Network security overview and labs .pptx
ahmedsameh79722
11 views
50 slides
Sep 09, 2024
Slide 1 of 50
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
About This Presentation
security overview
Slide Content
Network security Firewall Essentials Fortinet
Agenda Understanding the security Threats TCP/IP model What is the firewall Types of firewall Deployment modes of firewall
Passive Attacks Eavesdropping : Listen to packets from other parties = Sniffing Traffic Analysis : Learn about network from observing traffic patterns Footprinting : Test to determine software installed on system = Network Mapping B Packet A C Bob Jennie Carl
Some Active Attacks Denial of Service: Message did not make it; or service could not run Masquerading or Spoofing : The actual sender is not the claimed sender Message Modification : The message was modified in transmission Packet Replay : A past packet is transmitted again in order to gain access or otherwise cause damage
Maintaining network security Security Threats Viruses and worms Trojan horses SPAMs Phishing Packet sniffers Passwords attacks Zombie computers DoS / DDoS
Man-in-the-Middle Attack 10.1.1.1 10.1.1.2 10.1.1.3 (1) Login (3) Password (2) Login (4) Password
Exploit/Maintain Access Backdoor Trojan Horse Spyware/Adware Bots User-Level Rootkit Kernel-Level Rootkit Replaces system executables: e.g. Login, ls, du Replaces OS kernel: e.g. process or file control to hide Control system: system commands, log keystrokes, pswd Useful utility actually creates a backdoor. Slave forwards/performs commands; spreads, list email addrs , DOS attacks Spyware: Collect info: keystroke logger, collect credit card #s, AdWare : insert ads, filter search results
Distributed Denial of Service Zombies Victim Attacker Handler Can barrage a victim server with requests, causing the network to fail to respond to anyone Russia Bulgaria United States Zombies
Filters/ACL Route Filter : Verifies sources and destination of IP addresses Packet Filter : Scans headers of packets and discards if ruleset failed (e.g., Firewall or router) Content Filter : Scans contents of packets and discards if ruleset failed (e.g., Intrusion Prevention System or firewall) The good, the bad & the ugly… Filter The bad & the ugly The Good
Protecting the Network
Maintaining network security IDS/IPS Network IDS=NIDS Examines packets for attacks Can find worms, viruses, org-defined attacks Warns administrator of attack IPS=Packets are routed through IPS Host IDS=HIDS Examines actions or resources for attacks Recognize unusual or inappropriate behavior E.g., Detect modification or deletion of special files Router Firewall IDS
Maintaining network security IDS
What is a firewall?
What is software firewall & hardware firewall?
Router External DNS IDS Web Server E-Commerce VPN Server IDS Protected Internal Network Zone IDS Database/File Servers Internet Firewall Separate Zones Demilitarized Zone With Proxy Interface Screened Host The router serves as a screen for the Firewall, preventing Denial of Service attacks to the Firewall. Screening Device Firewall
Types of firewall
Personal firewall
What is network firewall ?
Packet Filter Firewall Web Request Ping Request FTP request Email Connect Request Web Response Telnet Request Email Response SSH Connect Request DNS Request Email Response Web Response Illegal Source IP Address Illegal Dest IP Address Microsoft NetBIOS Name Service
Packet filtering firewall
Proxy firewall
Statfull firewall
UTM (Unified Threat Management)
NGFW (Next Generation Firewall)
Deployment Mode
Wireshark tool Explnation Http sniffing Wireshark Lab
Pppoe server cisco How to configure a PPPoe Server and Client How to configure a PPPoe Server and Client using GNS3 (youtube.com)
Fortigate firewall Installing virtual firewall Configuring basic CLI configuration
Configuring interfaces CLI Config system interface Edit port1 Set mode static Set ip 192.168.1.1/24 Set alias LAN Set Allow access ssh https telnet fgfm ping End
Configuring pppoe interfaces Config system interface Set mode pppoe Set username admin Set password systel Set alias wan Set role wan End
Configuring dhcp server Config system dhcp server Config ip -range Edit 1 Set start ip 192.168.1.2 Set end ip 192.168.1.100 Next End Set default- gatway 192.168.1.1 Set netmask 255.255.255.0 set interface port 1 -------------------------- assign it to the LAN interface Show ---------------------------------------------- to verifie
Configuring static routes Config router static Edit 1 Set dst 0.0.0.0 0.0.0.0 Set device port 2 --------------------- assign the rout to the wan interface Set dynamic-gateway enable End
IPsec Day-07 | How to Configure IPSec VPN between Fortigate Firewall | Fortigate firewall for Beginners (youtube.com)
Policy to route internal network to wan or internet Edit 1 Set name “internet access” Set srcintf port 1 -------------------port 1 is configured as lan interface Set dstintf port 2 -------------------port 2 is wan interface Set srcaddr all Set distaddr all Set schedual always Set service all Set action accept Set nat enable End
Fortigate Lab
IPsec connection How to configure VPN connection between 2 firewalles
Tags
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 11
- Slides 50
- Age 448 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
45 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views