Chapter VII

Data Security and Integrity

Introduction to Network Security
A network management can be
defined as a system which help to maintain, characterize &
troubleshoot a network.
And Security has moved to the
forefront of network management and implementation.
The overall security challenge is
to find a balance between two important requirements:
the need to open networks to
support evolving business opportunities, and
the need to protect private,
personal, and strategic information
Implementing a Security Policy is
the most important step that an organization can take to protect its
network.
It provides guidelines about
Introduction to Network Security
Why is Network Security Important?
If the security of the network is
compromised, there could be serious consequences, such as
loss of privacy, theft of information,
and even legal liability.
As e-business and Internet applications
continue to grow, finding the balance between being isolated and open is
critical.
In addition, the rise of mobile
commerce and wireless networks demands that security solutions become
seamlessly integrated, more transparent, and more flexible.
As the types of threats, attacks, and
exploits have evolved, various terms have been coined to describe the
individuals involved:
White hat, hacker, black hat,
Introduction to Network Security
When discussing network security, three common factors are :
Vulnerability, Threat & Attack
I. Vulnerability: is the degree of weakness which is inherent in
every network and device.
There are three primary
vulnerabilities or weaknesses:
Technological weaknesses (it
includes TCP/IP protocol, operating system, and network
equipment weaknesses)
Configuration weaknesses
(unsecured accounts, easy passwords, misconfigured
services, etc..)
Security policy weaknesses
The mitigation technique to this
II. Threat: are the people interested and qualified in taking
advantage of each security weakness. Such individuals can be
expected to continually search for new exploits and weaknesses.

The threats use a variety of

tools, scripts, and programs to launch attacks against networks
and network devices.

Typically, the network devices

under attack are the endpoints, such as servers and desktop
computers.
Threat: to the physical infrastructure
The four classes of physical threats are:
Hardware threats -Physical damage
to servers, routers, switches, cabling plant, and workstations
Environmental threats -Temperature
extremes (too hot or too cold) or humidity extremes (too wet or too
Introduction to Network Security
Electrical threats -Voltage spikes,
insufficient supply voltage (brownouts), unconditioned power
(noise), and total power loss

Maintenance threats -Poor

handling of key electrical components (electrostatic discharge),
lack of critical spare parts, poor cabling, and poor labeling

some of the ways to mitigate physical threats:

Hardware threat mitigation

Environmental threat
mitigation

Electrical threat mitigation

Introduction to Network Security
1.Threat: Hardware threat mitigation
Introduction to Network Security
2. Threat: Environmental threat mitigation
Introduction to Network Security
3. Threat: Electrical threat mitigation
 Introduction to Network Security
2. Threat: maintenance threat mitigation
Introduction to Network Security
Threats: to the networks
common computer crimes that
have implications for network security can be grouped into four
primary classes of threats to networks:
Unstructured Threats : consist of
mostly inexperienced individuals using easily available hacking
tools, such as shell scripts and password crackers.
Structured Threats: come from
individuals or groups that are more highly motivated and technically
competent. These people know system vulnerabilities and use
sophisticated hacking techniques to penetrate unsuspecting
businesses.
External Threats: can arise from
individuals or organizations working outside of a company who do
not have authorized access to the computer systems or network.
Internal Threats: occur when
someone has authorized access to the network with either an account
or physical access. Just as for external threats, the severity of an
internal threat depends on the expertise of the attacker.
Introduction to Network Security
Threat: to the networks
Introduction to Network Security
Types of Network Attacks: the four classes of attack

Reconnaissance: is the
unauthorized discovery and mapping of systems, services, or
vulnerabilities. It is also known as information gathering and, in most
cases, it precedes another type of attack.

Access: is the ability for an intruder

to gain access to a device for which the intruder does not have an
account or a password.

Entering or accessing systems

usually involves running a hack, script, or tool that exploits a
known vulnerability of the system or application being attacked.
Introduction to Network Security
Denial of Service: (DoS) is when an
attacker disables or corrupts networks, systems, or services with the intent
to deny services to intended users.

DoS attacks involve either crashing

the system or slowing it down to the point that it is unusable.

But DoS can also be as simple as

deleting or corrupting information. In most cases, performing the
attack involves simply running a hack or script. For these reasons,
DoS attacks are the most feared.

Worms, Viruses and Trojan Horse:

Malicious software can be inserted onto a host to damage or corrupt a
system, replicate itself, or deny access to networks, systems, or services.
Introduction to Network Security
General Mitigation Techniques:

Device Hardening:

When a new operating system is

installed on a computer, the security settings are set to the default values.
In most cases, this level of security is inadequate. The simple steps that
should be taken that apply to most operating systems:

Default usernames and passwords

should be changed immediately.

Access to system resources should

be restricted to only the individuals that are authorized to use those
resources.

Any unnecessary services and

Introduction to Network Security
General Mitigation Techniques
Antivirus Software :
protect against known viruses & trojan
applications: it does this in two ways
It scans files, comparing their
contents to known viruses in a virus dictionary. Matches are flagged
in a manner defined by the end user.
It monitors suspicious processes
running on a host that might indicate infection. This monitoring may
include data captures, port monitoring, and other methods.
Operating System Patches
The most effective way to mitigate a
worm and its variants is to download security updates from the operating
system vendor and patch all vulnerable systems.
Introduction to Network Security
General Mitigation Techniques:

Personal Firewall

Personal computers connected to the

Internet through a dialup connection, DSL, or cable modems are as
vulnerable as corporate networks.

Personal firewalls reside on the PC of the

user and attempt to prevent attacks.

Personal firewalls are not designed for

LAN implementations, such as appliance-based or server-based firewalls, and
they may prevent network access if installed with other networking clients,
services, protocols, or adapters.

Some personal firewall software vendors

Introduction to Network Security
General Mitigation Techniques:
Intrusion Detection and Prevention
Intrusion detection systems (IDS)
detect attacks against a network and send logs to a management console.
Intrusion prevention systems (IPS)
prevent attacks against the network and should provide the following
active defense mechanisms in addition to detection:
Prevention-Stops the detected
attack from executing.
Reaction-Immunizes the system
from future attacks from a malicious source.
Either technology can be implemented
at a network level or host level, or both for maximum protection.
Encryption and Privacy
Maintaining privacy in our personal
communications is something everyone desires. Encryption is a means to
achieve that privacy. It was invented for that very purpose.
Encryption is the process of scrambling
a message so that only the intended recipient can read it.
Cryptography has a long history dating
back at least as far as Julius Caesar, modern cryptographic techniques ,
including many of those used in the internet are based on advances made
in the past 30 years.
Cryptography is used to ensure
confidentiality of messages
Cryptographic techniques allow a
sender to disguise data so that an intruder can gain no information from
the intercepted data.
 The language of cryptography
Alice’s Bob’s
K encryption
A K decryption
key B key

plaintext encryption ciphertext decryption plaintext

algorithm algorithm

symmetric key crypto: sender, receiver keys identical

public-key crypto: encryption key public, decryption key secret
(private)
 Symmetric key cryptography
All cryptographic algorithms involves
substituting one thing for another.
substitution cipher: substituting one thing for another
– monoalphabetic cipher: substitute one letter for another
plaintext: abcdefghijklmnopqrstuvwxyz

ciphertext: mnbvcxzasdfghjklpoiuytrewq

E.g.: Plaintext: bob. i love you. alice

ciphertext: nkn. s gktc wky. mgsbc
 Symmetric key cryptography

K K
A-B A-B

plaintext encryption ciphertext decryption plaintext

message, m algorithm algorithm

symmetric key crypto: Bob and Alice share know same

(symmetric) key: K
• e.g., key is knowing substitution pattern in mono alphabetic
substitution cipher
 Public key cryptography
symmetric key cryptography
• requires sender, receiver know shared secret key
public key cryptography
• radically different approach

• sender, receiver do not share secret key

• public encryption key known to all

• private decryption key known only to receiver

 Public key cryptography
+ Bob’s public
K
B key

- Bob’s private
K
B key

plaintext encryption ciphertext decryption plaintext

message, m algorithm + algorithm message
K (m)
B m = K - (K +(m))
B B
 Digital Signatures
cryptographic technique analogous to hand-written
signatures.
• sender (Bob) digitally signs document, establishing he is
document owner/creator.
• verifiable, nonforgeable: recipient (Alice) can prove to someone
that Bob, and no one else (including Alice), must have signed
document
 Digital Signatures
simple digital signature for message m:
• Bob “signs” m by encrypting with his private key KB, creating
“signed” message, KB(m)

-
Bob’s message, m K B Bob’s private -
K B(m)
key
Dear Alice
Bob’s message,
Oh, how I have missed public key m, signed
you. I think of you all the
time! …(blah blah blah) encryption (encrypted) with
algorithm his private key
Bob
 Digital Signatures (more)
• suppose Alice receives msg m, digital signature KB(m) -
• Alice verifies m signed by Bob by applying Bob’s public key KB to
KB(m) then checks
+ KB-(KB(m) ) = m. -
• if KB(K+B(m)- ) = m, whoever signed m must have used Bob’s private
key.

Alice thus verifies that:

 Bob signed m.
 No one else signed m.
 Bob signed m and not m’.
non-repudiation:
 Alice can take m, and signature KB(m) to court
- and prove that
Bob signed m.
 Authentication Protocols
Three approaches for protection against security threats
a) Protection against invalid operations
b) Protection against unauthorized invocations
c) Protection against unauthorized users
 Authentication

• Question: how does a receiver know that remote

communicating entity is who it is claimed to be?
 Authentication Protocol (AP)
• Ap 1.0
• Alice to Bob: “I am Alice”
• Problem: intruder “Trudy” can also send such a message
• Ap 2.0
• Authenticate source IP address is from Alice’s machine
• Problem: IP Spoofing (send IP packets with a false
address)
• Ap 3.0: use a secret password
• Alice to Bob: “I am Alice, here is my password” (e.g.,
telnet)
• Problem: Trudy can intercept Alice’s password by sniffing
packets
 Authentication Protocol
Ap 3.1: use encryption
• use a symmetric key known to Alice and Bob
• Alice & Bob (only) know secure key for encryption/decryption
• A to B: msg = encrypt("I am A")
• B computes: if decrypt(msg)=="I am A“\
• then A is verified
• else A is fraudulent
• failure scenarios: playback attack
• Trudy can intercept Alice’s message and pretend to be Alice at a later time
• Play Back Attack is a breach of security in which information is stored
without authorization and then retransmitted to trick the receiver into
unauthorized operations such as false identification or authentication or a
duplicate transaction.
• For example, messages from an authorized user who is logging into a
network may be captured by an attacker and resent (replayed) the next day.
• Even though the messages may be encrypted, and the attacker may not
know what the actual keys and passwords are, the retransmission of valid
logon messages is sufficient to gain access to the network.
 Authentication Using Nonces
Problem with AP 3.1: same password is used for all sessions
Solution: use a sequence of passwords pick a "once-in-a-lifetime-
only" number (nonce) for each session
Ap 4.0
 A to B: msg = "I am A" /* note: unencrypted message! */
 B to A: once-in-a-lifetime value, n
 A to B: msg2 = encrypt(n) /* use symmetric keys */
 B computes: if decrypt(msg2)==n
 then A is verified
 else A is fraudulent
 Firewall
• A firewall is a set of related programs, located at a
network gateway server, that protects the resources of a private network
from users of other networks. (The term also implies the security policy
that is used with the programs.)
• An enterprise with an intranet that allows its workers access to the wider
Internet installs a firewall to prevent outsiders from accessing its own
private data resources and for controlling what outside resources its own
users have access to.
• Basically, a firewall, working closely with a router program, examines
each network packet to determine whether to forward it toward its
destination.
• A firewall also includes or works with a proxy server that makes network
requests on behalf of workstation users.
• A firewall is often installed in a specially designated computer separate
from the rest of the network so that no incoming request can get directly
at private network resources.
• There are a number of firewall screening methods.
• A simple one is to screen requests to make sure they come from
acceptable (previously identified) domain name and Internet
Protocol addresses.
• For mobile users, firewalls allow remote access in to the private
network by the use of secure logon procedures and authentication
certificates.
• A number of companies make firewall products.
• Features include logging and reporting, automatic alarms at given
thresholds of attack, and a graphical user interface for controlling
the firewall.
• Computer security borrows this term from firefighting, where it
originated. In firefighting, a firewall is a barrier established to
prevent the spread of fire.
 Virtual Private Network
• A virtual private network (VPN) is a network that uses a public
telecommunication infrastructure, such as the Internet, to provide
remote offices or individual users with secure access to their
organization's network.
• A virtual private network can be contrasted with an expensive
system of owned or leased lines that can only be used by one
organization.
• The goal of a VPN is to provide the organization with the same
capabilities, but at a much lower cost.
• A VPN works by using the shared public infrastructure while
maintaining privacy through security procedures
and tunneling protocols such as the Layer Two Tunneling Protocol
(L2TP).
• In effect, the protocols, by encrypting data at the sending end and
decrypting it at the receiving end, send the data through a "tunnel"
that cannot be "entered" by data that is not properly encrypted.
• An additional level of security involves encrypting not only the
data, but also the originating and receiving network addresses.
 Transport Layer Security(TLS)
• The primary goal of the TLS protocol is to provide privacy and
data integrity between two communicating applications.
• The protocol is composed of two layers:
• The TLS Record Protocol and
• The TLS Handshake Protocol.
• At the lowest level, layered on top of some reliable transport
protocol (e.g., TCP [TCP]), is the TLS Record Protocol.
• The TLS Record Protocol provides connection security
• The connection is private. Symmetric cryptography is used for
data encryption.
• The keys for this symmetric encryption are generated uniquely
for each connection and are based on a secret negotiated by
another protocol (such as the TLS Handshake Protocol).
• The TLS Handshake Protocol provides connection security that
has three basic properties:
• The peer's identity can be authenticated using asymmetric, or
public key, cryptography. This authentication can be made
optional, but is generally required for at least one of the peers.
• The negotiation of a shared secret is secure: the negotiated secret
is unavailable to eavesdroppers, and for any authenticated
connection the secret cannot be obtained, even by an attacker who
can place himself in the middle of the connection.
• The negotiation is reliable: no attacker can modify the
negotiation communication without being detected by the parties
to the communication.
 Documenting a Network Design
• If you are given a request for proposal (RFP),
respond to the request in the exact format that the
RFP specifies
• If no RFP, you should still write a design
document
• Describe your customer’s requirements and how your
design meets those requirements
• Document the budget for the project
• Explain plans for implementing the design
 Typical RFP Response Topics
• A network topology for the new design
• Information on the protocols, technologies, and products that
form the design
• An implementation plan
• A training plan
• Support and service information
• Prices and payment options
• Qualifications of the responding vendor or supplier
• Recommendations from other customers
• Legal contractual terms and conditions
 Contents of a Network Design Document
• Executive summary(leman endeminisera &minaynet organization endehone mestaf)
• Project goal(purpose of the project)
• Project scope(specific location of the project eg BDU building 63 agrii block)
• Design requirements (servers routers cables---)
• Current state of the network (organization ahun bemin aynet network eyetetekeme new)
• New logical and physical design (next slide)
• Results of network design testing (using tracing)
• Implementation plan (cable crimp adrgo lemecheres __day,server and switch configuration ___day…)
• Project budget
 Design Requirements
• Business goals explain the role the network design will play in
helping an organization succeed
• Technical goals include scalability, performance, security,
manageability, usability, adaptability, and affordability
Logical and Physical Design
• Logical design
– Topology
– Models for addressing and naming
– Switching and routing protocols
– Security strategies
– Network management strategies
• Physical design
– Actual technologies and devices
 Implementation Plan
• Recommendations for deploying the network design
• Project schedule
• Including any dates and times for service provider
installations
• Any plans for outsourcing
• Training
• Risks
• A fallback plan if the implementation should fail
• A plan for evolving the design as new requirements arise
 Possible Appendixes
• Detailed topology maps
• Device configurations
• Addressing and naming details
• Network design testing results
• Contact information
• Pricing and payment options
• More information about the company that is
presenting the design
• Annual reports, product catalogs, press releases
• Legal contractual terms and conditions