Network Security - Introduction to Computer Security - Lecture Slides, Slides of Computer Security

The major points which are very useful in understanding the concept of the computer security are:Network Security, Firewalls, Traffic Control, Checkpoint Placed, Imposed, Firewall Objectives, Unwanted, Information, Sensitive, External Attacks

Typology: Slides

2012/2013

Uploaded on 04/22/2013

satheesh
satheesh 🇮🇳

4.5

(11)

85 documents

1 / 33

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Network Security
Firewalls
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21

Partial preview of the text

Download Network Security - Introduction to Computer Security - Lecture Slides and more Slides Computer Security in PDF only on Docsity!

Network Security

Firewalls

Traffic Control – Firewall

  • Brick wall placed between apartments to prevent the spread of fire from one apartment to the next
  • Single, narrow checkpoint placed between two or more networks where security and audit can be imposed on traffic which passes through it

Firewall Objectives

Keep intruders, malicious code and unwanted traffic or information out  Keep proprietary and sensitive information in

Private Network

External Network

Proprietary data

External attacks

Without firewalls, nodes:

  • Are exposed to insecure services
  • Are exposed to probes and attacks from outside
  • Can be defenseless against new attacks
  • Network security totally relies on host security and all hosts must communicate to achieve high level of security – almost impossible

Common firewall features

 Routing information about the private network can't be observed from outside

 traceroute and ping -o can't `see' internal hosts

 Users wishing to log on to an internal host must first log onto a firewall machine (or else start `behind' the firewall).

Trade-Off between accessibility and

Security

Accessibility (^) Security

Service Access Policy

Controlled Access

  • A site could prevent outside access to its hosts except for special cases (e.g., mail server).
  • Do not give access to a host that does not require access.
  • Some hosts can be reached from outside, some can not.
  • Some hosts can reach outside, some can not.

Concentrated Security

  • Firewall less expensive than securing all hosts
    • All or most modified software and additional security software on firewall only (no need to distribute on many hosts)
  • Other network security (e.g., Kerberos) involves modification at each host system.

Logging and Statistics on Network

Use, Misuse

  • If all access to and from the Internet passes through the firewall, the firewall can theoretically log accesses and provide statistics about system usage
  • Alarm can be added to indicate suspicious activity, probes and attacks – double duty as IDS on smaller networks

Policy enforcement

  • Means for implementing and enforcing a network access policy
  • Access control for users and services
  • Can’t replace a good education/awareness program, however: - Knowledgeable users could tunnel traffic to bypass policy enforcement on a firewall

Firewall Components

  • Firewall Administrator
  • Firewall policy
  • Packet filters
    • transparent
    • does not change traffic, only passes it
  • Proxies
    • Active
    • Intercepts traffic and acts as an intermediary

Firewall Administrator

  • Knowledge of underpinnings of network protocols (ex. TCP/IP, ICMP)
  • Knowledge of workings of applications that run over the lower level protocols
  • Knowledge of interaction between firewall implementation and traffic
  • Vendor specific knowledge

Service Access Policy

  • Part of the Network Security Policy
  • Defines:
    • TCP/IP protocols
    • Services that are allowed or denied
    • Service usage
    • Exception handling

Service Access Policy

  • Goal: Keep outsiders out
  • Must be realistic and reflect required security level
  • Full security v.s. full accessibility