Network Security Fundamentals
Network Security Fundamentals TCOM 562
Popular in Course
Popular in Telecommunications
This 43 page Class Notes was uploaded by Dalton Gerhold on Monday September 28, 2015. The Class Notes belongs to TCOM 562 at George Mason University taught by Staff in Fall. Since its upload, it has received 23 views. For similar materials see /class/215146/tcom-562-george-mason-university in Telecommunications at George Mason University.
Reviews for Network Security Fundamentals
Report this Material
What is Karma?
Karma is the currency of StudySoup.
You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!
Date Created: 09/28/15
TCOM 5 62 Network Security Fundamentals Fall 05 Jerry Martin gmartingmuedu General Information Text book Hackproo ng Your Network Course is overview Lectures attendance is important because I don t believe in reading slides slide bullets are talking points Email is preferred method of communication and is mandatory method for homework submission Assignments Case Studies 3 0 Due approximately once a month 919 1011 117 0 Limited to 1 page single spaced if over 1 pages lose 1 point General Information Topics for each assignment are speci ed Format 1St paragraph describe paper theme 2nd paragraph discuss benefitspros 3r01 paragraph discuss disadvantages cons 4th paragraph discuss personal View Must be own words no right or wrong answers Late submissions get no points All submissions are by email General Information Research Paper 7 10 pages double spaced Select a topic from one of the weeks and submit for approval NLT 11 Oct Due 6 Dec submit Via email Ensure sources are properly cited e g Turabian no more than 40 can be verbatim text Don t just describe topic use analytical thinking Late submissions get no points General Information Tests 0 Midterm 24 Oct Final 13 Dec Format 40 multiple choice TF 4 short answer questions Exam is 2 hours NO lecture after test Grading Case studies 15 5 points each Paper 15 30 points Midterm 35 100 points Comprehensive Final 35 100 points General Information Flow for course Common taxonomy de nition of terms National policy and concerns Threats Defensive tools and measures Continuity of operationsattack recovery Legal and privacy issues and challenges THE WAY IT WAS THEN AND SO IT GROWS INTERNATIONAL coNNEc nvITv Venizn 16 7 61691 1 NOW COLOR THE WORLD BLUE INTERNET INFORMATION SUPER HIGHWAY 51 37 ROVIDES ACCESS TO USER NET v 39 E WITHOUT SINGLE ENTIT TODAY S NETWORK ENVIRONMENT In terconn ectivity E ewer 7A47quot a Ca g 426 Packet witch This lm is far nuncummercial use nnly A Common Language Terms key to entire course use them extensively For orderly examination divided into four general categories E environment G government U underground M miscellaneous Then look at Sandia Lab s incident processing ow A Common Language Environment 8 162432 Root 0 iX Internet V4 IPv4 Internet V6 IPv6 Dark ber GSRs ISPsTier ls A Common Language Government PCIPB OCS DHS WWWdhsgov IAIP NCSD NIPC FedCIRC NCS DoJCCIPS WWWdojgovccips ECTF A Common Language More government CERTCC wwwcertorg CIP HSC PDD 63HSPD7 CWIN J TFGNO NIPP hath 39liElii HirDll EDIE Banana gt News Stories gt Defacement Mirrors gtHacker Magazines phrack 2600 gtHackeroriented Internet Sites gtInternet Relay Chat gtNonProfit and Commercial Computer Security Companies gtHacking Conferences Cons AntiOnline Understanding the Culture h The internet is our playground it s our side of the tracks When you step into it claim your own corner of cyberspace and put up your house Don t expect not to arouse our curiosityquot United Loan Gunmen A Common Language 0 Underground Hacker Cracker Blackhat Miscreant Script kiddie Click kiddie Nicks Idents the Freedmu I11uvLm2nx Euuuurxing A Common Language Underground continued 0 Eblish L33t HaXOr PaxOr Oday Owned Bl Nmap Ema Sgcyrity Scanner Malware 0 Pop 3 box Phish mmxwiue ping map yummy as Detection And a l m l Wblf i newsman Information Assurance is a continuous process As the threat evolves so must our Cosmu Measures A Common Language Still more underground mayhem Sploits Vulnr r glh igh i 7 V 1 n3 Post docs Zombiesoldier Bot Phishing A Common Language And now the rest White hat Gray hat Paypal Cuckoo s Egg Listserves ISACS CCV PGP Fingerprint Net ows A Common Language More miscellaneous o ARIN NCC A l APNIC o ICANN 3 IANA m FIRST NANOG o Bugtl aq o RFCs Out of band SCADA A Common Language Sandia Labs framework for Computer Security Incidents Why is this so important tua o e Frame 0f 4 Common Taxonomv gt Frame 0f CO RFPtf a Reference Shared Definitions Reference Apphcatlon Shared Concepts L Layer Opemmns Common Understanding aw I nforcemen Process corporate Watch Of cer S 39t Physical E Im Y Layer gmeer Common Processes 39 Verbal Reports Written Reports Shared Databases PushPull Web Pages Others What is a taxonomy A taxonomy is a classification scheme that partitions a body of knowledge and de nes the relationship of the pieces Must have these characteristics Mommy wmaw meet cm I c Must be i a Exhaustive El 1 Mutually exclusive e Repeatabile lt lg unambiguous El r Accepted i Useful l3 r Where to start The inability to share data because of non standard terminology is not unique 0 For this reason several computer security taxonomies have already been developed Most comprehensive study done by Sandia Labs in conjunction with Carnegie Mellon University 0 Currently in use at Carnegie Mellon s CERT CC 0 Sandia Report A Common Language for Computer Security Incidents John D Howard and Thomas A Longstaff October 1998 Incident E A Attack V E E E 4 Ev t E E 5 Attackers I Tool Vulnerability Acti0n Target Unauthorized Objectives Result Physical l Increased Challenge Hackers 1 Attack J Deslgn Pmbe Account Access Status Thrills Information S DiSCIOSllI39e 0f Political Sples Exchange Implementatlo can Process Information Gain User Corruption of 39 Financial Terrorlsts Command con guratlon FIOOd Data Information Gain Corporate Script 0139 Denial of Dama e Raiders Program Authentlcate Component Service g Professional Autonomous Bypass Computer Theft of Criminals Agent Resources Vandals Toolkit Spoof Network Voyeurs Distributed Read Internetwork Tool Data Tap Copy Co 110 Steal e ptllal Modify 0 Delete 0 Basic Model A Incident Intrusions T001 Vulnerability Action Target Una gg tized Taxonomy app lied Intruder Intrusion W A Eve mi 5 Tool Vulnerability Action Target Unauthorized Result Physical Force J DeSIgn Probe Information S Disclosure of Exchange Implementath can Process Information C t39 f Flood Data Drum 10n 0 Informatlon Script or C t Denial of Program omponen Service Autonomous Theft of C t Agent Bypass ompu er Resources Toolkit Spoof Network DiStributed Read Internetwork Tool Data Tap Copy Co 110 Steal eptua Modify 0 Delete Objective 1 Intrusion 1 Increased Acess Intruder Tool Vulnerability Acti0n Target Unalgthoftized Obj ective esu Physmal I Probe Account Force Information Scan D1s e of Exchan e Implementatlo 0 Information C t39 f Con guration Flood Data Drum 10n 0 Informatlon Script or Denial of Program Authent1cate Component Service Autonomous Theft of C t Agent Bypass ompu er Resources Toolkit Spoof Network DiStributed Read Internetwork Tool Data Tap Copy Co 110 Steal e ptllal Modify Intrusmn 2 0 Delete 2 Intrusion 2 Root Level Access Intrusion 1 Increased Access Intruder Tool Vulnerability Action Target Unalgthoftized Objective esu Physwal I l Probe Account Force Information I l Scan P Exchange mp ementatlo rocess Information User Corruption of Command con guratlon FIOOd Information Scri t or D 39 l f P Authenticate Component ema 0 Program SerV1ce Autonomous Theft of C t Agent Bypass ompu er Resources Toolkit Spoof Network DiStributed Read Internetwork Tool Data Tap Copy m Modify Intrusion 3 Delete 0 Intruder Intrusion 3 Disclosure of Information Intrusion 2 Root Level Access lntrusion 1 Increased Access Tool Vulnerability Action Target Unauthorized Result Physical Increased Force J DeSIgn l Probe Account Information Implementatlo scan Process Exchange User Corrup lon of Command Con guratlon Flood Data Information Script or Denial of Program Authentlcate Component Service Autonomous Theft of C t Agent Bypass ompu er Resources Toolkit Spoof Network DiStributed Read Internetwork Tool Data Tap Copy Co 110 Steal e ptllal Modify 0 Delete 2 Objective Intrusion 3 Disclosure of Information Intrusion 2 Root Level Access lntrusion 1 Increased Access Intruder T001 Vulnerability Action Target Objective Result Physical Design Probe Account Information Scan User Command Flood Authenticate Autonomous Theft of Bypass Toolkit Spoof Network Tool Data Tap C O o O Delete New de nition Intrusion Set Multiple related intrusions Intrusion Set Multine Events l l l l tnauthorizejll Intruder T001 I ulnerablllt Actlon I Target I Result I Objective H L C O E Who What Why 0 m answer the what 0 Need more information to get to attribution Need to know who 0 Need to know why 4 Who and Why Intrusion Set T001 Action Target I I Attri bution I o 0 Hal Intruder Characterlzatlon Co gt Growing hogtile intent and capability gtFour of the threat Lone or possibly small groups of amateurs without large resources Common hacker tools and techniques used in a nonsophisticated manner I Group Two llndividuals or small groups supported by resources of a business criminal syndicate or other transnational group including terrorists Common tools used in sophisticated manner I Group Three lStatesponsored espionage supported by institutional processes and significant resources I Group Four lSophisticated statesponsored CNA State of the art tools and covert techniques backedup by the resources of a nationstate Actions being conducted in coordination with other arms of the nation lnczdent Intrusion Set V r ILI 7 quot quotII Intruders T001 Vulnpv 39 W V muu 7 w qet Unauthorlzed Objectives r I I I L Challenge 7 iS fTefuTbrill J W 251 Disclo he of u lt N 3171 U ii 7 H L J i gt Corruptlon M 939 L7 Information 11303 Resources L 5 9 yaquot a ristributed Group 4 1 Tool n L 39Ta p Unauthorized Result 39 Intrusions lintm do 11 s quotMajemives39 I Tool Vulnerability Acti0n Target l a mileage use Thrill A IN 96 Disclosure Information Enfon mz ution n Group It oilMil Ga in 5 Co in m an i Corruption of Information namial gain IB39 Program Denial of Service Theft of Group 2 Autonomous Group 3 Toolkit Spoof Diairilmted Tool Read Group 4 Batu Tau Copy Steal Co ptlla Morii39 39 C 0 Delete 0 Intrusions Intruders T001 Vulnerability Action Target Unauthorizec Objectives Result Physical l Increased Challenge Force I Deng Pmbe Account J Access Status Thrill lnformation Disclosure o G l 39 1 0UP Exchange H Implementatlo scan Process I Information Pocl M11 quot ain User Corruption 0 Command Con guratlon Flood Data Information Financial Script or Denial of gain Program Authentlcate Component Service D Autonomous B ass Computer Theft of almage Agent yp Resources Toolkit Spoof Network Distributed Internetwork Group 4 Tool Read Data Tap Copy J t Steal D t b Modify d d Delete The Challenge gtGrowing dependence on information systems gtRapid growth in computer networks gtVunerabiity to inte y dgxternal attack The Internet Bill Cheswick Lucent Technologies Since 1996
Are you sure you want to buy this material for
You're already Subscribed!
Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'