System & Network Security

8/9/2019 System & Network Security

1/14

Abhijit Chakrabarty

[email protected]


2/14

Presents

System & Network Security


3/14

Acknowledgment I sincerely acknowledge the guidance, support

and assistance provided to me by Dr. Dipankar Sarkar, Director, D.I.T., Prof. B. Giri, H.O.D.Computer Sc. & Engg, and other faculty membersof D.I.T.

I would like to thank my parents for extendingtheir cooperation and support to carry out theproject.

I am grateful to the Corporation for providing such a wonderful platform of OpenOfficeImpress.


4/14

ContentsSecurity and its needs

The seven common rules of security

Account Security

Data EncryptionNetwork attacks

Firewall

Security tools

Summary


5/14

What is Security According to www.dictionary.com

1. Freedom from risk or danger; safety.

2. Freedom from doubt, anxiety, or fear; confidence.

3. Something that gives or assures safety, as:

1. A group or department of private guards: Callbuilding security if a visitor acts suspicious.

2. Measures adopted by a government to preventespionage, sabotage, or attack.

3. Measures adopted, as by a business or homeowner, to prevent a crime such as burglary or assault: Security was lax at the firm's smaller plant.

etc.


6/14

Why do we need security?

We need security to protect vital information or datawhile allowing access of our PC to other concernedpersons, to provide authentication and control for resources, guarantee for availability of resources.

Trade secrets, medical records, etc.

Provide authentication and access control for resources

Ex: AFS

Guarantee availability of resources Ex: 5 9s (99.999% reliability)


7/14

The seven common rules of security Files containing confidential or secret information that may invite

attention of hackers should not be restored in a PC.

P lug holes to ensure that hackers do not gain access to thesystem.

Dont leave space for hackers to build a nest on the system. Set basic traps on the system that are connected to the internet,

Eg, tripwire, crack etc.

Regularly monitor reports generated by the security tools.

Educate yourself on the issues and take corrective measures.

Always remain vigilant for suspicious activities around.


8/14

Account Security System administration needs to be monitored on password

security. Implement UNIX type password protection system. Use shadow password files.

Use programs that prevent simple passwords and also update newpasswords periodically. Use authentication systems such as KERBEROS. System administration should always be alert and watchful for off-

hours user, log-ins and off-site log-ins by local users.

User accounts should not be set to 777. Hardware security features for single user should be implemented.


9/14

Data Encryption

Sensitive data should be stored / communicated in encryptedform.

Systems using crypt at first should compress the data, sincecompressed data is un-intelligible so decrypting is harder.

Tying-up PGP(Pretty Good Privacy) & DES encryption utilitieswith the Operating System to provide secure environment for

data.


10/14

Network Attacks

Unauthorized access by people who shouldn't use your computer resources are able to connect and use them.

Exploitation of known weaknesses in programs. Some programsare not designed with strong security resulting in exposure tohackers.

Denial of service cause the service or program to cease functioningor prevent others from making use of the service or program.

Spoofing- mimic the actions of another host.

Eavesdropping- hosts are configured to listen to and capture datanot belonging to it.


11/14

Firewall

A firewall is a secure and trusted machines that sits between aprivate network and a public network.

It is used to filter packets based on a combination of features.

Intranet

InternetF i r ew al l

F i r ew al l


12/14


13/14

Summary

Securing individual systems is the first step towards providingsecure system.

User account and password authentication are basics.

Essential data needs to be encrypted. Single user system needs to be monitored.

Becoming familiar with system security tools and implementingthem to the system.

Setup proper Firewall Rules.

Periodically update system in order to remove system attacks.


14/14

Thank You

Documents

System & Network Security