Lecture CCNA Security - Chapter 1: Modern Network Security Threats

Upon completion of this lesson, the successful participant will be able to: Describe the rationale for network security; describe the three principles of network security; identify risks, threats, vulnerabilities and countermeasures; discuss the three states of information and identify threats and appropriate countermeasures for each state;...
Nội dung trích xuất từ tài liệu:
Lecture CCNA Security - Chapter 1: Modern Network Security Threats Chapter 1 – Modern Network Security Threats CCNA Security Objectives • Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Fundamental Principles of a Secure network Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Evolution of Network Security • In July 2001, the Code Red worm attacked web servers globally, infecting over 350,000 hosts. • The Code Red worm caused a Denial of Service (DoS) to millions of users. Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Evolution of Network Security • When the first viruses were unleashed and the first DoS attack occurred, the world began to change for networking professionals. • To meet the needs of users, network professionals learned techniques to secure networks. • Refer to 1.1.1.2 Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Evolution of Network Security Year Security Technology 1984 First IDS for ARPAnet (SRI International IDES) Late 1988 DEC Packet Filter Firewall 1989 AT&T Bell Labs Statefull Firewall 1991 DEC SEAL Application Layer Firewal 1994 Check Point Firewall 1995 NetRanger IDS August, 1997 RealSecure IDS 1998 Snort IDS Late 1999 First IPS 2006 Cisco Zone-based Policy Firewal 2010 Cisco Security Intelligence Operations Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Evolution of Network Security • An IDS provides real-time detection of certain types of attacks while they are in progress • This detection allows network professionals to more quickly mitigate the negative impact of these attacks on network devices and users. • In the late 1990s, the intrusion prevention system or sensor (IPS) began to replace the IDS solution. • IPS devices enable the detection of malicious activity and have the ability to automatically block the attack in real-time. • In addition to IDS and IPS solutions, firewalls were developed to prevent undesirable traffic from entering prescribed areas within a network, thereby providing perimeter security. Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Evolution of Network Security • Internal threats fall into two categories: spoofing and DoS Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Evolution of Network Security Evolution of LAN Security Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Evolution of Network Security • Three components of information: confidentiality, integrity, availability. • Encrypting Data: Encryption provides confidentiality by hiding plaintext data. • Data integrity: data is not changed from source to destination • Availability: Data accessibility, is guaranteed by network hardening mechanisms andHọcbackup systems viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Evolution of Network Security Evulution of Data Protection Technologies Year Security Technology 1993 Cisco GRE Tunnels 1996 Site-to-Site IPSec VPNs 1999 SSH 2000 MPLS VPNs 2001 Remote-access IPSec VPN 2002 Dynamic Multipoint VPN 2005 SSL VPN 2010 Group Encrypted Transport VPN (GET VPN) Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Drivers for Network Security • The word hackers has a variety of meanings. • For many, it means Internet programmers who try to gain unauthorized access to devices on the Internet. • It is also used to refer to individuals that run programs to prevent or slow network access to a large number of users, or corrupt or wipe out data on servers. • But for some, the term hacker has a positive interpretation as a network professional that uses sophisticated Internet programming skills to ensure that networks are not vulnerable to attack. Good or bad, hacking is a driving force in network security. Học viện công nghệ thông tin Bach Khoa - Website: www.bkacad.com Drivers for Network Security Refer to 1.1.2.2 • Hacking started in the 1960s with phone freaking, or phreaking, which refers to using various audio frequencies to manipulate phone systems. • Wardialing programs automatically scanned telephone numbers within a local area, dialing each one in search of computers, bulletin board systems, and fax machines • When a phone number was found, password-cracking programs were used to gain access. • Wardriving, users gain unauthorized access to networks via wireless access points. • A number of other threats have evolved since the 1960s, including network scanning tools such as Nmap and SATAN, as well as r ...