SlideShare ist ein Scribd-Unternehmen logo

Guide to protecting networks - Eric Vanderburg

Als PPTX, PDF herunterladen
Eric Vanderburg
Eric Vanderburg

Guide to protecting networks - Eric Vanderburg

Technologie
1 von 47
GUIDE TO PROTECTING NETWORKS ERIC VANDERBURG
OBJECTIVES 2 • Describe network security devices • Describe firewall technology • Describe intrusion detection systems • Describe honeypots
3 UNDERSTANDING NETWORK SECURITY DEVICES • Network security devices • Routers • Firewalls • Intrusion detection systems • Honeypots
4 UNDERSTANDING ROUTERS • Routers are hardware devices used on a network to send packets to different network segments • Operate at the network layer of the OSI model • Routing protocols used by routers • Link-state routing protocol • Router advertises link-state to identify network topology and any changes on paths • Distance-vector routing protocol • Router passes its routing table to all routers participating on the network
5 UNDERSTANDING BASIC HARDWARE ROUTERS • Cisco routers are widely used in the networking community • More than one million Cisco 2500 series routers are currently being used by companies around the world • Vulnerabilities exist in Cisco as they do in any operating system • Security professionals must consider these vulnerabilities when conducting a security test
6 CISCO ROUTER COMPONENTS • A Cisco router uses the Cisco Internetwork Operating System (IOS) to function • Components • Random access memory (RAM) • Holds the router’s running configuration, routing tables, and buffers • If you turn off the router, the contents stored in RAM are wiped out • Nonvolatile RAM (NVRAM) • Holds the router’s configuration file, but the information is not lost if the router is turned off
7 CISCO ROUTER COMPONENTS (CONTINUED) • Components (continued) • Flash memory • Holds the IOS the router is using • Is rewritable memory, so you can upgrade the IOS • Read-only memory (ROM) • Contains a minimal version of the IOS used to boot the router if flash memory gets corrupted • Interfaces • Hardware connectivity points • Example: an Ethernet port is an interface that connects to a LAN
8 CISCO ROUTER CONFIGURATION • Configuration modes: • User mode • Administrator can perform basic troubleshooting tests and list information stored on the router • Router-name>, indicates that you are in user mode • Privileged mode • Administrator can perform full router configuration tasks • Router-name#, indicates that you are in privileged mode • By default, you are in user mode • Type “enable” or “en” to change to privileged mode
9 CISCO ROUTER CONFIGURATION (CONTINUED) • Once in privileged mode, you can change to two more configuration modes • Global configuration mode • Administrator can configure router settings that affect overall router operation • To use this mode, you enter the command config t at the Router-name# prompt • Router-name (config)# tells the user she is in global configuration mode
10 CISCO ROUTER CONFIGURATION (CONTINUED) • Once in privileged mode, you can change to two more configuration modes (continued) • Interface configuration mode • Administrator can configure an interface on the router • To use this mode, you enter global configuration mode first • Next, you enter the command for interface configuration mode and the interface name you want to configure • Router-name(config-if)# indicates you are in interface configuration mode
11 UNDERSTANDING ACCESS CONTROL LISTS • There are several types of access control lists • We will focus on IP access lists • IP access lists • Lists of IP addresses, subnets, or networks that are allowed or denied access through a router’s interface • Two different types of access lists on Cisco router • Standard IP access lists • Extended IP access lists
12 STANDARD IP ACCESS LISTS • Can restrict IP traffic entering or leaving a router’s interface based on source IP address • The syntax of a standard access list is as follows: access-list [list #] [permit|deny] [source address] [source wildcard mask] • [list #] is a number in the range of 1 to 99 • permit | deny] are keywords to permit or deny traffic • [source address] specifies the IP address of the source host • [source wildcard mask] signifies which bits of the source address are significant
13 STANDARD IP ACCESS LISTS (CONTINUED) • Example: access-list 1 deny 173.110.0.0 0.0.255.255 access-list permit any • A wildcard mask is similar to a subnet mask • Example: access-list 1 deny 10.10.1.112 0.0.0.0 • The 0s used after the IP address signify that every octet in the IP address must match the IP address being filtered • Another example: access-list 1 deny 192.168.10.0 0.0.0.255 access-list 1 permit any
14 STANDARD IP ACCESS LISTS (CONTINUED) • Cisco allows a shortcut for the mask 0.0.0.0 access-list 1 deny host 192.168.10.112 • Access lists always end with an implicit deny rule • To avoid this, you must add the “permit any” statement access-list 1 deny host 192.168.10.112 access-list 1 permit any • Steps for applying the access list to an interface • Enter global configuration mode • Create the access list • Enter interface configuration mode • Use the ip access-group command
15 STANDARD IP ACCESS LISTS (CONTINUED) • Example Router> en Password ****** Router# config t Router(config)# access-list 1 deny 172.16.5.0 0.0.0.255 Router(config)# access-list 1 permit any Router(config)# int e0 Router(config-if)# ip access-group 1 out Router(config-if) Ctrl+z [to save and exit global configuration mode] Router#
16 EXTENDED IP ACCESS LISTS • Allow packet filtering based on • Source IP address • Destination IP address • Protocol type • Application port number • Syntax for extended IP access lists access-list [list #] [permit|deny] [protocol] [source IP address] [source wildcard mask] [destination IP address] [destination wildcard mask] [operator] [port] [log] • [list #] is a number in the range of 100 to 199 • [permit | deny] are keywords to permit or deny traffic
17 EXTENDED IP ACCESS LISTS (CONTINUED) • Syntax for extended IP access lists (continued) • [protocol] can be IP, TCP, UDP, ICMP, and so on • [source IP address] is the IP address of the source • [source wildcard mask] determines significant bits of source IP address • [destination IP address] is the IP address of the destination • [destination wildcard mask] determines significant bits of destination IP address • [operator] can be lt, gt, eq, or neq
18 EXTENDED IP ACCESS LISTS (CONTINUED) • Syntax for extended IP access lists (continued) • [port] port number of the protocol to be filtered • [log] logs all activity of the access list for the administrator • Example: access-list 100 deny tcp host 172.16.1.112 host 172.30.1.100 eq www
19 EXTENDED IP ACCESS LISTS (CONTINUED) • Applying an access list to an interface Router> en Password ****** Router# config t Router(config)# access-list 100 deny tcp host 172.16.1.112 host 172.30.1.100 Router(config)# access-list 100 permit any Router(config)# int e0 Router(config-if)# ip access-group 100 in Router(config-if) Ctrl+z Router#
20 UNDERSTANDING FIREWALLS • Firewalls are hardware devices or software installed on a system and have two purposes • Controlling access to all traffic that enters an internal network • Controlling all traffic that leaves an internal network • Advantages of hardware firewalls • They are usually faster than software firewalls • They can handle a larger throughput than software firewalls
21 UNDERSTANDING FIREWALLS (CONTINUED) • Disadvantage of hardware firewalls • You are locked into the firewall’s hardware • Advantage of software firewalls • You can easily add NICs to the server running the firewall software • Disadvantage of software firewalls • You might have to worry about configuration problems • They rely on the OS on which they are running
22 UNDERSTANDING FIREWALL TECHNOLOGY • Firewall technologies • Network address translation (NAT) • Access control lists • Packet filtering • Stateful packet inspection (SPI)
NETWORK ADDRESS TRANSLATION (NAT) • The most basic security feature of a firewall • With NAT, internal private IP addresses are mapped to public external IP addresses 23 • Hiding the internal infrastructure • Port Address Translation (PAT) • Technology derived from NAT • This allows thousands of internal IP addresses to be mapped to one external IP address
ACCESS CONTROL LISTS • Access lists are used to filter traffic based on source IP address, destination IP address, and ports or services • Firewalls also use this technology • Creating access control lists in a firewall is a similar process to creating them in a router 24
PACKET FILTERING 25 • Packet filters screen packets based on information contained in the packet header • Protocol type • IP address • TCP/UDP port
STATEFUL PACKET INSPECTION (SPI) 26 • Stateful packet filters record session-specific information about a network connection • Create a state table • Can help reduce port scans that rely on spoofing or sending packets after a three-way handshake • Stateful packet filters recognize types of anomalies that most routers ignore • Stateless packet filters handle each packet on an individual basis • Spoofing or DoS attacks are more prevalent
IMPLEMENTING A FIREWALL • Placing a firewall between a company’s internal network and the Internet is dangerous 27 • It leaves the company open to attack if a hacker compromises the firewall • Use a demilitarized zone instead
DEMILITARIZED ZONE (DMZ) • DMZ is a small network containing resources available to Internet users 28 • Helps maintain security on the company’s internal network • Sits between the Internet and the internal network • It is sometimes referred to as a “perimeter network”
UNDERSTANDING THE PRIVATE INTERNET EXCHANGE (PIX) FIREWALL • Cisco PIX firewall 29 • One of the most popular firewalls on the market
CONFIGURATION OF THE PIX FIREWALL • Working with a PIX firewall is similar to working with any other Cisco router • Login prompt 30 If you are not authorized to be in this XYZ Hawaii network device, log out immediately! User Access Verification Password: • This banner serves a legal purpose • General prompt example: Type help or '?' for a list of available commands. xyz>
CONFIGURATION OF THE PIX FIREWALL (CONTINUED) • You should enter privileged mode to configure the PIX firewall • To enter configuration mode in PIX, you use the same command as on a Cisco router 31 xyz# configure terminal xyz(config)# ? • Nameif is a PIX command to name an interface • PIX allows the administrator to assign values to an interface that designate its security level • Values can be from 0 to 100
CONFIGURATION OF THE PIX FIREWALL (CONTINUED) • Access lists 32 • PIX enables an administrator to use descriptive names for the access list instead of numbers • PIX also uses the implicit deny rule
UNDERSTANDING MICROSOFT ISA 33 • Microsoft’s software approach to firewalls • Microsoft Internet Security and Acceleration (ISA) Server • Functions as a software router, firewall, and IDS • ISA has the same functionality as any hardware router • Packet filtering to control incoming traffic • Application filtering through the examination of protocols • Intrusion detection filters • Access policies to control outgoing traffic
IP PACKET FILTERS 34 • ISA enables administrators to filter IP traffic based on the following: • Source and destination IP address • Network protocol, such as HTTP • Source port or destination port • ISA provides a GUI for these configurations • A network segment can be denied or allowed HTTP access in the Remote Computer tab
APPLICATION FILTERS • Can accept or deny data from specific applications or data containing specific content • SMTP filter can restrict 35 • E-mail with specific attachments • E-mail from a specific user or domain • E-mail containing specific keywords • SMTP commands • SMTP Filter Properties dialog box • Administrator can filter a specific e-mail attachment based on a rule he or she configures
APPLICATION FILTERS (CONTINUED) • Users/Domains tab in the SMTP Filter Properties dialog box 36 • Administrator can filter e-mail messages sent from a user or from specific domains • As a security professional, you might be asked to restrict e-mails containing certain keywords • SMTP Commands tab • Administrator can prevent a user from running SMTP commands
INTRUSION DETECTION FILTERS • Analyze all traffic for possible known intrusions 37 • DNS intrusion detection filter • POP intrusion detection filter • FTP Access filter • H.323 filter • HTTP Redirector filter • RPC filter • SMTP filter • SOCKSV4 filter • Streaming Media filter
ACCESS POLICIES • Allow administrators to control outgoing traffic • An access policy consists of the following 38 • Policy rules • Site and content rules • IP filter rules
UNDERSTANDING INTRUSION DETECTION SYSTEMS (IDSS) • Monitor network devices so that security administrators can identify attacks in progress and stop them • An IDS look at the traffic and compare it with known exploits 39 • Similar to virus software using a signature file to identify viruses • Types • Network-based IDSs • Host-based IDSs
NETWORK-BASED AND HOST-BASED IDSS • Network-based IDSs 40 • Monitor activity on network segments • They sniff traffic and alert a security administrator when something suspicious occurs • Host-based IDSs • Used to protect a critical network server or database server • The software is installed on the server you’re attempting to protect
NETWORK-BASED AND HOST-BASED IDSS (CONTINUED) • IDSs are categorized by how they react when they detect suspicious behavior 41 • Passive systems • Send out an alert and log the activity • Active systems • Log events and send out alerts • Can also interoperate with routers and firewalls
UNDERSTANDING HONEYPOTS • Honeypot 42 • Computer placed on the perimeter of a network • Contains information intended to lure and then trap hackers • Computer is configured to have vulnerabilities • Goal • Keep hackers connected long enough so they can be traced back
HOW THEY WORK 43 • A honeypot appears to have important data or sensitive information stored on it • Could store fake financial data that tempts hackers to attempt browsing through the data • Hackers will spend time attacking the honeypot • And stop looking for real vulnerabilities in the company’s network • Honeypots also enable security professionals to collect data on attackers • Honeypots are available commercially and through open-source avenues
HOW THEY WORK (CONTINUED) • Virtual honeypots 44 • Honeypots created using software solutions instead of hardware devices • Example: Honeyd
SUMMARY 45 • Security devices • Routers • Firewalls • IDSs • Routers use access lists to accept or deny traffic through their interfaces • Firewalls can be hardware devices or software installed on computer systems • Firewalls use NAT, IP filtering, and access control lists to filter incoming and outgoing network traffic
SUMMARY (CONTINUED) 46 • Firewall examples • Cisco PIX (hardware) • Microsoft ISA (software) • Stateful packet filters vs. stateless packet filters • PGP is a free public key encryption program to encrypt e-mail messages • Demilitarized zones (DMZs) • Add a layer of defense between the Internet and a company’s internal network
SUMMARY (CONTINUED) 47 • Intrusion detection systems (IDSs) • Network-based IDSs • Host-based IDSs • Passive IDSs vs. active IDSs • Honeypots

Empfohlen

Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccnaLakshan Perera
 
Cisco ACL
Cisco ACLCisco ACL
Cisco ACLfaust0
 
CCNA part 7 acl
CCNA part 7 aclCCNA part 7 acl
CCNA part 7 aclSandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Access control list 2
Access control list 2Access control list 2
Access control list 2Kishore Kumar
 
Access Control List 1
Access Control List 1Access Control List 1
Access Control List 1Kishore Kumar
 
Router security-configuration-guide-executive-summary
Router security-configuration-guide-executive-summaryRouter security-configuration-guide-executive-summary
Router security-configuration-guide-executive-summarymoonmanik
 
SFO15-200: Linux kernel generic TEE driver
SFO15-200: Linux kernel generic TEE driverSFO15-200: Linux kernel generic TEE driver
SFO15-200: Linux kernel generic TEE driverLinaro
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionLinaro
 

Empfohlen

Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccnaLakshan Perera
 
Cisco ACL
Cisco ACLCisco ACL
Cisco ACLfaust0
 
CCNA part 7 acl
CCNA part 7 aclCCNA part 7 acl
CCNA part 7 aclSandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Access control list 2
Access control list 2Access control list 2
Access control list 2Kishore Kumar
 
Access Control List 1
Access Control List 1Access Control List 1
Access Control List 1Kishore Kumar
 
Router security-configuration-guide-executive-summary
Router security-configuration-guide-executive-summaryRouter security-configuration-guide-executive-summary
Router security-configuration-guide-executive-summarymoonmanik
 
SFO15-200: Linux kernel generic TEE driver
SFO15-200: Linux kernel generic TEE driverSFO15-200: Linux kernel generic TEE driver
SFO15-200: Linux kernel generic TEE driverLinaro
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionLinaro
 
Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Linaro
 
[Wroclaw #3] Trusted Computing
[Wroclaw #3] Trusted Computing[Wroclaw #3] Trusted Computing
[Wroclaw #3] Trusted ComputingOWASP
 
Cisco Ios Suneet
Cisco Ios SuneetCisco Ios Suneet
Cisco Ios Suneetguest575e9c
 
Basic ip traffic management with access control lists
Basic ip traffic management with access control listsBasic ip traffic management with access control lists
Basic ip traffic management with access control listsSourabh Badve
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Shu Shin
 
LCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLinaro
 
List of usernames and passwords for Huawei routers
List of usernames and passwords for Huawei routersList of usernames and passwords for Huawei routers
List of usernames and passwords for Huawei routersHuanetwork
 
Meletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis MPhil/MRes/BSc
 
Deu datasheet rev_u
Deu datasheet rev_uDeu datasheet rev_u
Deu datasheet rev_uTrường Tiền
 
Meletis Belsis - IMS Security
Meletis Belsis - IMS SecurityMeletis Belsis - IMS Security
Meletis Belsis - IMS SecurityMeletis Belsis MPhil/MRes/BSc
 
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Linaro
 
LCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLinaro
 
Nat mikrotik
Nat mikrotikNat mikrotik
Nat mikrotiklouisraj
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Optimizing the Design and Implementation of KVM/ARM - SFO17-403Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Optimizing the Design and Implementation of KVM/ARM - SFO17-403Linaro
 
FortiWLC
FortiWLC FortiWLC
FortiWLC Ahmed Hashem El Fiky
 
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...The Linux Foundation
 
Telnet & SSH Configuration
Telnet & SSH ConfigurationTelnet & SSH Configuration
Telnet & SSH ConfigurationVinod Gour
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSHnussbauml
 
Firewall
FirewallFirewall
FirewallKunal Kumar
 
Pedagogia do Insucesso
Pedagogia do InsucessoPedagogia do Insucesso
Pedagogia do InsucessoRui Ventura
 
Tct one
Tct oneTct one
Tct onepeterlembert
 

Weitere ähnliche Inhalte

Was ist angesagt?

Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Linaro
 
[Wroclaw #3] Trusted Computing
[Wroclaw #3] Trusted Computing[Wroclaw #3] Trusted Computing
[Wroclaw #3] Trusted ComputingOWASP
 
Cisco Ios Suneet
Cisco Ios SuneetCisco Ios Suneet
Cisco Ios Suneetguest575e9c
 
Basic ip traffic management with access control lists
Basic ip traffic management with access control listsBasic ip traffic management with access control lists
Basic ip traffic management with access control listsSourabh Badve
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Shu Shin
 
LCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLinaro
 
List of usernames and passwords for Huawei routers
List of usernames and passwords for Huawei routersList of usernames and passwords for Huawei routers
List of usernames and passwords for Huawei routersHuanetwork
 
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Linaro
 
LCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLinaro
 
Nat mikrotik
Nat mikrotikNat mikrotik
Nat mikrotiklouisraj
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Optimizing the Design and Implementation of KVM/ARM - SFO17-403Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Optimizing the Design and Implementation of KVM/ARM - SFO17-403Linaro
 
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...The Linux Foundation
 
Telnet & SSH Configuration
Telnet & SSH ConfigurationTelnet & SSH Configuration
Telnet & SSH ConfigurationVinod Gour
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSHnussbauml
 

Was ist angesagt? (19)

Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8
 
[Wroclaw #3] Trusted Computing
[Wroclaw #3] Trusted Computing[Wroclaw #3] Trusted Computing
[Wroclaw #3] Trusted Computing
 
Cisco Ios Suneet
Cisco Ios SuneetCisco Ios Suneet
Cisco Ios Suneet
 
Basic ip traffic management with access control lists
Basic ip traffic management with access control listsBasic ip traffic management with access control lists
Basic ip traffic management with access control lists
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
 
LCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solution
 
List of usernames and passwords for Huawei routers
List of usernames and passwords for Huawei routersList of usernames and passwords for Huawei routers
List of usernames and passwords for Huawei routers
 
Meletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis - Voip security
Meletis Belsis - Voip security
 
Deu datasheet rev_u
Deu datasheet rev_uDeu datasheet rev_u
Deu datasheet rev_u
 
Meletis Belsis - IMS Security
Meletis Belsis - IMS SecurityMeletis Belsis - IMS Security
Meletis Belsis - IMS Security
 
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
 
LCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted Firmware
 
Nat mikrotik
Nat mikrotikNat mikrotik
Nat mikrotik
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
 
Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Optimizing the Design and Implementation of KVM/ARM - SFO17-403Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Optimizing the Design and Implementation of KVM/ARM - SFO17-403
 
FortiWLC
FortiWLC FortiWLC
FortiWLC
 
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
 
Telnet & SSH Configuration
Telnet & SSH ConfigurationTelnet & SSH Configuration
Telnet & SSH Configuration
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSH
 

Andere mochten auch

Pedagogia do Insucesso
Pedagogia do InsucessoPedagogia do Insucesso
Pedagogia do InsucessoRui Ventura
 
Mobile Security Basics
Mobile Security BasicsMobile Security Basics
Mobile Security Basicsanandraje
 
Cobi T Top Down Bottom Up
Cobi T Top Down Bottom UpCobi T Top Down Bottom Up
Cobi T Top Down Bottom UpDave Kohrell
 
Intelligence Discovery
Intelligence DiscoveryIntelligence Discovery
Intelligence Discoverytyler frieling
 
Information Security Lesson 3 - Basics - Eric Vanderburg
Information Security Lesson 3 - Basics - Eric VanderburgInformation Security Lesson 3 - Basics - Eric Vanderburg
Information Security Lesson 3 - Basics - Eric VanderburgEric Vanderburg
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30timmcguinness
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationAmandeep Kaur
 
Powerpoint Risk Assessment
Powerpoint Risk AssessmentPowerpoint Risk Assessment
Powerpoint Risk AssessmentSteve Bishop
 

Andere mochten auch (16)

Firewall
FirewallFirewall
Firewall
 
Pedagogia do Insucesso
Pedagogia do InsucessoPedagogia do Insucesso
Pedagogia do Insucesso
 
Tct one
Tct oneTct one
Tct one
 
Mobile Security Basics
Mobile Security BasicsMobile Security Basics
Mobile Security Basics
 
voice
voicevoice
voice
 
Cobi T Top Down Bottom Up
Cobi T Top Down Bottom UpCobi T Top Down Bottom Up
Cobi T Top Down Bottom Up
 
Intelligence Discovery
Intelligence DiscoveryIntelligence Discovery
Intelligence Discovery
 
Information Security Lesson 3 - Basics - Eric Vanderburg
Information Security Lesson 3 - Basics - Eric VanderburgInformation Security Lesson 3 - Basics - Eric Vanderburg
Information Security Lesson 3 - Basics - Eric Vanderburg
 
9780840024220 ppt ch04
9780840024220 ppt ch049780840024220 ppt ch04
9780840024220 ppt ch04
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
 
Firewalls
FirewallsFirewalls
Firewalls
 
Bottom up & top down tutorial 2
Bottom up & top down tutorial 2Bottom up & top down tutorial 2
Bottom up & top down tutorial 2
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Powerpoint Risk Assessment
Powerpoint Risk AssessmentPowerpoint Risk Assessment
Powerpoint Risk Assessment
 

Ähnlich wie Guide to protecting networks - Eric Vanderburg

CNIT 123: Ch 13: Network Protection Systems
CNIT 123: Ch 13: Network Protection SystemsCNIT 123: Ch 13: Network Protection Systems
CNIT 123: Ch 13: Network Protection SystemsSam Bowne
 
Ch 13: Network Protection Systems
Ch 13: Network Protection SystemsCh 13: Network Protection Systems
Ch 13: Network Protection SystemsSam Bowne
 
CCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentalsCCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentalsAhmed Habib
 
Linux firewall
Linux firewallLinux firewall
Linux firewallchanmyaeag
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6Waqas Ahmed Nawaz
 
MikroTik MTCNA
MikroTik MTCNAMikroTik MTCNA
MikroTik MTCNAAli Layth
 
501 ch 3 network technologies tools
501 ch 3 network technologies tools501 ch 3 network technologies tools
501 ch 3 network technologies toolsgocybersec
 
chapter 1 &2 RIPv1&2.ppt
chapter 1 &2 RIPv1&2.pptchapter 1 &2 RIPv1&2.ppt
chapter 1 &2 RIPv1&2.pptbirhanugebisa1
 
Securing management, control & data plane
Securing management, control & data planeSecuring management, control & data plane
Securing management, control & data planeNetProtocol Xpert
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11Waqas Ahmed Nawaz
 
ITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfThangDang53
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Pathshibaehed
 
Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1Joel W. King
 
presentation-140514125659-phpapp01.pdf
presentation-140514125659-phpapp01.pdfpresentation-140514125659-phpapp01.pdf
presentation-140514125659-phpapp01.pdfgebreyesusweldegebri2
 
Presentation CCNA
Presentation CCNAPresentation CCNA
Presentation CCNAwisdom PK
 
Routers and Routing Configuration
Routers and Routing ConfigurationRouters and Routing Configuration
Routers and Routing Configurationyasir1122
 

Ähnlich wie Guide to protecting networks - Eric Vanderburg (20)

CNIT 123: Ch 13: Network Protection Systems
CNIT 123: Ch 13: Network Protection SystemsCNIT 123: Ch 13: Network Protection Systems
CNIT 123: Ch 13: Network Protection Systems
 
Ch 13: Network Protection Systems
Ch 13: Network Protection SystemsCh 13: Network Protection Systems
Ch 13: Network Protection Systems
 
CCNA
CCNACCNA
CCNA
 
CCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentalsCCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentals
 
Linux firewall
Linux firewallLinux firewall
Linux firewall
 
Chapter 9
Chapter 9Chapter 9
Chapter 9
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
 
MikroTik MTCNA
MikroTik MTCNAMikroTik MTCNA
MikroTik MTCNA
 
501 ch 3 network technologies tools
501 ch 3 network technologies tools501 ch 3 network technologies tools
501 ch 3 network technologies tools
 
chapter 1 &2 RIPv1&2.ppt
chapter 1 &2 RIPv1&2.pptchapter 1 &2 RIPv1&2.ppt
chapter 1 &2 RIPv1&2.ppt
 
Securing management, control & data plane
Securing management, control & data planeSecuring management, control & data plane
Securing management, control & data plane
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
 
Router and routing
Router and routingRouter and routing
Router and routing
 
ITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdf
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths
 
Basic network training2
Basic network training2Basic network training2
Basic network training2
 
Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1
 
presentation-140514125659-phpapp01.pdf
presentation-140514125659-phpapp01.pdfpresentation-140514125659-phpapp01.pdf
presentation-140514125659-phpapp01.pdf
 
Presentation CCNA
Presentation CCNAPresentation CCNA
Presentation CCNA
 
Routers and Routing Configuration
Routers and Routing ConfigurationRouters and Routing Configuration
Routers and Routing Configuration
 

Mehr von Eric Vanderburg

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveEric Vanderburg
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgEric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityEric Vanderburg
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...Eric Vanderburg
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatEric Vanderburg
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEric Vanderburg
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology managementEric Vanderburg
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technologyEric Vanderburg
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEric Vanderburg
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challengesEric Vanderburg
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: RoboticsEric Vanderburg
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercisesEric Vanderburg
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemEric Vanderburg
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsEric Vanderburg
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgEric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgEric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgEric Vanderburg
 

Mehr von Eric Vanderburg (20)

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
 

Kürzlich hochgeladen

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 

Kürzlich hochgeladen (20)

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 

Guide to protecting networks - Eric Vanderburg

  • 1. GUIDE TO PROTECTING NETWORKS ERIC VANDERBURG
  • 2. OBJECTIVES 2 • Describe network security devices • Describe firewall technology • Describe intrusion detection systems • Describe honeypots
  • 3. 3 UNDERSTANDING NETWORK SECURITY DEVICES • Network security devices • Routers • Firewalls • Intrusion detection systems • Honeypots
  • 4. 4 UNDERSTANDING ROUTERS • Routers are hardware devices used on a network to send packets to different network segments • Operate at the network layer of the OSI model • Routing protocols used by routers • Link-state routing protocol • Router advertises link-state to identify network topology and any changes on paths • Distance-vector routing protocol • Router passes its routing table to all routers participating on the network
  • 5. 5 UNDERSTANDING BASIC HARDWARE ROUTERS • Cisco routers are widely used in the networking community • More than one million Cisco 2500 series routers are currently being used by companies around the world • Vulnerabilities exist in Cisco as they do in any operating system • Security professionals must consider these vulnerabilities when conducting a security test
  • 6. 6 CISCO ROUTER COMPONENTS • A Cisco router uses the Cisco Internetwork Operating System (IOS) to function • Components • Random access memory (RAM) • Holds the router’s running configuration, routing tables, and buffers • If you turn off the router, the contents stored in RAM are wiped out • Nonvolatile RAM (NVRAM) • Holds the router’s configuration file, but the information is not lost if the router is turned off
  • 7. 7 CISCO ROUTER COMPONENTS (CONTINUED) • Components (continued) • Flash memory • Holds the IOS the router is using • Is rewritable memory, so you can upgrade the IOS • Read-only memory (ROM) • Contains a minimal version of the IOS used to boot the router if flash memory gets corrupted • Interfaces • Hardware connectivity points • Example: an Ethernet port is an interface that connects to a LAN
  • 8. 8 CISCO ROUTER CONFIGURATION • Configuration modes: • User mode • Administrator can perform basic troubleshooting tests and list information stored on the router • Router-name>, indicates that you are in user mode • Privileged mode • Administrator can perform full router configuration tasks • Router-name#, indicates that you are in privileged mode • By default, you are in user mode • Type “enable” or “en” to change to privileged mode
  • 9. 9 CISCO ROUTER CONFIGURATION (CONTINUED) • Once in privileged mode, you can change to two more configuration modes • Global configuration mode • Administrator can configure router settings that affect overall router operation • To use this mode, you enter the command config t at the Router-name# prompt • Router-name (config)# tells the user she is in global configuration mode
  • 10. 10 CISCO ROUTER CONFIGURATION (CONTINUED) • Once in privileged mode, you can change to two more configuration modes (continued) • Interface configuration mode • Administrator can configure an interface on the router • To use this mode, you enter global configuration mode first • Next, you enter the command for interface configuration mode and the interface name you want to configure • Router-name(config-if)# indicates you are in interface configuration mode
  • 11. 11 UNDERSTANDING ACCESS CONTROL LISTS • There are several types of access control lists • We will focus on IP access lists • IP access lists • Lists of IP addresses, subnets, or networks that are allowed or denied access through a router’s interface • Two different types of access lists on Cisco router • Standard IP access lists • Extended IP access lists
  • 12. 12 STANDARD IP ACCESS LISTS • Can restrict IP traffic entering or leaving a router’s interface based on source IP address • The syntax of a standard access list is as follows: access-list [list #] [permit|deny] [source address] [source wildcard mask] • [list #] is a number in the range of 1 to 99 • permit | deny] are keywords to permit or deny traffic • [source address] specifies the IP address of the source host • [source wildcard mask] signifies which bits of the source address are significant
  • 13. 13 STANDARD IP ACCESS LISTS (CONTINUED) • Example: access-list 1 deny 173.110.0.0 0.0.255.255 access-list permit any • A wildcard mask is similar to a subnet mask • Example: access-list 1 deny 10.10.1.112 0.0.0.0 • The 0s used after the IP address signify that every octet in the IP address must match the IP address being filtered • Another example: access-list 1 deny 192.168.10.0 0.0.0.255 access-list 1 permit any
  • 14. 14 STANDARD IP ACCESS LISTS (CONTINUED) • Cisco allows a shortcut for the mask 0.0.0.0 access-list 1 deny host 192.168.10.112 • Access lists always end with an implicit deny rule • To avoid this, you must add the “permit any” statement access-list 1 deny host 192.168.10.112 access-list 1 permit any • Steps for applying the access list to an interface • Enter global configuration mode • Create the access list • Enter interface configuration mode • Use the ip access-group command
  • 15. 15 STANDARD IP ACCESS LISTS (CONTINUED) • Example Router> en Password ****** Router# config t Router(config)# access-list 1 deny 172.16.5.0 0.0.0.255 Router(config)# access-list 1 permit any Router(config)# int e0 Router(config-if)# ip access-group 1 out Router(config-if) Ctrl+z [to save and exit global configuration mode] Router#
  • 16. 16 EXTENDED IP ACCESS LISTS • Allow packet filtering based on • Source IP address • Destination IP address • Protocol type • Application port number • Syntax for extended IP access lists access-list [list #] [permit|deny] [protocol] [source IP address] [source wildcard mask] [destination IP address] [destination wildcard mask] [operator] [port] [log] • [list #] is a number in the range of 100 to 199 • [permit | deny] are keywords to permit or deny traffic
  • 17. 17 EXTENDED IP ACCESS LISTS (CONTINUED) • Syntax for extended IP access lists (continued) • [protocol] can be IP, TCP, UDP, ICMP, and so on • [source IP address] is the IP address of the source • [source wildcard mask] determines significant bits of source IP address • [destination IP address] is the IP address of the destination • [destination wildcard mask] determines significant bits of destination IP address • [operator] can be lt, gt, eq, or neq
  • 18. 18 EXTENDED IP ACCESS LISTS (CONTINUED) • Syntax for extended IP access lists (continued) • [port] port number of the protocol to be filtered • [log] logs all activity of the access list for the administrator • Example: access-list 100 deny tcp host 172.16.1.112 host 172.30.1.100 eq www
  • 19. 19 EXTENDED IP ACCESS LISTS (CONTINUED) • Applying an access list to an interface Router> en Password ****** Router# config t Router(config)# access-list 100 deny tcp host 172.16.1.112 host 172.30.1.100 Router(config)# access-list 100 permit any Router(config)# int e0 Router(config-if)# ip access-group 100 in Router(config-if) Ctrl+z Router#
  • 20. 20 UNDERSTANDING FIREWALLS • Firewalls are hardware devices or software installed on a system and have two purposes • Controlling access to all traffic that enters an internal network • Controlling all traffic that leaves an internal network • Advantages of hardware firewalls • They are usually faster than software firewalls • They can handle a larger throughput than software firewalls
  • 21. 21 UNDERSTANDING FIREWALLS (CONTINUED) • Disadvantage of hardware firewalls • You are locked into the firewall’s hardware • Advantage of software firewalls • You can easily add NICs to the server running the firewall software • Disadvantage of software firewalls • You might have to worry about configuration problems • They rely on the OS on which they are running
  • 22. 22 UNDERSTANDING FIREWALL TECHNOLOGY • Firewall technologies • Network address translation (NAT) • Access control lists • Packet filtering • Stateful packet inspection (SPI)
  • 23. NETWORK ADDRESS TRANSLATION (NAT) • The most basic security feature of a firewall • With NAT, internal private IP addresses are mapped to public external IP addresses 23 • Hiding the internal infrastructure • Port Address Translation (PAT) • Technology derived from NAT • This allows thousands of internal IP addresses to be mapped to one external IP address
  • 24. ACCESS CONTROL LISTS • Access lists are used to filter traffic based on source IP address, destination IP address, and ports or services • Firewalls also use this technology • Creating access control lists in a firewall is a similar process to creating them in a router 24
  • 25. PACKET FILTERING 25 • Packet filters screen packets based on information contained in the packet header • Protocol type • IP address • TCP/UDP port
  • 26. STATEFUL PACKET INSPECTION (SPI) 26 • Stateful packet filters record session-specific information about a network connection • Create a state table • Can help reduce port scans that rely on spoofing or sending packets after a three-way handshake • Stateful packet filters recognize types of anomalies that most routers ignore • Stateless packet filters handle each packet on an individual basis • Spoofing or DoS attacks are more prevalent
  • 27. IMPLEMENTING A FIREWALL • Placing a firewall between a company’s internal network and the Internet is dangerous 27 • It leaves the company open to attack if a hacker compromises the firewall • Use a demilitarized zone instead
  • 28. DEMILITARIZED ZONE (DMZ) • DMZ is a small network containing resources available to Internet users 28 • Helps maintain security on the company’s internal network • Sits between the Internet and the internal network • It is sometimes referred to as a “perimeter network”
  • 29. UNDERSTANDING THE PRIVATE INTERNET EXCHANGE (PIX) FIREWALL • Cisco PIX firewall 29 • One of the most popular firewalls on the market
  • 30. CONFIGURATION OF THE PIX FIREWALL • Working with a PIX firewall is similar to working with any other Cisco router • Login prompt 30 If you are not authorized to be in this XYZ Hawaii network device, log out immediately! User Access Verification Password: • This banner serves a legal purpose • General prompt example: Type help or '?' for a list of available commands. xyz>
  • 31. CONFIGURATION OF THE PIX FIREWALL (CONTINUED) • You should enter privileged mode to configure the PIX firewall • To enter configuration mode in PIX, you use the same command as on a Cisco router 31 xyz# configure terminal xyz(config)# ? • Nameif is a PIX command to name an interface • PIX allows the administrator to assign values to an interface that designate its security level • Values can be from 0 to 100
  • 32. CONFIGURATION OF THE PIX FIREWALL (CONTINUED) • Access lists 32 • PIX enables an administrator to use descriptive names for the access list instead of numbers • PIX also uses the implicit deny rule
  • 33. UNDERSTANDING MICROSOFT ISA 33 • Microsoft’s software approach to firewalls • Microsoft Internet Security and Acceleration (ISA) Server • Functions as a software router, firewall, and IDS • ISA has the same functionality as any hardware router • Packet filtering to control incoming traffic • Application filtering through the examination of protocols • Intrusion detection filters • Access policies to control outgoing traffic
  • 34. IP PACKET FILTERS 34 • ISA enables administrators to filter IP traffic based on the following: • Source and destination IP address • Network protocol, such as HTTP • Source port or destination port • ISA provides a GUI for these configurations • A network segment can be denied or allowed HTTP access in the Remote Computer tab
  • 35. APPLICATION FILTERS • Can accept or deny data from specific applications or data containing specific content • SMTP filter can restrict 35 • E-mail with specific attachments • E-mail from a specific user or domain • E-mail containing specific keywords • SMTP commands • SMTP Filter Properties dialog box • Administrator can filter a specific e-mail attachment based on a rule he or she configures
  • 36. APPLICATION FILTERS (CONTINUED) • Users/Domains tab in the SMTP Filter Properties dialog box 36 • Administrator can filter e-mail messages sent from a user or from specific domains • As a security professional, you might be asked to restrict e-mails containing certain keywords • SMTP Commands tab • Administrator can prevent a user from running SMTP commands
  • 37. INTRUSION DETECTION FILTERS • Analyze all traffic for possible known intrusions 37 • DNS intrusion detection filter • POP intrusion detection filter • FTP Access filter • H.323 filter • HTTP Redirector filter • RPC filter • SMTP filter • SOCKSV4 filter • Streaming Media filter
  • 38. ACCESS POLICIES • Allow administrators to control outgoing traffic • An access policy consists of the following 38 • Policy rules • Site and content rules • IP filter rules
  • 39. UNDERSTANDING INTRUSION DETECTION SYSTEMS (IDSS) • Monitor network devices so that security administrators can identify attacks in progress and stop them • An IDS look at the traffic and compare it with known exploits 39 • Similar to virus software using a signature file to identify viruses • Types • Network-based IDSs • Host-based IDSs
  • 40. NETWORK-BASED AND HOST-BASED IDSS • Network-based IDSs 40 • Monitor activity on network segments • They sniff traffic and alert a security administrator when something suspicious occurs • Host-based IDSs • Used to protect a critical network server or database server • The software is installed on the server you’re attempting to protect
  • 41. NETWORK-BASED AND HOST-BASED IDSS (CONTINUED) • IDSs are categorized by how they react when they detect suspicious behavior 41 • Passive systems • Send out an alert and log the activity • Active systems • Log events and send out alerts • Can also interoperate with routers and firewalls
  • 42. UNDERSTANDING HONEYPOTS • Honeypot 42 • Computer placed on the perimeter of a network • Contains information intended to lure and then trap hackers • Computer is configured to have vulnerabilities • Goal • Keep hackers connected long enough so they can be traced back
  • 43. HOW THEY WORK 43 • A honeypot appears to have important data or sensitive information stored on it • Could store fake financial data that tempts hackers to attempt browsing through the data • Hackers will spend time attacking the honeypot • And stop looking for real vulnerabilities in the company’s network • Honeypots also enable security professionals to collect data on attackers • Honeypots are available commercially and through open-source avenues
  • 44. HOW THEY WORK (CONTINUED) • Virtual honeypots 44 • Honeypots created using software solutions instead of hardware devices • Example: Honeyd
  • 45. SUMMARY 45 • Security devices • Routers • Firewalls • IDSs • Routers use access lists to accept or deny traffic through their interfaces • Firewalls can be hardware devices or software installed on computer systems • Firewalls use NAT, IP filtering, and access control lists to filter incoming and outgoing network traffic
  • 46. SUMMARY (CONTINUED) 46 • Firewall examples • Cisco PIX (hardware) • Microsoft ISA (software) • Stateful packet filters vs. stateless packet filters • PGP is a free public key encryption program to encrypt e-mail messages • Demilitarized zones (DMZs) • Add a layer of defense between the Internet and a company’s internal network
  • 47. SUMMARY (CONTINUED) 47 • Intrusion detection systems (IDSs) • Network-based IDSs • Host-based IDSs • Passive IDSs vs. active IDSs • Honeypots