Please enable JavaScript.
Coggle requires JavaScript to display documents.
Network Security 1 - Fundamentals (05 - Security Model for networks…
Network Security 1 - Fundamentals
01 - Information Security
terms & definitions
Security goals and objectives
Authentication
Confidentiality
Integrity
Non Repudiation (Zuodnungsbarkeit)
Availability
Risks
Vulnerabilities
Flaws
Attacks
Threats
Countermeasures
OSI Security Architecture X.800
Architecture
Access Control
Data Integrity
Data Confidentiality
Non Repudiation
Authentication
Meachnisms - procedure or tool for enforcing policy
Pervasive
Trusted Functionality
Security labels
event detection
security audit trails
security recover
Specific
access controls
digital signatures
encipherment
data integrity
authentication exchange
traffic padding
routing control
notarization
Policy
a statement of what is, and what is not allowed
Attacks
passive
Eavsdropping
Message Interception
Attack Confidentiality
Traffic Analysis
active
Manipulation, Replaying
Changing meassages of others
Impersonation
Authenticity Attack
Repudiation
lying
Denial of Service
Attacks Availabilty
man-in-the-middle
Integrity attack
Enabling Network Security
Cryptography
symmetric
public
Message Authentication and Integrity
User Authentication
Confidentiality
02 - Networking
Layers
Physical (PHY)
data link (MAC)
Network (NET)
transport (Trans)
Application - Presentation - Session (APP)
protocol
communication between same layer entities
rules for syntax (format) and semantics (contents)
service
communication between adjacent layers
multiple of primitives/operations/functions
03 - Network Layer
Internetprotocol IPv4
why internet layer?
make a bigegr network
global adressing
why single internet protocoll
maximize interoperability
minimize number of service interfaces
Many add-ons
IPsec
mobile IP
NAT
problems
transparecy has gone
ARP - Spoofing
IP Spoofing
inject TCP Segments
DNS Cache Posiining
Internetprotocols
Layer 5
SMTP
HTTP
FTP
TELNET
Layer 4
TCP
UDP
Layer 3
IP
ICMP
ARP
Layer 2
LLC
MAC
Layer 1
Ethernet
04 - Reconnaissance: Take an Attackers view before thinking about defenses
Robin Hood Hacker
in principle Penetration tester without the permission but inrforms owner afterwards
Registrars
whois
dns
why public?
can inform if owner are under attack
defense
keep to a minimum public data (only necessary)
active scans
network mapping
ping sweeps - live hosts
port scans - live services
traceroute / pathping
defense
filter / firewalls
close unused ports
scan own system
Intrusion detections
05 - Security Model for networks
Attackers?
Insider
Organized Crime
Nation State Attacker (NSA)
Just for fun
political activist
white-hat
black-hat
Malware
Virus
user interaction
Worm
no user, scanning
Trojan Horse
hidden, part of other software
Bad-guys can:
attack servers and infrastructure
DoS
Vulnerability Attack
Bandwith flooding
Connection flooding
sniff packets
masquerade
man-in-the-middle
sniff, inject, delete, modify
Trustworhty System
Specificatoin
Design
Implementation
Assurance
Security Protocols
Layer 3
IPSec
NLSP
Layer 4
SSL
TLS
SSH
Layer 2
PPTP
L2TP
WEP
WPA
WPA2
Layer 5
SHTTP
S/Mime
PGP
DNSsec
Layer 1
Synchronous Link