SlideShare une entreprise Scribd logo

Network security and protocols

Online
Online

Click Here http://www.eacademy4u.com/ Online Educational Website For You

FormationTechnologie
1  sur  44
Network Security and Protocols
Threats  Prevent users from accessing the required resources for performing their task Types of Threats Internal External
Internal Threats • Malicious practices done by the local networks users that do not allow efficient sharing of the network resources • Common internal threats are: – Unauthorized Access – Data Destruction – Administrative Access – System Crash/Hardware Failure – Virus
Protecting from Internal Threats • Methods of protecting internal threats largely dependent on policies rather than technology • To protect the network from internal threats you need to implement: – Passwords – User Account Control – creating groups – Policies – Fault Tolerance
External Threats • External threats can exist in two forms: – Attacker manipulates the user to gain access to the network – Hacker at a remote location uses technical methods to gain illegal access to your network • Common external threats are: – Social Engineering – Hacking – internet worms or other internet hacking tools
Protecting from External Threats • Securing network from external threat is a competition between hackers and security people • To protect the network from external threats you need to provide: – Physical protection – lock the server – Firewalls – Encryption –IPSec ,SSL – Authentication – Kerberos, PAP, CHAP – Public Keys and Certificates – VLAN
Need for Network Security • Network security - Mechanism that protects the network resources from being attacked by the outside world • Hackers constantly look out for loopholes in the network security and snoop into a network • Spyware and other adware program get installed into your computer and start transmitting private information • IP snooping allows monitoring of network traffic that is sent over the internet
Security Attacks - I • Break the security barrier of the network and access the network resources Types of Security Attacks Active Passive
Implementing External Network Security - I • Implementing external network security was not necessary while dial up connections were used • Arrival of high speed internet connection has completely changed security aspect for home computers • Users who use Asymmetric digital subscriber line (ADSL) or a cable modem is the main target for the hackers • Windows XP now has an Internet Connection Firewall (ICF) available
Implementing External Network Security - II • SOHO routers are connected to provide security to networked systems sharing a single Internet connection • Large networks employ a dedicated firewall between a gateway router and the protected network • A demilitarized zone (DMZ) can also be implemented to prevent access to the network
Cryptography • Cryptography is a science that deals with securing information • Objectives of Cryptography are: – Message Confidentiality – Message Integrity – Message Authentication – Message Nonrepudiation – solves the issues related to disputes beteween sender and receiver – Entity Authentication
Types of Cryptosystems • Cryptographic systems consists of algorithms and procedures used for encrypting the messages • Types of cryptographic systems: – Symmetric Cryptographic Systems – Asymmetric Cryptographic Systems • Symmetric Cryptographic Systems use same keys for encryption and decryption • Asymmetric Cryptographic Systems use two keys, one for encryption and other for decryption
Encryption/Decryption • Encryption refers to conversion of plain text into cipher text • Cipher algorithm is used to transform plain text into cipher text • Different types of traditional ciphers used to encode the message fall in to two broad categories: – Substitution ciphers – Transposition ciphers
Public Key Encryption/Decryption • Uses a combination of two keys the private key and the public key (Asymmetric) • Private key is known only to the receiver of the message
Secret Key Encryption / Decryption • Uses the same key to encrypt and decrypt the message (Symmetric) • Algorithm used for decrypting the message is inverse of algorithm that is used to encrypt message
Digital Signatures - I • Used to authenticate the origin of the document • Come under the asymmetric cryptography category • Can be accomplished in two ways: – Signing the document – Signing the digest of the document
Digital Signature - II • Signing the document • Signing the digest
Digital Signature - III • Signing the Document – public and private keys of the sender are used for encrypting and decrypting the document • Signing the digest – used when the message to be sent is long. Creates a digest of the message using the hash function and then sign it
Authentication Protocol • Authentication is a process by which the identity of the concerned party is identified before starting the communication process • Data traffic is encrypted using symmetric key cryptography for performance reasons • Public key cryptography is used for developing authorization protocols as well as creating a session key
Authentication based on Shared Secret Key • Challenge response protocols used for authentication using shared secret key
Authentication using Kerberos • Three types of servers involved in Kerberos protocol: – Authentication Server (AS) – Ticket-Granting Server (TGS) – Real Server
Authentication using Public – Key Cryptography • Certification Authority : Organization that binds a public key to an entity and issues a certificate
Firewall - I • Firewall is a system that blocks all unwanted and unauthorized access of the system resources • Firewall can be set using a router, switch, or a bridge • Firewall is basically present at the junction point or gateway between two networks like a private and public network • Firewalls can be hardware or software • Basic types of firewalls are: – Packet-Filter Firewalls – Proxy Firewalls
Types of Firewall • Packet filter Firewall – forward or blocks the packets depending source and destination IP address, port address or type of protocol used (TCP or UDP). Collects the information from the network and transport layer headers • Proxy Firewall – filters the data at application layer e.g. online book
Firewall - II • Demilitarized Zones in Firewall – Network that is usually present between an internal and external network of an organization – DMZ host provides services for external networks thus providing cover for internal networks against intruders
VLAN - I • Individual broadcast domains created by the switch are called virtual LANs. • Different characteristics used to group stations in a VLAN are: – Port Numbers – MAC addresses – IP addresses – Multicast IP Addresses – Combination • IEEE standard 802.1Q defines format of frame tagging in VLAN
VLAN - II • VLAN can be configured in three ways: Manual, Automatic, and Semiautomatic • Three methods used for communication between switches are: – Table Maintenance – Frame tagging – Time Division Multiplexing (TDM) • Advantages of VLAN are: – Network Management – Creating Virtual Work Groups – Security
Fault Tolerance and Redundancy • Shared data of a network should have better protection rather than having to restore the backups with difficulty • The capability of a server to continue operating in case of a hardware failure is known as fault tolerance • To implement fault tolerance you have to make the data redundant on the serving system
RAID • RAID is a technology that uses a collection of hard disks to share and replicate data • Different levels of RAID are RAID 0, 1, 2, 3, 4, 5, 6, 0+1, 10, 53 and linear RAID
Network-Attached Storage (NAS) • Used for implementing a server just for file sharing • A prebuilt system usually running LINUX with Samba and/ or Network File System (NFS) • Devices have DHCP enabled and require very little or no configuration to run
Storage area network (SAN) • SAN is a network whose primary aim is to transfer data between disk arrays, tape drives and servers • The various SAN components are: – Fiber channel Switches – Hosts and Host Bus Adapters – Storage Devices – Cabling and Cable Connectors
Tape Backup • Tape backup becomes essential incase of a hardware crash or damage to the server • Magnetic tape is the oldest method of storing data from the computer • Tape backup options fall in to three major groups: – Quarter-inch tape (QIC) – Digital Audio Tape (DAT) – Digital Linear Tape (DLT)
Perfect Server - I • Network that shares data requires specialized hardware so as to share data as fast as possible • Hardware requirement for Speed – Fast NICS : Increasing the data throughput and making it do more than one task at a time – Faster Drives : Using a PATA or a SCSI drive and implementing RAID 5 for data protection
Perfect Server - II • Servers require reliability, speed as well as data protection • Good Power • Antivirus Program • Environment
Hardware Requirement for speed • The hardware requirements for a server and a workstation differ from each other completely • Workstations do not require the speed, reliability and data backup. Servers on the other hand require reliability, speed, as well as data protection • The two things that can make the server provide good speed are: – Fast NICs – Fast Drives
Reliability - I • A steady AC power supply is to be provided to all the systems • The different methods of providing good power are: – Dedicated Circuits – Surge suppressors – Uninterruptible Power Supply (UPS) – Backup Power • Another problem along with faulty power is computer viruses
Reliability - II • Five typical types of viruses are: – Boot sector – Executable – Macro – Trojan – Worm • Damage due to virus attacks can be prevented by not allowing the virus from entering the system • Necessary to provide a good environment for the server to improve its reliability
Protocols • Different protocols are used at different layers of the OSI model for providing security to the users • The different protocols used are: – Secure Socket Layer (SSL) – Internet Protocol Security (IPSec) – Point-to-Point Tunneling Protocol (PPTP) – Point-to-Point Protocol (PPP) – Serial Line Interface Protocol (SLIP)
SLIP • Serial Line Internet Protocol (SLIP) is used to connect the computer to the Internet using serial connection such as the dial-up modem • Serial Line Internet Protocol was designed for Data link protocol for telephony • However, SLIP only supported TCP/IP and not NetBEUI or IPX network.
PPP - I • One of the common protocols for point to point access • PPP addressed all of the shortcomings of SLIP • Different services provided by PPP are as follows: – Defines the format of the frames to be exchanged between devices. – Defines how the devices can negotiate for establishment of link and exchange of data – Defines how network layer data is encapsulated in the data link frame. – Defines how the devices can authenticate each other
PPP - II • Provides multiple network layer services that support different network layer protocols. • Provides connection over multiple links. • Provides network address configuration which is useful incase a user needs a temporary network address to connect to the Internet
PPTP • Network protocol that allows secure transfer of data from a remote client to a private server • It is the Microsoft VPN encryption protocol • The three processes involved in PPTP are: – PPTP connection and communication – PPTP control connection – PPTP data tunnelling
IPSec • Protocol set that was developed by Internet Engineering Task Force (IETF) for providing security to a packet at the network level • IPSec operates in two modes: – Transport Mode – Tunnel Mode
SSL • SSL is a protocol developed by Netscape for transmitting private documents over the Internet. • Web pages that use SSL have URLs starting with https • Different services provided by SSL for the data received by application layer are: – Fragmentation – Compression – Message Integrity – Confidentiality – Framing

Recommandé

Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)Soham Kansodaria
 
Network security
Network security Network security
Network security Madhumithah Ilango
 
Web application attacks
Web application attacksWeb application attacks
Web application attackshruth
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
User authentication
User authenticationUser authentication
User authenticationCAS
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Cyber security
Cyber securityCyber security
Cyber securityAman Pradhan
 

Recommandé

Computer security concepts
Computer security conceptsComputer security concepts
Computer security conceptsG Prachi
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)Soham Kansodaria
 
Network security
Network security Network security
Network security Madhumithah Ilango
 
Web application attacks
Web application attacksWeb application attacks
Web application attackshruth
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
User authentication
User authenticationUser authentication
User authenticationCAS
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Cyber security
Cyber securityCyber security
Cyber securityAman Pradhan
 
The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptxGulnurAzat
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptxkishore golla
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYVaishak Chandran
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
Dmz
Dmz Dmz
Dmz أحلام انصارى
 
Firewalls in network security
Firewalls in network securityFirewalls in network security
Firewalls in network securityVikram Khanna
 
Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...Edureka!
 
Cryptography
CryptographyCryptography
CryptographyShivanand Arur
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security pptVenkatesh Chary
 
Web Security
Web SecurityWeb Security
Web SecurityBharath Manoharan
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle AttackDeepak Upadhyay
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Network security
Network securityNetwork security
Network securityquest university nawabshah
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptshindept123
 
Security Attacks.ppt
Security Attacks.pptSecurity Attacks.ppt
Security Attacks.pptZaheer720515
 
lecture 7.pptx
lecture 7.pptxlecture 7.pptx
lecture 7.pptxMelkamuEndale1
 
Section c group2_firewall_ final
Section c group2_firewall_ finalSection c group2_firewall_ final
Section c group2_firewall_ finalpg13tarun_g
 

Contenu connexe

Tendances

The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptxGulnurAzat
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptxkishore golla
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
Firewalls in network security
Firewalls in network securityFirewalls in network security
Firewalls in network securityVikram Khanna
 
Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...Edureka!
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle AttackDeepak Upadhyay
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Cia security model
Cia security modelCia security model
Cia security modelImran Ahmed
 
Security Attacks.ppt
Security Attacks.pptSecurity Attacks.ppt
Security Attacks.pptZaheer720515
 

Tendances (20)

The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptx
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
 
Dmz
Dmz Dmz
Dmz
 
Firewalls in network security
Firewalls in network securityFirewalls in network security
Firewalls in network security
 
Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...
 
Cryptography
CryptographyCryptography
Cryptography
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissance
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 
Web Security
Web SecurityWeb Security
Web Security
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle Attack
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
 
Network security
Network securityNetwork security
Network security
 
Cia security model
Cia security modelCia security model
Cia security model
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Security Attacks.ppt
Security Attacks.pptSecurity Attacks.ppt
Security Attacks.ppt
 

Similaire à Network security and protocols

Section c group2_firewall_ final
Section c group2_firewall_ finalSection c group2_firewall_ final
Section c group2_firewall_ finalpg13tarun_g
 
Network defenses
Network defensesNetwork defenses
Network defensesG Prachi
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewallsDivya Jyoti
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Pathshibaehed
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)Jainam Shah
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionSachintha Gunasena
 
How we breach small and medium enterprises (SMEs)
How we breach small and medium enterprises (SMEs)How we breach small and medium enterprises (SMEs)
How we breach small and medium enterprises (SMEs)NCC Group
 
E-COMMERCE SECURITY (2).ppt
E-COMMERCE SECURITY (2).pptE-COMMERCE SECURITY (2).ppt
E-COMMERCE SECURITY (2).pptHemlata Gangwar
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Radhika Talaviya
 
98 366 mva slides lesson 8
98 366 mva slides lesson 898 366 mva slides lesson 8
98 366 mva slides lesson 8suddenven
 

Similaire à Network security and protocols (20)

lecture 7.pptx
lecture 7.pptxlecture 7.pptx
lecture 7.pptx
 
Section c group2_firewall_ final
Section c group2_firewall_ finalSection c group2_firewall_ final
Section c group2_firewall_ final
 
Network defenses
Network defensesNetwork defenses
Network defenses
 
Unit08
Unit08Unit08
Unit08
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewalls
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths
 
Ccna sec 01
Ccna sec 01Ccna sec 01
Ccna sec 01
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
 
Firewall ( Cyber Security)
Firewall ( Cyber Security)Firewall ( Cyber Security)
Firewall ( Cyber Security)
 
Security chapter6
Security chapter6Security chapter6
Security chapter6
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
 
Firewall
FirewallFirewall
Firewall
 
How we breach small and medium enterprises (SMEs)
How we breach small and medium enterprises (SMEs)How we breach small and medium enterprises (SMEs)
How we breach small and medium enterprises (SMEs)
 
E-COMMERCE SECURITY (2).ppt
E-COMMERCE SECURITY (2).pptE-COMMERCE SECURITY (2).ppt
E-COMMERCE SECURITY (2).ppt
 
firewall.ppt
firewall.pptfirewall.ppt
firewall.ppt
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters
 
Lect_2.pptx
Lect_2.pptxLect_2.pptx
Lect_2.pptx
 
MVA slides lesson 8
MVA slides lesson 8MVA slides lesson 8
MVA slides lesson 8
 
98 366 mva slides lesson 8
98 366 mva slides lesson 898 366 mva slides lesson 8
98 366 mva slides lesson 8
 
Seminar
SeminarSeminar
Seminar
 

Plus de Online

Philosophy of early childhood education 3
Philosophy of early childhood education 3Philosophy of early childhood education 3
Philosophy of early childhood education 3Online
 
Philosophy of early childhood education 2
Philosophy of early childhood education 2Philosophy of early childhood education 2
Philosophy of early childhood education 2Online
 
Philosophy of early childhood education 1
Philosophy of early childhood education 1Philosophy of early childhood education 1
Philosophy of early childhood education 1Online
 
Philosophy of early childhood education 4
Philosophy of early childhood education 4Philosophy of early childhood education 4
Philosophy of early childhood education 4Online
 
Operation and expression in c++
Operation and expression in c++Operation and expression in c++
Operation and expression in c++Online
 
Functions
FunctionsFunctions
FunctionsOnline
 
Formatted input and output
Formatted input and outputFormatted input and output
Formatted input and outputOnline
 
Control structures selection
Control structures selectionControl structures selection
Control structures selectionOnline
 
Control structures repetition
Control structures repetitionControl structures repetition
Control structures repetitionOnline
 
Introduction to problem solving in c++
Introduction to problem solving in c++Introduction to problem solving in c++
Introduction to problem solving in c++Online
 
Optical transmission technique
Optical transmission techniqueOptical transmission technique
Optical transmission techniqueOnline
 
Multi protocol label switching (mpls)
Multi protocol label switching (mpls)Multi protocol label switching (mpls)
Multi protocol label switching (mpls)Online
 
Lan technologies
Lan technologiesLan technologies
Lan technologiesOnline
 
Introduction to internet technology
Introduction to internet technologyIntroduction to internet technology
Introduction to internet technologyOnline
 
Internet standard routing protocols
Internet standard routing protocolsInternet standard routing protocols
Internet standard routing protocolsOnline
 
Internet protocol
Internet protocolInternet protocol
Internet protocolOnline
 
Application protocols
Application protocolsApplication protocols
Application protocolsOnline
 
Addressing
AddressingAddressing
AddressingOnline
 
Transport protocols
Transport protocolsTransport protocols
Transport protocolsOnline
 
Leadership
LeadershipLeadership
LeadershipOnline
 

Plus de Online (20)

Philosophy of early childhood education 3
Philosophy of early childhood education 3Philosophy of early childhood education 3
Philosophy of early childhood education 3
 
Philosophy of early childhood education 2
Philosophy of early childhood education 2Philosophy of early childhood education 2
Philosophy of early childhood education 2
 
Philosophy of early childhood education 1
Philosophy of early childhood education 1Philosophy of early childhood education 1
Philosophy of early childhood education 1
 
Philosophy of early childhood education 4
Philosophy of early childhood education 4Philosophy of early childhood education 4
Philosophy of early childhood education 4
 
Operation and expression in c++
Operation and expression in c++Operation and expression in c++
Operation and expression in c++
 
Functions
FunctionsFunctions
Functions
 
Formatted input and output
Formatted input and outputFormatted input and output
Formatted input and output
 
Control structures selection
Control structures selectionControl structures selection
Control structures selection
 
Control structures repetition
Control structures repetitionControl structures repetition
Control structures repetition
 
Introduction to problem solving in c++
Introduction to problem solving in c++Introduction to problem solving in c++
Introduction to problem solving in c++
 
Optical transmission technique
Optical transmission techniqueOptical transmission technique
Optical transmission technique
 
Multi protocol label switching (mpls)
Multi protocol label switching (mpls)Multi protocol label switching (mpls)
Multi protocol label switching (mpls)
 
Lan technologies
Lan technologiesLan technologies
Lan technologies
 
Introduction to internet technology
Introduction to internet technologyIntroduction to internet technology
Introduction to internet technology
 
Internet standard routing protocols
Internet standard routing protocolsInternet standard routing protocols
Internet standard routing protocols
 
Internet protocol
Internet protocolInternet protocol
Internet protocol
 
Application protocols
Application protocolsApplication protocols
Application protocols
 
Addressing
AddressingAddressing
Addressing
 
Transport protocols
Transport protocolsTransport protocols
Transport protocols
 
Leadership
LeadershipLeadership
Leadership
 

Dernier

Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 

Dernier (20)

Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 

Network security and protocols

  • 2. Threats  Prevent users from accessing the required resources for performing their task Types of Threats Internal External
  • 3. Internal Threats • Malicious practices done by the local networks users that do not allow efficient sharing of the network resources • Common internal threats are: – Unauthorized Access – Data Destruction – Administrative Access – System Crash/Hardware Failure – Virus
  • 4. Protecting from Internal Threats • Methods of protecting internal threats largely dependent on policies rather than technology • To protect the network from internal threats you need to implement: – Passwords – User Account Control – creating groups – Policies – Fault Tolerance
  • 5. External Threats • External threats can exist in two forms: – Attacker manipulates the user to gain access to the network – Hacker at a remote location uses technical methods to gain illegal access to your network • Common external threats are: – Social Engineering – Hacking – internet worms or other internet hacking tools
  • 6. Protecting from External Threats • Securing network from external threat is a competition between hackers and security people • To protect the network from external threats you need to provide: – Physical protection – lock the server – Firewalls – Encryption –IPSec ,SSL – Authentication – Kerberos, PAP, CHAP – Public Keys and Certificates – VLAN
  • 7. Need for Network Security • Network security - Mechanism that protects the network resources from being attacked by the outside world • Hackers constantly look out for loopholes in the network security and snoop into a network • Spyware and other adware program get installed into your computer and start transmitting private information • IP snooping allows monitoring of network traffic that is sent over the internet
  • 8. Security Attacks - I • Break the security barrier of the network and access the network resources Types of Security Attacks Active Passive
  • 9. Implementing External Network Security - I • Implementing external network security was not necessary while dial up connections were used • Arrival of high speed internet connection has completely changed security aspect for home computers • Users who use Asymmetric digital subscriber line (ADSL) or a cable modem is the main target for the hackers • Windows XP now has an Internet Connection Firewall (ICF) available
  • 10. Implementing External Network Security - II • SOHO routers are connected to provide security to networked systems sharing a single Internet connection • Large networks employ a dedicated firewall between a gateway router and the protected network • A demilitarized zone (DMZ) can also be implemented to prevent access to the network
  • 11. Cryptography • Cryptography is a science that deals with securing information • Objectives of Cryptography are: – Message Confidentiality – Message Integrity – Message Authentication – Message Nonrepudiation – solves the issues related to disputes beteween sender and receiver – Entity Authentication
  • 12. Types of Cryptosystems • Cryptographic systems consists of algorithms and procedures used for encrypting the messages • Types of cryptographic systems: – Symmetric Cryptographic Systems – Asymmetric Cryptographic Systems • Symmetric Cryptographic Systems use same keys for encryption and decryption • Asymmetric Cryptographic Systems use two keys, one for encryption and other for decryption
  • 13. Encryption/Decryption • Encryption refers to conversion of plain text into cipher text • Cipher algorithm is used to transform plain text into cipher text • Different types of traditional ciphers used to encode the message fall in to two broad categories: – Substitution ciphers – Transposition ciphers
  • 14. Public Key Encryption/Decryption • Uses a combination of two keys the private key and the public key (Asymmetric) • Private key is known only to the receiver of the message
  • 15. Secret Key Encryption / Decryption • Uses the same key to encrypt and decrypt the message (Symmetric) • Algorithm used for decrypting the message is inverse of algorithm that is used to encrypt message
  • 16. Digital Signatures - I • Used to authenticate the origin of the document • Come under the asymmetric cryptography category • Can be accomplished in two ways: – Signing the document – Signing the digest of the document
  • 17. Digital Signature - II • Signing the document • Signing the digest
  • 18. Digital Signature - III • Signing the Document – public and private keys of the sender are used for encrypting and decrypting the document • Signing the digest – used when the message to be sent is long. Creates a digest of the message using the hash function and then sign it
  • 19. Authentication Protocol • Authentication is a process by which the identity of the concerned party is identified before starting the communication process • Data traffic is encrypted using symmetric key cryptography for performance reasons • Public key cryptography is used for developing authorization protocols as well as creating a session key
  • 20. Authentication based on Shared Secret Key • Challenge response protocols used for authentication using shared secret key
  • 21. Authentication using Kerberos • Three types of servers involved in Kerberos protocol: – Authentication Server (AS) – Ticket-Granting Server (TGS) – Real Server
  • 22. Authentication using Public – Key Cryptography • Certification Authority : Organization that binds a public key to an entity and issues a certificate
  • 23. Firewall - I • Firewall is a system that blocks all unwanted and unauthorized access of the system resources • Firewall can be set using a router, switch, or a bridge • Firewall is basically present at the junction point or gateway between two networks like a private and public network • Firewalls can be hardware or software • Basic types of firewalls are: – Packet-Filter Firewalls – Proxy Firewalls
  • 24. Types of Firewall • Packet filter Firewall – forward or blocks the packets depending source and destination IP address, port address or type of protocol used (TCP or UDP). Collects the information from the network and transport layer headers • Proxy Firewall – filters the data at application layer e.g. online book
  • 25. Firewall - II • Demilitarized Zones in Firewall – Network that is usually present between an internal and external network of an organization – DMZ host provides services for external networks thus providing cover for internal networks against intruders
  • 26. VLAN - I • Individual broadcast domains created by the switch are called virtual LANs. • Different characteristics used to group stations in a VLAN are: – Port Numbers – MAC addresses – IP addresses – Multicast IP Addresses – Combination • IEEE standard 802.1Q defines format of frame tagging in VLAN
  • 27. VLAN - II • VLAN can be configured in three ways: Manual, Automatic, and Semiautomatic • Three methods used for communication between switches are: – Table Maintenance – Frame tagging – Time Division Multiplexing (TDM) • Advantages of VLAN are: – Network Management – Creating Virtual Work Groups – Security
  • 28. Fault Tolerance and Redundancy • Shared data of a network should have better protection rather than having to restore the backups with difficulty • The capability of a server to continue operating in case of a hardware failure is known as fault tolerance • To implement fault tolerance you have to make the data redundant on the serving system
  • 29. RAID • RAID is a technology that uses a collection of hard disks to share and replicate data • Different levels of RAID are RAID 0, 1, 2, 3, 4, 5, 6, 0+1, 10, 53 and linear RAID
  • 30. Network-Attached Storage (NAS) • Used for implementing a server just for file sharing • A prebuilt system usually running LINUX with Samba and/ or Network File System (NFS) • Devices have DHCP enabled and require very little or no configuration to run
  • 31. Storage area network (SAN) • SAN is a network whose primary aim is to transfer data between disk arrays, tape drives and servers • The various SAN components are: – Fiber channel Switches – Hosts and Host Bus Adapters – Storage Devices – Cabling and Cable Connectors
  • 32. Tape Backup • Tape backup becomes essential incase of a hardware crash or damage to the server • Magnetic tape is the oldest method of storing data from the computer • Tape backup options fall in to three major groups: – Quarter-inch tape (QIC) – Digital Audio Tape (DAT) – Digital Linear Tape (DLT)
  • 33. Perfect Server - I • Network that shares data requires specialized hardware so as to share data as fast as possible • Hardware requirement for Speed – Fast NICS : Increasing the data throughput and making it do more than one task at a time – Faster Drives : Using a PATA or a SCSI drive and implementing RAID 5 for data protection
  • 34. Perfect Server - II • Servers require reliability, speed as well as data protection • Good Power • Antivirus Program • Environment
  • 35. Hardware Requirement for speed • The hardware requirements for a server and a workstation differ from each other completely • Workstations do not require the speed, reliability and data backup. Servers on the other hand require reliability, speed, as well as data protection • The two things that can make the server provide good speed are: – Fast NICs – Fast Drives
  • 36. Reliability - I • A steady AC power supply is to be provided to all the systems • The different methods of providing good power are: – Dedicated Circuits – Surge suppressors – Uninterruptible Power Supply (UPS) – Backup Power • Another problem along with faulty power is computer viruses
  • 37. Reliability - II • Five typical types of viruses are: – Boot sector – Executable – Macro – Trojan – Worm • Damage due to virus attacks can be prevented by not allowing the virus from entering the system • Necessary to provide a good environment for the server to improve its reliability
  • 38. Protocols • Different protocols are used at different layers of the OSI model for providing security to the users • The different protocols used are: – Secure Socket Layer (SSL) – Internet Protocol Security (IPSec) – Point-to-Point Tunneling Protocol (PPTP) – Point-to-Point Protocol (PPP) – Serial Line Interface Protocol (SLIP)
  • 39. SLIP • Serial Line Internet Protocol (SLIP) is used to connect the computer to the Internet using serial connection such as the dial-up modem • Serial Line Internet Protocol was designed for Data link protocol for telephony • However, SLIP only supported TCP/IP and not NetBEUI or IPX network.
  • 40. PPP - I • One of the common protocols for point to point access • PPP addressed all of the shortcomings of SLIP • Different services provided by PPP are as follows: – Defines the format of the frames to be exchanged between devices. – Defines how the devices can negotiate for establishment of link and exchange of data – Defines how network layer data is encapsulated in the data link frame. – Defines how the devices can authenticate each other
  • 41. PPP - II • Provides multiple network layer services that support different network layer protocols. • Provides connection over multiple links. • Provides network address configuration which is useful incase a user needs a temporary network address to connect to the Internet
  • 42. PPTP • Network protocol that allows secure transfer of data from a remote client to a private server • It is the Microsoft VPN encryption protocol • The three processes involved in PPTP are: – PPTP connection and communication – PPTP control connection – PPTP data tunnelling
  • 43. IPSec • Protocol set that was developed by Internet Engineering Task Force (IETF) for providing security to a packet at the network level • IPSec operates in two modes: – Transport Mode – Tunnel Mode
  • 44. SSL • SSL is a protocol developed by Netscape for transmitting private documents over the Internet. • Web pages that use SSL have URLs starting with https • Different services provided by SSL for the data received by application layer are: – Fragmentation – Compression – Message Integrity – Confidentiality – Framing