Scribd Logo
Upload

Welcome to Scribd!

  • ISA 656 F07 Review

    Uploaded by

    hknet
    25 views31 pages
    Network Security - ISA 656 Review Angelos Stavrou December 4, 2007 - 7:20pm - 9:30pm, in the Lab (STI-128) Same style of questions as the midterm i'm not asking you to write programs Material the Exam the Exam Material Test Conditions Introduction Cryptography Web Security IPsec Applications Intrusion Detection Worms and Denial of Service If it's in my slides or I said it in class, you're responsible for it.

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Network Security - ISA 656 Review Angelos Stavrou December 4, 2007 - 7:20pm - 9:30pm, in the Lab (STI-128) Same style of questions as the midterm i'm not asking you to write programs Material the Exam the Exam Material Test Conditions Introduction Cryptography Web Security IPsec Applications Intrusion Detection Worms and Denial of Service If it's in my slides or I said it in class, you're responsible for it.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    25 views31 pages

    ISA 656 F07 Review

    Uploaded by

    hknet
    Network Security - ISA 656 Review Angelos Stavrou December 4, 2007 - 7:20pm - 9:30pm, in the Lab (STI-128) Same style of questions as the midterm i'm not asking you to write programs Material the Exam the Exam Material Test Conditions Introduction Cryptography Web Security IPsec Applications Intrusion Detection Worms and Denial of Service If it's in my slides or I said it in class, you're responsible for it.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 31

    Network Security - ISA 656

    Review

    Angelos Stavrou

    December 4, 2007
    The Exam
    The Exam
    The Exam
    ■ 7:20pm - 9:30pm, Thursday, Dec 11th, in the
    Material
    Test Conditions
    Lab (STI-128)
    Introduction
    ■ Same style of questions as the midterm
    Cryptography

    Web Security ■ I’m not asking you to write programs


    IPsec

    Applications

    Intrusion Detection
    Worms and Denial
    of Service

    2 / 31
    Material
    The Exam
    The Exam
    ■ If it’s in my slides or I said it in class, you’re
    Material
    Test Conditions
    responsible for it
    Introduction
    ■ There may be some questions based on the
    Cryptography

    Web Security
    Labs
    IPsec

    Applications
    ■ You’re responsible for the assigned Labs and
    Intrusion Detection Homeworks at about the level of class
    Worms and Denial
    of Service coverage.

    3 / 31
    Test Conditions
    The Exam
    The Exam
    ■ Open book
    Material
    Test Conditions ■ Open notes, posted code, manuals, Labs. . .
    Introduction

    Cryptography ■ You can bring a calculator but save your


    Web Security energy; you won’t need it
    IPsec

    Applications ■ No laptops, IM, Chatting, or phones. . .


    Intrusion Detection
    Worms and Denial
    of Service

    4 / 31
    Terminology
    The Exam ■ Confidentiality, integrity, availability
    Introduction
    Terminology
    Kinds of Threats
    ■ Threats, attacks, and vulnerabilities
    Assets

    Cryptography

    Web Security

    IPsec

    Applications

    Intrusion Detection
    Worms and Denial
    of Service

    5 / 31
    Kinds of Threats
    The Exam ■ Joy hackers
    Introduction
    Terminology
    Kinds of Threats
    ■ Criminals
    Assets

    Cryptography ■ Competitors
    Web Security

    IPsec
    ■ Nation states
    Applications

    Intrusion Detection
    ■ Insiders
    Worms and Denial
    of Service

    6 / 31
    Assets
    The Exam ■ Protect what?
    Introduction
    Terminology
    Kinds of Threats
    ■ Bandwidth, CPU, data, identity
    Assets

    Cryptography ■ Attacker powers?


    Web Security

    IPsec

    Applications

    Intrusion Detection
    Worms and Denial
    of Service

    7 / 31
    Ciphers
    The Exam ■ What is a cryptosystem?
    Introduction

    Cryptography ■ What is a block cipher? What are generic


    Ciphers
    Public Key
    Cryptography
    properties of block ciphers?
    Certificates

    Web Security
    ■ What are the different modes of operation?
    IPsec What are their properties? When would you
    Applications

    Intrusion Detection
    use each mode?
    Worms and Denial
    of Service ■ What is a stream cipher?

    8 / 31
    Public Key Cryptography
    The Exam ■ What is it? What is it good for? Limitations?
    Introduction

    Cryptography ■ How are public key systems used?


    Ciphers
    Public Key
    Cryptography ■ Random numbers and where they come from
    Certificates

    Web Security ■ Digital signatures


    IPsec

    Applications

    Intrusion Detection
    Worms and Denial
    of Service

    9 / 31
    Certificates
    The Exam ■ Trust properties
    Introduction

    Cryptography ■ CAs
    Ciphers
    Public Key
    Cryptography ■ Authorization versus identity certificates
    Certificates

    Web Security ■ Web of trust


    IPsec

    Applications ■ Types of certificates


    Intrusion Detection
    Worms and Denial
    of Service
    ■ Revocation

    10 / 31
    SSL
    The Exam ■ What is SSL?
    Introduction

    Cryptography ■ Client authentication types


    Web Security
    SSL
    Web Certificates
    ■ Properties and requirements
    Browser Security
    Continuing
    Authentication
    ■ Uses
    Web Server Security
    Email Security ■ Trust model
    Phishing
    Defenses

    IPsec

    Applications

    Intrusion Detection
    Worms and Denial
    of Service

    11 / 31
    Web Certificates
    The Exam ■ Root certificates
    Introduction

    Cryptography ■ The browser vendor’s role


    Web Security
    SSL
    Web Certificates
    ■ Bindings
    Browser Security
    Continuing
    Authentication
    ■ Human factors
    Web Server Security
    Email Security
    Phishing
    Defenses

    IPsec

    Applications

    Intrusion Detection
    Worms and Denial
    of Service

    12 / 31
    Browser Security
    The Exam ■ Why is it a problem?
    Introduction

    Cryptography ■ Active content


    Web Security
    SSL
    Web Certificates
    ■ Javascript
    Browser Security
    Continuing
    Authentication
    ■ ActiveX
    Web Server Security
    Email Security
    Phishing
    Defenses

    IPsec

    Applications

    Intrusion Detection
    Worms and Denial
    of Service

    13 / 31
    Continuing Authentication
    The Exam ■ Cookies
    Introduction

    Cryptography ■ Embedded values


    Web Security
    SSL
    Web Certificates
    ■ Cryptographically sealing data
    Browser Security
    Continuing
    Authentication
    Web Server Security
    Email Security
    Phishing
    Defenses

    IPsec

    Applications

    Intrusion Detection
    Worms and Denial
    of Service

    14 / 31
    Web Server Security
    The Exam ■ Why?
    Introduction

    Cryptography ■ Trust model


    Web Security
    SSL
    Web Certificates
    ■ Scripts and their dangers
    Browser Security
    Continuing
    Authentication
    ■ Injection attacks
    Web Server Security
    Email Security ■ Permissions
    Phishing
    Defenses

    IPsec

    Applications

    Intrusion Detection
    Worms and Denial
    of Service

    15 / 31
    Email Security
    The Exam ■ Usual evaluation
    Introduction

    Cryptography ■ How to sign and encrypt?


    Web Security
    SSL
    Web Certificates
    ■ Details
    Browser Security
    Continuing
    Authentication
    ■ Threats: eavesdropping, password theft, spool
    Web Server Security
    Email Security
    file
    Phishing
    Defenses

    IPsec

    Applications

    Intrusion Detection
    Worms and Denial
    of Service

    16 / 31
    Phishing
    The Exam ■ What is it?
    Introduction

    Cryptography ■ How it’s done


    Web Security
    SSL
    Web Certificates
    ■ Tracing
    Browser Security
    Continuing
    Authentication
    Web Server Security
    Email Security
    Phishing
    Defenses

    IPsec

    Applications

    Intrusion Detection
    Worms and Denial
    of Service

    17 / 31
    Defenses
    The Exam ■ Mutual authentication
    Introduction

    Cryptography ■ Personalization
    Web Security
    SSL
    Web Certificates
    ■ DKIM
    Browser Security
    Continuing
    Authentication
    ■ Non-reusable credentials
    Web Server Security
    Email Security ■ (MITM attacks; human factors)
    Phishing
    Defenses

    IPsec

    Applications

    Intrusion Detection
    Worms and Denial
    of Service

    18 / 31
    IPsec
    The Exam ■ What is IPsec, and why?
    Introduction

    Cryptography ■ ESP and AH


    Web Security

    IPsec ■ SPI
    IPsec
    Packet Processing
    Attacking IPsec
    ■ SAs
    Applications

    Intrusion Detection
    ■ Tunnel and transport mode
    Worms and Denial
    of Service

    19 / 31
    Packet Processing
    The Exam ■ Outbound and inbound
    Introduction

    Cryptography ■ SPD and SADB


    Web Security

    IPsec ■ Rule characteristics


    IPsec
    Packet Processing
    Attacking IPsec

    Applications

    Intrusion Detection
    Worms and Denial
    of Service

    20 / 31
    Attacking IPsec
    The Exam ■ Cut-and-paste attacks
    Introduction

    Cryptography ■ Probable plaintext


    Web Security

    IPsec ■ Interactions with other layers


    IPsec
    Packet Processing
    Attacking IPsec

    Applications

    Intrusion Detection
    Worms and Denial
    of Service

    21 / 31
    Applications
    The Exam ■ SSH
    Introduction

    Cryptography ■ SIP
    Web Security

    IPsec ■ Networked storage


    Applications
    Applications
    SSH
    SIP

    Intrusion Detection
    Worms and Denial
    of Service

    22 / 31
    SSH
    The Exam ■ Features
    Introduction

    Cryptography ■ Security model


    Web Security

    IPsec ■ Client authentication


    Applications
    Applications
    SSH
    ■ Connection-forwarding
    SIP

    Intrusion Detection
    ■ SSH Agent
    Worms and Denial
    of Service

    23 / 31
    SIP
    The Exam ■ SIP architecture
    Introduction

    Cryptography ■ What’s at risk?


    Web Security

    IPsec ■ Protecting voice versus signaling


    Applications
    Applications
    SSH
    ■ What type of crypto is used where
    SIP

    Intrusion Detection
    ■ Complex scenarios
    Worms and Denial
    of Service

    24 / 31
    What is IDS?
    The Exam ■ Purpose
    Introduction

    Cryptography ■ Host versus network IDS


    Web Security

    IPsec ■ Logs and traces


    Applications

    Intrusion Detection
    What is IDS?
    Limits of Network
    IDS
    IDS Architecture
    Worms and Denial
    of Service

    25 / 31
    Limits of Network IDS
    The Exam ■ Insertion and evasion attack
    Introduction

    Cryptography ■ Checksum errors


    Web Security

    IPsec ■ TTLs
    Applications

    Intrusion Detection ■ TCP normalization


    What is IDS?
    Limits of Network
    IDS
    IDS Architecture
    Worms and Denial
    of Service

    26 / 31
    IDS Architecture
    The Exam ■ Detector
    Introduction

    Cryptography ■ Database
    Web Security

    IPsec ■ Analyzer
    Applications

    Intrusion Detection ■ Countermeasure


    What is IDS?
    Limits of Network
    IDS ■ Signature versus anomaly
    IDS Architecture
    Worms and Denial
    of Service

    27 / 31
    Worms
    The Exam ■ Worms versus viruses
    Introduction

    Cryptography ■ Spread: program versus social engineering


    Web Security

    IPsec ■ Payloads
    Applications

    Intrusion Detection ■ Spam


    Worms and Denial
    of Service
    Worms
    ■ Detection
    Denial of Service
    Routing Attacks
    Wireless Security

    28 / 31
    Denial of Service
    The Exam ■ Types of DOS attack
    Introduction

    Cryptography ■ TCP attacks


    Web Security

    IPsec ■ DDoS
    Applications

    Intrusion Detection ■ Defenses


    Worms and Denial
    of Service
    Worms
    Denial of Service
    Routing Attacks
    Wireless Security

    29 / 31
    Routing Attacks
    The Exam ■ Why they happen
    Introduction

    Cryptography ■ Goals
    Web Security

    IPsec ■ SBGP, SO-BGP


    Applications

    Intrusion Detection
    Worms and Denial
    of Service
    Worms
    Denial of Service
    Routing Attacks
    Wireless Security

    30 / 31
    Wireless Security
    The Exam ■ Evil twin
    Introduction

    Cryptography ■ Battery lifetime


    Web Security

    IPsec ■ WEP — why the crypto is bad


    Applications

    Intrusion Detection ■ War-driving


    Worms and Denial
    of Service
    Worms
    ■ Access control
    Denial of Service
    Routing Attacks
    Wireless Security

    31 / 31

    You might also like