Docstoc

Networks

Document Sample
Networks Powered By Docstoc
					                                                                            Overview

                                                             • Firewalls

     Where do the dangers lie?
                                                             • Wired Networks
           How do you protect yourself?
                   Is your piece of cyberspace secure?       • Wireless Networks

                Networks
           Be Cyber Savvy with C-SAFE                                                                 2




                 Due Diligence                                              Firewalls

Installing a network in your home is a practice
in due diligence:
    – Do your homework
    – Read all the manuals
    – Check all the defaults



                                                         3           Be Cyber Savvy with C-SAFE




                      Firewalls                                              Firewalls
 Hardware or software, used to protect a network               • A firewall is software or hardware
             from unwelcome traffic
                                                               • Enforces an access control policy
                                                                 between two networks

                                                               • Determines which services can be
                                                                 accessed from the outside and
                                                                 vice versa

                                                         5                                            6




                                                                                                          1
        Purpose of a Firewall                      Firewalls are good in preventing…

• Designed to block hackers
• Screens outgoing traffic to limit Internet use
                                                    Intrusions and Denial of Service attacks
• Hides information about the network so that
  it seems that all the traffic originates from
  the firewall rather than the network
  (hardware)

                                              7                                                8




       Firewalls are NOT good in
                                                    More Points About Firewalls
             preventing…

                                                          • Swiss cheese rules
      Viruses, worms, and Trojan horses
           introduced through e-mail                      • Hardware configuration

                                                          • Operate at the boundaries




                                              9                                                10




                   “Ping”                                    Firewall Activity

  A utility to determine whether a specific
computer is accessible … it sends a signal to
  a specified address and waits for a reply

         Designed for troubleshooting
            Internet connections



                                              11                                               12




                                                                                                    2
             IP Address

    Similar to the street address on your
     house, it identifies the location of a
    computer or device on a network; an
   IP address is written as four numbers
            separated by periods



                                              13   http://centralops.net/co/   14




                                              15                               16




      Who You Gonna’ Call?

• In this instance you will want to call
  Speakeasy and find out if they are running
  diagnostic tests on your system

• If you find that they are not you should
  report the activity to your local law
  enforcement agency

                                              17                               18




                                                                                    3
     Firewall Vendors                          Final Note on Firewalls

     Zone Alarm                           Connecting your new PC to the Internet
     BlackICE Defender                    without using a firewall … is like leaving
     McAfee Personal Firewall             the keys in the ignition of your new,
     Norton Personal Firewall             unlocked, sporty convertible – if you're
                                          lucky nothing will happen, but it's risky.
     Tiny Personal Firewall
                                                              –McAfee Security


                                     19                                            20




                                                   Wired Networks




                                     21          Be Cyber Savvy with C-SAFE




  Local Area Network
         (LAN)                               Components of a Network

 A small network of interconnected              1. Internet service provider
computers in a home or business is                 (ISP)
    usually referred to as a LAN                2. Router
                                                3. Network interface cards
  A LAN can comprise as few as two                 (NICs)
    computers in a home or small
                                                4. Ethernet cable
  business or as many as hundreds
       in a larger organization.

                                     23                                            24




                                                                                        4
                                                     Network Interface Card
                  Router
                                                             (NIC)
  This device hooks multiple computers to
                                                   This device allows your computer to accept
  one Internet connection by sending data
                                                     the information from your router when
    between the Internet and the correct
                                                      connected through an Ethernet cable
                 computer
                                                   You will need one NIC for each computer
Consumer level routers have built in fire-
                                                   that you want to add to your network
walls and support more than one computer


                                              25                                                 26




            Ethernet Cable                         Steps to Protect Your Network

The cable used to connect the computers to
the router, it is slightly thicker than a phone      •   Establish strong network passwords
    cord but transfers data much faster              •   Use a router with a built-in firewall
                                                     •   Enable your router’s logging function
                                                     •   Maintain up-to-date firewall firmware




                                              27                                                 28




                 Beware                                            Wireless



 If one computer on your system is
  compromised, they are all at risk!




                                              29            Be Cyber Savvy with C-SAFE




                                                                                                      5
      Wireless LAN (WLAN)                            Wireless Access Point (AP)

 A WLAN is a Local Area Network without              A base unit used in a WLAN through which
    physical interconnecting wires that               wireless devices connect to the Internet
    communicates using radio waves
                                                        Many APs also contain hardware
         WLAN can make traditional                      routers which can be used to protect
         security measures obsolete                     the wired network in your home.


                                                31                                                     32




            Mobile Devices                                802.11x Technology

                                                      This is the industry standard specification
          • Laptops                                                for wireless design
          • Personal Digital Assistants
                                                      • 802.11b – The oldest standard, most widely
            (PDAs)                                      used
          • Tablet PCs
                                                      • 802.11g – Faster transfer, becoming more
          • Mobile Phones
                                                        widely used in the US


                                                33                                                     34




                                                     Wired Equivalent Privacy
                Encryption                                   (WEP)

Changing the data into a form unreadable by           WEP is used to promote confidentiality by
 anyone without a secret decryption key to           preventing eavesdropping and modification
keep the information from being intercepted                through unauthorized access


       Encryption prevents intruders from              Default settings in wireless access points
      eavesdropping or “sniffing” the traffic          turn encryption off, so you will need to read
     that is sent over your wireless network           your manual to learn how to turn it on

                                                35                                                     36




                                                                                                            6
     Wi-Fi Protected Access                            Service Set Identifier
             (WPA)                                            (SSID)

  This latest security standard for wireless         The name you choose for your wireless
connections improves on and is expected to                         network
 replace the original Wi-Fi security standard
                                                    – Choosing a unique SSID and disabling the
   Some newer APs are being sold with WPA             broadcast mode adds an extra level of security
   installed, however many older APs offer a        – If your SSID is set to the default, that added
   firmware update that will install WPA              level of security fails


                                               37                                                 38




      MAC Address Filtering                             Wireless Vulnerabilities

• Each NIC has a unique identifier called a             •   Easy access
  Media Access Control or MAC Address
                                                        •   Cracking WEP keys
• Using the MAC address, wireless APs                   •   “Sniffing” WLAN Traffic
  can be set up to accept transmissions                 •   Unauthorized use of service
  only from specific NICs


                                               39                                                 40




               Wardriving                                        Warchalking


   Driving in a car with a laptop computer          A popular practice of using chalk marks to
equipped with a wireless network card to find        show the location of wireless networks
        unsecured wireless networks




                                               41                                                 42




                                                                                                       7
                  Symbols                                     Warspamming


                     If you notice these             By logging into an unprotected wireless
                     symbols near your                 network, spammers can send their
                     wireless network, it is          messages to millions of names while
                     likely that it has been           remaining completely anonymous
                     publicly identified



                                                43                                             44




       Securing Wireless LANs

•   Change default system ID and password
•   Don’t use a descriptive name for the SSID
•   Enable encryption
•   Use MAC address filtering
•   Locate APs in a central location



                                                45                                             46




            Lessons Learned

•   Networking is a practice in Due Diligence
•   Use of firewalls is essential
•   Firewalls will not stop everything
•   Change your defaults
•   Secure your wireless network


                                                47




                                                                                                    8

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:3
posted:12/5/2011
language:English
pages:8