IDS
1
1 SNMP Agent Manager Agent
SMI MIB SMI SNMP
0 1 2 3 5 6 7 8
Web SNMP SNMP Trap SNMP GetRequestGetNext GetBulk SetRequest Response Inform Trap
Buffer overflow DoS
Buffer Overflow Internet fingerd, sendmail, bind, IE, IIS, ftpd, lpd, X Window, ssh, NetMeeting
spoofing IP Spoofing ARP Spoofing DNS Spoofing Mail Spoofing
Basic concept of encryption and decryption
---- ----
Basic principle asymmetry symmetry
DES 3DES
DES 3DES
DES 3DES Sub-key generating
Complex
RSA
RSA
RSA
RSA
RSA Encrypt with public key
RSA Encrypt with private key
Complex encryption Message digest by MD algorithm message integrity
Complex encryption Digest and RSA(sender) unidirectional data signature
Complex encryption Digest and RSA(sender) unidirectional data signature
Complex encryption Bidirectional Data Signature Authentication
Complex encryption Bidirectional Data Signature Authentication
( )
NAT
WWW
DMZ WEB EMAIL
-What GRID
-What Web dynamic
-Why
-Why CAD/CAM
-Why
-Why
-Why
-Why
-Why
Application Specialized services : services : services :, Talking to things : (Internet protocols) & Controlling things locally : Access to, & control of, resources Collective Application Resource Fabric Transport Internet Link Internet Protocol Architecture
SF Express EU-Data Grid U.S. GIG China Grid
-IDS Intrusion Detection IDS
-IDS IDS :Intrusion detection system. Some combination of one or more of the following components: sensor, analyzer, manager. by IDWG, RFC draft, draft-ietf-idwg-requirements,p8
-IDS
-IDS
-Firewall
-Firewall Firewall VS. IDS +
- Active Firewall => Active Firewall System What? A Protection System for small/medium organization, based on the integration and cooperation of the traditional security devices. Why? More dangerous world (threats: worm, attack, etc.) Single devices: not competent Components: Firewall, IDS, Scanner, and Policy Center
- Active Firewall
- Active Firewall Two Approaches Intelligence Goal: more intelligent in automatically detecting threat and responding Approach: Security Policy Center Performance Goal: faster, smooth in packet processing wire-speed! Approach: by Network Processor
- Active Firewall The Old Architecture IDS
- Active Firewall The New Architecture IDS
- Active Firewall The Info. Flow Execution
Active Firewall DMZ WEB EMAIL
Today s Vision Everything is digital: voice, video, music, pictures Everything is on-line: bank statement, medical record, books, airline schedule, weather, highway traffic, toaster, refrigerator Everyone is connected: doctor, teacher, broker, mother, son, friends, enemies
Today s Vision Electronic commerce Internet entertainment World as a small village community organized according to interests enhanced understanding among diverse groups Electronic democracy little people can voice their opinions to the whole world bridge the gap between information haves and have no s Electronic terrorism hacker can bring the whole world to its knee
NEXT? TODAY!
IPV6 IPv4 IPv6 deficiency advantages
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
2006-5
2.2 bps vs. baud
( )
2.2 cont d
2.2 cont d ( )
2.3. Modem Modem Codec Codec
2.4. Detection
2.4. cont d ( ) / (
2.4. Cont d
T1 1.544mbps E1 2.148mbps
3.1 ISO/OSI
3.2 ISO/OSI cont d
3.2 ISO/OSI cont d DL MAC
3.2 ISO/OSI cont d IP Best effort
3.2 ISO/OSI cont d (TSAP) End-End TCP/UDP Tcp udp
3.3 TCP/IP 7 6 5 4 Application Presentation Session Transport 3 Network 2 1 Data Data link link Physical
3.3 TCP/IP Cont d
3.3 TCP/IP Cont d
3.3 TCP/IP Cont d
4.1 LAN Ethernet BUS CSMA/CD Token network BUS RING
5.1 wan ISDN ATM
6.1
7.1 (arp rarp) Arp rarp dns
8 Client server proxy Request reponse
8 cont d Challenge response