Saturday, July 25, 2009

Lecture 1 - Introduction to information Security & Lab 1 - Introduction to Virtualization & VMware

What is security?

Security is the quality or state of being secure that is to be free from danger and to be protected from adversaries – from those who would do harm, intentionally or otherwise


Information Security

Information Security is the protection of information and the systems and hardware that use, store, and transmit that information

By NSTISSC


It's important to remember that the firewall is only one entry point to your network. Modems, if you allow them to answer incoming calls, can provide an easy means for an attacker to sneak around (rather than through ) your front door (or, firewall). Just as castles weren't built with moats only in the front, your network needs to be protected at all of its entry points.


Secure Policy

  • Set of rules to apply to security relevant activities in a security domain.
  • Level of security policy: objectives, organizational and system.
  • Key aspects of security policy: authorization, access control policy, accountability.


Security Area

  • Detection - Tools: scanner such as virus scanner, internet scanner and Web server scanner.
  • Prevention - Tools: proxy, firewall.
  • Recovery - Tools: cryptography techniques, proper planning.


Security Architecture

  • Defined by ITU-T Recommendation X.800 that called OSI Security Architecture.
  • Useful to managers as a way of organizing the task of providing security
  • Architecture was developed as an international standard, computer and communications vendors have developed security features for their products and services that relate to the structured definition of services and mechanisms.
  • Focuses on security attacks, security mechanisms and security services.


Security Principles

  • Confidentiality - Prevention of unauthorized disclosure of information.
  • Integrity - Prevention of unauthorized modification of information.
  • Availability - Prevention of unauthorized withholding of information or resources.


Security Policy

  • Set of rules to apply to security relevant activities in a security domain.
  • Level of security policy: objectives, organizational and system.
  • Key aspects of security policy: authorization, access control policy, accountability.


PASSIVE ATTACKS

ACTIVE ATTACK

  • Very difficult to detect. Why?
  • Quite difficult to prevent active attacks. Why?
  • Feasible to prevent the success of these attacks. How?
  • Instead, the goal is to detect active attacks and to recover from any disruption or delays caused by them.
  • Emphasis in dealing with passive attacks is on prevention rather than detection. Why?
  • If the detection has a deterrent effect, it may also contribute to prevention.


Method of Defense

We can deal with harm that occurs when a threat is realized against a vulnerability in several ways:

  • Prevent it, by blocking the attack or closing the vulnerability.
  • Deter it, by making the attack harder, but not impossible.
  • Deflect it, by making another target more attractive.
  • Detect it, either as it happens or some time after the fact.
  • Recover from its effects


Security Services

Defined by X.800:

  • A security service as a service provided by a protocol layer of communicating open systems which ensure adequate security of the systems or of data transfers.

Defined by RFC 2828:

  • A processing or communication service that is provided by a system to give a specific kind of protection to system resources where security services implement security policies and are implemented by security mechanisms.


Security Services

  • Authentication - assurance that the communicating entity is the one claimed
  • Access Control - prevention of the unauthorized use of a resource
  • Data Confidentialityprotection of data from unauthorized disclosure
  • Data Integrity - assurance that data received is as sent by an authorized entity
  • Non-Repudiation - protection against denial by one of the parties in a communication


Security Mechanisms

} Security mechanism is any process (or a device incorporating such a process) that is designed to detect, prevent or recover from a security attack.

} Security mechanisms exist to provide and support security services and was defined by X.800

} Divided into two classes: those that are implemented in a specific protocol layer and those that are not specific to any particular protocol layer or security services

Specific Security Mechanisms

Pervasive Security Mechanisms


Lecture Summary

  1. Due to the technology era today, information security is made more importance implemented in most of organization.
  2. Studying information security is also importance due to the demand career in this area.
  3. Most of the major requirements for security services can be given self-explanatory one word labels:

Confidentiality, authentication, nonrepudiation, integrity


END OF LECTURE 1



Lab 1 - Introduction to Virtualization & VMware

During this lab session we learn about virtualization & vmware. What is vmware? Virtual machine software from VMware, that allows multiple copies of the same operating system or several different operating systems to run in the same x86-based machine. For years, VMware has been the leader in virtualization software.
By the end of this section of the practical, we should be able
to:
• Understand What is Virtualization
• Install VMware Workstation
• Understand the VMware Workstation Configuration
• Creating disk image on VMware Workstation
• Installing Windows Server 2003 on disk image

VMware Workstation installation

This is simple step by step on how to install VMware Workstation:

1.Download VMware Workstation from http://www.vmware.com/download/ws/. Then, double click the VMware launcher to start the installation wizards.

2. Click NEXT and choose Typical setup type

3. Choose the location for VMware Workstation installation. Then, click NEXT

4. Configure the shortcuts for the VMware Workstation and click NEXT

5. Click INSTALL. This will take several minutes to finish

6. Enter the serial number for the VMware Workstation.

7. Click FINISH and restart the computer.

BITS 3413 - Network Security



Lecturer Name : En. Mohd Zaki Bin Mas’ud

B. Eng (Hons) Electronic (MMU), MIT(SC) (UKM) CEH,CFOT


Contact : 06 3316706

zaki.masud@utem.edu.my

FTMK B1-2


Consultation Hour : Wednesday, 14:00-17:00

Sunday, July 19, 2009

Blog Aku....Net Sec FC

Assalamualaikum, pembuka bicara...
Alhamdullilah..dapat gak buat blog walaupun dalam keadaan malas :>
Terima Kasih kepada sahabat2 ku yang memberi tunjuk ajar utk siapkan blog ni..
Welcome to my Network Security FC
:>