5,6
7,8
Unauthorized Access
External Internal
Intruder Intruder Eavesdrop
9,10,11,12 9,10
Client Computers
Communication Circuits
Network Devices
Network Software
People
1.
2.
3.
4.
5.
6.
Disaster recovery plan
Halon fire system/sprinklers
Host computer room on 5th floor
UPS on servers
Contract guarantees from IXCs
Extra backbone fiber laid between servers
7. Virus checking software present
8. Extensive user training on viruses
9. Strong password software
10. Extensive user training on security
11. Call-back modem system
12. Application Layer firewall
12-28
Evaluate the Network’s
Security
The last step in designing a control
spreadsheet is to evaluate the adequacy of
the existing controls, and the resulting
degree of risk associated with each threat.
The assessment can be done by the network
manager, but it is better done by a team of
experts chosen for their in-depth knowledge
about the network and environment being
reviewed.
12-29
CONTROLLING
DISRUPTION,
DESTRUCTION, AND
DISASTER
12-30
Preventing Disruption,
Destruction and Disaster
The key principle in preventing disruption,
destruction and disaster - or at least
reducing their impact - is redundancy.
•
•
•
•
Disk mirroring
Disk duplexing
Fault-tolerant servers
Uninterruptible power supplies (UPS)
Redundancy can be built into other network
components as well.
12-31
Preventing Disruption,
Destruction and Disaster
Disasters are different, the best solution is to
have a complete redundant network that
duplicates every network component, but in
a different location.
Generally speaking, preventing disasters is
difficult. The most fundamental principle is
to decentralize the network resources.
Other steps depend on the type of disaster to
be prevented.
12-32
Preventing Disruption,
Destruction and Disaster
In some cases, the disruption is intentional
(i.e. theft).
Another special case is the denial-of-service
attack, in which the hacker attempts to
disrupt the network by sending messages
to the network that prevent other’s
messages from being processed.
12-33
Preventing Disruption,
Destruction and Disaster
Special attention also must be paid to preventing
computer viruses - software designed to produce
unwanted events. Most viruses attach
themselves to other programs to special parts on
disks.
How to prevent the spread of viruses
Do not to copy files or disks of unknown origin.
Use/Install anti-virus software packages that are
available to check disks and files to ensure that
they are virus-free.
12-34
NW-Monitoring Software and
other means for Detecting 3-Ds
NWM-software
alerts network managers to
problems so that they can be corrected.
Some intelligent NW-servers can be
programmed to send an alarm to pager, if
necessary!
On going monitoring for damaged cables
which could result from hungry squirrels and
rats eating the cables
12-35
Other means for Detecting 3-Ds!
Detecting minor disruptions can be more
difficult. The network should routinely log
fault information to enable network
managers to recognize minor service
problems. In addition, there should be a
clear procedure by which network users can
report problems.
12-36
Correcting Disruption,
Destruction and Disaster
A critical control is the disaster recovery plan, which
should address various levels of response to a
number of possible disasters and should provide
for partial or complete recovery of all data,
application software, network components, and
physical facilities.
The most important element of the disaster recovery
plan are backup and recovery controls that enable
the organization to recover its data and restart its
application software should some portion of the
12-37
network fail.
Elements of a Disaster
Recovery Plan
Names of responsible individuals
Staff assignments and responsibilities
List of priorities of “fix-firsts”
Location of alternative facilities.
Recovery procedures for data communications
facilities, servers and application systems.
Actions to be taken under various contingencies.
Manual processes
Updating and Testing procedures
Safe storage of data, software and the disaster
recovery plan itself.
12-38
Correcting Disruption,
Destruction and Disaster
Backups ensure that important data is safe.
However it does not guarantee the data can
be used.
Most large organizations have a two-level
disaster recovery plan.
LVL 1: When they build networks they build
enough capacity and have enough spare
equipment to recover from a minor disaster,
such as loss of a major server or portion of
the network.
12-39
Correcting Disruption,
Destruction and Disaster
LVL2: most large organizations rely on
professional disaster recovery firms to
provide second level support for major
disasters.
Disaster recovery firms provide a full range of
services from secure storage for backups,
to a complete networked data center that
clients can use when they experience a
disaster.
12-40
CONTROLLING
UNAUTHORIZED ACCESS
12-41
Controlling Unauthorized
Access
Four types of intruders attempt to gain
unauthorized access to computer networks.
1. Casual computer users who only have limited
knowledge of computer security.
2. Experts in security, but whose motivation is the
thrill of the hunt.
3. Professional hackers who break into corporate or
government computer for specific purposes.
4. Organization employees who have legitimate
access to the network but who gain access to
information they are not authorized to use.
12-42
Preventing Unauthorized
Access
The key principle in preventing unauthorized access
is to be proactive. This means routinely testing
your security systems before an intruder does.
Approaches to preventing unauthorized access:
•
•
•
•
•
•
Developing a security policy
Developing user profiles
Plugging known security holes
Securing network access points
Preventing eavesdropping
Using encryption
A combination of all techniques is best to ensure
strong security.
12-43
Developing a Security Policy
The security policy should clearly define the
important network components to be
safeguarded and the important controls
needed to do that.
The most common way for a hacker to break
into a system, is through some social
engineering (breaking security simply by
asking).
12-44
Elements of a Security Policy
Name of responsible individuals
Incident reporting system and response team
Risk assessment with priorities
Controls on access points to prevent or deter
unauthorized external access.
Controls within the network to ensure internal
users cannot exceed their authorized access.
An acceptable use policy
User training plan on security
Testing and updating plans.
12-45
Developing User Profiles
The basis of network access is the user profile for
each user’s account that is assigned by the
network manager.
More and more systems are requiring users to
enter a password in conjunction with something
they have, such as a smart card.
In high-security applications, a user may be
required to present something they are, such as
a finger, hand or the retina of their eye for
scanning by the system (biometric scanning).
12-46
Developing User Profiles
User profiles can limit the allowable log-in
days, time of day, physical locations, and
the allowable number of incorrect log-in
attempts.
Creating accounts and profiles is simple, as
they are created when new personnel
arrive. One security problem is the removal
of user accounts when someone leaves an
organization.
12-47
Developing User Profiles
It is important to screen and classify both
users and data (need to know).
The effect of any security software packages
that restrict or control access to files,
records, or data items should be reviewed.
Adequate user training on network security
should be provided through self-teaching
manuals, newsletters, policy statements,
and short courses.
12-48
Plugging Known Security
Holes
Many commonly used operating systems
have major security problems well known to
potential users (security holes), many of
which are highly technical.
Some security holes are not really holes, but
simply policies adopted by computer
vendors that open the door for security
problems, such as computer systems that
come with a variety of preinstalled user
accounts.
12-49
Plugging Known Security
Holes
The U.S. Government requires certain levels
of security in the operating systems and
network operating systems it uses for
certain applications.
12-50
Securing Network Access
Points
There are three major ways of gaining access:
• Using a terminal or computer located in the
organization’s offices
• Dialing into the network via modem
• Accessing the network from another network to
which it is connected (e.g. Internet)
The physical security of the building or
buildings that house any of the hardware,
software or communications circuits must be
evaluated.
12-51
Securing Network Access
Points
The network components themselves also have a
level of physical security.
Any organization that permits staff members to
access its networks via dial-in modems opens
itself to a broader range of intruders.
One strategy is to routinely change modem
numbers, another is to use a call-back modem.
One-time passwords is another strategy for traveling
employees for who call-back modems and
automatic number identifications are
inappropriate.
12-52
Securing Network Access
Points
With the increasing use of the Internet, and
information superhighway, it becomes
important to prevent unauthorized access to
your network from intruders on other
networks. For this, we have to use a
Firewall!
What is a firewall?
12-53
What is a Firewall!
A firewall is a router, gateway, or special purpose
computer that examines packets flowing into and
out of a network and restricts access to the
organization’s network.
FW is designed so that it is placed on every NWconnection between the organization and the
Internet and
No access is permitted except thru the firewall
2-Types of firewall:
• PLF = packet level firewall
• ALF = application level firewall
12-54
Securing Network Access
Points
A packet-level firewall examines the source and
destination address of every network packet that
passes through it and only allows packets that have
acceptable source and destination addresses to
pass.
Some packet-level firewalls are vulnerable to IP-level
spoofing, accomplished by changing the source
address on incoming packets from their real address
to an address inside the organization’s network.
Many firewalls have had their security strengthened
since the first documented case of IP spoofing in
December 1994.
12-55
Securing Network Access
Points
An application-level firewall acts as an intermediate
host computer or gateway between the Internet and
the rest of the organization’s network.
In many cases, special programming code must be
written to permit the use of application software
unique to the organization.
A proxy server is a new type of application-level
firewall that addresses some of the compatibility
problems with traditional application-level firewalls.
12-56
Securing Network Access Points
The proxy server uses an address table to
translate network addresses inside the
organizations into fake addresses for use on the
Internet (network address translation or address
mapping).
This way systems outside the organization never
see the actual internal IP addresses.
Proxy servers work very well and are becoming the
application-level firewall of choice.
Many organizations use a combination of packetlevel and application-level firewalls.
12-57
12-58
What is a Smartcard!
It is a card about the size of a credit card that
contains a small processing chip and also a
memory chip that can be read by a smart-device
To gain access to a NW:
The user must present both smart card and also
password
The intruder must have access to both before
they can breakin
12-59
Example of a Smartcard!
ATM-NW
= automated teller machine NW is
a best, practical, example of a smart card
Before you can gain access to your account
you must have both:
• ATM-card
• Access number
12-60
Eavesdropping on Network!
It
is way to gain unauthorized access on
network traffic (where)
the intruder inserts a listening device or
computer into the organization’s network to
record messages.
Two areas vulnerable to this type of
unauthorized access:
• Network cabling
• Network devices
12-61
Preventing Eavesdropping
Network cables are the easiest target
because they often run long distances and
usually are not regularly checked for
tampering.
Certain types of cable can impair or increase
security by making eavesdropping easier (i.e.
wireless) or more difficult (i.e. fiber optic).
Physical security of the network’s local loop
and interexchange telephone circuits is the
responsibility of the common carrier.
12-62
Preventing Eavesdropping
Network devices such as controllers, hubs,
and bridges should be secured in a locked
wiring closets.
A secure hub for Ethernet networks makes sniffer
program eavesdropping more difficult, by
requiring a special authorization code before new
computers can be added to the hub.
A review of software controls that can be
programmed into remote network devices is
also needed.
12-63
What is IP-Spoofing!
IPS
means sending packets to a target
computer
IPS is done by changing the source
address on the incoming packets from their
real address inside the organization’s NW
12-64
Sniffer Program
Is
a spy-software/program
(which is) installed in a computer
(which is subsequently) plugged into an
unattended hub or bridge or router
(and as a result) it eavesdrop on all kinds
of message traffic
Sniff (means what!)
To smell (forcibly thru the nose)
To inhale (forcibly thru the nose)
12-65
Using Encryption
One of the best ways to prevent unauthorized
access is encryption, which is a means of
disguising information by the use of
mathematical rules known as algorithms.
An encryption system has two parts: the
algorithm itself and the key, which
personalizes the algorithm by making the
transformation of the data unique.
12-66
What is Encryption!
It’s
the best way to prevent any attempt to
gain unauthorized access
It means disguising info by the use of
mathematical rules known as algorithms
Actually, it’s the CRYPTION!
• Encryption
• Decryption
Cryptic
(means what!)
Secret and/or mystifying
12-67
Plaintext and Hypertext
Plaintext:
• It means the information is in a readable
form or format! This means that the info is in
a decrypted form.
Ciphertext:
• It means the information is in an encrypted
(i.e, disguised) form or format!
12-68
Using Encryption
Good encryption systems do not depend on
keeping the algorithm secret, only the keys.
Today, the U.S. government considers
encryption to be a weapon, and regulates
its export in the same way it regulates the
export of machine guns or bombs. The
government is also trying to develop a
policy called key escrow, requiring key
registration with the government.
12-69
Using Encryption
One commonly used encryption algorithm is
the data encryption standard (DES). DES
is a symmetric algorithm, which means the
key used to decrypt a particular bit stream
is the same one used to encrypt it.
Symmetric algorithms can cause problem
with key management; keys must be
dispersed and stored carefully.
A 56-bit version of DES is the most commonly
used encryption technique today.
12-70
Using Encryption
A second popular technique is public key
encryption, the most popular of which is
RSA.
Public key encryption is inherently different
from secret key systems like DES, because
it is an asymmetric algorithms; there are
two keys. The public key is used to encrypt
the message, and the private key is used to
decrypt it. Public key encryption greatly
reduces the key management problem.
12-71
Using
Encryption
Private Key
12-72
Using Encryption
Public key encryption also permits authentications
(digital signatures), using a process of encrypting
with the private key, and decrypting with the public
key providing irrefutable proof of origin.
A certificate authority is a trusted organization that
can vouch for the authenticity of the person of
organization using authentication. For higher level
security certification, the CA requires that a
unique “fingerprint” (key) be issued by the CA for
each message sent by the user.
12-73
Using
Encryption
12-74
Detecting Unauthorized Access
Detecting unauthorized access means
looking for anything out of the ordinary. It
means logging all messages sent and
received by the network, all software used,
and all logins (or attempted logins) to the
network.
• Increases in the number of logins
• Unusual number of unsuccessful login attempts
to a user’s or several users’ accounts.
Regular monitoring should also be extended
to network hardware.
12-75
Correcting Unauthorized
Access
Once an unauthorized access is detected, the
next step is to identify how the security
breach occurred and fix it so that it will not
reoccur.
Many organizations have taken their own
steps to detect intruders by using
entrapment techniques.
In recent years, there has been a stiffening of
computer security laws and in the legal
interpretation of other laws that pertain to
12-76