SlideShare a Scribd company logo

Guide to protecting networks - Eric Vanderburg

Download as PPTX, PDF
Eric Vanderburg
Eric Vanderburg

The document provides an overview of various network security devices and concepts. It describes routers and how they use access control lists to filter network traffic. It also explains firewalls, how they can be implemented as hardware or software, and the technologies they use including network address translation, packet filtering, and access control lists. Finally, it covers intrusion detection systems, the differences between network-based and host-based IDS, and how honeypots are used to detect attackers on a network.

Technology
1 of 47
GUIDE TO PROTECTING NETWORKS ERIC VANDERBURG
OBJECTIVES 2 • Describe network security devices • Describe firewall technology • Describe intrusion detection systems • Describe honeypots
3 UNDERSTANDING NETWORK SECURITY DEVICES • Network security devices • Routers • Firewalls • Intrusion detection systems • Honeypots
4 UNDERSTANDING ROUTERS • Routers are hardware devices used on a network to send packets to different network segments • Operate at the network layer of the OSI model • Routing protocols used by routers • Link-state routing protocol • Router advertises link-state to identify network topology and any changes on paths • Distance-vector routing protocol • Router passes its routing table to all routers participating on the network
5 UNDERSTANDING BASIC HARDWARE ROUTERS • Cisco routers are widely used in the networking community • More than one million Cisco 2500 series routers are currently being used by companies around the world • Vulnerabilities exist in Cisco as they do in any operating system • Security professionals must consider these vulnerabilities when conducting a security test
6 CISCO ROUTER COMPONENTS • A Cisco router uses the Cisco Internetwork Operating System (IOS) to function • Components • Random access memory (RAM) • Holds the router’s running configuration, routing tables, and buffers • If you turn off the router, the contents stored in RAM are wiped out • Nonvolatile RAM (NVRAM) • Holds the router’s configuration file, but the information is not lost if the router is turned off
7 CISCO ROUTER COMPONENTS (CONTINUED) • Components (continued) • Flash memory • Holds the IOS the router is using • Is rewritable memory, so you can upgrade the IOS • Read-only memory (ROM) • Contains a minimal version of the IOS used to boot the router if flash memory gets corrupted • Interfaces • Hardware connectivity points • Example: an Ethernet port is an interface that connects to a LAN
8 CISCO ROUTER CONFIGURATION • Configuration modes: • User mode • Administrator can perform basic troubleshooting tests and list information stored on the router • Router-name>, indicates that you are in user mode • Privileged mode • Administrator can perform full router configuration tasks • Router-name#, indicates that you are in privileged mode • By default, you are in user mode • Type “enable” or “en” to change to privileged mode
9 CISCO ROUTER CONFIGURATION (CONTINUED) • Once in privileged mode, you can change to two more configuration modes • Global configuration mode • Administrator can configure router settings that affect overall router operation • To use this mode, you enter the command config t at the Router-name# prompt • Router-name (config)# tells the user she is in global configuration mode
10 CISCO ROUTER CONFIGURATION (CONTINUED) • Once in privileged mode, you can change to two more configuration modes (continued) • Interface configuration mode • Administrator can configure an interface on the router • To use this mode, you enter global configuration mode first • Next, you enter the command for interface configuration mode and the interface name you want to configure • Router-name(config-if)# indicates you are in interface configuration mode
11 UNDERSTANDING ACCESS CONTROL LISTS • There are several types of access control lists • We will focus on IP access lists • IP access lists • Lists of IP addresses, subnets, or networks that are allowed or denied access through a router’s interface • Two different types of access lists on Cisco router • Standard IP access lists • Extended IP access lists
12 STANDARD IP ACCESS LISTS • Can restrict IP traffic entering or leaving a router’s interface based on source IP address • The syntax of a standard access list is as follows: access-list [list #] [permit|deny] [source address] [source wildcard mask] • [list #] is a number in the range of 1 to 99 • permit | deny] are keywords to permit or deny traffic • [source address] specifies the IP address of the source host • [source wildcard mask] signifies which bits of the source address are significant
13 STANDARD IP ACCESS LISTS (CONTINUED) • Example: access-list 1 deny 173.110.0.0 0.0.255.255 access-list permit any • A wildcard mask is similar to a subnet mask • Example: access-list 1 deny 10.10.1.112 0.0.0.0 • The 0s used after the IP address signify that every octet in the IP address must match the IP address being filtered • Another example: access-list 1 deny 192.168.10.0 0.0.0.255 access-list 1 permit any
14 STANDARD IP ACCESS LISTS (CONTINUED) • Cisco allows a shortcut for the mask 0.0.0.0 access-list 1 deny host 192.168.10.112 • Access lists always end with an implicit deny rule • To avoid this, you must add the “permit any” statement access-list 1 deny host 192.168.10.112 access-list 1 permit any • Steps for applying the access list to an interface • Enter global configuration mode • Create the access list • Enter interface configuration mode • Use the ip access-group command
15 STANDARD IP ACCESS LISTS (CONTINUED) • Example Router> en Password ****** Router# config t Router(config)# access-list 1 deny 172.16.5.0 0.0.0.255 Router(config)# access-list 1 permit any Router(config)# int e0 Router(config-if)# ip access-group 1 out Router(config-if) Ctrl+z [to save and exit global configuration mode] Router#
16 EXTENDED IP ACCESS LISTS • Allow packet filtering based on • Source IP address • Destination IP address • Protocol type • Application port number • Syntax for extended IP access lists access-list [list #] [permit|deny] [protocol] [source IP address] [source wildcard mask] [destination IP address] [destination wildcard mask] [operator] [port] [log] • [list #] is a number in the range of 100 to 199 • [permit | deny] are keywords to permit or deny traffic
17 EXTENDED IP ACCESS LISTS (CONTINUED) • Syntax for extended IP access lists (continued) • [protocol] can be IP, TCP, UDP, ICMP, and so on • [source IP address] is the IP address of the source • [source wildcard mask] determines significant bits of source IP address • [destination IP address] is the IP address of the destination • [destination wildcard mask] determines significant bits of destination IP address • [operator] can be lt, gt, eq, or neq
18 EXTENDED IP ACCESS LISTS (CONTINUED) • Syntax for extended IP access lists (continued) • [port] port number of the protocol to be filtered • [log] logs all activity of the access list for the administrator • Example: access-list 100 deny tcp host 172.16.1.112 host 172.30.1.100 eq www
19 EXTENDED IP ACCESS LISTS (CONTINUED) • Applying an access list to an interface Router> en Password ****** Router# config t Router(config)# access-list 100 deny tcp host 172.16.1.112 host 172.30.1.100 Router(config)# access-list 100 permit any Router(config)# int e0 Router(config-if)# ip access-group 100 in Router(config-if) Ctrl+z Router#
20 UNDERSTANDING FIREWALLS • Firewalls are hardware devices or software installed on a system and have two purposes • Controlling access to all traffic that enters an internal network • Controlling all traffic that leaves an internal network • Advantages of hardware firewalls • They are usually faster than software firewalls • They can handle a larger throughput than software firewalls
21 UNDERSTANDING FIREWALLS (CONTINUED) • Disadvantage of hardware firewalls • You are locked into the firewall’s hardware • Advantage of software firewalls • You can easily add NICs to the server running the firewall software • Disadvantage of software firewalls • You might have to worry about configuration problems • They rely on the OS on which they are running
22 UNDERSTANDING FIREWALL TECHNOLOGY • Firewall technologies • Network address translation (NAT) • Access control lists • Packet filtering • Stateful packet inspection (SPI)
NETWORK ADDRESS TRANSLATION (NAT) • The most basic security feature of a firewall • With NAT, internal private IP addresses are mapped to public external IP addresses 23 • Hiding the internal infrastructure • Port Address Translation (PAT) • Technology derived from NAT • This allows thousands of internal IP addresses to be mapped to one external IP address
ACCESS CONTROL LISTS • Access lists are used to filter traffic based on source IP address, destination IP address, and ports or services • Firewalls also use this technology • Creating access control lists in a firewall is a similar process to creating them in a router 24
PACKET FILTERING 25 • Packet filters screen packets based on information contained in the packet header • Protocol type • IP address • TCP/UDP port
STATEFUL PACKET INSPECTION (SPI) 26 • Stateful packet filters record session-specific information about a network connection • Create a state table • Can help reduce port scans that rely on spoofing or sending packets after a three-way handshake • Stateful packet filters recognize types of anomalies that most routers ignore • Stateless packet filters handle each packet on an individual basis • Spoofing or DoS attacks are more prevalent
IMPLEMENTING A FIREWALL • Placing a firewall between a company’s internal network and the Internet is dangerous 27 • It leaves the company open to attack if a hacker compromises the firewall • Use a demilitarized zone instead
DEMILITARIZED ZONE (DMZ) • DMZ is a small network containing resources available to Internet users 28 • Helps maintain security on the company’s internal network • Sits between the Internet and the internal network • It is sometimes referred to as a “perimeter network”
UNDERSTANDING THE PRIVATE INTERNET EXCHANGE (PIX) FIREWALL • Cisco PIX firewall 29 • One of the most popular firewalls on the market
CONFIGURATION OF THE PIX FIREWALL • Working with a PIX firewall is similar to working with any other Cisco router • Login prompt 30 If you are not authorized to be in this XYZ Hawaii network device, log out immediately! User Access Verification Password: • This banner serves a legal purpose • General prompt example: Type help or '?' for a list of available commands. xyz>
CONFIGURATION OF THE PIX FIREWALL (CONTINUED) • You should enter privileged mode to configure the PIX firewall • To enter configuration mode in PIX, you use the same command as on a Cisco router 31 xyz# configure terminal xyz(config)# ? • Nameif is a PIX command to name an interface • PIX allows the administrator to assign values to an interface that designate its security level • Values can be from 0 to 100
CONFIGURATION OF THE PIX FIREWALL (CONTINUED) • Access lists 32 • PIX enables an administrator to use descriptive names for the access list instead of numbers • PIX also uses the implicit deny rule
UNDERSTANDING MICROSOFT ISA 33 • Microsoft’s software approach to firewalls • Microsoft Internet Security and Acceleration (ISA) Server • Functions as a software router, firewall, and IDS • ISA has the same functionality as any hardware router • Packet filtering to control incoming traffic • Application filtering through the examination of protocols • Intrusion detection filters • Access policies to control outgoing traffic
IP PACKET FILTERS 34 • ISA enables administrators to filter IP traffic based on the following: • Source and destination IP address • Network protocol, such as HTTP • Source port or destination port • ISA provides a GUI for these configurations • A network segment can be denied or allowed HTTP access in the Remote Computer tab
APPLICATION FILTERS • Can accept or deny data from specific applications or data containing specific content • SMTP filter can restrict 35 • E-mail with specific attachments • E-mail from a specific user or domain • E-mail containing specific keywords • SMTP commands • SMTP Filter Properties dialog box • Administrator can filter a specific e-mail attachment based on a rule he or she configures
APPLICATION FILTERS (CONTINUED) • Users/Domains tab in the SMTP Filter Properties dialog box 36 • Administrator can filter e-mail messages sent from a user or from specific domains • As a security professional, you might be asked to restrict e-mails containing certain keywords • SMTP Commands tab • Administrator can prevent a user from running SMTP commands
INTRUSION DETECTION FILTERS • Analyze all traffic for possible known intrusions 37 • DNS intrusion detection filter • POP intrusion detection filter • FTP Access filter • H.323 filter • HTTP Redirector filter • RPC filter • SMTP filter • SOCKSV4 filter • Streaming Media filter
ACCESS POLICIES • Allow administrators to control outgoing traffic • An access policy consists of the following 38 • Policy rules • Site and content rules • IP filter rules
UNDERSTANDING INTRUSION DETECTION SYSTEMS (IDSS) • Monitor network devices so that security administrators can identify attacks in progress and stop them • An IDS look at the traffic and compare it with known exploits 39 • Similar to virus software using a signature file to identify viruses • Types • Network-based IDSs • Host-based IDSs
NETWORK-BASED AND HOST-BASED IDSS • Network-based IDSs 40 • Monitor activity on network segments • They sniff traffic and alert a security administrator when something suspicious occurs • Host-based IDSs • Used to protect a critical network server or database server • The software is installed on the server you’re attempting to protect
NETWORK-BASED AND HOST-BASED IDSS (CONTINUED) • IDSs are categorized by how they react when they detect suspicious behavior 41 • Passive systems • Send out an alert and log the activity • Active systems • Log events and send out alerts • Can also interoperate with routers and firewalls
UNDERSTANDING HONEYPOTS • Honeypot 42 • Computer placed on the perimeter of a network • Contains information intended to lure and then trap hackers • Computer is configured to have vulnerabilities • Goal • Keep hackers connected long enough so they can be traced back
HOW THEY WORK 43 • A honeypot appears to have important data or sensitive information stored on it • Could store fake financial data that tempts hackers to attempt browsing through the data • Hackers will spend time attacking the honeypot • And stop looking for real vulnerabilities in the company’s network • Honeypots also enable security professionals to collect data on attackers • Honeypots are available commercially and through open-source avenues
HOW THEY WORK (CONTINUED) • Virtual honeypots 44 • Honeypots created using software solutions instead of hardware devices • Example: Honeyd
SUMMARY 45 • Security devices • Routers • Firewalls • IDSs • Routers use access lists to accept or deny traffic through their interfaces • Firewalls can be hardware devices or software installed on computer systems • Firewalls use NAT, IP filtering, and access control lists to filter incoming and outgoing network traffic
SUMMARY (CONTINUED) 46 • Firewall examples • Cisco PIX (hardware) • Microsoft ISA (software) • Stateful packet filters vs. stateless packet filters • PGP is a free public key encryption program to encrypt e-mail messages • Demilitarized zones (DMZs) • Add a layer of defense between the Internet and a company’s internal network
SUMMARY (CONTINUED) 47 • Intrusion detection systems (IDSs) • Network-based IDSs • Host-based IDSs • Passive IDSs vs. active IDSs • Honeypots

Recommended

Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccnaLakshan Perera
 
Cisco ACL
Cisco ACLCisco ACL
Cisco ACL
faust0
 
CCNA part 7 acl
CCNA part 7 aclCCNA part 7 acl
CCNA part 7 acl
Sandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Access control list 2
Access control list 2Access control list 2
Access control list 2Kishore Kumar
 
Access Control List 1
Access Control List 1Access Control List 1
Access Control List 1
Kishore Kumar
 
Router security-configuration-guide-executive-summary
Router security-configuration-guide-executive-summaryRouter security-configuration-guide-executive-summary
Router security-configuration-guide-executive-summary
moonmanik
 
SFO15-200: Linux kernel generic TEE driver
SFO15-200: Linux kernel generic TEE driverSFO15-200: Linux kernel generic TEE driver
SFO15-200: Linux kernel generic TEE driver
Linaro
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: Introduction
Linaro
 

Recommended

Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccnaLakshan Perera
 
Cisco ACL
Cisco ACLCisco ACL
Cisco ACL
faust0
 
CCNA part 7 acl
CCNA part 7 aclCCNA part 7 acl
CCNA part 7 acl
Sandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Access control list 2
Access control list 2Access control list 2
Access control list 2Kishore Kumar
 
Access Control List 1
Access Control List 1Access Control List 1
Access Control List 1
Kishore Kumar
 
Router security-configuration-guide-executive-summary
Router security-configuration-guide-executive-summaryRouter security-configuration-guide-executive-summary
Router security-configuration-guide-executive-summary
moonmanik
 
SFO15-200: Linux kernel generic TEE driver
SFO15-200: Linux kernel generic TEE driverSFO15-200: Linux kernel generic TEE driver
SFO15-200: Linux kernel generic TEE driver
Linaro
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: Introduction
Linaro
 
Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8
Linaro
 
[Wroclaw #3] Trusted Computing
[Wroclaw #3] Trusted Computing[Wroclaw #3] Trusted Computing
[Wroclaw #3] Trusted Computing
OWASP
 
Cisco Ios Suneet
Cisco Ios SuneetCisco Ios Suneet
Cisco Ios Suneet
guest575e9c
 
Basic ip traffic management with access control lists
Basic ip traffic management with access control listsBasic ip traffic management with access control lists
Basic ip traffic management with access control lists
Sourabh Badve
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Shu Shin
 
LCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solution
Linaro
 
List of usernames and passwords for Huawei routers
List of usernames and passwords for Huawei routersList of usernames and passwords for Huawei routers
List of usernames and passwords for Huawei routers
Huanetwork
 
Meletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis - Voip security
Meletis Belsis - Voip security
Meletis Belsis MPhil/MRes/BSc
 
Deu datasheet rev_u
Deu datasheet rev_uDeu datasheet rev_u
Deu datasheet rev_uTrường Tiền
 
Meletis Belsis - IMS Security
Meletis Belsis - IMS SecurityMeletis Belsis - IMS Security
Meletis Belsis - IMS Security
Meletis Belsis MPhil/MRes/BSc
 
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Linaro
 
LCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted Firmware
Linaro
 
Nat mikrotik
Nat mikrotikNat mikrotik
Nat mikrotik
louisraj
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Optimizing the Design and Implementation of KVM/ARM - SFO17-403Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Linaro
 
FortiWLC
FortiWLC FortiWLC
FortiWLC
Ahmed Hashem El Fiky
 
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
The Linux Foundation
 
Telnet & SSH Configuration
Telnet & SSH ConfigurationTelnet & SSH Configuration
Telnet & SSH Configuration
Vinod Gour
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSH
nussbauml
 
Firewall
FirewallFirewall
Firewall
Kunal Kumar
 
Pedagogia do Insucesso
Pedagogia do InsucessoPedagogia do Insucesso
Pedagogia do Insucesso
Rui Ventura
 
Tct one
Tct oneTct one
Tct onepeterlembert
 

More Related Content

What's hot

Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8
Linaro
 
[Wroclaw #3] Trusted Computing
[Wroclaw #3] Trusted Computing[Wroclaw #3] Trusted Computing
[Wroclaw #3] Trusted Computing
OWASP
 
Cisco Ios Suneet
Cisco Ios SuneetCisco Ios Suneet
Cisco Ios Suneet
guest575e9c
 
Basic ip traffic management with access control lists
Basic ip traffic management with access control listsBasic ip traffic management with access control lists
Basic ip traffic management with access control lists
Sourabh Badve
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Shu Shin
 
LCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solution
Linaro
 
List of usernames and passwords for Huawei routers
List of usernames and passwords for Huawei routersList of usernames and passwords for Huawei routers
List of usernames and passwords for Huawei routers
Huanetwork
 
Meletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis - Voip security
Meletis Belsis - Voip security
Meletis Belsis MPhil/MRes/BSc
 
Meletis Belsis - IMS Security
Meletis Belsis - IMS SecurityMeletis Belsis - IMS Security
Meletis Belsis - IMS Security
Meletis Belsis MPhil/MRes/BSc
 
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Linaro
 
LCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted Firmware
Linaro
 
Nat mikrotik
Nat mikrotikNat mikrotik
Nat mikrotik
louisraj
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Optimizing the Design and Implementation of KVM/ARM - SFO17-403Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Linaro
 
FortiWLC
FortiWLC FortiWLC
FortiWLC
Ahmed Hashem El Fiky
 
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
The Linux Foundation
 
Telnet & SSH Configuration
Telnet & SSH ConfigurationTelnet & SSH Configuration
Telnet & SSH Configuration
Vinod Gour
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSH
nussbauml
 

What's hot (19)

Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8Lcu14 107- op-tee on ar mv8
Lcu14 107- op-tee on ar mv8
 
[Wroclaw #3] Trusted Computing
[Wroclaw #3] Trusted Computing[Wroclaw #3] Trusted Computing
[Wroclaw #3] Trusted Computing
 
Cisco Ios Suneet
Cisco Ios SuneetCisco Ios Suneet
Cisco Ios Suneet
 
Basic ip traffic management with access control lists
Basic ip traffic management with access control listsBasic ip traffic management with access control lists
Basic ip traffic management with access control lists
 
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_Uccn1003 -may09_-_lect09_-_access_control_list_acl_
Uccn1003 -may09_-_lect09_-_access_control_list_acl_
 
LCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solution
 
List of usernames and passwords for Huawei routers
List of usernames and passwords for Huawei routersList of usernames and passwords for Huawei routers
List of usernames and passwords for Huawei routers
 
Meletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis - Voip security
Meletis Belsis - Voip security
 
Deu datasheet rev_u
Deu datasheet rev_uDeu datasheet rev_u
Deu datasheet rev_u
 
Meletis Belsis - IMS Security
Meletis Belsis - IMS SecurityMeletis Belsis - IMS Security
Meletis Belsis - IMS Security
 
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
 
LCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted Firmware
 
Nat mikrotik
Nat mikrotikNat mikrotik
Nat mikrotik
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
 
Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Optimizing the Design and Implementation of KVM/ARM - SFO17-403Optimizing the Design and Implementation of KVM/ARM - SFO17-403
Optimizing the Design and Implementation of KVM/ARM - SFO17-403
 
FortiWLC
FortiWLC FortiWLC
FortiWLC
 
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...
 
Telnet & SSH Configuration
Telnet & SSH ConfigurationTelnet & SSH Configuration
Telnet & SSH Configuration
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSH
 

Viewers also liked

Firewall
FirewallFirewall
Firewall
Kunal Kumar
 
Pedagogia do Insucesso
Pedagogia do InsucessoPedagogia do Insucesso
Pedagogia do Insucesso
Rui Ventura
 
Mobile Security Basics
Mobile Security BasicsMobile Security Basics
Mobile Security Basicsanandraje
 
Cobi T Top Down Bottom Up
Cobi T Top Down Bottom UpCobi T Top Down Bottom Up
Cobi T Top Down Bottom Up
Dave Kohrell
 
Intelligence Discovery
Intelligence DiscoveryIntelligence Discovery
Intelligence Discovery
tyler frieling
 
Information Security Lesson 3 - Basics - Eric Vanderburg
Information Security Lesson 3 - Basics - Eric VanderburgInformation Security Lesson 3 - Basics - Eric Vanderburg
Information Security Lesson 3 - Basics - Eric Vanderburg
Eric Vanderburg
 
9780840024220 ppt ch04
9780840024220 ppt ch049780840024220 ppt ch04
9780840024220 ppt ch04
Kristin Harrison
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
ajeet singh
 
Firewalls
FirewallsFirewalls
Firewalls
junaid15bsse
 
Bottom up & top down tutorial 2
Bottom up & top down tutorial 2Bottom up & top down tutorial 2
Bottom up & top down tutorial 2
Darshiny Rajasegaran
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30
timmcguinness
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationAmandeep Kaur
 
Powerpoint Risk Assessment
Powerpoint Risk AssessmentPowerpoint Risk Assessment
Powerpoint Risk Assessment
Steve Bishop
 

Viewers also liked (16)

Firewall
FirewallFirewall
Firewall
 
Pedagogia do Insucesso
Pedagogia do InsucessoPedagogia do Insucesso
Pedagogia do Insucesso
 
Tct one
Tct oneTct one
Tct one
 
Mobile Security Basics
Mobile Security BasicsMobile Security Basics
Mobile Security Basics
 
voice
voicevoice
voice
 
Cobi T Top Down Bottom Up
Cobi T Top Down Bottom UpCobi T Top Down Bottom Up
Cobi T Top Down Bottom Up
 
Intelligence Discovery
Intelligence DiscoveryIntelligence Discovery
Intelligence Discovery
 
Information Security Lesson 3 - Basics - Eric Vanderburg
Information Security Lesson 3 - Basics - Eric VanderburgInformation Security Lesson 3 - Basics - Eric Vanderburg
Information Security Lesson 3 - Basics - Eric Vanderburg
 
9780840024220 ppt ch04
9780840024220 ppt ch049780840024220 ppt ch04
9780840024220 ppt ch04
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementation
 
Firewalls
FirewallsFirewalls
Firewalls
 
Bottom up & top down tutorial 2
Bottom up & top down tutorial 2Bottom up & top down tutorial 2
Bottom up & top down tutorial 2
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Powerpoint Risk Assessment
Powerpoint Risk AssessmentPowerpoint Risk Assessment
Powerpoint Risk Assessment
 

Similar to Guide to protecting networks - Eric Vanderburg

CNIT 123: Ch 13: Network Protection Systems
CNIT 123: Ch 13: Network Protection SystemsCNIT 123: Ch 13: Network Protection Systems
CNIT 123: Ch 13: Network Protection Systems
Sam Bowne
 
Ch 13: Network Protection Systems
Ch 13: Network Protection SystemsCh 13: Network Protection Systems
Ch 13: Network Protection Systems
Sam Bowne
 
CCNA
CCNACCNA
CCNA
Abhishek Parihari
 
CCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentalsCCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentals
Ahmed Habib
 
Linux firewall
Linux firewallLinux firewall
Linux firewall
chanmyaeag
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
Waqas Ahmed Nawaz
 
MikroTik MTCNA
MikroTik MTCNAMikroTik MTCNA
MikroTik MTCNA
Ali Layth
 
501 ch 3 network technologies tools
501 ch 3 network technologies tools501 ch 3 network technologies tools
501 ch 3 network technologies tools
gocybersec
 
chapter 1 &2 RIPv1&2.ppt
chapter 1 &2 RIPv1&2.pptchapter 1 &2 RIPv1&2.ppt
chapter 1 &2 RIPv1&2.ppt
birhanugebisa1
 
Securing management, control & data plane
Securing management, control & data planeSecuring management, control & data plane
Securing management, control & data plane
NetProtocol Xpert
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
Waqas Ahmed Nawaz
 
Router and routing
Router and routingRouter and routing
Router and routing
Iran-Gul Mukhlis
 
ITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdf
ThangDang53
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths
hibaehed
 
Basic network training2
Basic network training2Basic network training2
Basic network training2
Arunchai Seangparch
 
Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1
Joel W. King
 
presentation-140514125659-phpapp01.pdf
presentation-140514125659-phpapp01.pdfpresentation-140514125659-phpapp01.pdf
presentation-140514125659-phpapp01.pdf
gebreyesusweldegebri2
 
Presentation CCNA
Presentation CCNAPresentation CCNA
Presentation CCNA
wisdom PK
 
Routers and Routing Configuration
Routers and Routing ConfigurationRouters and Routing Configuration
Routers and Routing Configuration
yasir1122
 

Similar to Guide to protecting networks - Eric Vanderburg (20)

CNIT 123: Ch 13: Network Protection Systems
CNIT 123: Ch 13: Network Protection SystemsCNIT 123: Ch 13: Network Protection Systems
CNIT 123: Ch 13: Network Protection Systems
 
Ch 13: Network Protection Systems
Ch 13: Network Protection SystemsCh 13: Network Protection Systems
Ch 13: Network Protection Systems
 
CCNA
CCNACCNA
CCNA
 
CCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentalsCCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentals
 
Linux firewall
Linux firewallLinux firewall
Linux firewall
 
Chapter 9
Chapter 9Chapter 9
Chapter 9
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
 
MikroTik MTCNA
MikroTik MTCNAMikroTik MTCNA
MikroTik MTCNA
 
501 ch 3 network technologies tools
501 ch 3 network technologies tools501 ch 3 network technologies tools
501 ch 3 network technologies tools
 
chapter 1 &2 RIPv1&2.ppt
chapter 1 &2 RIPv1&2.pptchapter 1 &2 RIPv1&2.ppt
chapter 1 &2 RIPv1&2.ppt
 
Securing management, control & data plane
Securing management, control & data planeSecuring management, control & data plane
Securing management, control & data plane
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
 
Router and routing
Router and routingRouter and routing
Router and routing
 
ITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdf
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths
 
Basic network training2
Basic network training2Basic network training2
Basic network training2
 
Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1
 
presentation-140514125659-phpapp01.pdf
presentation-140514125659-phpapp01.pdfpresentation-140514125659-phpapp01.pdf
presentation-140514125659-phpapp01.pdf
 
Presentation CCNA
Presentation CCNAPresentation CCNA
Presentation CCNA
 
Routers and Routing Configuration
Routers and Routing ConfigurationRouters and Routing Configuration
Routers and Routing Configuration
 

More from Eric Vanderburg

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
Eric Vanderburg
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
Eric Vanderburg
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Eric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Eric Vanderburg
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
Eric Vanderburg
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
Eric Vanderburg
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
Eric Vanderburg
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
Eric Vanderburg
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
Eric Vanderburg
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
Eric Vanderburg
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
Eric Vanderburg
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
Eric Vanderburg
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
Eric Vanderburg
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
Eric Vanderburg
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
Eric Vanderburg
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
Eric Vanderburg
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
Eric Vanderburg
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgEric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
Eric Vanderburg
 

More from Eric Vanderburg (20)

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
 

Recently uploaded

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Breaking the Ruby Performance Barrier with YJIT
Breaking the Ruby Performance Barrier with YJITBreaking the Ruby Performance Barrier with YJIT
Breaking the Ruby Performance Barrier with YJIT
maximechevalierboisv1
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 

Recently uploaded (20)

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Breaking the Ruby Performance Barrier with YJIT
Breaking the Ruby Performance Barrier with YJITBreaking the Ruby Performance Barrier with YJIT
Breaking the Ruby Performance Barrier with YJIT
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 

Guide to protecting networks - Eric Vanderburg

  • 1. GUIDE TO PROTECTING NETWORKS ERIC VANDERBURG
  • 2. OBJECTIVES 2 • Describe network security devices • Describe firewall technology • Describe intrusion detection systems • Describe honeypots
  • 3. 3 UNDERSTANDING NETWORK SECURITY DEVICES • Network security devices • Routers • Firewalls • Intrusion detection systems • Honeypots
  • 4. 4 UNDERSTANDING ROUTERS • Routers are hardware devices used on a network to send packets to different network segments • Operate at the network layer of the OSI model • Routing protocols used by routers • Link-state routing protocol • Router advertises link-state to identify network topology and any changes on paths • Distance-vector routing protocol • Router passes its routing table to all routers participating on the network
  • 5. 5 UNDERSTANDING BASIC HARDWARE ROUTERS • Cisco routers are widely used in the networking community • More than one million Cisco 2500 series routers are currently being used by companies around the world • Vulnerabilities exist in Cisco as they do in any operating system • Security professionals must consider these vulnerabilities when conducting a security test
  • 6. 6 CISCO ROUTER COMPONENTS • A Cisco router uses the Cisco Internetwork Operating System (IOS) to function • Components • Random access memory (RAM) • Holds the router’s running configuration, routing tables, and buffers • If you turn off the router, the contents stored in RAM are wiped out • Nonvolatile RAM (NVRAM) • Holds the router’s configuration file, but the information is not lost if the router is turned off
  • 7. 7 CISCO ROUTER COMPONENTS (CONTINUED) • Components (continued) • Flash memory • Holds the IOS the router is using • Is rewritable memory, so you can upgrade the IOS • Read-only memory (ROM) • Contains a minimal version of the IOS used to boot the router if flash memory gets corrupted • Interfaces • Hardware connectivity points • Example: an Ethernet port is an interface that connects to a LAN
  • 8. 8 CISCO ROUTER CONFIGURATION • Configuration modes: • User mode • Administrator can perform basic troubleshooting tests and list information stored on the router • Router-name>, indicates that you are in user mode • Privileged mode • Administrator can perform full router configuration tasks • Router-name#, indicates that you are in privileged mode • By default, you are in user mode • Type “enable” or “en” to change to privileged mode
  • 9. 9 CISCO ROUTER CONFIGURATION (CONTINUED) • Once in privileged mode, you can change to two more configuration modes • Global configuration mode • Administrator can configure router settings that affect overall router operation • To use this mode, you enter the command config t at the Router-name# prompt • Router-name (config)# tells the user she is in global configuration mode
  • 10. 10 CISCO ROUTER CONFIGURATION (CONTINUED) • Once in privileged mode, you can change to two more configuration modes (continued) • Interface configuration mode • Administrator can configure an interface on the router • To use this mode, you enter global configuration mode first • Next, you enter the command for interface configuration mode and the interface name you want to configure • Router-name(config-if)# indicates you are in interface configuration mode
  • 11. 11 UNDERSTANDING ACCESS CONTROL LISTS • There are several types of access control lists • We will focus on IP access lists • IP access lists • Lists of IP addresses, subnets, or networks that are allowed or denied access through a router’s interface • Two different types of access lists on Cisco router • Standard IP access lists • Extended IP access lists
  • 12. 12 STANDARD IP ACCESS LISTS • Can restrict IP traffic entering or leaving a router’s interface based on source IP address • The syntax of a standard access list is as follows: access-list [list #] [permit|deny] [source address] [source wildcard mask] • [list #] is a number in the range of 1 to 99 • permit | deny] are keywords to permit or deny traffic • [source address] specifies the IP address of the source host • [source wildcard mask] signifies which bits of the source address are significant
  • 13. 13 STANDARD IP ACCESS LISTS (CONTINUED) • Example: access-list 1 deny 173.110.0.0 0.0.255.255 access-list permit any • A wildcard mask is similar to a subnet mask • Example: access-list 1 deny 10.10.1.112 0.0.0.0 • The 0s used after the IP address signify that every octet in the IP address must match the IP address being filtered • Another example: access-list 1 deny 192.168.10.0 0.0.0.255 access-list 1 permit any
  • 14. 14 STANDARD IP ACCESS LISTS (CONTINUED) • Cisco allows a shortcut for the mask 0.0.0.0 access-list 1 deny host 192.168.10.112 • Access lists always end with an implicit deny rule • To avoid this, you must add the “permit any” statement access-list 1 deny host 192.168.10.112 access-list 1 permit any • Steps for applying the access list to an interface • Enter global configuration mode • Create the access list • Enter interface configuration mode • Use the ip access-group command
  • 15. 15 STANDARD IP ACCESS LISTS (CONTINUED) • Example Router> en Password ****** Router# config t Router(config)# access-list 1 deny 172.16.5.0 0.0.0.255 Router(config)# access-list 1 permit any Router(config)# int e0 Router(config-if)# ip access-group 1 out Router(config-if) Ctrl+z [to save and exit global configuration mode] Router#
  • 16. 16 EXTENDED IP ACCESS LISTS • Allow packet filtering based on • Source IP address • Destination IP address • Protocol type • Application port number • Syntax for extended IP access lists access-list [list #] [permit|deny] [protocol] [source IP address] [source wildcard mask] [destination IP address] [destination wildcard mask] [operator] [port] [log] • [list #] is a number in the range of 100 to 199 • [permit | deny] are keywords to permit or deny traffic
  • 17. 17 EXTENDED IP ACCESS LISTS (CONTINUED) • Syntax for extended IP access lists (continued) • [protocol] can be IP, TCP, UDP, ICMP, and so on • [source IP address] is the IP address of the source • [source wildcard mask] determines significant bits of source IP address • [destination IP address] is the IP address of the destination • [destination wildcard mask] determines significant bits of destination IP address • [operator] can be lt, gt, eq, or neq
  • 18. 18 EXTENDED IP ACCESS LISTS (CONTINUED) • Syntax for extended IP access lists (continued) • [port] port number of the protocol to be filtered • [log] logs all activity of the access list for the administrator • Example: access-list 100 deny tcp host 172.16.1.112 host 172.30.1.100 eq www
  • 19. 19 EXTENDED IP ACCESS LISTS (CONTINUED) • Applying an access list to an interface Router> en Password ****** Router# config t Router(config)# access-list 100 deny tcp host 172.16.1.112 host 172.30.1.100 Router(config)# access-list 100 permit any Router(config)# int e0 Router(config-if)# ip access-group 100 in Router(config-if) Ctrl+z Router#
  • 20. 20 UNDERSTANDING FIREWALLS • Firewalls are hardware devices or software installed on a system and have two purposes • Controlling access to all traffic that enters an internal network • Controlling all traffic that leaves an internal network • Advantages of hardware firewalls • They are usually faster than software firewalls • They can handle a larger throughput than software firewalls
  • 21. 21 UNDERSTANDING FIREWALLS (CONTINUED) • Disadvantage of hardware firewalls • You are locked into the firewall’s hardware • Advantage of software firewalls • You can easily add NICs to the server running the firewall software • Disadvantage of software firewalls • You might have to worry about configuration problems • They rely on the OS on which they are running
  • 22. 22 UNDERSTANDING FIREWALL TECHNOLOGY • Firewall technologies • Network address translation (NAT) • Access control lists • Packet filtering • Stateful packet inspection (SPI)
  • 23. NETWORK ADDRESS TRANSLATION (NAT) • The most basic security feature of a firewall • With NAT, internal private IP addresses are mapped to public external IP addresses 23 • Hiding the internal infrastructure • Port Address Translation (PAT) • Technology derived from NAT • This allows thousands of internal IP addresses to be mapped to one external IP address
  • 24. ACCESS CONTROL LISTS • Access lists are used to filter traffic based on source IP address, destination IP address, and ports or services • Firewalls also use this technology • Creating access control lists in a firewall is a similar process to creating them in a router 24
  • 25. PACKET FILTERING 25 • Packet filters screen packets based on information contained in the packet header • Protocol type • IP address • TCP/UDP port
  • 26. STATEFUL PACKET INSPECTION (SPI) 26 • Stateful packet filters record session-specific information about a network connection • Create a state table • Can help reduce port scans that rely on spoofing or sending packets after a three-way handshake • Stateful packet filters recognize types of anomalies that most routers ignore • Stateless packet filters handle each packet on an individual basis • Spoofing or DoS attacks are more prevalent
  • 27. IMPLEMENTING A FIREWALL • Placing a firewall between a company’s internal network and the Internet is dangerous 27 • It leaves the company open to attack if a hacker compromises the firewall • Use a demilitarized zone instead
  • 28. DEMILITARIZED ZONE (DMZ) • DMZ is a small network containing resources available to Internet users 28 • Helps maintain security on the company’s internal network • Sits between the Internet and the internal network • It is sometimes referred to as a “perimeter network”
  • 29. UNDERSTANDING THE PRIVATE INTERNET EXCHANGE (PIX) FIREWALL • Cisco PIX firewall 29 • One of the most popular firewalls on the market
  • 30. CONFIGURATION OF THE PIX FIREWALL • Working with a PIX firewall is similar to working with any other Cisco router • Login prompt 30 If you are not authorized to be in this XYZ Hawaii network device, log out immediately! User Access Verification Password: • This banner serves a legal purpose • General prompt example: Type help or '?' for a list of available commands. xyz>
  • 31. CONFIGURATION OF THE PIX FIREWALL (CONTINUED) • You should enter privileged mode to configure the PIX firewall • To enter configuration mode in PIX, you use the same command as on a Cisco router 31 xyz# configure terminal xyz(config)# ? • Nameif is a PIX command to name an interface • PIX allows the administrator to assign values to an interface that designate its security level • Values can be from 0 to 100
  • 32. CONFIGURATION OF THE PIX FIREWALL (CONTINUED) • Access lists 32 • PIX enables an administrator to use descriptive names for the access list instead of numbers • PIX also uses the implicit deny rule
  • 33. UNDERSTANDING MICROSOFT ISA 33 • Microsoft’s software approach to firewalls • Microsoft Internet Security and Acceleration (ISA) Server • Functions as a software router, firewall, and IDS • ISA has the same functionality as any hardware router • Packet filtering to control incoming traffic • Application filtering through the examination of protocols • Intrusion detection filters • Access policies to control outgoing traffic
  • 34. IP PACKET FILTERS 34 • ISA enables administrators to filter IP traffic based on the following: • Source and destination IP address • Network protocol, such as HTTP • Source port or destination port • ISA provides a GUI for these configurations • A network segment can be denied or allowed HTTP access in the Remote Computer tab
  • 35. APPLICATION FILTERS • Can accept or deny data from specific applications or data containing specific content • SMTP filter can restrict 35 • E-mail with specific attachments • E-mail from a specific user or domain • E-mail containing specific keywords • SMTP commands • SMTP Filter Properties dialog box • Administrator can filter a specific e-mail attachment based on a rule he or she configures
  • 36. APPLICATION FILTERS (CONTINUED) • Users/Domains tab in the SMTP Filter Properties dialog box 36 • Administrator can filter e-mail messages sent from a user or from specific domains • As a security professional, you might be asked to restrict e-mails containing certain keywords • SMTP Commands tab • Administrator can prevent a user from running SMTP commands
  • 37. INTRUSION DETECTION FILTERS • Analyze all traffic for possible known intrusions 37 • DNS intrusion detection filter • POP intrusion detection filter • FTP Access filter • H.323 filter • HTTP Redirector filter • RPC filter • SMTP filter • SOCKSV4 filter • Streaming Media filter
  • 38. ACCESS POLICIES • Allow administrators to control outgoing traffic • An access policy consists of the following 38 • Policy rules • Site and content rules • IP filter rules
  • 39. UNDERSTANDING INTRUSION DETECTION SYSTEMS (IDSS) • Monitor network devices so that security administrators can identify attacks in progress and stop them • An IDS look at the traffic and compare it with known exploits 39 • Similar to virus software using a signature file to identify viruses • Types • Network-based IDSs • Host-based IDSs
  • 40. NETWORK-BASED AND HOST-BASED IDSS • Network-based IDSs 40 • Monitor activity on network segments • They sniff traffic and alert a security administrator when something suspicious occurs • Host-based IDSs • Used to protect a critical network server or database server • The software is installed on the server you’re attempting to protect
  • 41. NETWORK-BASED AND HOST-BASED IDSS (CONTINUED) • IDSs are categorized by how they react when they detect suspicious behavior 41 • Passive systems • Send out an alert and log the activity • Active systems • Log events and send out alerts • Can also interoperate with routers and firewalls
  • 42. UNDERSTANDING HONEYPOTS • Honeypot 42 • Computer placed on the perimeter of a network • Contains information intended to lure and then trap hackers • Computer is configured to have vulnerabilities • Goal • Keep hackers connected long enough so they can be traced back
  • 43. HOW THEY WORK 43 • A honeypot appears to have important data or sensitive information stored on it • Could store fake financial data that tempts hackers to attempt browsing through the data • Hackers will spend time attacking the honeypot • And stop looking for real vulnerabilities in the company’s network • Honeypots also enable security professionals to collect data on attackers • Honeypots are available commercially and through open-source avenues
  • 44. HOW THEY WORK (CONTINUED) • Virtual honeypots 44 • Honeypots created using software solutions instead of hardware devices • Example: Honeyd
  • 45. SUMMARY 45 • Security devices • Routers • Firewalls • IDSs • Routers use access lists to accept or deny traffic through their interfaces • Firewalls can be hardware devices or software installed on computer systems • Firewalls use NAT, IP filtering, and access control lists to filter incoming and outgoing network traffic
  • 46. SUMMARY (CONTINUED) 46 • Firewall examples • Cisco PIX (hardware) • Microsoft ISA (software) • Stateful packet filters vs. stateless packet filters • PGP is a free public key encryption program to encrypt e-mail messages • Demilitarized zones (DMZs) • Add a layer of defense between the Internet and a company’s internal network
  • 47. SUMMARY (CONTINUED) 47 • Intrusion detection systems (IDSs) • Network-based IDSs • Host-based IDSs • Passive IDSs vs. active IDSs • Honeypots