24-02-2011, 03:29 PM
presentrd by:
V.KARTHIKA
[attachment=9097]
NETWORK SECURITY
DIFFERENT KINDS OF THREATS
Physical breakdowns
Operating mistakes
Planning mistakes
Intentional attacks for fun and profit
Own personnel is usually considered the largest security threat
EAVES DROPPING
Requires access to the network media
Getting access to Internet backbone networks is more difficult but not impossible
Traffic can be selected based on IP and port addresses
TOOLS FOR EAVES DROPPING
Some operating systems include tools
Commercial and freely available tools from the net
SPOOFING
Fake E-mail
IP sender address forgery (IP spoofing)
Man in the Middle
A.k.a. bucket brigade attack
Attacker gets full access to the traffic
FAULTS IN SOFTWARE
Both in operating system’s TCP/IP stack and in application servers
Attacker can get full or partial control of software
CAUSES OF SOFTWARE VULNERABILITIES
Design mistakes and unforeseen requirements
Programming mistakes
Installation and configuration mistakes
Software component interaction
V.KARTHIKA
[attachment=9097]
NETWORK SECURITY
DIFFERENT KINDS OF THREATS
Physical breakdowns
Operating mistakes
Planning mistakes
Intentional attacks for fun and profit
Own personnel is usually considered the largest security threat
EAVES DROPPING
Requires access to the network media
Getting access to Internet backbone networks is more difficult but not impossible
Traffic can be selected based on IP and port addresses
TOOLS FOR EAVES DROPPING
Some operating systems include tools
Commercial and freely available tools from the net
SPOOFING
Fake E-mail
IP sender address forgery (IP spoofing)
Man in the Middle
A.k.a. bucket brigade attack
Attacker gets full access to the traffic
FAULTS IN SOFTWARE
Both in operating system’s TCP/IP stack and in application servers
Attacker can get full or partial control of software
CAUSES OF SOFTWARE VULNERABILITIES
Design mistakes and unforeseen requirements
Programming mistakes
Installation and configuration mistakes
Software component interaction