tailieunhanh - Lecture Network security: Chapter 7 - Dr. Munam Ali Shah

In this chapter we will discuss: Some more discussion on DDoS attacks, security in wireless networks, types of WLAN and relevant security mechanism, different ways to secure a WLAN. After studying this chapter you will be able to understand why wireless LANs are more prone to security threats and vulnerabilities, to identify and classify among different solutions that can be used to secure a WLAN. | Network Security Lecture 7 Presented by: Dr. Munam Ali Shah Summary of the previous lecture We learnt about different types of DoS attacks We have seen how ICMP can be a victim of DoS attack Some examples of ping to death and SYNC flood attacks were discussed in detail Outlines Some more discussion on DDoS attacks Security in Wireless Networks Types of WLAN and relevant security mechanism Different ways to secure a WLAN Objectives To be able to understand why wireless LANs are more prone to security threats and vulnerabilities To identify and classify among different solutions that can be used to secure a WLAN 5 Distributed Denial of Service (DDoS) The attacking host is replicated through an handler-agent distributed framework Distributed Denial of Service Two kinds of victims: agents (compromised using common weaknesses to install DDoS agents code), likely to be identified guilty during the first stage of the investigation end targets (during the attack) Cont. DDoS protection . | Network Security Lecture 7 Presented by: Dr. Munam Ali Shah Summary of the previous lecture We learnt about different types of DoS attacks We have seen how ICMP can be a victim of DoS attack Some examples of ping to death and SYNC flood attacks were discussed in detail Outlines Some more discussion on DDoS attacks Security in Wireless Networks Types of WLAN and relevant security mechanism Different ways to secure a WLAN Objectives To be able to understand why wireless LANs are more prone to security threats and vulnerabilities To identify and classify among different solutions that can be used to secure a WLAN 5 Distributed Denial of Service (DDoS) The attacking host is replicated through an handler-agent distributed framework Distributed Denial of Service Two kinds of victims: agents (compromised using common weaknesses to install DDoS agents code), likely to be identified guilty during the first stage of the investigation end targets (during the attack) Cont. DDoS protection Configure routers to filter network traffic Perform ingress filtering Configure traffic rate limiting (ICMP, SYN, UDP, etc) Deploy firewalls at the boundaries of your network The filtering system must be able to distinguish harmful uses of a network service from legitimate uses. Perform regular network vulnerability scans common and known vulnerabilities could be exploited to install DDoS agents. Identify the agents that are listening to the handler’s commands 7 Ingress: the right or permission to enter. DDoS protection Install IDS (Intrusion Detection Systems) capable of detecting DDoS handler-to-agent communication DDoS agent-to-target attacks Cont. Manifestation of DoS Attacks Unusually slow network performance (opening files or accessing web sites) unavailability of a particular web site inability to access any web site dramatic increase in the number of spam emails received. 9 Manifestation is an indication of the existence. US-CERT Established in 2003 to protect the nation's Internet