Chapter 7 Security in Networks

1
Chapter 7 Security in Networks

• Introduction to networks
• Threats against network applications
• Controls against network applications
• Firewalls
• Intrusion detection systems
• Private e-mail

2
Terminal-Host Systems

• Created in the 1960s
• Central host computer does all the processing
• Terminal is dumb--only a remote screen and
  keyboard
• Created in the 1960s, when microprocessors for
  terminal intelligence did not exist

Terminals
Host
3
PC Networks

• The Most Common Platform in Organizations
• Allows PCs to share resources
• Both Wintel (Windows/Intel) PCs and Macintoshes

Network
4
Network

• A Network is an Any-to-Any Communication System
• Can connect any station to any other

Network
5
Network

• Each Station has a Unique Network Address
• To connect, only need to know the receivers
  address
• Like telephone number

GHI
DEF
Connect to GHI
ABC
MNO
JKL
6
LANs and WANs

• Networks Have Different Geographical Scopes
• Local Area Networks (LANs)
• Small Office
• Office Building
• Industrial Park / University Campus
• Wide Area Networks (WANs)
• Connect corporate sites or
• Connect corporate sites with sites of customers
  and suppliers

7
Elements of a Simple LAN
Hub or Switch connects all stations Wiring is
standard business telephone wiring (4 pairs in a
bundle)
Hub or Switch
Wiring
8
Elements of a Simple LAN
Client PC
Client PCs are used by ordinary managers
and professionals receive service Servers
provide services to client PCs
Server
Server
Server
Client PC
9
Elements of a Simple LAN

• Client PC
• Begin with stand-alone PC
• Add a network interface card (NIC) todeal with
  the network
• Networks have many client PCs
• Server
• Most PC nets have multiple servers

10
Wide Area Networks

• WANs Link Sites (Locations)
• Usually sites of the same organization
• Sometimes, sites of different organizations

Site B
Site A
Site C
WAN
11
Client/Server Processing

• Two Programs
• Client program on client machine
• Server program on server machine
• Work together to do the required processing

Server Program
Client Program
Client Machine
Server
12
Client/Server Processing

• Cooperation Through Message Exchange
• Client program sends Request message, such as a
  database retrieval request
• Server program sends a Response message to
  deliver the requested information or an
  explanation for failure

Server Program
Client Program
Request
Client Machine
Server
Response
13
Client/Server Processing

• Widely Used on the Internet
• For instance, webservice
• Client program (browser) sends an HTTP request
  asking for a webserver file
• Server program (webserver application program)
  sends an HTTP response message with the requested
  webpage

HTTP Request Message
HTTP Response Message
14
Client/Server Processing

• On the Internet, a Single Client Program--the
  Browser (also known as the client suite)--Works
  with Many Kinds of C/S server applications
• WWW, some E-mail, etc.

E-mail Server
Browser
Webserver
15
Standards Organizations and Architectures

• TCP/IP Standards
• Created by the Internet Engineering Task Force
  (IETF)
• Named after its two most widely known standards,
  TCP and IP
• TCP/IP is the architecture, while TCP and IP are
  individual standards
• However, these are not its only standards, even
  at the transport and internet layers
• IETF standards dominate in corporations at the
  application, transport, and internet layers
• However, application, transport, and internet
  standards from other architectures are still used

16
Standards Organizations and Architectures

• OSI Standards
• Reference Model of Open Systems Interconnection
• Created by the International Telecommunications
  Union-Telecommunications Standards Sector (ITU-T)
• And the International Organization for
  Standardization (ISO)
• OSI standards dominate the data link and physical
  layers
• Other architectures specify the use of OSI
  standards at these layers

17
OSI Reference Model

18
TCP/IP versus OSI

• Lowest Four Layers are Comparable in Functionality

19
Internet Standards

• Accessing the WWW from Home

App
App
HTTP
Trans
Trans
TCP
Int
Int
Int
IP
IP
DL
DL
DL
PPP
?
Phy
Phy
Phy
Modem
?
User PC
Router
Webserver
20
Indirect Communication

• Application programs on different machines cannot
  communicate directly
• They are on different machines!

HTTP Request
Browser
Web App
Trans
Trans
Int
Int
DL
DL
Phy
Phy
User PC
Webserver
21
Layer Cooperation on the Source Host

• Application layer process passes HTTP-request to
  transport layer process

Application
HTTP Request
Transport
Internet
Data Link
Physical
User PC
22
Layer Cooperation on the Source Host

• Transport layer makes TCP segments
• HTTP message is the data field
• Adds TCP header fields shown earlier
• Transport process encapsulates HTTP request
  within a TCP segment

TCP Segment
HTTP Request
TCP-H
Data Field
TCP Header
23
Layer Cooperation on the Source Host

• Transport layer process passes the TCP segment
  down to the internet layer process

Application
Transport
TCP segment
Internet
Data Link
Physical
User PC
24
Layer Cooperation on the Source Host

• The internet layer process passes the IP packet
  to the data link layer process
• Internet layer messages are called packets

Application
Transport
Internet
IP packet
Data Link
Physical
User PC
25
Layer Cooperation on the Source Host

• The data link layer process passes the PPP frame
  to the physical layer process, which delivers it
  to the physical layer process on the first
  router, one bit at a time (no message at the
  physical layer)

Application
Transport
Internet
To first router
Data Link
PPP frame
Physical (10110 )
User PC
26
Layer Cooperation on the Source Host

• Recap Adding Headers and Trailers

Application
HTTP msg
Transport
HTTP msg
TCP-H
Internet
HTTP msg
TCP-H
IP-H
PPP-T
Data Link
HTTP msg
TCP-H
IP-H
PPP-H
Physical
User PC
27
Protocols

• A protocol is a standard for communication
  between peer processes, that is, processes at the
  same layer, but on different machines
• TCP, IP, and PPP all have protocol as their
  final P they are all protocols
• TCP (Transmission Control Protocol) is the
  protocol governing communication between
  transport layer processes on two hosts

Message
Trans
Trans
TCP
28
Domain Name System (DNS)

• Only IP addresses are official
• e.g., 128.171.17.13
• These are 32-bit binary numbers
• Only they fit into the 32-bit destination and
  source address fields of the IP headers

IP Packet
32-bit Source and Destination Addresses
(110011...)
29
Domain Name System (DNS)

• Users typically only know host names
• e.g., voyager.cba.hawaii.edu
• More easily remembered, but
• Will not fit into the address fields of an IP
  packet

IP Packet
NO
voyager.cba.hawaii.edu
30
Internet and Data Link Layer Addresses

• Each host and router on a subnet needs a data
  link layer address to specify its address on the
  subnet
• This address appears in the data link layer frame
  sent on a subnet
• For instance, 48-bit 802.3 MAC layer frame
  addresses for LANs

Subnet DA
DL Frame for Subnet
31
Addresses

• Each host and router also needs an IP address at
  the internet layer to designate its position in
  the overall Internet

128.171.17.13
Subnet
Subnet
Subnet
32
IPv6

• Current version of the Internet Protocol is
  Version 4 (v4)
• Earlier versions were not implemented
• The next version will be Version 6 (v6)
• No v5 was implemented
• Informally called IPng (Next Generation)
• IPv6 is Already Defined
• Continuing improvements in v4 may delay its
  adoption

33
IPv6

• IPv6 will raise the size of the internet address
  from 32 bits to 128 bits
• Now running out of IP addresses
• Will solve the problem
• But current work-arounds are delaying the need
  for IPv6 addresses

34
What Makes a Network Vulnerable?

• Anonymity
• Many points of attack (targets origins)
• Sharing
• Complexity of system
• Unknown perimeter
• Unknown path

35
Who Attacks Networks

• Hackers break into organizations from the outside
• Challenge
• Fame
• Money Espionage
• Ideology
• However, most security breaches are internal, by
  employees and ex-employees

36
Threat Precursors

• Port Scan
• Social Engineering
• Reconnaissance
• Bulletin Board / Chat
• Docs
• Packet Sniffers (telnet/ftp in cleartext)

37
Network Security Threats

• Interception
• If interceptor cannot read, have confidentiality
  (privacy)
• If cannot modify without detection, have message
  integrity

38
Network Security Threats

• Impostors (Spoofing/ Masquerade)
• Claim to be someone else
• Need to authenticate the sender--prove that they
  are who they claim to be

Impostor
True Person
39
Network Security Threats

• Remotely Log in as Root User
• Requires cracking the root login password
• Then control the machine
• Read and/or steal information
• Damage data (erase hard disk)
• Create backdoor user account that will let them
  in easily later

Root Login Command
40
Security Threats

• Content Threats
• Application layer content may cause problems
• Viruses
• In many ways, most severe security problem in
  corporations today
• Must examine application messages

41
Replay Attack

• First, attacker intercepts a message
• Not difficult to do

42
Replay Attack

• Later, attacker retransmits (replays) the message
  to the original destination host
• Does not have to be able to read a message to
  replay it

43
Replay Attack

• Why replay attacks?
• To gain access to resources by replaying an
  authentication message
• In a denial-of-service attack, to confuse the
  destination host

44
Thwarting Replay Attacks

• Put a time stamp in each message to ensure that
  the message is fresh
• Do not accept a message that is too old
• Place a sequence number in each message
• Do not accept a duplicated message

Message
Sequence Number
Time Stamp
45
Thwarting Replay Attacks

• In request-response applications,
• Sender of request generates a nonce (random
  number)
• Places the nonce in the request
• Server places the nonce in the response
• Neither party accepts duplicate nonces

Request
Response
Nonce
Nonce
46
Network Security Threats

• Denial of Service (DOS) Attacks
• Overload system with a flood of messages
• Or, send a single message that crashes the machine

47
Denial of Service (DOS) Attacks

• Transmission Failure
• Connection Flooding
• Echo-Chargen
• Ping of Death
• Smurf
• Syn Flood
• Traffic Redirection
• DNS Attacks
• Distributed Denial of Service

48
VPNs

• IETF developing IPsec security standards
• IP security
• At the internet layer
• Protects all messages at the transport and
  application layers

E-Mail, WWW, Database, etc.
TCP
UDP
IPsec
49
VPNs

• IPsec Transport Mode
• End-to-end security for hosts

Local Network
Internet
Local Network
Secure Communication
50
VPNs

• IPsec Tunnel Mode
• IPsec server at each site
• Secure communication between sites

Local Network
Internet
Local Network
IPsec Server
Secure Communication
51
VPNs

• IPsec Modes Can be Combined
• End-to-end transport mode connection
• Within site-to-site tunnel connection

Local Network
Internet
Local Network
Tunnel Mode
Transport Mode
52
VPNs

• Another Security System for VPNs is the
  Point-to-Point Tunneling Protocol (PPTP)
• For dial-up connections, based on PPP
• Connects user with securely to a remote access
  server at a site

Dial-Up Connection
Local Network
Internet
PPTP Connection
Remote Access Server
53
PKIs

• To use public key methods, an organization must
  establish a comprehensive Public Key
  Infrastructure (PKI)
• A PKI automates most aspects of using public key
  encryption and authentication
• Uses a PKI Server

PKI Server
54
PKIs

• PKI Server Creates Public Key-Private Key Pairs
• Distributes private keys to applicants securely
• Often, private keys are embedded in delivered
  software

Private Key
PKI Server
55
PKIs

• PKI Server Provides CRL Checks
• Distributes digital certificates to verifiers
• Checks certificate revocation list before sending
  digital certificates

Digital Certificate
PKI Server
56
PKIs

• CRL (Certificate Revocation List) Checks
• If applicant gives verifier a digital
  certificate,
• The verifier must check the certificate
  revocation list

CRL
PKI Server
OK?
OK or Revoked
57
Integrated Security System

• When two parties communicate
• Their software usually handles the details
• First, negotiate security methods
• Then, authenticate one another
• Then, exchange symmetric session key
• Then can communicate securely using symmetric
  session key and message-by-message authentication

58
SSL Integrated Security System

• SSL
• Secure Sockets Layer
• Developed by Netscape
• TLS (now)
• Netscape gave IETF control over SSL
• IETF renamed it TLS (Transport Layer Security)
• Usually still called SSL

59
Location of SSL

• Below the Application Layer
• IETF views it at the transport layer
• Protects all application exchanges
• Not limited to any single application
• WWW transactions, e-mail, etc.

E-Mail
WWW
E-Mail
WWW
SSL
SSL
60
SSL Operation

• Browser Webserver Software Implement SSL
• User can be unaware

61
SSL Operation

• SSL ISS Process
• Two sides negotiate security parameters
• Webserver authenticates itself
• Browser may authenticate itself but rarely does
• Browser selects a symmetric session key, sends to
  webserver
• Adds a digital signature and encrypts all
  messages with the symmetric key

62
Importance of SSL

• Supported by Almost All Browsers
• De facto standard for Internet application
  security
• Problems
• Relatively weak security
• Does not involve security on merchant server
• Does not validate credit card numbers
• Viewed as an available but temporary approach to
  consumer security

63
Other ISSs

• SSL is merely an example integrated security
  system
• Many other ISSs exist
• IPsec
• PPP and PPTP
• Etc.

64
Other ISSs

• All ISSs have the same general steps
• Negotiate security parameters
• Authenticate the partners
• Exchange a session key
• Communicate with message-by-message privacy,
  authentication, and message integrity

65
IPsec

• IPsec (IP security)
• Security for transmission over IP networks
• The Internet
• Internal corporate IP networks
• IP packets sent over public switched data
  networks (PSDN)

Local Network
Local Network
Internet
66
IPsec

• Why do we need IPsec?
• IP has no security
• Add security to create a virtual private network
  (VPN) to give secure communication over the
  Internet or another IP network

Local Network
Local Network
Internet
67
IPsec

• Genesis
• Being created by the Internet Engineering Task
  Force
• For both IP version 4 and IP version 6

68
IPsec

• Two Modes of operation
• Tunnel Mode
• IPsec server at each site
• Secures messages going through the Internet

Local Network
Internet
Local Network
IPsec Server
Secure Communication
69
IPsec

• Tunnel Mode
• Hosts operate in their usual way
• Tunnel mode IPsec is transparent to the hosts
• No security within the site networks

Local Network
Internet
Local Network
IPsec Server
Secure Communication
70
IPsec

• Two Modes of operation
• Transport Mode
• End-to-end security between the hosts
• Security within site networks as well
• Requires hosts to implement IPsec

Local Network
Internet
Local Network
Secure Communication
71
IPsec

• Transport Mode
• Adds a security header to IP packet
• After the main IP header
• Source and destination addresses of hosts can be
  learned by interceptor
• Only the original data field is protected

Protected Original Data Field
Original IP Header
Transport Security Header
72
IPsec

• Tunnel Mode
• Adds a security header before the original IP
  header
• Has IP addresses of the source and destination
  IPsec servers only, not those of the source and
  destination hosts
• Protects the main IP header

Protected Original Data Field
Protected Original IP Header
Tunnel Security Header
73
IPsec

• Can combine the two modes
• Transport mode for end-to-end security
• Plus tunnel mode to hide the IP addresses of the
  source and destination hosts during passage
  through the Internet

Local Network
Internet
Local Network
Tunnel Mode
Transport Mode
74
IPsec

• Two forms of protection
• Encapsulating Security Protocol (ESP) security
  provides confidentiality as well as
  authentication
• Authentication Header (AH) security provides
  authentication but not confidentiality
• Useful where encryption is forbidden by law
• Provides slightly better authentication by
  providing authentication over a slightly larger
  part of the message, but this is rarely decisive

75
IPsec

• Modes and protection methods can be applied in
  any combination

76
IPsec

• Security Associations (SAs) are agreements
  between two hosts or two IPsec servers, depending
  on the mode
• Contracts for how security will be performed
• Negotiated
• Governs subsequent transmissions

Negotiate Security Association
Host A
Host B
77
IPsec

• Security Associations (SAs) can be asymmetrical
• Different strengths in the two directions
• For instance, clients and servers may have
  different security needs

SA for messages From A to B
Host A
Host B
SA for messages From B to A
78
IPsec

• Policies may limit what SAs can be negotiated
• To ensure that adequately strong SAs for the
  organizations threats
• Gives uniformity to negotiation decisions

Host A
Host B
79
IPsec

• First, two parties negotiate IKE (Internet Key
  Exchange) Security Associations
• IKE is not IPsec-specific
• Can be used in other security protocols

Communication Governed by IKE SA
Host A
Host B
80
IPsec

• Under the protection of communication governed by
  this IKE SA, negotiate IPsec-specific security
  associations

Communication Governed by IKE SA
Host A
Host B
IPsec SA Negotiation
81
IPsec

• Process of Creating IKE SAs (and other SAs)
• Negotiate security parameters within policy
  limitations
• Authenticate the parties using SA-agreed methods
• Exchange a symmetric session key using SA-agreed
  method
• Communicate securely with confidentiality,
  message-by-message authentication, and message
  integrity using SA-agreed method

82
IPsec

• IPsec has mandatory security algorithms
• Uses them as defaults if no other algorithm is
  negotiated
• Other algorithms may be negotiated
• But these mandatory algorithms MUST be supported

83
IPsec

• Diffie-Hellman Key Agreement
• To agree upon a symmetric session key to be used
  for confidentiality during this session
• Also does authentication

Party A
Party B
84
IPsec

• Diffie-Hellman Key Agreement
• Each party sends the other a nonce (random
  number)
• The nonces will almost certainly be different
• Nonces are not sent confidentially

Nonce B
Party A
Party B
Nonce A
85
IPsec

• Diffie-Hellman Key Agreement
• From the different nonces, each party will be
  able to compute the same symmetric session key
  for subsequent use
• No exchange of the key instead, agreement on the
  key

Symmetric Key
Symmetric Key
From nonces, independently compute same
symmetric session key
Party A
Party B
86
Kerberos

• Kerberos was a 3-headed dog in Greek mythology
• Guarded the gates of the dead
• Decided who might enter
• Talk about strong security!

87
Kerberos

• Three Parties are Present
• Kerberos server
• Applicant host
• Verifier host

Kerberos Server
Applicant
Verifier
88
Kerberos

• Kerberos Server shares a symmetric key with each
  host
• Key shared with the Applicant will be called Key
  AS (Applicant-Server)
• Key shared with verifier will be Key VS

Kerberos Server
Applicant
Verifier
Key AS
Key VS
89
Kerberos

• Applicant sends message to Kerberos server
• Logs in and asks for ticket-granting ticket (TGT)
• Authenticates the applicant to the server
• Server sends back ticket-granting ticket
• TGT allows applicant to request connections

TGT RQ
Kerberos Server
Applicant
TGT
90
Kerberos

• To connect to the verifier
• Applicant asks Kerberos server for credentials to
  introduce the applicant to the verifier
• Request includes the Ticket-Granting Tickets

Kerberos Server
Credentials RQ
Applicant
91
Kerberos

• Kerberos server sends the credentials
• Credential include the session Key AV that
  applicant and verifier will use for secure
  communication
• Encrypted with Key AS so that interceptors cannot
  read it

Kerberos Server
Credentials Session Key AV Service Ticket
Applicant
92
Kerberos

• Kerberos server sends the credentials
• Credential also include the Service Ticket, which
  is encrypted with Key VS Applicant cannot read
  or change it

Kerberos Server
Credentials Session Key AV, Service Ticket
Applicant
93
Kerberos

• Applicant sends the Service Ticket plus a
  Authenticator to the Verifier
• Service ticket contains the symmetric session key
  (Key AV)
• Now both parties have Key AV and so can
  communicate with confidentiality

Service Ticket (Contains Key AV) Authenticator
Applicant
Verifier
94
Kerberos

• Applicant sends the Service Ticket plus a
  Authenticator to the Verifier
• Authenticator contains information encrypted with
  Key AV
• Guarantees that the service ticket came from the
  applicant, which alone knows Key AV
• Service ticket has a time stamp to prevent replay

Service Ticket (Contains Key AV) Authenticator
95
Kerberos

• Subsequent communication between the applicant
  and verifier uses the symmetric session key (Key
  AV) for confidentiality

Communication Encrypted with Key AV
Applicant
Verifier
96
Kerberos

• The Service Ticket can contain more than Key AV
• If the applicant is a client and the verifier is
  a server, service ticket may contain
• Verifiers user name and password
• List of rights to files and directories on the
  server

Verifier
97
Kerberos

• Is the basis for security in Microsoft Windows
  2000
• Only uses symmetric key encryption for reduced
  processing cost

98
Firewalls

• Firewall sits between the corporate network and
  the Internet
• Prevents unauthorized access from the Internet
• Facilitates internal users access to the Internet

Firewall
OK
No
Access only if Authenticated
99
Firewalls

• Packet Filter Firewalls
• Examine each incoming IP packet
• Examine IP and TCP header fields
• If bad behavior is detected, reject the packet
• No sense of previous communication analyzes each
  packet in isolation

IP Firewall
IP Packet
100
Firewalls

• Application (Proxy) Firewalls
• Filter based on application behavior
• Do not examine packets in isolation use history
• In HTTP, for example, do not accept a response
  unless an HTTP request has just gone out to that
  site

Application
101
Firewalls

• Application (Proxy) Firewalls
• Hide internal internet addresses
• Internal user sends an HTTP request
• HTTP proxy program replaces user internet address
  with proxy servers IP address, sends to the
  webserver

Request with Proxy Servers IP Address
HTTP Request
102
Firewalls

• Application (Proxy) Firewalls
• Webserver sends response to proxy server, to
  proxy server IP address
• HTTP proxy server sends the IP packet to the
  originating host
• Overall, proxy program acts on behalf of the
  internal user

Response to Proxy Servers IP Address
HTTP Response
103
Firewalls

• Why Hide Internal IP Addresses?
• The first step in an attack usually is to find
  potential victim hosts
• Sniffer programs read IP packet streams for IP
  addresses of potential target hosts
• With proxy server, sniffers will not learn IP
  addresses of internal hosts

Sniffer
False IP Address
Host IP Address
104
Firewalls

• Application Firewalls
• Need a separate program (proxy) for each
  application
• Not all applications have rules that allow
  filtering

105
Intrusion Detection

• Intrusion detection software to detect and report
  intrusions as they are occurring
• Lets organization stop intruders so that
  intruders do not have unlimited time to probe for
  weaknesses
• Helps organization assess security threats
• Audit logs list where intruder has been vital in
  legal prosecution

106
Intrusion Detection

• Signature-based IDS performs simple
  pattern-matching and report situtations that
  match a pattern corresponding to a known attack
  type
• Heuristic IDS (anomaly based) build model of
  acceptable behavior and flag exceptions to that
  model

107
Intrusion Detection

• Network-based IDS stand-alone device attached
  to the network to monitor traffic throughout
  network
• Host-based IDS runs on a single workstation or
  client or host, to protect that one host

108
Default-Deny Posture

• Perimeter Settings block all protocols except
  those expressly permitted i.e. SMTP(25),
  DNS(53), HTTP(80), SSL(443),
• Internal Settings block all unnecessary traffic
  between internal network segments, remote VPN
  connections
• Security Configurations harden servers
  workstations to run only necessary services and
  applications
• Segment Networks
• Patch Management

109
Secure E-mail

• Message interception (confidentiality)
• Message interception (blocked delivery)
• Message interception and subsequent replay
• Message content modification
• Message origin modification
• Message content forgery by outsider
• Message origin forgery by outsider
• Message content forgery by recipient
• Message origin forgery by recipient
• Denial of message transmission

110
Requirements and Solutions

• Message confidentiality
• Message integrity
• Sender authenticity
• nonrepudiation

111
Examples of Secure E-mail Systems

• PGP (Pretty Good Privacy) uses public key ring
  confidentiality, integrity
• S/MIME (Secure Multipurpose Internet Mail
  Extensions) uses certificates

112
Multi-Layer Security

• Security Can be Applied at Multiple Layers
  Simultaneously
• Application layer security for database, e-mail,
  etc.
• Transport layer SSL
• Internet layer IPsec
• Data link layer PPTP, L2TP
• Physical layer locks

113
Multi-Layer Security

• Applying security at 2 or more layers is good
• If security is broken at one layer, the
  communication will still be secure
• However,
• Security slows down processing
• Multi-Layer security slows down processing at
  each layer

114
Total Security

• Network Security is Only Part
• Server Security
• Hackers can take down servers with
  denial-of-service attack
• Hacker can log in as root user and take over the
  server
• Steal data, lock out legitimate users, etc.

115
Total Security

• Server Security
• Occasionally, weakness are discovered in server
  operating systems
• This knowledge is quickly disseminated
• Known security weaknesses

116
Total Security

• Server Security
• Server operating system (SOS) vendors create
  patches
• Many firms do not download patches
• This makes them vulnerable to hackers, who
  quickly develop tools to probe for and then
  exploit known weaknesses

117
Total Security

• Client PC Security
• Known security weaknesses exist but patches are
  rarely downloaded
• Users often have no passwords or weak passwords
  on their computer
• Adversaries take over client PCs and can
  therefore take over control over SSL, other
  secure communication protocols

118
Total Security

• Application Software
• May contain viruses
• Must filter incoming messages
• Database and other applications can add their own
  security with passwords and other protections

119
Total Security

• Managing Users
• Often violate security procedures, making
  technical security worthless
• Social engineering attacker tricks user into
  violating security procedures

120
Defense in Depth

• Firewalls
• Antivirus
• Intrusion Detection Systems
• Intrusion Protection Systems