Embed Size (px)
Citation preview
Home Network Security
Objectives– Securing Home Network with 3 layer
– Use OpenDNS nameserver for web content filtering
– Using Safe Squid as Proxy Server and Firewall
– Demonstrating https Interception Detection
– Use Wire shark as packet analyzer
– Using PRTG as network monitoring tool
– Demonstrating the FTP and Web Server Using Microsoft Azure
Network Diagram
3 Layers of Security
• What you know?
• What you have?
• Who you are?
Level 1: What you know
Disabled Broadcast
Level 1: What you know
Should know a valid network SSID to connect
Level 2: What you have
Should have Security key
Level 3: Who you are?
• MAC address should be registered in the DHCP reservation list on the router
Level 3: Who you are?
OpenDNS Server for Web content Filtering
OpenDNS Nameserver(s)
Change your DNS with OPEN DNS
Using OpenDNS for web content filtering
Unauthorized website being blocked by OpenDNS
It blocks the url: http://www.proxyserver.com which is used for P2P sharing.
Bypassing OpenDNS on Client Machines
Implementing OpenDNS with Hardware Firewall
Block port 53 on firewall, which is the DNS name resolver on all IP address starting 0.0.0.0 to 255.255.255.255
What is Safe Squid Proxy Server?
• Acts as web caching tool.
e.g. getting updates from OS
• Acts as a Firewall
• Acts as an Antivirus, Malware tool
Safe Squid Proxy Server as HTTP Firewall
Define Access Restrictions in Safe Squid
Safe Squid Proxy Server as web content filtering
Safe Squid Proxy Server as Anti-Virus
Bypassing a Proxy Server
Use Safe Squid as Transparent Proxy Server
Https Interception By a Proxy Server
Website’s Fingerprint differs when a proxy server intercepts the connection. Example shown here is of Facebook’s Thumbprint (Authentic vs Intercepted)
Authentic Fingerprint of websites from GRC.com
Using Wireshark as a Packet Analyzer
Showing Data Packets in Wireshark
The result while hitting http://www.azure.microsoft.com/
Analyzing Data Packet Length
To know the length of specific http packets
PRTG Network Monitoring Tool
Viewing Reports in PRTG
Summary
• Securing Home Network Using 3 layers of external users.
• Using OpenDNS for web content filtering for internal users.
• Using Safe Squid Proxy Server as a Firewall, Antivirus and Web Content Filter
• Using Wireshark for analyzing data packets and PRTG network for network and usage monitoring.
Web References
• https://www.grc.com/fingerprints.htm
• https://dashboard.opendns.com/settings/27767836/content_filtering
• http://www.safesquid.com/content-filtering/does-safesquid-support-transparent-proxy
Glossary
• SSID: Service Set Identifier• PRTG: Paessler Router Traffic Grapher• Certificate Fingerprint: SSL Certificate
Thumbprint on web servers.
Question and Answer Session
The End
![Network Security Visualization · 29/10/2007 · References [1] Robert Ball, Glenn A. Fink, and Chris North. Home-centric visualization of network traffic for security administration](https://img.pdfslide.net/doc/110x75/5f0827b67e708231d4209cc1/network-security-visualization-29102007-references-1-robert-ball-glenn-a.jpg)
![Home Network Security - SEI Digital Library · REV-03.18.2016.0 Home Network Security . CERT Division [DISTRIBUTION STATEMENT A] Approved for public release and unlimited distribution](https://img.pdfslide.net/doc/110x75/5b872aac7f8b9a1f248c25cf/home-network-security-sei-digital-library-rev-031820160-home-network-security.jpg)
