Internetwork Expert s CCNA Security Bootcamp. Common Security Threats

Size: px
Start display at page:

Download "Internetwork Expert s CCNA Security Bootcamp. Common Security Threats"

Transcription

1 Internetwork Expert s CCNA Security Bootcamp Common Security Threats Today s s Network Security Challenge The goal of the network is to provide high availability and easy access to data to meet business requirements The goal of security is to protect and restrict access to this data Today s challenge is to find an acceptable balance between the two No security means easy access, but is too risky Too much security impedes access, while risks do not outweigh business goals Copyright 2010 Internetwork Expert

2 Goals of Network Security Network security s goals are to protect data s Confidentiality Only authorized users should have access to it Integrity The data should not have been tampered with Availability Data should be accessible whenever needed Understanding Threats to Security If you know both yourself and your enemy, you can win a hundred battles without a single loss. Sun Tzu First step in preventing a security breach is to understand what type of threats exist Copyright 2010 Internetwork Expert

3 External Security Threats Users without physical access to or prior knowledge of the internal network E.g. an attack coming from the Internet Generally more technical in nature Attacker runs blind ping sweeps and port scans to find vulnerabilities Easier to prevent with technical tools Firewall filtering on the network edge, IPS, etc. Our main focus for this class Internal Security Threats Users that already have access to and knowledge of the internal network E.g. a disgruntled employee Generally less technical in nature User physically steals data Harder to prevent with technical tools Firewall can t prevent physical theft Requires additional administrative or physical control to prevent Physical locks, surveillance cameras, ID challenge policy, etc. Copyright 2010 Internetwork Expert

4 Responding to Security Threats Attack Mitigation is the process of preventing or responding to a breach in network security Attack mitigation can be Proactive Prevent attacks before they occur E.g. a firewall blocking a port Reactive Respond to attack once it has occurred E.g. an IPS shunning an attacker running a port scan Implementing Attack Mitigation The first step of mitigation is to understand possible vulnerabilities and attacks Different tools are available for mitigation depending on whether confidentiality, integrity, or availability is being attacked Copyright 2010 Internetwork Expert

5 IP Spoofing Attacks Spoofing means that attacker uses either a fake source or destination address IPv4 protocol stack has no built in provisions to ensure that sender or receiver s address is legitimate Spoofing has many possible goals, such as DoS attack (e.g. smurf or fraggle) Control plane attack (e.g. route insertion/deletion or TCP RST) Man-in-the-Middle (MiM) attack (e.g. ARP poisoning, source routing) TCP Spoofing TCP sequence numbers add a layer of complexity when spoofing IP packets Destination only accepts packets from source with correct sequence number or seq num range IP spoofing against TCP sessions is categorized in two ways Non-blind spoofing Attacker is on the same subnet or in transit path of victim, allowing TCP sequence numbers to be seen Blind spoofing Attacker is not on the same subnet or in transit path, requiring sequence numbers to be guessed Successful attack can result in packet injection (e.g. session hijacking) or session termination (reset attack) Copyright 2010 Internetwork Expert

6 IP Spoofing Mitigation Since there are many ways to implement spoofing for different purposes, there are different ways to mitigate it Access Control Lists (ACLs) RFC 2827 Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing Unicast Reverse Path Forwarding (URPF) ARP Inspection DHCP Snooping IP Source Guard Routing Protocol Authentication BGP TTL Security IP Options checking (source routing) IPsec VPNs Reconnaissance Attacks Used to map the network and discover resources What are the routers, links, routing tables, hosts, etc. Common methods Packet capture (sniffers) Ping sweeps Port scans DNS queries Copyright 2010 Internetwork Expert

7 Reconnaissance Mitigation How are they mapping the network in the first place? ICMP Echo-reply Unreachable Mask reply Redirect Proxy ARP CDP How to mitigate? Disable unneeded services IPS Control Plane Attacks Availability attack to disrupt the routing & management protocols of the network Common methods Prefix injection/withdrawal BGP reset Telnet passwords SNMP community strings NTP spoofing Copyright 2010 Internetwork Expert

8 Control Plane Attack Mitigation Why is the control vulnerable? No routing authentication Promiscuous routing neighbors Clear text telnet & SNMP passwords No NTP authentication How to mitigate Routing authentication Unicast updates SSH SNMPv3 NTP authentication DoS/DDoS Attacks Availability attack used to overwhelm links and servers to the point they are unusable Common methods IP spoofing Smurf Fraggle TCP SYN flooding Copyright 2010 Internetwork Expert

9 DoS/DDoS Attack Mitigation Why are we vulnerable? TCP stack connection limits Flood attack amplification Input packets not RPF checked How to mitigate Half-open session monitoring Disable directed broadcasts RFC 2827 / BOGON / URPF Access Attacks Used to gain unauthorized access to resources Common methods Brute force password attacks Keyloggers Packet sniffers Redirection Layer 3 Man-in-the-Middle (MiM) Copyright 2010 Internetwork Expert

10 Access Attack Mitigation Why is access vulnerable? Lenient password retry policy Clear text strings in protocol payloads Hosts vulnerable to redirection How to mitigate? AAA & lockouts SSL/IPsec HIPS Application Attacks Targeted at software vulnerabilities Common methods Buffer overflows Worms Viruses Trojans etc. Copyright 2010 Internetwork Expert

11 Application Attacks Why are we vulnerable? Patch application not enforced Virus scan updates not enforced How to mitigate? NAC HIPS Cisco's Self-Defending Network Network-based approach to protect network devices, endpoints, and the information traveling across the network Opposite of a "point solution" in which security devices are standalone Three main points are that SDN is Integrated Every device in the network is a point of defense. Adaptive Behavioral methods recognize and adapt to new threats as they arise Collaborative Network components work together to provide protection More info at Copyright 2010 Internetwork Expert

12 Common Security Threats Q&A Copyright 2010 Internetwork Expert

AutoSecure. Finding Feature Information. Last Updated: January 18, 2012

AutoSecure. Finding Feature Information. Last Updated: January 18, 2012 AutoSecure Last Updated: January 18, 2012 The AutoSecure feature secures a router by using a single CLI command to disable common IP services that can be exploited for network attacks, enable IP services

More information

Internetwork Expert s CCNA Security Bootcamp. Mitigating Layer 2 Attacks. Layer 2 Mitigation Overview

Internetwork Expert s CCNA Security Bootcamp. Mitigating Layer 2 Attacks. Layer 2 Mitigation Overview Internetwork Expert s CCNA Security Bootcamp Mitigating Layer 2 Attacks http:// Layer 2 Mitigation Overview The network is only as secure as its weakest link If layer 2 is compromised, all layers above

More information

IPv6- IPv4 Threat Comparison v1.0. Darrin Miller Sean Convery

IPv6- IPv4 Threat Comparison v1.0. Darrin Miller Sean Convery IPv6- IPv4 Threat Comparison v1.0 Darrin Miller dmiller@cisco.com Sean Convery sean@cisco.com Motivations Discussions around IPv6 security have centered on IPsec Though IPsec is mandatory in IPv6, the

More information

Chapter 11: Networks

Chapter 11: Networks Chapter 11: Networks Devices in a Small Network Small Network A small network can comprise a few users, one router, one switch. A Typical Small Network Topology looks like this: Device Selection Factors

More information

HP High-End Firewalls

HP High-End Firewalls HP High-End Firewalls Attack Protection Configuration Guide Part number: 5998-2650 Software version: F1000-A-EI&F1000-S-EI: R3721 F5000: F3210 F1000-E: F3171 Firewall module: F3171 Document version: 6PW101-20120719

More information

Internet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.

Internet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link. Internet Layers Application Application Transport Transport Network Network Network Network Link Link Link Link Ethernet Fiber Optics Physical Layer Wi-Fi ARP requests and responses IP: 192.168.1.1 MAC:

More information

CSE 565 Computer Security Fall 2018

CSE 565 Computer Security Fall 2018 CSE 565 Computer Security Fall 2018 Lecture 18: Network Attacks Department of Computer Science and Engineering University at Buffalo 1 Lecture Overview Network attacks denial-of-service (DoS) attacks SYN

More information

Network Security. Thierry Sans

Network Security. Thierry Sans Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability

More information

Configuring attack detection and prevention 1

Configuring attack detection and prevention 1 Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack

More information

Ethical Hacking and Prevention

Ethical Hacking and Prevention Ethical Hacking and Prevention This course is mapped to the popular Ethical Hacking and Prevention Certification Exam from US-Council. This course is meant for those professionals who are looking for comprehensive

More information

Exam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo

Exam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo Exam : JK0-015 Title : CompTIA E2C Security+ (2008 Edition) Exam Version : Demo 1.Which of the following logical access control methods would a security administrator need to modify in order to control

More information

Layer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

Layer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Layer 4: UDP, TCP, and others based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Concepts application set transport set High-level, "Application Set" protocols deal only with how handled

More information

Curso: Ethical Hacking and Countermeasures

Curso: Ethical Hacking and Countermeasures Curso: Ethical Hacking and Countermeasures Module 1: Introduction to Ethical Hacking Who is a Hacker? Essential Terminologies Effects of Hacking Effects of Hacking on Business Elements of Information Security

More information

Configuring attack detection and prevention 1

Configuring attack detection and prevention 1 Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack

More information

Routing Security DDoS and Route Hijacks. Merike Kaeo CEO, Double Shot Security

Routing Security DDoS and Route Hijacks. Merike Kaeo CEO, Double Shot Security Routing Security DDoS and Route Hijacks Merike Kaeo CEO, Double Shot Security merike@doubleshotsecurity.com DISCUSSION POINTS Understanding The Growing Complexity DDoS Attack Trends Packet Filters and

More information

Our Narrow Focus Computer Networking Security Vulnerabilities. Outline Part II

Our Narrow Focus Computer Networking Security Vulnerabilities. Outline Part II Our Narrow Focus 15-441 15-441 Computer Networking 15-641 Lecture 22 Security: DOS Peter Steenkiste Fall 2016 www.cs.cmu.edu/~prs/15-441-f16 Yes: Creating a secure channel for communication (Part I) Protecting

More information

Our Narrow Focus Computer Networking Security Vulnerabilities. IP-level vulnerabilities

Our Narrow Focus Computer Networking Security Vulnerabilities. IP-level vulnerabilities Our Narrow Focus 15-441 15-441 Computer Networking 15-641 Lecture 22 Security: DOS Peter Steenkiste Fall 2014 www.cs.cmu.edu/~prs/15-441-f14 Yes: Creating a secure channel for communication (Part I) Protecting

More information

HP High-End Firewalls

HP High-End Firewalls HP High-End Firewalls Attack Protection Configuration Guide Part number: 5998-2630 Software version: F1000-E/Firewall module: R3166 F5000-A5: R3206 Document version: 6PW101-20120706 Legal and notice information

More information

CTS2134 Introduction to Networking. Module 08: Network Security

CTS2134 Introduction to Networking. Module 08: Network Security CTS2134 Introduction to Networking Module 08: Network Security Denial of Service (DoS) DoS (Denial of Service) attack impacts system availability by flooding the target system with traffic or by exploiting

More information

Threat Pragmatics. Target 6/19/ June 2018 PacNOG 22, Honiara, Solomon Islands Supported by:

Threat Pragmatics. Target 6/19/ June 2018 PacNOG 22, Honiara, Solomon Islands Supported by: Threat Pragmatics 25-29 June 2018 PacNOG 22, Honiara, Solomon Islands Supported by: Issue Date: Revision: 1 Target Many sorts of targets: Network infrastructure Network services Application services User

More information

PROTECTING INFORMATION ASSETS NETWORK SECURITY

PROTECTING INFORMATION ASSETS NETWORK SECURITY PROTECTING INFORMATION ASSETS NETWORK SECURITY PAUL SMITH 20 years of IT experience (desktop, servers, networks, firewalls.) 17 years of engineering in enterprise scaled networks 10+ years in Network Security

More information

CSC 6575: Internet Security Fall Attacks on Different OSI Layer Protocols OSI Layer Basic Attacks at Lower Layers

CSC 6575: Internet Security Fall Attacks on Different OSI Layer Protocols OSI Layer Basic Attacks at Lower Layers CSC 6575: Internet Security Fall 2017 Attacks on Different OSI Layer Protocols OSI Layer Basic Attacks at Lower Layers Mohammad Ashiqur Rahman Department of Computer Science College of Engineering Tennessee

More information

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS 1 Introduction Your data and infrastructure are at the heart of your business. Your employees, business partners, and

More information

IPv6 Security. Pedro Lorga - WALC 2006 (Quito, Ecuador July 06)

IPv6 Security. Pedro Lorga - WALC 2006 (Quito, Ecuador July 06) IPv6 Security Pedro Lorga - lorga@fccn.pt 1 Copy Rights This slide set is the ownership of the 6DISS project via its partners The Powerpoint version of this material may be reused and modified only with

More information

Chapter 4. Network Security. Part I

Chapter 4. Network Security. Part I Chapter 4 Network Security Part I CCNA4-1 Chapter 4-1 Introducing Network Security Introduction to Network Security CCNA4-2 Chapter 4-1 Introducing Network Security Why is Network Security important? Rapid

More information

ETHICAL HACKING & COMPUTER FORENSIC SECURITY

ETHICAL HACKING & COMPUTER FORENSIC SECURITY ETHICAL HACKING & COMPUTER FORENSIC SECURITY Course Description From forensic computing to network security, the course covers a wide range of subjects. You will learn about web hacking, password cracking,

More information

Network Security. Evil ICMP, Careless TCP & Boring Security Analyses. Mohamed Sabt Univ Rennes, CNRS, IRISA Thursday, October 4th, 2018

Network Security. Evil ICMP, Careless TCP & Boring Security Analyses. Mohamed Sabt Univ Rennes, CNRS, IRISA Thursday, October 4th, 2018 Network Security Evil ICMP, Careless TCP & Boring Security Analyses Mohamed Sabt Univ Rennes, CNRS, IRISA Thursday, October 4th, 2018 Part I Internet Control Message Protocol (ICMP) Why ICMP No method

More information

Flashback.. Internet design goals. Security Part One: Attacks and Countermeasures. Why did they leave it out? Security Vulnerabilities

Flashback.. Internet design goals. Security Part One: Attacks and Countermeasures. Why did they leave it out? Security Vulnerabilities Flashback.. Internet design goals Security Part One: Attacks and Countermeasures 15-441 With slides from: Debabrata Dash,Nick Feamster, Vyas Sekar 15-411: F08 security 1 1. Interconnection 2. Failure resilience

More information

Network Infrastructure Filtering at the border. stole slides from Fakrul Alam

Network Infrastructure Filtering at the border. stole slides from Fakrul Alam Network Infrastructure Filtering at the border maz@iij.ad.jp stole slides from Fakrul Alam fakrul@bdhbu.com Acknowledgement Original slides prepared by Merike Kaeo What we have in network? Router Switch

More information

Table of Contents. 1 Intrusion Detection Statistics 1-1 Overview 1-1 Displaying Intrusion Detection Statistics 1-1

Table of Contents. 1 Intrusion Detection Statistics 1-1 Overview 1-1 Displaying Intrusion Detection Statistics 1-1 Table of Contents 1 Intrusion Detection Statistics 1-1 Overview 1-1 Displaying Intrusion Detection Statistics 1-1 i 1 Intrusion Detection Statistics Overview Intrusion detection is an important network

More information

Chapter 11: It s a Network. Introduction to Networking

Chapter 11: It s a Network. Introduction to Networking Chapter 11: It s a Network Introduction to Networking Small Network Topologies Typical Small Network Topology IT Essentials v5.0 2 Device Selection for a Small Network Factors to be considered when selecting

More information

Insights on IPv6 Security

Insights on IPv6 Security Insights on IPv6 Security Bilal Al Sabbagh, MSc, CISSP, CCSP Senior Information & Network Security Consultant - NXme Information Security Researcher Stockholm University 10/9/10 NXme FZ-LLC 1 NIXU Middle

More information

Implementing Cisco Network Security (IINS) 3.0

Implementing Cisco Network Security (IINS) 3.0 Implementing Cisco Network Security (IINS) 3.0 COURSE OVERVIEW: Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles and technologies, using

More information

ICS 451: Today's plan

ICS 451: Today's plan ICS 451: Today's plan ICMP ping traceroute ARP DHCP summary of IP processing ICMP Internet Control Message Protocol, 2 functions: error reporting (never sent in response to ICMP error packets) network

More information

Welcome! APNIC Security Tutorial. Securing edge network devices. Overview

Welcome! APNIC Security Tutorial. Securing edge network devices. Overview Welcome! APNIC Security Tutorial Securing edge network devices 6 September 2005, Hanoi, Vietnam In conjunction with APNIC20 Overview Edge security principles Threats categories Securing edge devices Routing

More information

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo ETHICAL HACKING (CEH) CURRICULUM Introduction to Ethical Hacking What is Hacking? Who is a Hacker? Skills of a Hacker? Types of Hackers? What are the Ethics and Legality?? Who are at the risk of Hacking

More information

AN TOÀN LỚP 4: TCP/IP ATTACKS NGUYEN HONG SON PTITHCM

AN TOÀN LỚP 4: TCP/IP ATTACKS NGUYEN HONG SON PTITHCM 1 AN TOÀN LỚP 4: TCP/IP ATTACKS NGUYEN HONG SON PTITHCM 2 Introduction (1/2) TCP provides a full duplex reliable stream connection between two end points A connection is uniquely defined by the quadruple

More information

Insights on IPv6 Security

Insights on IPv6 Security Insights on IPv6 Security Bilal Al Sabbagh, MSc, CISSP, CISA, CCSP Senior Information & Network Security Consultant NXme FZ-LLC Information Security Researcher, PhD Candidate Stockholm University bilal@nxme.net

More information

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management CompTIA Security+ Lecture Six Threats and Vulnerabilities Vulnerability Management Copyright 2011 - VTC Malware Malicious code refers to software threats to network and systems, including viruses, Trojan

More information

NETWORK SECURITY. Ch. 3: Network Attacks

NETWORK SECURITY. Ch. 3: Network Attacks NETWORK SECURITY Ch. 3: Network Attacks Contents 3.1 Network Vulnerabilities 3.1.1 Media-Based 3.1.2 Network Device 3.2 Categories of Attacks 3.3 Methods of Network Attacks 03 NETWORK ATTACKS 2 3.1 Network

More information

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8 Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 8 System Vulnerabilities and Denial of Service Attacks System Vulnerabilities and

More information

NISCC Technical Note 06/02: Response to Distributed Denial of Service (DDoS) Attacks

NISCC Technical Note 06/02: Response to Distributed Denial of Service (DDoS) Attacks NISCC Technical Note 06/02: Response to Distributed Denial of Service (DDoS) Attacks Background This NISCC technical note is intended to provide information to enable organisations in the UK s Critical

More information

Fundamentals of Network Security v1.1 Scope and Sequence

Fundamentals of Network Security v1.1 Scope and Sequence Fundamentals of Network Security v1.1 Scope and Sequence Last Updated: September 9, 2003 This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document

More information

H3C SecPath Series High-End Firewalls

H3C SecPath Series High-End Firewalls H3C SecPath Series High-End Firewalls Attack Protection Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: SECPATHF1000SAI&F1000AEI&F1000ESI-CMW520-R3721 SECPATH5000FA-CMW520-F3210

More information

Network Security. Network Vulnerabilities

Network Security. Network Vulnerabilities Network Security Network Vulnerabilities 1 Attacks and the OSI Stack Stack layer Services Protocols Application; Presentation; Session Transport DNS SMTP TCP Network Routers IP Logic Physical Switches

More information

The big picture. Security. Some consequences. Three types of threat. LAN Eavesdropping. Network-based access control

The big picture. Security. Some consequences. Three types of threat. LAN Eavesdropping. Network-based access control The big picture Security Next two lectures about security Today: attack - All kinds of bad things attackers can do over the network Next lecture: defense - Techniques for protecting against these and other

More information

DDoS Testing with XM-2G. Step by Step Guide

DDoS Testing with XM-2G. Step by Step Guide DDoS Testing with XM-G Step by Step Guide DDoS DEFINED Distributed Denial of Service (DDoS) Multiple compromised systems usually infected with a Trojan are used to target a single system causing a Denial

More information

CSC 574 Computer and Network Security. TCP/IP Security

CSC 574 Computer and Network Security. TCP/IP Security CSC 574 Computer and Network Security TCP/IP Security Alexandros Kapravelos kapravelos@ncsu.edu (Derived from slides by Will Enck and Micah Sherr) Network Stack, yet again Application Transport Network

More information

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

PrepAwayExam.   High-efficient Exam Materials are the best high pass-rate Exam Dumps PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : 642-541 Title : VPN and Security Cisco SAFE Implementation Exam (CSI) Vendors : Cisco

More information

Network Protocols. Security. TDC375 Autuman 03/04 John Kristoff - DePaul University 1

Network Protocols. Security. TDC375 Autuman 03/04 John Kristoff - DePaul University 1 Network Protocols Security TDC375 Autuman 03/04 John Kristoff - DePaul University 1 Securing the Internet is hard! Lots and lots of things need to be secured Software tends to be buggy and poorly designed

More information

Introduction to Computer Security

Introduction to Computer Security Introduction to Computer Security Instructor: Mahadevan Gomathisankaran mgomathi@unt.edu CSCE 4550/5550, Fall 2009 Lecture 7 1 Projects Groups Max 3 persons Topics Cryptography Network Security Program

More information

Data Communication. Chapter # 5: Networking Threats. By: William Stalling

Data Communication. Chapter # 5: Networking Threats. By: William Stalling Data Communication Chapter # 5: By: Networking Threats William Stalling Risk of Network Intrusion Whether wired or wireless, computer networks are quickly becoming essential to everyday activities. Individuals

More information

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12 TCP/IP Networking Training Details Training Time : 9 Hours Capacity : 12 Prerequisites : There are no prerequisites for this course. About Training About Training TCP/IP is the globally accepted group

More information

Objectives. Classes of threats to networks. Network Security. Common types of network attack. Mitigation techniques to protect against threats

Objectives. Classes of threats to networks. Network Security. Common types of network attack. Mitigation techniques to protect against threats ITE I Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1 Objectives Enterprise Network Security Describe the general methods used to mitigate security threats to Enterprise networks

More information

CSc 466/566. Computer Security. 18 : Network Security Introduction

CSc 466/566. Computer Security. 18 : Network Security Introduction 1/81 CSc 466/566 Computer Security 18 : Network Security Introduction Version: 2012/05/03 13:57:28 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian Collberg

More information

IPv6 Security Issues and Challenges

IPv6 Security Issues and Challenges IPv6 Security Issues and Challenges Dr. Omar A. Abouabdalla (omar@ipv6global.my) Head Technology Consultant IPv6 Global Sdn Bhd 7 November 2012 IPv6 TO MIGRATE OR NOT TO MIGRATE? It s not an option. Either

More information

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet SYMANTEC ENTERPRISE SECURITY Symantec Internet Security Threat Report September 00 Power and Energy Industry Data Sheet An important note about these statistics The statistics discussed in this document

More information

ECE 435 Network Engineering Lecture 23

ECE 435 Network Engineering Lecture 23 ECE 435 Network Engineering Lecture 23 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 30 November 2017 HW#11 will be posted Announcements Don t forget projects next week Presentation

More information

Rocky Mountain ISSA Chapter April 5, IPv6 Security. Scott Hogg. Director of Advanced Technology Services - GTRI CCIE #5133, CISSP #4610

Rocky Mountain ISSA Chapter April 5, IPv6 Security. Scott Hogg. Director of Advanced Technology Services - GTRI CCIE #5133, CISSP #4610 Rocky Mountain ISSA Chapter April 5, 2007 IPv6 Security Scott Hogg Director of Advanced Technology Services - GTRI CCIE #5133, CISSP #4610 Agenda IPv6 Threats Reconnaissance LAN Threats ICMPv6 Threats

More information

Network Infrastructure Filtering at the border. PacNOG19 28th November - 2nd December 2016 Nadi, Fiji

Network Infrastructure Filtering at the border. PacNOG19 28th November - 2nd December 2016 Nadi, Fiji Network Infrastructure Filtering at the border PacNOG19 28th November - 2nd December 2016 Nadi, Fiji Issue Date: [Date] Revision: [XX] What we have in network? Router Switch CPE (ADSL Router / WiFi Router)

More information

Implementing Cisco IP Routing

Implementing Cisco IP Routing 300-101 Implementing Cisco IP Routing NWExam.com SUCCESS GUIDE TO CISCO CERTIFICATION Exam Summary Syllabus Questions Table of Contents Introduction to 300-101 Exam on Implementing Cisco IP Routing...

More information

R (2) Implementation of following spoofing assignments using C++ multi-core Programming a) IP Spoofing b) Web spoofing.

R (2) Implementation of following spoofing assignments using C++ multi-core Programming a) IP Spoofing b) Web spoofing. R (2) N (5) Oral (3) Total (10) Dated Sign Experiment No: 1 Problem Definition: Implementation of following spoofing assignments using C++ multi-core Programming a) IP Spoofing b) Web spoofing. 1.1 Prerequisite:

More information

Attack Prevention Technology White Paper

Attack Prevention Technology White Paper Attack Prevention Technology White Paper Keywords: Attack prevention, denial of service Abstract: This document introduces the common network attacks and the corresponding prevention measures, and describes

More information

Control Plane Protection

Control Plane Protection Control Plane Protection Preventing accidentally on purpose We really talking about making sure routers do what we expect. Making sure the route decision stays under our control. Layer 2 Attacks ARP injections

More information

Example: Configuring DHCP Snooping and DAI to Protect the Switch from ARP Spoofing Attacks

Example: Configuring DHCP Snooping and DAI to Protect the Switch from ARP Spoofing Attacks Example: Configuring DHCP Snooping and DAI to Protect the Switch from ARP Spoofing Attacks In an ARP spoofing attack, the attacker associates its own MAC address with the IP address of a network device

More information

Security. - All kinds of bad things attackers can do over the network. - Techniques for protecting against these and other attacks

Security. - All kinds of bad things attackers can do over the network. - Techniques for protecting against these and other attacks Security Next two lectures about security Today: attack - All kinds of bad things attackers can do over the network Next lecture: defense - Techniques for protecting against these and other attacks Note:

More information

ExamTorrent. Best exam torrent, excellent test torrent, valid exam dumps are here waiting for you

ExamTorrent.   Best exam torrent, excellent test torrent, valid exam dumps are here waiting for you ExamTorrent http://www.examtorrent.com Best exam torrent, excellent test torrent, valid exam dumps are here waiting for you Exam : 400-251 Title : CCIE Security Written Exam (v5.0) Vendor : Cisco Version

More information

Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks

Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition Chapter 3 Investigating Web Attacks Objectives After completing this chapter, you should be able to: Recognize the indications

More information

Configuring NAT for IP Address Conservation

Configuring NAT for IP Address Conservation This module describes how to configure Network Address Translation (NAT) for IP address conservation and how to configure inside and outside source addresses. This module also provides information about

More information

Selected Network Security Technologies

Selected Network Security Technologies Selected Network Security Technologies Petr Grygárek rek Agenda: Security in switched networks Control Plane Policing 1 Security in Switched Networks 2 Switch Port Security Static MAC addresses assigned

More information

Finding Feature Information

Finding Feature Information This module describes how to configure Network Address Translation (NAT) for IP address conservation and how to configure inside and outside source addresses. This module also provides information about

More information

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28 Int ernet w orking Internet Security Literature: Forouzan: TCP/IP Protocol Suite : Ch 28 Internet Security Internet security is difficult Internet protocols were not originally designed for security The

More information

CS 161 Computer Security

CS 161 Computer Security Raluca Ada Popa Spring 2018 CS 161 Computer Security Discussion 7 Week of March 5, 2018 Question 1 DHCP (5 min) Professor Raluca gets home after a tiring day writing papers and singing karaoke. She opens

More information

Fundamentals of Information Systems Security Lesson 8 Mitigation of Risk and Threats to Networks from Attacks and Malicious Code

Fundamentals of Information Systems Security Lesson 8 Mitigation of Risk and Threats to Networks from Attacks and Malicious Code Fundamentals of Information Systems Security Lesson 8 Mitigation of Risk and Threats to Networks from Attacks and Malicious Code Learning Objective Explain the importance of network principles and architecture

More information

N exam.420q. Number: N Passing Score: 800 Time Limit: 120 min N CompTIA Network+ Certification

N exam.420q. Number: N Passing Score: 800 Time Limit: 120 min N CompTIA Network+ Certification N10-006.exam.420q Number: N10-006 Passing Score: 800 Time Limit: 120 min N10-006 CompTIA Network+ Certification Sections 1. Network security 2. Troubleshooting 3. Industry standards, practices, and network

More information

Internet Security: Firewall

Internet Security: Firewall Internet Security: Firewall What is a Firewall firewall = wall to protect against fire propagation More like a moat around a medieval castle restricts entry to carefully controlled points restricts exits

More information

ECE 435 Network Engineering Lecture 23

ECE 435 Network Engineering Lecture 23 ECE 435 Network Engineering Lecture 23 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 4 December 2018 Announcements HW#9 graded Don t forget projects next week Presentation schedule

More information

DumpsTorrent. Latest dumps torrent provider, real dumps

DumpsTorrent.   Latest dumps torrent provider, real dumps DumpsTorrent http://www.dumpstorrent.com Latest dumps torrent provider, real dumps Exam : GCIH Title : GIAC Certified Incident Handler Vendor : GIAC Version : DEMO Get Latest & Valid GCIH Exam's Question

More information

Overview. Computer Network Lab, SS Security. Type of attacks. Firewalls. Protocols. Packet filter

Overview. Computer Network Lab, SS Security. Type of attacks. Firewalls. Protocols. Packet filter Computer Network Lab 2017 Fachgebiet Technische Informatik, Joachim Zumbrägel Overview Security Type of attacks Firewalls Protocols Packet filter 1 Security Security means, protect information (during

More information

IBM i Version 7.3. Security Intrusion detection IBM

IBM i Version 7.3. Security Intrusion detection IBM IBM i Version 7.3 Security Intrusion detection IBM IBM i Version 7.3 Security Intrusion detection IBM Note Before using this information and the product it supports, read the information in Notices on

More information

CHCSS. Certified Hands-on Cyber Security Specialist (510)

CHCSS. Certified Hands-on Cyber Security Specialist (510) CHCSS Certified Hands-on Cyber Security Specialist () SYLLABUS 2018 Certified Hands-on Cyber Security Specialist () 2 Course Description Entry level cyber security course intended for an audience looking

More information

CS System Security 2nd-Half Semester Review

CS System Security 2nd-Half Semester Review CS 356 - System Security 2nd-Half Semester Review Fall 2013 Final Exam Wednesday, 2 PM to 4 PM you may bring one 8-1/2 x 11 sheet of paper with any notes you would like no cellphones, calculators This

More information

Security Considerations for IPv6 Networks. Yannis Nikolopoulos

Security Considerations for IPv6 Networks. Yannis Nikolopoulos Security Considerations for IPv6 Networks Yannis Nikolopoulos yanodd@otenet.gr Ημερίδα Ενημέρωσης Χρηστών για την Τεχνολογία IPv6 - Αθήνα, 25 Μαίου 2011 Agenda Introduction Major Features in IPv6 IPv6

More information

Denial of Service. EJ Jung 11/08/10

Denial of Service. EJ Jung 11/08/10 Denial of Service EJ Jung 11/08/10 Pop Quiz 3 Write one thing you learned from today s reading Write one thing you liked about today s reading Write one thing you disliked about today s reading Announcements

More information

Technology Scenarios. INE s CCIE Security Bootcamp - 1 -

Technology Scenarios. INE s CCIE Security Bootcamp - 1 - INE s CCIE Security Bootcamp For CCIE v3.0-1 - - 2 - Lab Physical Cabling Fa0/0 Fa0/1 Fa0/0 S1/2 S1/3 R3 S1/0 S1/1 Fa0/0 R1 S0/0 S0/1 S0/1 R2 S0/0 Ethernet Fa0/0 Fa0/1 BB3 Serial Frame-Relay S0/0 R4 S0/1

More information

Prevent DoS using IP source address spoofing

Prevent DoS using IP source address spoofing Prevent DoS using IP source address spoofing MATSUZAKI maz Yoshinobu 06-Sep-2006 Copyright (C) 2006 Internet Initiative Japan Inc. 1 ip spoofing creation of IP packets with source addresses

More information

Data Plane Protection. The googles they do nothing.

Data Plane Protection. The googles they do nothing. Data Plane Protection The googles they do nothing. Types of DoS Single Source. Multiple Sources. Reflection attacks, DoS and DDoS. Spoofed addressing. Can be, ICMP (smurf, POD), SYN, Application attacks.

More information

PROTECTING NETWORK INFRASTRUCTURE - ROUTERS, SWITCHES, ETC.

PROTECTING NETWORK INFRASTRUCTURE - ROUTERS, SWITCHES, ETC. PROTECTING NETWORK INFRASTRUCTURE - ROUTERS, SWITCHES, ETC. Configuration Corrupt Config Database RADB Intercept Configuration Transport Transport Attacks Trojan Horses in Code 2-4-2 Network Infrastructure

More information

Implementing Firewall Technologies

Implementing Firewall Technologies Implementing Firewall Technologies Network firewalls separate protected from non-protected areas preventing unauthorized users from accessing protected network resources. Technologies used: ACLs Standard,

More information

SYLLABUS. DIVISION: Business and Engineering Technology REVISED: FALL 2015 CREDIT HOURS: 4 HOURS/WK LEC: 4 HOURS/WK LAB: 0 LEC/LAB COMB: 4

SYLLABUS. DIVISION: Business and Engineering Technology REVISED: FALL 2015 CREDIT HOURS: 4 HOURS/WK LEC: 4 HOURS/WK LAB: 0 LEC/LAB COMB: 4 SYLLABUS DIVISION: Business and Engineering Technology REVISED: FALL 2015 CURRICULA IN WHICH COURSE IS TAUGHT: IST, Information Systems Technology COURSE NUMBER AND TITLE: ITN 262 Cisco CCNA Security CREDIT

More information

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker Learn to find security vulnerabilities before the bad guys do! The Certified Ethical Hacker (CEH) class immerses students in an interactive environment

More information

ASA/PIX Security Appliance

ASA/PIX Security Appliance I N D E X A AAA, implementing, 27 28 access to ASA/PIX Security Appliance monitoring, 150 151 securing, 147 150 to websites, blocking, 153 155 access control, 30 access policies, creating for web and mail

More information

ELEC5616 COMPUTER & NETWORK SECURITY

ELEC5616 COMPUTER & NETWORK SECURITY ELEC5616 COMPUTER & NETWORK SECURITY Lecture 17: Network Protocols I IP The Internet Protocol (IP) is a stateless protocol that is used to send packets from one machine to another using 32- bit addresses

More information

Wireless Network Security

Wireless Network Security Wireless Network Security Why wireless? Wifi, which is short for wireless fi something, allows your computer to connect to the Internet using magic. -Motel 6 commercial 2 but it comes at a price Wireless

More information

CISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks

CISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks CISNTWK-440 Intro to Network Security Chapter 4 Network Vulnerabilities and Attacks Objectives Explain the types of network vulnerabilities List categories of network attacks Define different methods of

More information

CIH

CIH mitigating at host level, 23 25 at network level, 25 26 Morris worm, characteristics of, 18 Nimda worm, characteristics of, 20 22 replacement login, example of, 17 signatures. See signatures SQL Slammer

More information

CIT 380: Securing Computer Systems. Network Security Concepts

CIT 380: Securing Computer Systems. Network Security Concepts CIT 380: Securing Computer Systems Network Security Concepts Topics 1. Protocols and Layers 2. Layer 2 Network Concepts 3. MAC Spoofing 4. ARP 5. ARP Spoofing 6. Network Sniffing Protocols A protocol defines

More information

Network Security. The Art of War in The LAN Land. Mohamed Sabt Univ Rennes, CNRS, IRISA Thursday, September 27th, 2018

Network Security. The Art of War in The LAN Land. Mohamed Sabt Univ Rennes, CNRS, IRISA Thursday, September 27th, 2018 Network Security The Art of War in The LAN Land Mohamed Sabt Univ Rennes, CNRS, IRISA Thursday, September 27th, 2018 Part I MAC Attacks MAC Address/CAM Table Review 48 Bit Hexadecimal Number Creates Unique

More information

CISCO NETWORK FOUNDATION PROTECTION: PROTECTING THE CISCO CATALYST SERIES PLATFORM

CISCO NETWORK FOUNDATION PROTECTION: PROTECTING THE CISCO CATALYST SERIES PLATFORM CISCO NETWORK FOUNDATION PROTECTION: PROTECTING THE CISCO CATALYST SERIES PLATFORM SECURITY TECHNOLOGY GROUP JANUARY 2005 1 Agenda Introduction Configuring Control Plane Protection Deployment Guide Summary

More information

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Actual4Test.   Actual4test - actual test exam dumps-pass for IT exams Actual4Test http://www.actual4test.com Actual4test - actual test exam dumps-pass for IT exams Exam : 100-101 Title : CCNA Interconnecting Cisco Networking Devices 1 (ICND1) Vendor : Cisco Version : DEMO

More information