Engineered by Hackers. Presented by Professionals. General Security Concepts Module 00 H c vi n Công Ngh Thông Tin Bách ọ ệ ệ Khoa General Security Concepts  Advanced TCP/IP  Cryptography Basics and Methods  Confidentiality  Integrity  Authentication Methods  Non-Repudiation  Access Control Models  Security Topologies  Risk Concepts  VietNam Information Security Policies H c vi n Công Ngh Thông Tin Bách ọ ệ ệ Khoa Advanced TCP/IP  The OSI Model In the OSI model:  Each layer has a defined networking function  Each layer communicates with the layer above and below it  Layer seven provides services for programs to gain access to the network  Layers one and two define the network’s physical media and related tasks H c vi n Công Ngh Thông Tin Bách ọ ệ ệ Khoa Advanced TCP/IP  The TCP/IP Model A web request moving along the TCP/IP model H c vi n Công Ngh Thông Tin Bách ọ ệ ệ Khoa TCP/IP Protocol Suite TCP/IP OSI TCP TCP UDP UDP ARP ARP IGMP IGMP ICMP ICMP IP Ethernet Ethernet Frame Relay Frame Relay Token Ring Token Ring ATM ATM Application Application Transport Transport Link Link HTTP HTTP FTP FTP SMTP SMTP DNS DNS RIP RIP SNMP SNMP Application Application Transport Transport Network Network Data-Link Data-Link Presentation Presentation Session Session Physical Physical Internet Internet H c vi n Công Ngh Thông Tin Bách ọ ệ ệ Khoa Advanced TCP/IP  The function of IP  Identifies every host with a unique IP address  Identifies every packet with source and destination IP addresses  Manages routing H c vi n Công Ngh Thông Tin Bách ọ ệ ệ Khoa IP Address Classes Five classes defined: A: Decimal 1-126 (127 reserved), first bit is 0 B: Decimal 128-191, first two bits are 10 C: Decimal 192-223, first three bits are 110 Classes A, B & C are used for addressing individual hosts D: Decimal 224-239, first four bits are 1110 Reserved for Multicasting E: Decimal 240-247, first five bits are 11110 Class E is experimental. For additional info on Class E and its future implementation see RFC 1365 H c vi n Công Ngh Thông Tin Bách ọ ệ ệ Khoa IP Address Classes H c vi n Công Ngh Thông Tin Bách ọ ệ ệ Khoa Private IP Address Ranges Class A: 10. 0.0.0 – 10.255.255.255 Class B: 172. 16.0.0 – 172. 31.255.255 Class C: 192.168.0.0 – 192.168.255.255 The 169.254.0.0 network is used by Microsoft for APIPA (Automatic Private IP Addressing). The above addresses are not route-able over the internet. Also, the 127.0.0.0 network ID is used for diagnostics H c vi n Công Ngh Thông Tin Bách ọ ệ ệ Khoa The Subnet Mask  A number that matches the length of the IP address that masks the host bits to reveal only the network ID  The ‘AND’ing process  Default masks: • Class A: 11111111.00000000.00000000.00000000 – 255.0.0.0 • Class B: 11111111.11111111.00000000.00000000 – 255.255.0.0 • Class C: 11111111.11111111.11111111.00000000 – 255.255.255.0 [...]... organization Học viện Công Nghệ Thông Tin Bách Khoa Security Topologies  Security Zones • Internet • Intranet • Extranet • DMZ (Demilitarized Zone)  VLANs (Virtual Local Area Network): allows you to create groups of users and systems and segment them on the network  NAT (Network Address Translation): creates a unique opportunity to assist in the security of a network Originally, NAT extended the... handshake Transport Layer Concepts TCP UDP Connection-oriented Connectionless Slower communications Faster communications Considered reliable Considered unreliable Transport layer Transport layer Học viện Công Nghệ Thông Tin Bách Khoa Analyze the 3-Way handshake TCP Control Flags SYN (S)—Represents the first part of establishing a connection The synchronizing of communication will generally be in the first... Risk Concepts  Asset Identification:  Asset identification is the process in which a company attempts to place a value on the information and systems it has in place  In some cases, the process may be as simple as counting systems and software licenses  These types of physical asset evaluations are part of the normal accounting procedures a business must perform routinely  Risk Assessment  In general, ... attempt to identify the costs of replacing stolen data or systems, the costs of downtime, and virtually any risk factor you can imagine Học viện Công Nghệ Thông Tin Bách Khoa Risk Concepts  Threat Identification: Implementing a security policy requires that you evaluate the risks of both internal and external threats to the data and network ... decrypt messages; it’s used merely for the transmission of keys in a secure manner Học viện Công Nghệ Thông Tin Bách Khoa Using Cryptographic Systems  Cryptographic systems exist for the same reasons that security exists: to provide confidentiality, integrity, authentication, non-repudiation, and access control  Confidentiality: This confidentiality may be intended to prevent the unauthorized disclosure... versions of MD; the most common are MD5, MD4, and MD2.MD5 is the newest version of the algorithm It produces a 128-bit hash, but the algorithm is more complex than its predecessors and offers greater security Học viện Công Nghệ Thông Tin Bách Khoa Understanding Cryptographic Algorithms  Working with Symmetric Algorithms: require both ends of an encrypted message to have the same key and processing . Engineered by Hackers. Presented by Professionals. General Security Concepts Module 00 H c vi n Công Ngh Thông Tin Bách ọ ệ ệ Khoa General Security Concepts  Advanced TCP/IP  Cryptography Basics. services Analyze the 3-Way handshake  Port 23 - Telnet  Port 80 - HTTP (standard Web pages)  Port 443 - Secure HTTP (secure Web pages)  Ports 20 and 21 - FTP  Port 53 - DNS  Port 25 - SMTP H c vi. numbers Analyze the 3-Way handshake  Port 12345 - NetBus  Port 1243 - Sub Seven  Port 27374 - Sub Seven 2.1  Port 31337 - Back Orifice  Port 54320 (TCP) - Back Orifice 2000  Port 54321 (UDP) - Back Orifice