2512 - Network Security

Document Sample
2512 - Network Security Powered By Docstoc
					Network Security
 Learning Objectives:
By the end of this topic you should be able to:

• explain methods of combating ICT crime by
  protecting ICT systems
            Network Security
• networked computers are prone to security problems:
            Network Security
• networked computers are prone to security problems:
   – hacking (unauthorised access)
            Network Security
• networked computers are prone to security problems:
   – hacking (unauthorised access)
   – viruses
            Network Security
• networked computers are prone to security problems:
   – hacking (unauthorised access)
   – viruses
   – spyware
            Network Security
Preventative measures:
• Physical Security
             Network Security
Preventative measures:
• Physical Security
  – lock the computer up
             Network Security
Preventative measures:
• Physical Security
  – lock the computer up
  – entry measure to get into building
             Network Security
Preventative measures:
• Physical Security
  – lock the computer up
  – entry measure to get into building
  – no floppy/CD/DVD drives or USB ports (for memory sticks)
              Network Security
Preventative measures:
• Physical Security
  – lock the computer up
  – entry measure to get into building
  – no floppy/CD/DVD drives or USB ports (for memory sticks)
     • can’t copy data off the system
              Network Security
Preventative measures:
• Physical Security
  – lock the computer up
  – entry measure to get into building
  – no floppy/CD/DVD drives or USB ports (for memory sticks)
     • can’t copy data off the system
  – position the screen so that data can’t be read from the screen
     • by the public
              Network Security
Preventative measures:
• Physical Security
  – lock the computer up
  – entry measure to get into building
  – no floppy/CD/DVD drives or USB ports (for memory sticks)
     • can’t copy data off the system
  – position the screen so that data can’t be read from the screen
     • by the public
  – biometric security:
                Network Security
Preventative measures:
• Physical Security
  – lock the computer up
  – entry measure to get into building
  – no floppy/CD/DVD drives or USB ports (for memory sticks)
     • can’t copy data off the system
  – position the screen so that data can’t be read from the screen
     • by the public
  – biometric security:
     •   fingerprint scanner
     •   iris scanner
     •   voice recognition
     •   face recognition
            Network Security
Preventative measures:

• Logical Security
            Network Security
Preventative measures:

• Logical Security
  – user ID & password
            Network Security
Preventative measures:

• Logical Security
  – user ID & password
  – levels of access
              Network Security
Preventative measures:

• Logical Security
  – user ID & password
  – levels of access
  – audit logs (audit trails)
               Network Security
Preventative measures:

• Logical Security
  –   user ID & password
  –   levels of access
  –   audit logs (audit trails)
  –   anti virus/spyware software
               Network Security
Preventative measures:

• Logical Security
  –   user ID & password
  –   levels of access
  –   audit logs (audit trails)
  –   anti virus/spyware software
  –   firewall
               Network Security
Preventative measures:

• Logical Security
  –   user ID & password
  –   levels of access
  –   audit logs (audit trails)
  –   anti virus/spyware software
  –   firewall
  –   data encryption
               Network Security
Preventative measures:

• Logical Security
  –   user ID & password
  –   levels of access
  –   audit logs (audit trails)
  –   anti virus/spyware software
  –   firewall
  –   data encryption
  –   software patches/updates
               Network Security
Preventative measures:

• Logical Security
  –   user ID & password
  –   levels of access
  –   audit logs (audit trails)
  –   anti virus/spyware software
  –   firewall
  –   data encryption
  –   software patches/updates
  –   regular backup
Effectiveness of password maintained by:
•       must use a minimum number of characters
•       must contain numbers and letters
•       not using a word in the dictionary
•       force password change frequently (monthly?)
•       cannot reuse passwords (keep a record)
•       restrict the number of attempts
    –     three password attempts and account is locked
•       not writing password down
•       make it something no one else can guess
    –     not personal
Audit Logs
                  Audit Logs
• logs are maintained automatically by the system
                  Audit Logs
• logs are maintained automatically by the system
• allow the network manager to examine patterns of use
                    Audit Logs
• logs are maintained automatically by the system
• allow the network manager to examine patterns of use
• audit logs track:
   – who did what,
   – at which workstation,
   – when it occurred.
                     Audit Logs
• logs are maintained automatically by the system
• allow the network manager to examine patterns of use
• audit logs track:
   – who did what,
   – at which workstation,
   – when it occurred.
• logs can be used to see which member of staff:
   – accessed particular files
   – other resources
   – web pages.
Firewall
                   Firewall
• network security device
                     Firewall
• network security device
  – stands between a network and the outside world
                     Firewall
• network security device
  – stands between a network and the outside world
  – can either be hardware and/or software based.
                     Firewall
• network security device
  – stands between a network and the outside world
  – can either be hardware and/or software based.
  – examines data moving into and out of the system.
                     Firewall
• network security device
  – stands between a network and the outside world
  – can either be hardware and/or software based.
  – examines data moving into and out of the system.


• configured to permit or deny connections
                       Firewall
• network security device
  – stands between a network and the outside world
  – can either be hardware and/or software based.
  – examines data moving into and out of the system.


• configured to permit or deny connections
  – using a set of rules
                       Firewall
• network security device
  – stands between a network and the outside world
  – can either be hardware and/or software based.
  – examines data moving into and out of the system.


• configured to permit or deny connections
  – using a set of rules
  – access is denied if not allowed by the rules
                       Firewall
• network security device
  – stands between a network and the outside world
  – can either be hardware and/or software based.
  – examines data moving into and out of the system.


• configured to permit or deny connections
  – using a set of rules
  – access is denied if not allowed by the rules
  – filters websites users are permitted to visit
                       Firewall
• network security device
  – stands between a network and the outside world
  – can either be hardware and/or software based.
  – examines data moving into and out of the system.


• configured to permit or deny connections
  – using a set of rules
  – access is denied if not allowed by the rules
  – filters websites users are permitted to visit
Viruses
                    Viruses
• a program which infects computer systems by self-
  replicating (copying itself to other systems)
                    Viruses
• a program which infects computer systems by self-
  replicating (copying itself to other systems)

• removable media used in an infected system can then
  carry the virus to another machine.
                    Viruses
• a program which infects computer systems by self-
  replicating (copying itself to other systems)

• removable media used in an infected system can then
  carry the virus to another machine.

• programs downloaded from the Internet can also
  spread a virus.
Virus Protection
               Virus Protection
• install anti-virus software on all computers
                Virus Protection
• install anti-virus software on all computers
   – detects viruses & malware
                Virus Protection
• install anti-virus software on all computers
   – detects viruses & malware
   – allows removal of infected code from file
                Virus Protection
• install anti-virus software on all computers
   – detects viruses & malware
   – allows removal of infected code from file
   – deletion of infected files
                  Virus Protection
• install anti-virus software on all computers
   –   detects viruses & malware
   –   allows removal of infected code from file
   –   deletion of infected files
   –   must regularly update virus data files
                 Encryption
What is encryption?
                  Encryption
What is encryption?
• the process of disguising messages
                     Encryption
What is encryption?
• the process of disguising messages
   – so that only the intended recipient can understand them.
                     Encryption
What is encryption?
• the process of disguising messages
   – so that only the intended recipient can understand them.
   – encrypted data can only be understood by reversing the
     encryption process (decryption)
                     Encryption
What is encryption?
• the process of disguising messages
   – so that only the intended recipient can understand them.
   – encrypted data can only be understood by reversing the
     encryption process (decryption)


• data is sent in a scrambled form.
                     Encryption
What is encryption?
• the process of disguising messages
   – so that only the intended recipient can understand them.
   – encrypted data can only be understood by reversing the
     encryption process (decryption)


• data is sent in a scrambled form.
   – uses a random process set up using a special key value
                     Encryption
What is encryption?
• the process of disguising messages
   – so that only the intended recipient can understand them.
   – encrypted data can only be understood by reversing the
     encryption process (decryption)


• data is sent in a scrambled form.
   – uses a random process set up using a special key value
   – the data is then decoded at receiver by reversing the
     encryption process.