Network Security Basics: Protecting TCP/IP-based Networks, Lecture notes of Computer Science

An overview of network security basics, focusing on internet and intranet security for tcp/ip-based networks. It covers various network attacks and security protocols to ensure confidentiality, integrity, and availability of data. Learn about ip spoofing, dns spoofing, url spoofing, and common network security protocols like sftp, https, ssl, and ipsec.

Typology: Lecture notes

2022/2023

Uploaded on 01/27/2024

mike-siera
mike-siera 🇪🇹

5 documents

1 / 75

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Chapter Four: Network Security
Security is a continuous process of protecting an object
from unauthorized access. It is as state of being or
feeling protected from harm.
That object in that state may be aperson,an
organization such as a business, or property such as a
computer system or a file.
Network security basics
Network Security deals with all aspects related to the
protection of the sensitive information/assets existing
on the network.
It covers various mechanisms developed to provide
fundamental security services for data communication
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b

Partial preview of the text

Download Network Security Basics: Protecting TCP/IP-based Networks and more Lecture notes Computer Science in PDF only on Docsity!

Security is a continuous process of protecting an object from unauthorized access. It is as state of being or feeling protected from harm. That object in that state may be a person, an organization such as a business, or property such as a computer system or a file.

Network security basics

Network Security deals with all aspects related to the protection of the sensitive information/assets existing on the network. It covers various mechanisms developed to provide fundamental security services for data communication

Network security refers to the practice of protecting computer networks and their associated infrastructure from unauthorized access, misuse, disruption, or modification. It involves the implementation of policies, procedures, and technologies to safeguard the integrity, confidentiality, and availability of data and network resources.

Network security basics

Ultimately, network security is essential in protecting both corporate and personal networks from cyber threats, ensuring the confidentiality, integrity, and availability of critical data and resources. By implementing robust network security measures, organizations can mitigate risks, safeguard sensitive information, and maintain operational resilience in the face of evolving cyber threats and security challenges.

Network security basics-TCP/IP based networks)

Applications, systems, and networks can be made

secure through the use of security protocols,

 which provide a wide range of encryption and authentication services.

Each security protocol is placed within several

layers of a computing infrastructure, that is,

network, transport, and application layers.

Network security basics

Network security protocols are a type of network

protocol that ensures the security and integrity of

data in transit over a network connection.

Spoofing attack: a situation in which one person or program successfully imitate another by falsifying data and thereby gaining an illegitimate advantage.  IP spoofing  Putting a wrong IP address in the source IP address of an IP packet  DNS spoofing  Changing the DNS information so that it directs to a wrong machine  URL spoofing/Webpage phishing  A legitimate web page such as a bank's site is reproduced in "look and feel" on another server under control of the attacker

Network attacks

URL spoofing/Webpage phishing  This technique often directs users to enter detailed information at a fake website which appears almost identical to the legitimate one.  Popular method of phishing is:  sending legitimate looking email containing a link to the fake website.  Registering fake website with a misspelled URL of popular websites  (www.microsoft.com www.microshoft.com) or  a different domain (www.whitehouse.gov www.whitehouse.com)

Network attacks

Some of the popular network security protocols include Secure File Transfer Protocol (SFTP), Secure Hypertext Transfer Protocol (HTTPS) and Secure Socket Layer (SSL) The next slides show some attacks and security protocols at each layer of the TCP/IP stack Network security protocols generally implement cryptography and encryption techniques to secure the data so that it can only be decrypted with a special algorithm, logical key, mathematical formula and/or a combination of all of them.

Network security protocols

Various business services are now offered online through client-server applications The most popular forms are web application and e- mail. In both applications, the client communicates to the designated server and obtains services. Application Layer Security While using a service from any server application, the client and server exchange a lot of information on the underlying intranet or Internet.  These information need to be protected from various network attacks

The mail is sent to a mail server which is permanently available on the network. When the recipient’s machine connects to the network, it reads the mail from the mail server. In general, the e-mail infrastructure consists of:  mesh of mail servers, also termed as Message Transfer Agents (MTAs) and  client machines running an e-mail program comprising of User Agent (UA) and local MTA. Application Layer-E-mail Security Typically, an e-mail message gets forwarded from its UA, goes through the mesh of MTAs and finally reaches the UA on the recipient’s machine.

Application Layer-E-mail Security The protocols used for e-mail are: Simple mail Transfer Protocol (SMTP):  used for forwarding e-mail messages. Post Office Protocol (POP) and Internet Message Access Protocol (IMAP)  are used to retrieve the messages by recipient from the server.

SMTP Limitations - Can not transmit, or has a problem with  Executable files, or other binary files (e.g., JPEG image)  “national language” characters (non-ASCII)  Messages over a certain size  ASCII to EBCDIC translation problems  Lines longer than a certain length ( 72 to 254 characters) Multipurpose Internet Mail Extension (MIME) is intended to address some of the problems and limitations of the use of SMTP Application Layer-E-mail Security

Multipurpose Internet Mail Extension

(MIME)

Basic Internet e-mail standard was written in

1982 and it describes the format of e-mail

message exchanged on the Internet.

It mainly supports e-mail message written as

text in basic Roman alphabet.

By 1992 , additional standard Multipurpose

Internet Mail Extensions (MIME) was defined.

Application Layer-E-mail Security

E-mail communication  One-to-One E-mail  One-to-Multiple Recipients E-mail  One-to-Distribution List E-mail Application Layer-E-mail Security Pretty Good Privacy (PGP)  Pretty Good Privacy (PGP) is an e-mail encryption scheme.  It has become the de-facto standard for providing security services for e-mail communication.  PGP is an open-source, freely available software package for e-mail security  Philip R. Zimmerman is the creator of PGP

Pretty Good Privacy (PGP) It uses public key cryptography, symmetric key cryptography, hash function, and digital signature. It provides  Privacy  Sender Authentication  Message Integrity  Non-repudiation Along with these security services, it also provides data compression and key management support. PGP uses existing cryptographic algorithms such as RSA, IDEA, MD 5 , etc., rather than inventing the new ones. Application Layer-E-mail Security