INTRODUCTION TO NETWORK SECURITY
INTRODUCTION TO NETWORK SECURITY
SECURITY ORGANIZATIONS ROLES
-The CERT Coordination Center (CERT/CC) is a reporting center for Internet security issues
-The CERT/CC is located at the Software Engineering Institute (SEI) operated by Carnegie Mellon University.
-The United States Computer Emergency Readiness Team (US-CERT) is a partnership between the Department of Homeland Security and the public and private sectors
US-CERT is responsible for the following
-Analyzing and reducing cyber threats and vulnerabilities
-Disseminating cyber threat warning information
-Coordinating incident-response activities
-The SysAdmin, Audit, Network, Security (SANS) Institute was established in 1989 as a cooperative research and education organizatio
-The International Information Systems Security Certification Consortium, Inc. (ISC2) is a nonprofit organization that maintains a collection of industry best practices for information security.
-The Common Criteria is an international standard for evaluating IT security
-Although there are seven security levels defined for the Common Criteria evaluation process, Evaluation Assurance Level 4 (EAL4) is the highest universal evaluation level implemented under the Common Criteria today
-The Federal Information Processing Standard (FIPS) 140 is a U.S. and Canadian government standard
-FIPS 140 has four levels of assurance: Level 1 is the lowest, and Level 4 is the most stringent
-ICSA Labs tests firewalls against a standard set of functional and assurance criteria elements
-ICSA Labs is presently testing firewalls and VPN devices on security measures
NETWORK SECURITY TRENDS:
-The increasing use of wireless LAN connections and the rapid rise of internet access from cell phones in Europe and Asia.
THE NEED FOR SPEED
-The number of broadband connections to the Internet from homes is exceeding projections.
IT STAFFING SHORTAGES
-To solve this problem, many enterprises are increasingly outsorcing day-to-day security management tasks.
-Code for practice for information security standard that is published by the International Organization for Standardization(ISO) and the International Electrotechnical Commision (IEC).
The authorization of access to data in a network.
Controlled by the network administrator.
NETWORK SECURITY IS NEEDED TO
Prevent unauthorized access to the network
-Hackers or corporate competitors
- Potential risk to network security:
THREAT ANALYSIS OF NETWORK SECURITY
-To identify the resources used in network for various applications.
2.Vulnerability Assessment .
-The process of identifying the vulnerabilities in the system .
-To identify a threat in the system .
1.Open Security Model :
-easiest to implement
-simple password becomes the foundation of this model .
2.Restrictive Security Model:
-more difficult to implement .
-firewalls become the foundation of this model
3.Closed Security Mode
-most difficult to implement
-all available security measures are implement in this design
MALAYSIAN CYBER LAW
COMPUTER CRIMES ACT 1997
-Gives protection against the misuse of the computers and criminal activities such as unauthorised use of programmes, illegal transmission of data and hacking or cracking of computer system and network.
DIGITAL SIGNATURE ACT 1997
-An identify verification standard that uses encrypted code consists of the user's name and all the parts of the messages
TELEMEDICINE ACT 1997
-Ensures that only qualified medical practitioners can practice telemedicine ( their patient's rights and interests are protected.)
COMMUNICATION AND MULTIMEDIA ACT 1998
-Ensures that information is secure, the network is reliable and the service is affordable all over Malaysia.
CAUSE OF SUCCESSFUL ATTACK
Lack of basic password security
Lack of basic firewall port blocking
Lack of updating
Email and news
Remote access to hosts
Real time conferencing services
Accidental Data Loss
Insecure architectures( misconfigured network)
Broadcast network( using hardware without implement protection)
Centralized Servers(can allow access to the entire networks
Categories (Data Disclosure, Data Modification ,Data Availability)
Activities (Hacking, Cracking, Spoofing, Sniffing)
METHODS OF ATTACKS
Improper input validation
Daniel of service
Exploiting physical access
Virus,worms and trojans