NS-Unit-4 (1)
NS-Unit-4 (1)
Network Security
Network Security
Network security, focusing on various components such as firewalls, IP security,
VPNs, intrusion detection systems, and web security threats. Each topic is
explained in detail with examples to enhance understanding. The aim is to equip
readers with the knowledge necessary to navigate the complexities of network
security effectively.
Network Security
1️⃣ Firewalls 🔥
A firewall is a security system that monitors and
controls incoming and outgoing network traffic
based on predefined security rules.
✅ Example:
✅ Definition:
•A software firewall installed on a single device (PC, laptop, or
smartphone) to protect it from threats.
✅ Example:
•Windows Defender Firewall (built into Windows OS).
•Mac Firewall (for macOS security).
✅ Pros:
✔ Protects individual devices from malware and hacking
attempts.
✔ Blocks unauthorized apps from accessing the internet.
✅ Cons:
✖ Does not protect the entire network.
Fire Wall
Types of Firewalls
🔹 Network Firewall
✅ Definition:
•A firewall that protects an entire network instead of just one
device.
•Usually installed at entry points like routers, servers, or cloud
gateways.
✅ Example:
•Cisco ASA Firewall used by businesses.
•FortiGate Firewall used in corporate data centers.
✅ Pros:
✔ Provides security to multiple devices at once.
✔ Prevents external threats like hackers and malware.
✅ Cons:
✖ Requires proper configuration.
Fire Wall
Types of Firewalls based on its Implementation
🔹 Software Firewall
✅ Definition:
•A firewall that runs as a software program on a
computer or server.
✅ Example:
•Windows Defender Firewall, Norton Firewall, McAfee
Firewall.
✅ Pros:
✔ Easy to install and configure.
✔ Suitable for personal and small business use.
✅ Cons:
✖ Consumes system resources (CPU and RAM).
Fire Wall
Types of Firewalls based on its Implementation
🔹 Hardware Firewall
✅ Definition:
•A physical device that sits between a network and
the internet to filter traffic.
✅ Example:
•Cisco ASA, Palo Alto Networks Firewalls, FortiGate
Firewalls.
✅ Pros:
✔ Does not slow down individual computers.
✔ Provides strong security for business networks.
✅ Cons:
✖ Expensive and requires technical expertise.
Fire Wall
3️⃣ Packet Filtering Firewall (How It Works)
✅ Definition:
•A firewall that examines each data packet’s header to decide
whether to allow or block it.
✅ How It Works:
•Checks source IP, destination IP, port number, and protocol.
•Uses rules to allow or block packets.
✅ Example Rule:
•"Block all incoming traffic from 192.168.1.100 on port 80
(HTTP)"
✅ Pros:
✔ Simple and fast.
✔ Effective for basic filtering.
✅ Cons:
✖ Cannot inspect actual content inside the packets.
✖ Vulnerable to spoofing attacks.
Fire Wall
4️⃣ Design Principles of Firewalls
🔹 Scenario: A hacker sends multiple fake login requests to a company's website to guess a
password (Brute Force Attack).
🔹 How IDS Helps: The company’s IDS detects this unusual login attempt pattern and
blocks the hacker’s IP address automatically.
Web Security Threats and Protection Approaches
🔹 Web Security Threats
Web security threats are cyber attacks that target
websites, web applications, or web servers. These
attacks aim to steal data, disrupt services, or gain
unauthorized access.
Common Web Security Threats:
1️⃣ Phishing 🎣
•Fake emails or websites trick users into revealing
personal data.
•Example: A fake banking website asks users to enter
their login details.
2️⃣ SQL Injection (SQLi) 🛠
•Hackers insert malicious SQL code into input fields to
access a database.
•Example: Entering " OR 1=1 --“in a login field could
trick the system into logging in without a password.
Web Security Threats and Protection Approaches
3️⃣ Cross-Site Scripting (XSS) 🖥
•Attackers inject malicious scripts into web pages to steal
user data.
•Example: A hacker embeds JavaScript into a comment
box that sends users’ cookies to them.
4️⃣ Denial-of-Service (DoS) & Distributed DoS (DDoS) 🛑
•Hackers flood a website with traffic, making it slow or
unavailable.
•Example: A botnet sends millions of fake requests to a
shopping website, crashing it.
5️⃣ Man-in-the-Middle (MITM) Attack 🎭
•An attacker intercepts data between two parties.
•Example: Public Wi-Fi hackers capture login credentials
during online banking.
Web Security Threats and Protection Approaches
🔹 Approaches to Web Security (How to Protect Websites?)
1️⃣ Use HTTPS with SSL/TLS 🔒
•Ensures secure communication between a website and users.
•Example: A bank website uses HTTPS to encrypt customer transactions.
2️⃣ Web Application Firewall (WAF) 🚧
•Blocks malicious traffic before it reaches a website.
•Example: A WAF detects and stops an SQL injection attack.
3️⃣ Regular Security Updates & Patching 🔄
•Fix vulnerabilities in web applications.
•Example: A company updates its CMS software to prevent attacks.
4️⃣ Multi-Factor Authentication (MFA) 🔑
•Requires an additional verification step besides a password.
•Example: Logging in requires both a password and an OTP sent via SMS.
5️⃣ Secure Coding Practices 🖥
•Developers write code that avoids vulnerabilities like XSS and SQL injection.
•Example: Using prepared statements in SQL queries to prevent SQLi.
SSL Architecture and Protocol
🔹What is SSL?