Table of Contents
Network Security
Code Red infection
Outline of the lecture
How much security?
Goals
Examine stereotypes
The Honeynet project
The Honeynet statistics
Outline of the lecture
Threats
How to gain unauthorized access
“Vulnerabilities landscape”
Common methods of attack
Common scenario of the attack
Password attacks (1)
Password attacks (2)
Password attacks (3)
Distributed DoS
Buffer overrun
Buffer overrun
securityfocus.com
The attacker
Outline of the lecture
Proactive measures
Site security policy
Strip down default services
Disabling unwanted services
Restrict access to hosts
Basic router filtering�Prevent spoofing
Basic router filtering�Guard against IP address trust exploits
Basic router filtering�Don’t help flooders
Division of the network
Filtering traffic (1)
Filtering traffic (2)
Filtering traffic (3)
Filtering traffic (4)
Filtering traffic (5)
Implement a firewall
Stay informed
Apply patches
Monitor system activity and integrity
Use encryption
Outline of the lecture
Prevention traps
Reactive measures
Outline of the lecture
Lab network address allocation
Lab network subnets
Access control lists (ACL)
Basic router filtering�Prevent spoofing
Basic router filtering�Prevent spoofing
ACL syntax (simplified)
Goal of the exercise
Placement of ACLs
|