Академический Документы
Профессиональный Документы
Культура Документы
computer
Computer security is a branch of Information
security?
Security and
is often used interchangeably
with the term. It encompasses several
security measures such as software
programs like anti-virus suites, firewalls, and
user dependant measures such as
activating deactivating certain software
features like Java scripts, ActiveX and being
vigilant in using the computer and the
network resources or the Internet.
Computer Security is
concerned with four main
areas:
1. Confidentiality:- Only authorized users
can access the data resources and
information.
2. Integrity:- Only authorized users should
be able to modify the data when needed.
3. Availability:- Data should be available to
users when needed.
4. Authentication:- are you really
communicating with whom you think you
are communicating with
Password-Based Attacks
Denial-of-Service Attack
Unlike a password-based attack, the denial-ofservice attack prevents normal use of your
computer or network by valid users.
After gaining access to your network, the
attacker can do any of the following:
Man-in-the-Middle Attack
Compromised-Key Attack
Sniffer Attack
A sniffer is an application or device that
can read, monitor, and capture network
data exchanges and read network
packets. If the packets are not encrypted,
a sniffer provides a full view of the data
inside the packet. Even encapsulated
(tunneled) packets can be broken open
and read unless they are encrypted and
the attacker does not have access to the
key.
Application-Layer Attack
An application-layer attack targets
application servers by deliberately
causing a fault in a server's operating
system or applications. This results in
the attacker gaining the ability to
bypass normal access controls. The
attacker takes advantage of this
situation, gaining control of your
application, system, or network,
4. Multipartite Virus
While some viruses are happy to
spread via one method or deliver a
single payload, Multipartite viruses
want it all. A virus of this type may
spread in multiple ways, and it may
take different actions on an infected
computer depending on variables,
such as the operating system installed
or the existence of certain files.
5. Polymorphic Virus
Installing
Anti-Virus
Step 4: Restart
You may be asked to restart your machine
when the process is complete. Do so if
prompted. When your computer restarts,
Norton AntiVirus will begin a system scan of
your machine.
The Data Encryption Standard (DES, /diis/
or /dz/) is a symmetric-key algorithm for the
encryption of electronic data. Although now
considered insecure, it was highly influential
in the advancement of modern cryptography.
For example:
A company is using a TL-SL5428E as the
companys access switch. And they
want to achieve this demand:
Step 2:
The MAC address that the port learned will
be displayed on the MAC address table (as
the Figure 3 shows below). In this case,
the MAC address of PC 1 is 00-19-66-5EEC-A4, and it has been bounded to port 1.
The MAC address of PC 2 is B0-48-7A-C04E-46, port 2 is bounded with it. And from
now on, you have finished the
configuration.
Method 2: Manual
binding
Step 1:
Click on switching->MAC address ->
static address. Now you need to type in the
MAC address information of your computer
(or other devices), the VLAN ID and the port
information that the computer will be
bounded (as the Figure 4 shows). Then click
Create. And the information you typed in
will be shown in the static address table.
Step 2:
Click onswitching->port->port
security. Now please enable the
port security function, and the max
learned MAC should be set 0. Click
Apply to apply the configuration.
Step 3:
The bounded static MAC address can
be searched on the MAC address
table page. And we have finished the
configuration of port security.
Note: Please
remember to click
saving config to
save the
configuration you
have done.
Port Security
Anyone can access unsecure network
resources by simply plugging his host into
one of our available switch ports. A user
can also change his physical location in
LAN network without telling the admin.
You can secure layer two accesses as well
as keep users in their tracks by using port
security. Thus port security feature
enhances the LAN security.
How to
To configure port
port security
we need to
onfigure
security
switchport port-security
address
We have two mac
options static
and dynamic to
associate mac address with interface.
In static method we have to manually define exact
host mac address with switchport port-security
mac-address MAC_address command. This is the
most secure method but it needs a lot of manual
works. We need to enter all mac addresses
manually that is too much tedious job. In dynamic
mode we use sticky feature that allows interface to
learn mac address automatically. Interface will
learn mac addresses until it reaches maximum
number of allowed hosts.
switchport port-security
violation
We need to specify what action; it should take
in security violation. Three possible modes are
available:
Protect: - This mode will only work with sticky
option. In this mode frames from non-allowed
address would be dropped. It will not make log
entry for dropped frames. Interface will learn
address until it reach maximum allowed
number. Any additionally learned addresses
would be dropped while keeping interface
operational.
Restrict: - In restrict mode frames from nonallowed address would be dropped. But in
this mode, switch will make a log entry and
generate a security violation alert.
Shutdown: - In this mode switch will
generate the violation alert and disable the
port. Only way to re-enable the port is to
manually enter no shutdown command.
This is the default violation mode.
Description
Move in privilege
exec mode
Switch(configif)#switchport
port-security
violation
shutdown
Set security
violation mode.
Default mode is
shutdown. Skip
this command to
use default mode.
Switch(configif)#switchport
port-security
mac-address
sticky
Enable sticky
feature.
THANK
YOU!!!!!