Network
network is a collection of computers and
devices connected by communications channels
that facilitates communications among users
and allows users to share resources with other
users .
Types of Networks:
Local Area Network (LAN)
Wide Area Network (WAN)
Metropolitan Area Network (MAN)
What is network security ?
Network security consists of the
technologies and processes that are deployed to
protect internal networks from external threats
The primary goal of network security is to
provide controls at all points along the network
perimeter which allow access to the internal
network and only let traffic pass if that traffic is
authorized, valid, and of acceptable risk
Why do we need security?
 Protect vital information while still
allowing access to those who need it Trade
secrets, medical records, etc.
 Provide authentication and access
control for resources
 Guarantee availability of resources
Network Security Risks
 Denial of Service
Attacks on the availability of networks or
computer systems
 Information theft
Attacks on confidential information
(e.g., customer private information, credit
card information, etc.)
Network Security Risks
 Intrusion
Unauthorized access to a network or
computer system that could compromise
the integrity and/or availability of critical
systems and data
 Reputation
Confidence of customers, business
partners, etc. is lost. This is perhaps the
biggest risk that Businesses face
Access Network
An access network is that part of a
communications network which connects
subscribers to their immediate service
provider.
Access Network
Network Access Server (NAS) :
A device that functions as an access control
point for users in remote locations
connecting to a company's internal
network or to an ISP.
The NAS is meant to act as a gateway to
guard access to a protected resource. This
can be anything from a telephone network,
to printers, to the Internet.
Network Operating System
Network operating systems typically are
used to run computers that act as servers.
They provide the capabilities required for
network operation. Network operating
systems are also designed for client
computers and provide functions so the
distinction between network operating
systems and stand alone operating systems
is not always obvious.
Network Operating System
Network Operating System Examples :
Windows NT server
Windows 2003 server
Hackers
Hacker someone who attempts to break
into computer systems to damage it, or for
the purpose of getting illegitimate access
to resources
Hackers
How can hackers break into computer
system ?
Hackers gain access to your computer
through unguarded ports in your network
system
hackers, Usually they use a selection of
specialist software to identify weaknesses,
like sub seven , Net Bus … etc
Hackers
To get their intermediate base they use
purpose built programs called Trojans and
backdoors. It may be disguised as a game
or some other kind of executable program .
Cryptography
Cryptography is the science of concealing
the meaning of a message from
unintended recipients
Only the intended recipient is able to read
and understand the message
Cryptography
An encryption algorithm (or a cipher) is a
method of encryption and decryption.
All modern algorithms use a key to control
encryption and decryption; a message can
be decrypted only if the key matches the
encryption key .
Good cryptographic systems should always
be designed so that they are as difficult to
break as possible
Cryptography
Example:
Alice wants to send a message to Bob that
nobody else can read
Cryptography
key
Meet me at
noon
Alice
Encrypt
key
Phhw ph dw
Meet me at
qrrq
Dencryp noon
t
Bob
Network viruses
A network virus is a self-contained
program (or set of programs) that can
spread copies of itself across networks,
including the Internet.
Network viruses
In many cases, network viruses exploit
vulnerabilities in the operating system or
other installed programs. and they can use
legitimate network ports, such as port 80
(HTTP) and Local Area Network (LAN) or
even over the Internet to spread.
Some of the most famous network viruses
are Nimda and SQLSlammer .
Network viruses
Nimda is a virus that caused traffic
slowdowns as it rippled across the
Internet,
It quickly spread within 22 minutes .
Methods of infection:
via email
via open network shares
via browsing of compromised web sites
Damages of network
viruses
Ability to quickly degrade the performance of
a network, totally disabling important
devices, programs and network connections
and operating other programs such as
(dos)and even sending themselves over the
internet via emails or attachment. Once the
infection spreads, fully Elimination often
becomes difficult.
Wireless Network Security
 The "open air" nature of wireless radio signals
posses challenges for securing wireless
computer networks.
 Security features like
WEP
 WPA
MAC

WEP (Wired Equivalent Privacy 128-bit)
 WEP is an OSI Data Link layer (Layer 2) security
technology that can be turned "on" or "off.“
 WEP was designed to give wireless networks the
equivalent level of privacy protection .
WPA - Wi-Fi Protected Access
 WPA can scramble or "encrypt" network traffic so that
its contents can not easily be
deciphered by snoopers.
MAC (Wireless Media Access
Control )
 Wireless routers and access points (APs) incorporate
access control features such as MAC address filtering
that deny network requests from unwanted clients.
Network Access Control
 There are three main techniques that can provide
single log-in across multiple computers:
1- host-to-host authentication,
2- authentication servers,
3- user-to-host authentication.
Access Control
 Host-to-Host Authentication. users authenticate
themselves once to a host computer. That computer
then authenticates itself to other computers.
 Authentication Servers. the users authenticate
themselves to the authentication server. This computer
then authenticates the user to other host computers
Access Control
 User-to-Host: requires the user to log-in to each host
computer.