Spencer supplies stock is currently selling

Security+ Guide to Network Security Fundamentals, Fourth Edition

Chapter 6

Network Security

1

Security Through Network Devices

Not all applications designed, written with security in mind

Network must provide protection

Networks with weak security invite attackers

Aspects of building a secure network

Network devices

Network technologies

Design of the network itself

Security+ Guide to Network Security Fundamentals, Fourth Edition

2

2

Standard Network Devices

Security features found in network hardware

Provide basic level of security

Open Systems Interconnection (OSI) model

Network devices classified based on function

Standards released in 1978, revised in 1983, still used today

Illustrates:

How network device prepares data for delivery

How data is handled once received

Security+ Guide to Network Security Fundamentals, Fourth Edition

3

3

4

Table 6-1 OSI reference model

Using the seven layers of the OSI model, we can explore more fully how data can be transferred between two networked computers

4

Standard Network Devices

Hubs

Connect multiple Ethernet devices together:

To function as a single network segment

Ignorant of data source and destination

Rarely used today because of inherent security vulnerability

5

Switches

Can forward frames sent to that specific device or broadcast to all devices

Use MAC address to identify devices

Provide better security than hubs

5

Security+ Guide to Network Security Fundamentals, Fourth Edition

6

Figure 6-1 Port mirroring

© Cengage Learning 2012

6

Standard Network Devices (cont’d.)

Network administrator should be able to monitor network traffic

Helps identify and troubleshoot network problems

Traffic monitoring methods

Port mirroring

Network tap (test access point)

Sniffer Software

Security+ Guide to Network Security Fundamentals, Fourth Edition

7

7

8

Sniffer Software

Switch Defenses

Use a switch that can close ports with too many MAC addresses

Configure the switch so that only one port can be assigned per MAC address

Use an ARP detection appliance

Secure the switch in a locked room

Keep network connections secure by restricting physical access

8

Standard Network Devices

Load balancers

Help evenly distribute work across a network

Allocate requests among multiple devices

Ex: port 80 for web HTTP

Laymance Apache Load Balancers

9

9

Load Balancing Security

Security advantages of load balancing

Can stop attacks directed at a server or application

Can detect and prevent denial-of-service attacks

Some can deny attackers information about the network

Hide HTTP error pages

Remove server identification headers from HTTP responses

Security+ Guide to Network Security Fundamentals, Fourth Edition

10

10

Removing Headers for Server Security

Typically we have 3 response headers which many people want to remove for security reason.

Server - Specifies web server version.

X-Powered-By - Indicates that the website is "powered by ASP.NET."

X-AspNet-Version - Specifies the version of ASP.NET used.

msdn blogs

Security+ Guide to Network Security Fundamentals, Fourth Edition

11

11

Security+ Guide to Network Security Fundamentals, Fourth Edition

12

Hardware-based network firewall inspects packets

Looks deeply into packets that carry HTTP traffic

Web browsers, FTP

Can block specific sites or specific known attacks

Can block XSS and SQL injection attacks

Firewalls

12

Security+ Guide to Network Security Fundamentals, Fourth Edition

13

Proxy Servers and Reverse Proxy

Computer or application that intercepts and processes user requests

Reverse proxy

Routes incoming requests to correct server

Reverse proxy’s IP address is visible to outside users

Internal server’s IP address hidden

Stronger security

Intercept malware

Hide client system’s IP address

13

Security+ Guide to Network Security Fundamentals, Fourth Edition

14

Figure 6-5 Configuring access to proxy servers

© Cengage Learning 2012

14

Security+ Guide to Network Security Fundamentals, Fourth Edition

15

Figure 6-6 Reverse proxy

© Cengage Learning 2012

Reverse Proxy Server

I am now the user

15

Network Security Hardware (cont’d.)

Spam filters

Enterprise-wide spam filters block spam before it reaches the host

Email systems use three protocols

Simple Mail Transfer Protocol (SMTP)

Handles outgoing mail

Post Office Protocol (POP)

Handles incoming mail

Internet Message Access Protocol (IMAP)

Handles reading email from many different devices

Security+ Guide to Network Security Fundamentals, Fourth Edition

16

16

Network Security Hardware (cont’d.)

Security+ Guide to Network Security Fundamentals, Fourth Edition

Spam filters installed with the SMTP server

Filter configured to listen on port 25

Pass non-spam e-mail to SMTP server listening on another port

Method prevents SMTP server from notifying spammer of failed message delivery

Roll MS Outlook Junk Email Filter

17

17

Network Security Hardware (cont’d.)

Virtual private network (VPN)

Uses unsecured network as if it were secure

All data transmitted between remote device and network is encrypted

Hardware-based generally have better security

Software-based have more flexibility in managing network traffic

Security+ Guide to Network Security Fundamentals, Fourth Edition