Lecture 6 of IT security course is about Security in Networks. Lecture start with En.Mohd Zaki gave some introduction to network. A computer network is a system in which computers are connected to share information and resources. The connection can be done as peer to peer or client server. En.Mohd Zaki has given us some revision on types of network, network topology and ISO reference model.
After that, En.Mohd Zaki told us that people who cause security problem are hacker, spy, student, businessman, ex-employee, stockbroker and terrorist. According to En.Mohd Zaki, there are three types of hackers which are white hacker who is good, grey hacker who is between good and bad and lastly is black hacker who is bad. White hacker will find problem in system and then inform administrator. Follow by, En.Mohd Zaki explained about hacking phase which start with reconnaissance, follow by scanning, gaining access, maintaining access and lastly covering tracks.
For this lecture, En.Mohd Zaki mainly focused on two subtopics which are threats in network and network security control. Threats in network are includes security exposures, impersonating, eavesdropping, denial of service, packet replay and packet modification. In the other hands, network security control includes encryption, strong authentication, Kerberos, honeypot and firewalls.
There are two types of encryption which is link encryption and end-to-end encryption. Link encryption involves encryption at layer 1 or 2 in the OSI model while decryption occurs as the communication arrives each end of communication lines. Link encryption used in Virtual Private Network (VPN) aided by firewalls. End--to-end encryption involves encryption at layer 6 or 7 in the OSI model. Message usually encrypted by sender at point of origin and only decrypted by intended receiver. SSH (Secure shell) encryption is example of end-to-end encryption used for remote access to computer resources over Internet. Differences between SSH and telnet also has been discussed. Telnet is insecure compare to SSH because it does not involve encryption.
SSL (Secure Sockets Layer) encryptions also have been explained by En.Mohd Zaki. He told us that SSL is used to protect communication between a web browser and server. Encrypted communication between client and server has been discussed with the aid of diagram. IPSec which is protocol for securing VPN tunnels and strong authentication using password has been explained by En.Mohd Zaki.
Follow by, we are exposed to Kerberos. Kerberos is a network authentication protocol which utilizes symmetric cryptography to provide authentication for client-server applications. The core of Kerberos architecture is the KDC (Key Distribution Server). The KDC stores authentication information and uses it to securely authenticate users and services. After that, explanation proceeded to firewalls. A firewall is a network security device that is set up to control traffic flow between two networks. However, firewalls do have limitation which is it can only filter traffic which pass through it. If traffic can get to a network by other means, the firewall cannot block it. During this lecture, I have learned about four basic types of firewalls which are packet filter, circuit-level proxy, stateful packet filter and application level proxy. In addition, I learned about Intrusion Detection System (IDS) which is a system for detecting misuse of network or computer resources. An IDS will have a number of sensors it utilizes to detect intrusions. Snort is an excellent open source Network Intrusion Detection System.
In addition to this topic, En.Mohd Zaki has introduced another network security controls to us which is honeypot. A honeypot is a trap that is used to identify, avert and, to some extent, neutralize attempts to hijack information systems and networks. It is usually made up of a single computer or a network site that disguises itself as a normal computer or network. It traps hackers by make them think that they have successfully hack the network but in fact they are not hacking the real network. This lecture let me gained a lot of knowledge on network security and I feel satisfactory with it.
After that, En.Mohd Zaki told us that people who cause security problem are hacker, spy, student, businessman, ex-employee, stockbroker and terrorist. According to En.Mohd Zaki, there are three types of hackers which are white hacker who is good, grey hacker who is between good and bad and lastly is black hacker who is bad. White hacker will find problem in system and then inform administrator. Follow by, En.Mohd Zaki explained about hacking phase which start with reconnaissance, follow by scanning, gaining access, maintaining access and lastly covering tracks.
For this lecture, En.Mohd Zaki mainly focused on two subtopics which are threats in network and network security control. Threats in network are includes security exposures, impersonating, eavesdropping, denial of service, packet replay and packet modification. In the other hands, network security control includes encryption, strong authentication, Kerberos, honeypot and firewalls.
There are two types of encryption which is link encryption and end-to-end encryption. Link encryption involves encryption at layer 1 or 2 in the OSI model while decryption occurs as the communication arrives each end of communication lines. Link encryption used in Virtual Private Network (VPN) aided by firewalls. End--to-end encryption involves encryption at layer 6 or 7 in the OSI model. Message usually encrypted by sender at point of origin and only decrypted by intended receiver. SSH (Secure shell) encryption is example of end-to-end encryption used for remote access to computer resources over Internet. Differences between SSH and telnet also has been discussed. Telnet is insecure compare to SSH because it does not involve encryption.
SSL (Secure Sockets Layer) encryptions also have been explained by En.Mohd Zaki. He told us that SSL is used to protect communication between a web browser and server. Encrypted communication between client and server has been discussed with the aid of diagram. IPSec which is protocol for securing VPN tunnels and strong authentication using password has been explained by En.Mohd Zaki.
Follow by, we are exposed to Kerberos. Kerberos is a network authentication protocol which utilizes symmetric cryptography to provide authentication for client-server applications. The core of Kerberos architecture is the KDC (Key Distribution Server). The KDC stores authentication information and uses it to securely authenticate users and services. After that, explanation proceeded to firewalls. A firewall is a network security device that is set up to control traffic flow between two networks. However, firewalls do have limitation which is it can only filter traffic which pass through it. If traffic can get to a network by other means, the firewall cannot block it. During this lecture, I have learned about four basic types of firewalls which are packet filter, circuit-level proxy, stateful packet filter and application level proxy. In addition, I learned about Intrusion Detection System (IDS) which is a system for detecting misuse of network or computer resources. An IDS will have a number of sensors it utilizes to detect intrusions. Snort is an excellent open source Network Intrusion Detection System.
In addition to this topic, En.Mohd Zaki has introduced another network security controls to us which is honeypot. A honeypot is a trap that is used to identify, avert and, to some extent, neutralize attempts to hijack information systems and networks. It is usually made up of a single computer or a network site that disguises itself as a normal computer or network. It traps hackers by make them think that they have successfully hack the network but in fact they are not hacking the real network. This lecture let me gained a lot of knowledge on network security and I feel satisfactory with it.
No comments:
Post a Comment