An overview of network security covering firewalls, IDS/IPS systems, traffic shaping and monitoring, and practical ways to get started learning network security.
2. Get in touch with us
Mailing List - Sign in and check “Add to Mailing List”
Website - csg.utdallas.edu
Slack - #csg on ecsutd.slack.com
Email - utdcsg@gmail.com
2
3. Announcements
Lab Hangouts - ECSS 4.619 - 4 PM Thursday - February 15
Pentesting Session - FO 1.202 February 24th, 1 - 4pm
State Farm CTF Sign-up - March 5th - 12th
3
4. Network Based Security Overview
1. Networking Overview
a. Basics
b. Securing your infrastructure
2. Firewall
a. Services
b. Rules
c. Tools
3. Monitoring
a. Performance Monitoring
b. Packet Monitoring
c. Intrusion Detection Systems
4. IDS/IPS Rules
a. Snort
b. Surricata
c. Pfsense
5. Network Security Policies
a. Security culture
b. Mitigating social engineering
threats
10. Basics of a firewall
Firewall acts as a gate for traffic on a network
Setting rules sets what traffic can enter and exit the network
Allow traffic through some ports and disallow from others
Block certain ports and ip address from accessing the network or reaching out.
16. Performance Monitoring
Why monitor Performance of a system:
Look for unusual cpu usage and unusual bandwidth in the network
Seeing Usage during non-work hours maybe be a result of someone breaking
into the network
19. Intrusion Detection Systems
A system that logs all incoming and outgoing traffic and alerts based
on a rule set created by the user
Most IDS Systems also have rule sets for denying/reject traffic if the
traffic matches the key
21. Snort
Open Source tool that allows you to monitor different interface on a
router or specific device for key rule sets
Installation can be done on network level or user level
Can be set to block traffic as well as alert
22. Snort Rule Set
Basic Rule Set:
Alert tcp any any -> any any (msg:”You’ve got traffic”)
More Specific Rules:
Alert tcp $EXTERNAL_NET any -> 192.168.3.0/24 80 (msg”You got port 80 traffic on
192.168.3.0” classtype: web-application)
27. A Word On Culture
● We’re not going to bore you with the gritty details of developing
comprehensive network security policies.
● The Story of Olga from Accounting
● Social Engineering Threats
28. Mitigating Social Engineering Threats
● Fix the IT Security culture.
● No more “stupid users.”
● Make users a part of your security team.
○ Turn a weakness into a resource.
https://www.youtube.com/watch?v=JsVtHqICeKE