Upload
hamlet
View
48
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Ensuring Network Security. Planning for Security. 4 major threats Unauthorized access Electronic tampering Theft –data and hardware Intentional/unintentional damage. 10. Managing Security. Threat identification What am I trying to protect? What do I need to protect data from? - PowerPoint PPT Presentation
Citation preview
Ensuring Network Security
Planning for Security 4 major threats
Unauthorized access Electronic tampering Theft –data and hardware Intentional/unintentional damage
Managing Security
10
Threat identificationWhat am I trying to protect?
What do I need to protect data from?
How likely is the threat?
What is the cost of breached security?
How can I protect data cost effectively?
Helpful sites
CERT (Computer Emergency Response Team) http://www.cert.org
BugTraq Subscription service
Rootshell ( all systems large numbers of reports)
http://slashdot.org/articles/98/10/28/228210.shtml Security focus ( all systems)
http://www.securityfocus.com) http://cve.mitre.org/
3 security traps
Security through obscurity works in the reverse
Social engineering, fishing for information does work, educate the users
Physical security, stops accidents and theft of data and parts
Level of Security Setting Policies
Establish rules,regulations and policies Set the tone and guide the users
Train the users on the policies Prevention
Take a proactive approach Authentication
Keep the data safe from unauthorized access Network authentication is the first line
of defense
Secure the Equipment Isolate and lockup servers
Protect from accidental and deliberate tampering
Secure the cables Keep intruders away from cable
Limit physical access to network Benefit of isolated cable is a reduction in
RFI
•Security Models Password Protected Shares
Share level security Security information attached to resource Applies to every user of resource Windows 95 model
Access Permissions User level security Access to the resource is checked against a
user-access database on the server Users have passwords but resources have
permissions Assigning permissions is done through groups
•Security Enhancements Firewalls
Combination of hardware and software Protection from external threat
Prevent direct communication with systems outside the network
Communication is routed through a proxy server Proxy filters and discards requests or data not considered
appropriate
Network activity is audited Tracks
Logon attempts- failed and successful Connection and disconnection from resources and systems Disables accounts Creation,deletion,opening and closing files Events and modifications, including password changes
•Enhancements…. Diskless computers
Boot ROM on NIC No disk to store data or copy to and from
Data Encryption Best encryption is hardware based Translation standard is Data Encryption Standard
(DES) Specifies key to decryption Have to transfer key
Commercial COMSEC Endorsement Program (CCEP) Newer standard may replace DES Approved vendors can incorporate classified algorithms
in communication systems
•Computer Viruses Boot sector virus
First sector of floppy or disk Executes on boot Copies to other media
File infector Activates when a file is used
Companion virus– uses name of real program with different extension
Macro virus- written as a macro for application Attaches to files accessed by the application
Polymorphic Virus- changes appearance on replication Stealth virus- hides from detection
Intercepts the probe and returns false information
•Virus Propagation Internet has opened new pathways
for spread of viruses E-mail is major source
Sends itself to addresses in address books
Trojan horse temps victims Any means of information
exchange provides potential path
•Consequences of Viruses System won’t boot Data is corrupted Erratic operation Lost partitions on disk Reformatted drive More than one misbehaving
workstations Denial of service attacks
•Virus prevention Good antivirus software
Warn Stop activation Remove Repair Check spread
Prevention No unauthorized access Well planned access and privilege assignments User profiles Software load policy Virus protection rules and training
Implementing SecuritySetup the security systemMake it as fool proof as possibleTrain network users about:
Why security existsHow to use securityConsequences of noncompliance
10
Maintaining SecurityMonitor security to assure that:
It is accomplishing its goalsIt is working as intended
Modify as neededThe best laid plans……
10
•Healthy Environment Recognize the effect of the
environment Climatic- cold, humidity, office
Degradation is usually over time not sudden
•Create the Right Environment Temperature
Avoid cycles of hot and cold Humidity
High -Promotes corrosion and thus friction temperature
Low– promotes static discharge 50-70 percent is good
Dust and smoke Acts as insulator and conductor
Human factors Industrial Factors
Noise, EMI, vibration
•Site Disaster Anything that causes you to lose data Recovery is hardware and DATA
replacement
Avoiding Data LossTape backupUninterruptible power supply (UPS)Fault-tolerant systemsDisk mirroringDisk striping with parity
10
Tape BackupFirst line of defense against data
lossRegular scheduled backupsSchedule, assign personnel, signoff logVerify success of backupUse a safe tape storage locationTest the restore ability of the tapes
10
•Implementing Backup System If you can’t get along without it …
back it up Tape drive should have capacity to backup the
largest server Backup methods
Full-marks as backed up Copy- does not mark Incremental- backs up and marks files changed since
last backup Daily copy – modified that day, no mark Differential- changed since last backup no mark
Maintain a backup log
UPSUninterruptible power supplyBattery to keep server running when power failsBuilt in conditioning & surge protectionNot for laser printers-high current draw
10
UPS as Backup Power Source
19
Fault Tolerant SystemsRaid technology
LevelsLevel 0 Striping
64k blocks divided equally across disk– no redundancy2-32 drivesLarge logical disk
Level 1 Disk mirroringTwo drives, single controller
Disk duplexingTwo drives, two controllersDisadvantage is disk space required
Level 2 Striping with ECCBlock is distributed across stripes
10
Disk Striping Combines Areas on Multiple Drives
20
Disk Mirroring Duplicates a Partition on Another Physical Disk
21
•Raid continued Level 3 ECC as Parity
Requires parity disk Level 4 Disk striping with large blocks
Full block to each disk and parity disk Level 5 striping with parity
3-32 drives Parity written across all disks for each stripe
Level 10 Mirrored drive arrays Mirrored stripe set
Sector sparing Hot fix of bad sectors Utility to notify administrator
Sector Sparing or Hot-Fixing Steps
22
Fault Tolerant Systems
10
Clustering Group of systems work as one using
shared devices. Control can be passed to another system if one system fails.
Clustering is an enhancement to fault tolerant systems not a replacement.
Optical Drives and Disks Permanent backups
CD-Rom Most common form of optical ISO 9660 specification defines format standard 650 MB
DVD 5 formats
DVD-R- 3.95 GB single sided and 7.9 double WORM
MO- magneto-optical PCR- phase change rewritable
Disaster Recovery Focus on factors you can control
Determine best prevention Enforce preventative measures Revise prevention measures Perform PM on hardware and software Train
Preparation Inventory- insurance and replacement Backup
Store offsite To recover from disaster:
Make a disaster-recovery plan Implement the plan TEST the plan!