Chapter 4 – Network Security
Why is Network Security Important?
Threat Capabilities
Think Like a Attacker
Step 1: Footprint Analysis
Step 2: Enumerate Information
Step 3: Manipulate Users to Gain Access
Step 4: Escalate Privilege
Step 5: Gather Additional Password & Secrets
Step 6: Install Back Doors and Port Redirections
Step 7: Leverage the Compromised System
100% Security
Open versus Closed Networks
Open Access Network
Restrictive Access Network
Closed Access Networks
Developing a Security Policy
Developing a Security Policy
Common Security Threats
Common Security Threats
Common Security Threats
Threats to Physical Infrastructure
Threats to Physical Infrastructure
Threats to Physical Infrastructure
Threats to Physical Infrastructure
Network Security Threats
Unstructured threats
Structured threats
External threats
Internal threats
Social Engineering
Types of Network Attacks
Reconaissance Attacks
Internet Information Queries
Port Scans and Ping Sweeps
Port Scan and Ping Sweep Attack Mitigation
Packet Sniffers
Packet Sniffer Mitigation
Access Attacks
Password Attacks
Password Attack Mitigation
Trust Exploitation
Trust Exploitation Attack Mitigation
Port Redirection
Man-in-the-Middle Attacks & Mitigation
DoS Attacks
Ping of Death Attack
SYN Flood Attack
DDos Attacks
DoS: Smurf Attack
Malicious Code Attacks
Anatomy of a Worm Attack
Mitigating Worm Attacks
Malicious Code Attacks
Malicious Code Attacks
General Mitigation Techniques
General Mitigation Techniques
General Mitigation Techniques
Intrusion Detection and Prevention
Host-based Intrusion Detection Systems
Common Security Appliances and Applications
The Network Security Wheel
Secure Network
Monitor Network
Test Secure
Improve Secure
What is a Security Policy?
Components of a Security Policy
Safeguard a Router
Password-Protecting a Router
Configure the Line-Level Password
Enable Password
Cisco-Proprietary Password Encryption
Enhanced Username Password Security
Hardening Login
Hardening Login
Securing Administrative Access to Routers
Securing Administrative Access to Routers
Implementing SSH to Secure Remote Administrative Access
Configuring SSH Security
Configuring SSH Security
Configuring SSH Security
Configuring SSH Security
Slide Number 84
Why is Syslog Important?
Log Output Destination
Syslog System
Syslog Severity Levels
Syslog Severity Levels Examples
Structure of a Syslog Message
Configuring for Syslog
Configuring for Syslog
Configuring for Syslog
Slide Number 94
Vulnerable Router Services and Interfaces
Vulnerable Router Services and Interfaces
Cisco Auto Secure
Cisco Auto Secure
Routing Protocol Authentication Overview
Routing Protocol Authentication Overview
Routing Protocol Authentication Overview
Routing Protocol Authentication
Slide Number 103
What is Cisco SDM?
Cisco SDM Features
Configuring Your Router to Support Cisco SDM
Starting Cisco SDM
Cisco SDM Home Page Overview
About Your Router Area
Configuration Overview Area
Cisco SDM Wizards
http://www.cisco.com/cdc_content_elements/flash/sdm/demo.htm?NO_NAV
Locking Down a Router with Cisco SDM
Locking Down a Router with Cisco SDM
Slide Number 115
Maintaining Cisco IOS Software Image
Maintaining Cisco IOS Software Image
Maintaining Cisco IOS Software Image
Maintaining Cisco IOS Software Image
Cisco IOS File Systems and Devices
Cisco IOS File Systems and Devices
Cisco IOS File Systems and Devices
URL Prefixes for Cisco Devices
Commands for Managing Configuration Files
Cisco IOS File Naming Conventions
Using TFTP Servers to Manage IOS Images
Backing Up IOS Software Image
Upgrading IOS Software Images
Slide Number 129
Restoring IOS Software Images
Using xmodem to Restore an IOS Image
Slide Number 132
Cisco IOS Troubleshooting Commands
Using the show Command
Using the debug Command
Considerations when using the debug Command
Commands Related to the debug Command
Password Recovery
Router Password Recovery Procedure
Router Password Recovery Procedure
Router Password Recovery Procedure
Router Password Recovery Procedure
Slide Number 143