Documente Academic
Documente Profesional
Documente Cultură
Jaydip Chaudhari
BY:
Understand information security services Be aware of vulnerabilities and threats Realize why network security is necessary What are the elements of a comprehensive security program
Within the subculture of computer hobbyists and software enthusiasts, the term Hacker usually refers to a particulars kind of programmer.
Someone who programs creatively Someone who programs for pure enjoyment
Someone who breaks into computers, often to do something malicious such as steal credit card information
Many times from personal computer Using the program crackers can break into a system without
Passwords are the most fundamental security tool of any modern operating
Good way to choose a strong password is to take the first latter from each word of an easily remembered sentence. Examples:ItMc? - Is that My coat?
System Admin Tips for Password: Change or force user to change password periodically Password files within your server or database
Password protection
(i.e. firewall) Running security audit Examine and monitor log files Make use of intrusion detection tool Use common sense
More information is being created, stored, processed and communicated using computers and networks Computers are increasingly interconnected, creating new pathways to information assets
The threats to information are becoming more widespread and more sophisticated
Third trend makes it inevitable that we are increasingly vulnerable to the corruption or exploitation of information
and then access is granted to users based on their proven identity. In short, users are granted access to data via permissions. If users do not have permissions, they are denied access.
There are many other instances where someone can
have not been changed inappropriately, whether by accident or deliberately malign activity. It also includes "origin" or "source integrity" -- that is, that the data actually came from the person or entity you think it did, rather than an imposter.
hashing. In short, a hash is a number and a hashing algorithm can calculate a hash for a file or string of data. As long as the data has not changed (and the same hashing algorithm is used), the hash will always be the same. The two primary hashing algorithms used today are Message Digest 5 (MD5) and Secure Hashing Algorithm 1 (SHA-1). EG, if you calculate the hash of the phrase ILoveSecurity with the MD5 hashing algorithm it will always be E7F8B292F4F5C2F98E5DF1435EB73D1B.
calculate hashes of key files. The detection systems later check these files to determine if the hash is the same. If the hash has been modified, the file has lost integrity and is considered suspect.
information must be available when it is needed. This means that the computing systems used to store and process the information. High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades. Ensuring availability also involves preventing denial-of-service attacks such as a flood of incoming messages to the target system essentially forcing it to shut down.
against loss of availability are fault tolerant systems. Fault tolerance means that a system can develop a fault, yet tolerate it and continue to operate. This is often accomplished with redundant systems such as redundant Backups ensure that that important data is backed up and can be restored if the original data becomes corrupt
at multiple levels. For example, RAID-1 is a mirror of two drives; if one drive fails, the other drive still holds all the data. RAID-5 (striping with parity) uses three or more drives and uses parity to recreate the data if any drive fails. RAID-10 combines the features of a RAID-1 with the features of a RAID-0 array.
many applications representing different interests. The Internet is particularly widely shared, being used by competing businesses, mutually antagonistic governments, and opportunistic criminals.
Authentication Protocols
Example Systems Firewalls
To
use ciphers and authenticators, the communicating participants need to know what keys to use. In the case of a symmetric-key cipher, how does a pair of participants obtain the key they share? In the case of a public-key cipher, how do participants know what public key belongs to a certain participant? The answer differs depending on whether the keys are shortlived session keys or longer-lived pre-distributed keys.
new session key, which is always a symmetric-key key for speed. The participants determine what session key to use by means of a protocola session key establishment protocol. A session key establishment protocol needs its own security (so that, for example, an adversary cannot learn the new session key); that security is based on the longer-lived predistributed keys.
time for computationally intensive attacks, less ciphertext for cryptanalysis, and less information exposed should the key be broken. Pre-distribution of symmetric keys is problematic. Public key ciphers are generally superior for authentication and session key establishment but too slow to use encrypting entire messages for confidentiality.
Pre-Distribution of Public Keys One of the major standards for certificates is known as X.509. This standard leaves a lot of details open, but specifies a basic structure. A certificate clearly must include
the identity of the entity being certified the public key of the entity being certified the identity of the signer the digital signature a digital signature algorithm identifier (which cryptographic hash
Pretty Good Privacy (PGP) Pretty Good Privacy (PGP) is a widely used approach to providing security for electronic mail. It provides authentication, confidentiality, data integrity, and nonrepudiation. Originally devised by Phil Zimmerman, it has evolved into an IETF standard known as OpenPGP PGPs confidentiality and receiver authentication depend on the receiver of an email message having a public key that is known to the sender. To provide sender authentication and nonrepudiation, the sender must have a public key that is known by the receiver. These public keys are pre-distributed using certificates and a web-oftrust PKI. PGP supports RSA and DSS for public key certificates.
Secure Shell (SSH) The Secure Shell (SSH) protocol is used to provide a remote login service, and is intended to replace the less-secure Telnet and rlogin programs used in the early days of the Internet. SSH is most often used to provide strong client/server authentication/ message integritywhere the SSH client runs on the users desktop machine and the SSH server runs on some remote machine that the user wants to log into but it also supports confidentiality. Telnet and rlogin provide none of these capabilities. Note that SSH is often used to refer to both the SSH protocol and applications that use it; you need to figure out which from the context.
connectivity between a site it protects and the rest of the network. It is usually implemented as an appliance or part of a router, although a personal firewall may be implemented on an end user machine. Firewall-based security depends on the firewall being the only connectivity to the site from outside; there should be no way to bypass the firewall via other gateways, wireless connections, or dial-up connections.
internal to the firewall, and a less-trusted zone external to the firewall. This is useful if you do not want external users to access a particular host or service within your site. Firewalls may be used to create multiple zones of trust, such as a hierarchy of increasingly trusted zones. A common arrangement involves three zones of trust: the internal network; the DMZ (demilitarized zone); and the rest of the Internet.
other things. They are configured with a table of addresses that characterize the packets they will, and will not, forward. By addresses, we mean more than just the destinations IP address, although that is one possibility. Generally, each entry in the table is a 4-tuple: It gives the IP address and TCP (or UDP) port number for both the source and destination.