SlideShare una empresa de Scribd logo

Topics in network security

Nasir Bhutta
Nasir Bhutta

VPN, Malware Analysis, Digital Forensics, Penetration Testing, Firewalls etc.

Tecnología
1 de 11
Descargar para leer sin conexión
Dr. M Nasir Mumtaz Bhutta Institute of Computing Bahauddin Zakariya University Multan, Punjab, 60,000 Pakistan Email: bhutta.nasir@gmail.com www.bzu.edu.pk Network Security Course Miscellaneous Topics 12 January 2014
Dr. M N M Bhutta www.bzu.edu.pk Secure Socket Layer/ Transport Layer Security • Transport Layer Security (TLS) and its predecessors Secure Socket Layer (SSL) provides security (confidentiality & integrity) at transport layer in TCP/IP stack and at session layer in OSI model. • Client and Server should setup a TLS connection before communicating securely with each other. • It uses PKI for secure channel setup and exchanges symmetric session key. • Symmetric cryptography is used for main security operations. • SSL has been superseded by TLS. Current TLS version is 1.2 and TLS 1.3 is available in draft version. 2
Dr. M N M Bhutta www.bzu.edu.pk Virtual Private Network (VPN) • VPN extends private networks across public network (internet). • Enables computer and network devices to send and receive data across public network as if they are on private networks. • Major implementations of VPN include OpenVPN and IPsec. 3
Dr. M N M Bhutta www.bzu.edu.pk Firewall • A system to control the incoming and outgoing traffic based on applied rules. – Packet filtering can control the traffic e.g. source and destination IP addresses, port No etc. – The information about connection and packets can be used to filter the packets (e.g. packets passing for existing connections, new connection packets etc.) – The traffic can be controlled on all layers up to application layer (e.g. information about protocols can be used to filter the traffic like DNS, HTTP etc.) 4
Dr. M N M Bhutta www.bzu.edu.pk Malwares • Common Malwares: 5
Dr. M N M Bhutta www.bzu.edu.pk Malware Analysis/Reverse Engineering • Art of dissection of malware: – To provide information about intrusion/attack (what exactly happened). – The goal is exactly to find out: what a suspect binary program can do, how to detect it, and how to measure and contain its damage. • Host based signatures and network based signatures are used to detect malwares on computers and networks. • Most often malware analysis is performed on executable files using following techniques: – Basic and Advanced Static Analysis – Basic and Advanced Dynamic Analysis 6
Dr. M N M Bhutta www.bzu.edu.pk Malware Analysis/Reverse Engineering – II • Basic Static Analysis – It is performed on executable file without actually running it and without viewing the instructions code. – It answers whether file is malicious, provide information about its functionality and some times to produce network signatures to detect malwares. • Advanced Static Analysis – It is performed by dissecting the malware executable by loading it into disassembler and looking into its instructions to find out what malware do. • Basic dynamic Analysis – It involves running the malware and observing its behaviour on the system in order to remove the files, produce effective signatures. • Advanced Dynamic Analysis – It involves debugging the internal state of malicious executable. 7
Dr. M N M Bhutta www.bzu.edu.pk Penetration Testing/Ethical Hacking (Web and Infrastructure Hacking) • Penetration testing is legal and authorized exploitation of computer systems to make them more secure. • Penetration testing is performed in following phases: – Reconnaissance: collecting detailed information about system (e.g. all machines IP addresses etc. ) – Scanning: 1. Port Scanning (finding open ports on systems and services being run). 2. Vulnerability Scanning (finding known vulnerabilities for services running on the system) – Exploitation: Attacking the system for the found vulnerabilities. – Maintaining Access: After exploitation, creating a permanent backdoor for easy access to the system later on. – Reporting: Details about the found issues, detailed procedures and presenting solutions to mitigate the security issues found. 8
Dr. M N M Bhutta www.bzu.edu.pk Digital Forensics (Computer & Network Forensics) • It is defined as application of science to law. • It is the application of collection, examination and analysis of data while preserving the integrity of data and chain of custody. • The process usually consists of following phases: – Collection: Identifying, collecting, labelling and storing data. – Examination: Assessing and extracting particular interest of data. – Analysis: Analysing the data using legally justifiable techniques. – Reporting: Reporting results of analysis (actions to be taken to secure against vulnerabilities, information about crime/attack etc) 9
Dr. M N M Bhutta www.bzu.edu.pk10 Practice ! Don’t try at home and/or without required permissions
Dr. M N M Bhutta www.bzu.edu.pk11 Thanks for listening ! »Questions ?

Recomendados

Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Network security
Network security Network security
Network security
Madhumithah Ilango
 
Network security
Network securityNetwork security
Network security
Nkosinathi Lungu
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
hruth
 
Nessus-Vulnerability Tester
Nessus-Vulnerability TesterNessus-Vulnerability Tester
Nessus-Vulnerability Tester
Aditya Jain
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
Allan Pratt MBA
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
ANIKETKUMARSHARMA3
 

Recomendados

Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Network security
Network security Network security
Network security
Madhumithah Ilango
 
Network security
Network securityNetwork security
Network security
Nkosinathi Lungu
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
hruth
 
Nessus-Vulnerability Tester
Nessus-Vulnerability TesterNessus-Vulnerability Tester
Nessus-Vulnerability Tester
Aditya Jain
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
Allan Pratt MBA
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
ANIKETKUMARSHARMA3
 
Network security
Network securityNetwork security
Network security
Estiak Khan
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Ramiro Cid
 
Network Security
Network SecurityNetwork Security
Network Security
Raymond Jose
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
Phannarith Ou, G-CISO
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
itmind4u
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
 
Cyber security
Cyber securityCyber security
Cyber security
Aman Pradhan
 
Network forensic
Network forensicNetwork forensic
Network forensic
Manjushree Mashal
 
Network security
Network securityNetwork security
Network security
quest university nawabshah
 
Network security ppt
Network security pptNetwork security ppt
Network security ppt
OECLIB Odisha Electronics Control Library
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?
btpsec
 
Software security
Software securitySoftware security
Software security
Roman Oliynykov
 
Cybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacksCybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacks
sommerville-videos
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
Dilum Bandara
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
SAIKAT BISWAS
 
What is a Server
What is a ServerWhat is a Server
What is a Server
Kuwait10
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
MD. SHORIFUL ISLAM
 
IP Security and its Components
IP Security and its ComponentsIP Security and its Components
IP Security and its Components
Mohibullah Saail
 
Ch 4: Footprinting and Social Engineering
Ch 4: Footprinting and Social EngineeringCh 4: Footprinting and Social Engineering
Ch 4: Footprinting and Social Engineering
Sam Bowne
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics Intro
Jake K.
 
Investigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a SecureInvestigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a Secure
Firas Alsayied
 
Network sec 1
Network sec 1Network sec 1
Network sec 1
Jasleen Kaur
 

Más contenido relacionado

La actualidad más candente

Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
 

La actualidad más candente (20)

Network security
Network securityNetwork security
Network security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Network Security
Network SecurityNetwork Security
Network Security
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Network forensic
Network forensicNetwork forensic
Network forensic
 
Network security
Network securityNetwork security
Network security
 
Network security ppt
Network security pptNetwork security ppt
Network security ppt
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?
 
Software security
Software securitySoftware security
Software security
 
Cybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacksCybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacks
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
 
What is a Server
What is a ServerWhat is a Server
What is a Server
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
 
IP Security and its Components
IP Security and its ComponentsIP Security and its Components
IP Security and its Components
 
Ch 4: Footprinting and Social Engineering
Ch 4: Footprinting and Social EngineeringCh 4: Footprinting and Social Engineering
Ch 4: Footprinting and Social Engineering
 
Network Forensics Intro
Network Forensics IntroNetwork Forensics Intro
Network Forensics Intro
 

Similar a Topics in network security

Investigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a SecureInvestigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a Secure
Firas Alsayied
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself
Alert Logic
 
Chapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdfChapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdf
AschalewAyele2
 
J_McConnell_LabReconnaissance
J_McConnell_LabReconnaissanceJ_McConnell_LabReconnaissance
J_McConnell_LabReconnaissance
Juanita McConnell
 
Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...
Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...
Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...
RootedCON
 
Network Analysis Mini Project 2.pptx
Network Analysis Mini Project 2.pptxNetwork Analysis Mini Project 2.pptx
Network Analysis Mini Project 2.pptx
talkaton
 

Similar a Topics in network security (20)

Investigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a SecureInvestigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a Secure
 
Network sec 1
Network sec 1Network sec 1
Network sec 1
 
Ccna sec 01
Ccna sec 01Ccna sec 01
Ccna sec 01
 
Ethical hacking presentation.pptx
Ethical hacking presentation.pptxEthical hacking presentation.pptx
Ethical hacking presentation.pptx
 
Network security
Network securityNetwork security
Network security
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself
 
VMI based malware detection in virtual environment
VMI based malware detection in virtual environmentVMI based malware detection in virtual environment
VMI based malware detection in virtual environment
 
Internet security
Internet securityInternet security
Internet security
 
Chapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdfChapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdf
 
Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters Cyber Security - Firewall and Packet Filters
Cyber Security - Firewall and Packet Filters
 
Network traffic analysis with cyber security
Network traffic analysis with cyber securityNetwork traffic analysis with cyber security
Network traffic analysis with cyber security
 
J_McConnell_LabReconnaissance
J_McConnell_LabReconnaissanceJ_McConnell_LabReconnaissance
J_McConnell_LabReconnaissance
 
ML13198A410.pdf
ML13198A410.pdfML13198A410.pdf
ML13198A410.pdf
 
ML13198A410.pdf
ML13198A410.pdfML13198A410.pdf
ML13198A410.pdf
 
ML13198A410.pdf
ML13198A410.pdfML13198A410.pdf
ML13198A410.pdf
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewalls
 
Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...
Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...
Jaime Blasco - Fighting Advanced Persistent Threat (APT) with Open Source Too...
 
Network forensics
Network forensicsNetwork forensics
Network forensics
 
Firewalls
FirewallsFirewalls
Firewalls
 
Network Analysis Mini Project 2.pptx
Network Analysis Mini Project 2.pptxNetwork Analysis Mini Project 2.pptx
Network Analysis Mini Project 2.pptx
 

Más de Nasir Bhutta

Cyber Security: Trends and Globar War
Cyber Security: Trends and Globar WarCyber Security: Trends and Globar War
Cyber Security: Trends and Globar War
Nasir Bhutta
 
Introduction to Delay/Disruption Tolerant Networking and Applications
Introduction to Delay/Disruption Tolerant Networking and ApplicationsIntroduction to Delay/Disruption Tolerant Networking and Applications
Introduction to Delay/Disruption Tolerant Networking and Applications
Nasir Bhutta
 
Cloud computing overview & current research
Cloud computing overview & current researchCloud computing overview & current research
Cloud computing overview & current research
Nasir Bhutta
 

Más de Nasir Bhutta (13)

Blockchain for Interdisciplinary Research
Blockchain for Interdisciplinary ResearchBlockchain for Interdisciplinary Research
Blockchain for Interdisciplinary Research
 
Basics of Blockchain Technology
Basics of Blockchain TechnologyBasics of Blockchain Technology
Basics of Blockchain Technology
 
secure smart cities
secure smart cities secure smart cities
secure smart cities
 
Ccsit cyberlympics 2017 workshop 3 - presentation
Ccsit cyberlympics 2017 workshop 3 - presentationCcsit cyberlympics 2017 workshop 3 - presentation
Ccsit cyberlympics 2017 workshop 3 - presentation
 
Introduction to Ethical Hacking
Introduction to Ethical Hacking Introduction to Ethical Hacking
Introduction to Ethical Hacking
 
Penetration Testing Execution Phases
Penetration Testing Execution Phases Penetration Testing Execution Phases
Penetration Testing Execution Phases
 
Different types of networks
Different types of networksDifferent types of networks
Different types of networks
 
Cyber security laws
Cyber security lawsCyber security laws
Cyber security laws
 
Introduction to Secure Delay/Disruption Tolerant Networks (DTN)
Introduction to Secure Delay/Disruption Tolerant Networks (DTN)Introduction to Secure Delay/Disruption Tolerant Networks (DTN)
Introduction to Secure Delay/Disruption Tolerant Networks (DTN)
 
Multilayer Security Architecture for Internet Protocols
Multilayer Security Architecture for Internet ProtocolsMultilayer Security Architecture for Internet Protocols
Multilayer Security Architecture for Internet Protocols
 
Cyber Security: Trends and Globar War
Cyber Security: Trends and Globar WarCyber Security: Trends and Globar War
Cyber Security: Trends and Globar War
 
Introduction to Delay/Disruption Tolerant Networking and Applications
Introduction to Delay/Disruption Tolerant Networking and ApplicationsIntroduction to Delay/Disruption Tolerant Networking and Applications
Introduction to Delay/Disruption Tolerant Networking and Applications
 
Cloud computing overview & current research
Cloud computing overview & current researchCloud computing overview & current research
Cloud computing overview & current research
 

Último

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Último (20)

CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Topics in network security

  • 1. Dr. M Nasir Mumtaz Bhutta Institute of Computing Bahauddin Zakariya University Multan, Punjab, 60,000 Pakistan Email: bhutta.nasir@gmail.com www.bzu.edu.pk Network Security Course Miscellaneous Topics 12 January 2014
  • 2. Dr. M N M Bhutta www.bzu.edu.pk Secure Socket Layer/ Transport Layer Security • Transport Layer Security (TLS) and its predecessors Secure Socket Layer (SSL) provides security (confidentiality & integrity) at transport layer in TCP/IP stack and at session layer in OSI model. • Client and Server should setup a TLS connection before communicating securely with each other. • It uses PKI for secure channel setup and exchanges symmetric session key. • Symmetric cryptography is used for main security operations. • SSL has been superseded by TLS. Current TLS version is 1.2 and TLS 1.3 is available in draft version. 2
  • 3. Dr. M N M Bhutta www.bzu.edu.pk Virtual Private Network (VPN) • VPN extends private networks across public network (internet). • Enables computer and network devices to send and receive data across public network as if they are on private networks. • Major implementations of VPN include OpenVPN and IPsec. 3
  • 4. Dr. M N M Bhutta www.bzu.edu.pk Firewall • A system to control the incoming and outgoing traffic based on applied rules. – Packet filtering can control the traffic e.g. source and destination IP addresses, port No etc. – The information about connection and packets can be used to filter the packets (e.g. packets passing for existing connections, new connection packets etc.) – The traffic can be controlled on all layers up to application layer (e.g. information about protocols can be used to filter the traffic like DNS, HTTP etc.) 4
  • 5. Dr. M N M Bhutta www.bzu.edu.pk Malwares • Common Malwares: 5
  • 6. Dr. M N M Bhutta www.bzu.edu.pk Malware Analysis/Reverse Engineering • Art of dissection of malware: – To provide information about intrusion/attack (what exactly happened). – The goal is exactly to find out: what a suspect binary program can do, how to detect it, and how to measure and contain its damage. • Host based signatures and network based signatures are used to detect malwares on computers and networks. • Most often malware analysis is performed on executable files using following techniques: – Basic and Advanced Static Analysis – Basic and Advanced Dynamic Analysis 6
  • 7. Dr. M N M Bhutta www.bzu.edu.pk Malware Analysis/Reverse Engineering – II • Basic Static Analysis – It is performed on executable file without actually running it and without viewing the instructions code. – It answers whether file is malicious, provide information about its functionality and some times to produce network signatures to detect malwares. • Advanced Static Analysis – It is performed by dissecting the malware executable by loading it into disassembler and looking into its instructions to find out what malware do. • Basic dynamic Analysis – It involves running the malware and observing its behaviour on the system in order to remove the files, produce effective signatures. • Advanced Dynamic Analysis – It involves debugging the internal state of malicious executable. 7
  • 8. Dr. M N M Bhutta www.bzu.edu.pk Penetration Testing/Ethical Hacking (Web and Infrastructure Hacking) • Penetration testing is legal and authorized exploitation of computer systems to make them more secure. • Penetration testing is performed in following phases: – Reconnaissance: collecting detailed information about system (e.g. all machines IP addresses etc. ) – Scanning: 1. Port Scanning (finding open ports on systems and services being run). 2. Vulnerability Scanning (finding known vulnerabilities for services running on the system) – Exploitation: Attacking the system for the found vulnerabilities. – Maintaining Access: After exploitation, creating a permanent backdoor for easy access to the system later on. – Reporting: Details about the found issues, detailed procedures and presenting solutions to mitigate the security issues found. 8
  • 9. Dr. M N M Bhutta www.bzu.edu.pk Digital Forensics (Computer & Network Forensics) • It is defined as application of science to law. • It is the application of collection, examination and analysis of data while preserving the integrity of data and chain of custody. • The process usually consists of following phases: – Collection: Identifying, collecting, labelling and storing data. – Examination: Assessing and extracting particular interest of data. – Analysis: Analysing the data using legally justifiable techniques. – Reporting: Reporting results of analysis (actions to be taken to secure against vulnerabilities, information about crime/attack etc) 9
  • 10. Dr. M N M Bhutta www.bzu.edu.pk10 Practice ! Don’t try at home and/or without required permissions
  • 11. Dr. M N M Bhutta www.bzu.edu.pk11 Thanks for listening ! »Questions ?