



































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
An overview of network security basics, focusing on internet and intranet security for tcp/ip-based networks. It covers various network attacks and security protocols to ensure confidentiality, integrity, and availability of data. Learn about ip spoofing, dns spoofing, url spoofing, and common network security protocols like sftp, https, ssl, and ipsec.
Typology: Lecture notes
1 / 75
This page cannot be seen from the preview
Don't miss anything!




































































Security is a continuous process of protecting an object from unauthorized access. It is as state of being or feeling protected from harm. That object in that state may be a person, an organization such as a business, or property such as a computer system or a file.
Network Security deals with all aspects related to the protection of the sensitive information/assets existing on the network. It covers various mechanisms developed to provide fundamental security services for data communication
Network security refers to the practice of protecting computer networks and their associated infrastructure from unauthorized access, misuse, disruption, or modification. It involves the implementation of policies, procedures, and technologies to safeguard the integrity, confidentiality, and availability of data and network resources.
Ultimately, network security is essential in protecting both corporate and personal networks from cyber threats, ensuring the confidentiality, integrity, and availability of critical data and resources. By implementing robust network security measures, organizations can mitigate risks, safeguard sensitive information, and maintain operational resilience in the face of evolving cyber threats and security challenges.
Network security basics-TCP/IP based networks)
which provide a wide range of encryption and authentication services.
Spoofing attack: a situation in which one person or program successfully imitate another by falsifying data and thereby gaining an illegitimate advantage. IP spoofing Putting a wrong IP address in the source IP address of an IP packet DNS spoofing Changing the DNS information so that it directs to a wrong machine URL spoofing/Webpage phishing A legitimate web page such as a bank's site is reproduced in "look and feel" on another server under control of the attacker
URL spoofing/Webpage phishing This technique often directs users to enter detailed information at a fake website which appears almost identical to the legitimate one. Popular method of phishing is: sending legitimate looking email containing a link to the fake website. Registering fake website with a misspelled URL of popular websites (www.microsoft.com www.microshoft.com) or a different domain (www.whitehouse.gov www.whitehouse.com)
Some of the popular network security protocols include Secure File Transfer Protocol (SFTP), Secure Hypertext Transfer Protocol (HTTPS) and Secure Socket Layer (SSL) The next slides show some attacks and security protocols at each layer of the TCP/IP stack Network security protocols generally implement cryptography and encryption techniques to secure the data so that it can only be decrypted with a special algorithm, logical key, mathematical formula and/or a combination of all of them.
Various business services are now offered online through client-server applications The most popular forms are web application and e- mail. In both applications, the client communicates to the designated server and obtains services. Application Layer Security While using a service from any server application, the client and server exchange a lot of information on the underlying intranet or Internet. These information need to be protected from various network attacks
The mail is sent to a mail server which is permanently available on the network. When the recipient’s machine connects to the network, it reads the mail from the mail server. In general, the e-mail infrastructure consists of: mesh of mail servers, also termed as Message Transfer Agents (MTAs) and client machines running an e-mail program comprising of User Agent (UA) and local MTA. Application Layer-E-mail Security Typically, an e-mail message gets forwarded from its UA, goes through the mesh of MTAs and finally reaches the UA on the recipient’s machine.
Application Layer-E-mail Security The protocols used for e-mail are: Simple mail Transfer Protocol (SMTP): used for forwarding e-mail messages. Post Office Protocol (POP) and Internet Message Access Protocol (IMAP) are used to retrieve the messages by recipient from the server.
SMTP Limitations - Can not transmit, or has a problem with Executable files, or other binary files (e.g., JPEG image) “national language” characters (non-ASCII) Messages over a certain size ASCII to EBCDIC translation problems Lines longer than a certain length ( 72 to 254 characters) Multipurpose Internet Mail Extension (MIME) is intended to address some of the problems and limitations of the use of SMTP Application Layer-E-mail Security
Application Layer-E-mail Security
E-mail communication One-to-One E-mail One-to-Multiple Recipients E-mail One-to-Distribution List E-mail Application Layer-E-mail Security Pretty Good Privacy (PGP) Pretty Good Privacy (PGP) is an e-mail encryption scheme. It has become the de-facto standard for providing security services for e-mail communication. PGP is an open-source, freely available software package for e-mail security Philip R. Zimmerman is the creator of PGP
Pretty Good Privacy (PGP) It uses public key cryptography, symmetric key cryptography, hash function, and digital signature. It provides − Privacy Sender Authentication Message Integrity Non-repudiation Along with these security services, it also provides data compression and key management support. PGP uses existing cryptographic algorithms such as RSA, IDEA, MD 5 , etc., rather than inventing the new ones. Application Layer-E-mail Security