Networks by pengxiuhui



                                                             • Firewalls

     Where do the dangers lie?
                                                             • Wired Networks
           How do you protect yourself?
                   Is your piece of cyberspace secure?       • Wireless Networks

           Be Cyber Savvy with C-SAFE                                                                 2

                 Due Diligence                                              Firewalls

Installing a network in your home is a practice
in due diligence:
    – Do your homework
    – Read all the manuals
    – Check all the defaults

                                                         3           Be Cyber Savvy with C-SAFE

                      Firewalls                                              Firewalls
 Hardware or software, used to protect a network               • A firewall is software or hardware
             from unwelcome traffic
                                                               • Enforces an access control policy
                                                                 between two networks

                                                               • Determines which services can be
                                                                 accessed from the outside and
                                                                 vice versa

                                                         5                                            6

        Purpose of a Firewall                      Firewalls are good in preventing…

• Designed to block hackers
• Screens outgoing traffic to limit Internet use
                                                    Intrusions and Denial of Service attacks
• Hides information about the network so that
  it seems that all the traffic originates from
  the firewall rather than the network

                                              7                                                8

       Firewalls are NOT good in
                                                    More Points About Firewalls

                                                          • Swiss cheese rules
      Viruses, worms, and Trojan horses
           introduced through e-mail                      • Hardware configuration

                                                          • Operate at the boundaries

                                              9                                                10

                   “Ping”                                    Firewall Activity

  A utility to determine whether a specific
computer is accessible … it sends a signal to
  a specified address and waits for a reply

         Designed for troubleshooting
            Internet connections

                                              11                                               12

             IP Address

    Similar to the street address on your
     house, it identifies the location of a
    computer or device on a network; an
   IP address is written as four numbers
            separated by periods

                                              13   14

                                              15                               16

      Who You Gonna’ Call?

• In this instance you will want to call
  Speakeasy and find out if they are running
  diagnostic tests on your system

• If you find that they are not you should
  report the activity to your local law
  enforcement agency

                                              17                               18

     Firewall Vendors                          Final Note on Firewalls

     Zone Alarm                           Connecting your new PC to the Internet
     BlackICE Defender                    without using a firewall … is like leaving
     McAfee Personal Firewall             the keys in the ignition of your new,
     Norton Personal Firewall             unlocked, sporty convertible – if you're
                                          lucky nothing will happen, but it's risky.
     Tiny Personal Firewall
                                                              –McAfee Security

                                     19                                            20

                                                   Wired Networks

                                     21          Be Cyber Savvy with C-SAFE

  Local Area Network
         (LAN)                               Components of a Network

 A small network of interconnected              1. Internet service provider
computers in a home or business is                 (ISP)
    usually referred to as a LAN                2. Router
                                                3. Network interface cards
  A LAN can comprise as few as two                 (NICs)
    computers in a home or small
                                                4. Ethernet cable
  business or as many as hundreds
       in a larger organization.

                                     23                                            24

                                                     Network Interface Card
  This device hooks multiple computers to
                                                   This device allows your computer to accept
  one Internet connection by sending data
                                                     the information from your router when
    between the Internet and the correct
                                                      connected through an Ethernet cable
                                                   You will need one NIC for each computer
Consumer level routers have built in fire-
                                                   that you want to add to your network
walls and support more than one computer

                                              25                                                 26

            Ethernet Cable                         Steps to Protect Your Network

The cable used to connect the computers to
the router, it is slightly thicker than a phone      •   Establish strong network passwords
    cord but transfers data much faster              •   Use a router with a built-in firewall
                                                     •   Enable your router’s logging function
                                                     •   Maintain up-to-date firewall firmware

                                              27                                                 28

                 Beware                                            Wireless

 If one computer on your system is
  compromised, they are all at risk!

                                              29            Be Cyber Savvy with C-SAFE

      Wireless LAN (WLAN)                            Wireless Access Point (AP)

 A WLAN is a Local Area Network without              A base unit used in a WLAN through which
    physical interconnecting wires that               wireless devices connect to the Internet
    communicates using radio waves
                                                        Many APs also contain hardware
         WLAN can make traditional                      routers which can be used to protect
         security measures obsolete                     the wired network in your home.

                                                31                                                     32

            Mobile Devices                                802.11x Technology

                                                      This is the industry standard specification
          • Laptops                                                for wireless design
          • Personal Digital Assistants
                                                      • 802.11b – The oldest standard, most widely
            (PDAs)                                      used
          • Tablet PCs
                                                      • 802.11g – Faster transfer, becoming more
          • Mobile Phones
                                                        widely used in the US

                                                33                                                     34

                                                     Wired Equivalent Privacy
                Encryption                                   (WEP)

Changing the data into a form unreadable by           WEP is used to promote confidentiality by
 anyone without a secret decryption key to           preventing eavesdropping and modification
keep the information from being intercepted                through unauthorized access

       Encryption prevents intruders from              Default settings in wireless access points
      eavesdropping or “sniffing” the traffic          turn encryption off, so you will need to read
     that is sent over your wireless network           your manual to learn how to turn it on

                                                35                                                     36

     Wi-Fi Protected Access                            Service Set Identifier
             (WPA)                                            (SSID)

  This latest security standard for wireless         The name you choose for your wireless
connections improves on and is expected to                         network
 replace the original Wi-Fi security standard
                                                    – Choosing a unique SSID and disabling the
   Some newer APs are being sold with WPA             broadcast mode adds an extra level of security
   installed, however many older APs offer a        – If your SSID is set to the default, that added
   firmware update that will install WPA              level of security fails

                                               37                                                 38

      MAC Address Filtering                             Wireless Vulnerabilities

• Each NIC has a unique identifier called a             •   Easy access
  Media Access Control or MAC Address
                                                        •   Cracking WEP keys
• Using the MAC address, wireless APs                   •   “Sniffing” WLAN Traffic
  can be set up to accept transmissions                 •   Unauthorized use of service
  only from specific NICs

                                               39                                                 40

               Wardriving                                        Warchalking

   Driving in a car with a laptop computer          A popular practice of using chalk marks to
equipped with a wireless network card to find        show the location of wireless networks
        unsecured wireless networks

                                               41                                                 42

                  Symbols                                     Warspamming

                     If you notice these             By logging into an unprotected wireless
                     symbols near your                 network, spammers can send their
                     wireless network, it is          messages to millions of names while
                     likely that it has been           remaining completely anonymous
                     publicly identified

                                                43                                             44

       Securing Wireless LANs

•   Change default system ID and password
•   Don’t use a descriptive name for the SSID
•   Enable encryption
•   Use MAC address filtering
•   Locate APs in a central location

                                                45                                             46

            Lessons Learned

•   Networking is a practice in Due Diligence
•   Use of firewalls is essential
•   Firewalls will not stop everything
•   Change your defaults
•   Secure your wireless network



To top