What Is Network Security? | Introduction To Network Security | Network Security Tutorial|Simplilearn

00:10

the world runs on data off

00:12

the internet houses are treasured loop

00:14

of potentially harmful information from

00:16

basic shopping habits to private

00:18

financial transactions

00:20

all this data is carried over a network

00:22

of interconnected devices

00:25

during transit the data is as secure as

00:27

the mechanism responsible for its

00:29

transmission it's in this phase that the

00:31

most corrupted data originates

00:33

it's paramount that the networks

00:35

carrying this data must be secured

00:37

against malicious hackers and ample

00:39

attacks

00:41

let's take a look at the topics to be

00:43

covered in this video on network

00:44

security which is rising in popularity

00:47

and importance

00:48

we start by introducing the viewers to

00:50

network security and its basic

00:52

definition

00:53

we cover the working of network security

00:56

in the next section

00:57

then we have the different types of

00:58

network security followed by a small

01:00

introduction to transport and

01:02

application layer security and the

01:04

importance

01:05

next we cover the key tools in network

01:08

security the benefits and a live

01:10

demonstration of how nmap can scan posts

01:13

and aid in ethical hacking

01:16

so let's start with the first topic for

01:17

the day which is an introduction to

01:19

network security

01:21

network security is a set of

01:23

technologies that protects the usability

01:25

and integrity of a company's

01:27

infrastructure by preventing the entry

01:29

or proliferation within a network

01:32

it architecture comprises of tools that

01:34

protect the network itself and the

01:36

applications that run over it

01:38

effective network security strategies

01:40

employ multiple lines of defense that

01:42

are scalable and automated each

01:44

defensive layer here enforces a set of

01:47

security policies which are determined

01:48

by the administrator beforehand

01:51

this aims at securing the

01:52

confidentiality and accessibility of the

01:55

data and the network

01:57

the every company or organization that

01:58

handles a large amount of data has a

02:00

degree of solutions against many cyber

02:02

threats the most basic example of

02:04

network security is password protection

02:07

it has the network the user chooses

02:10

recently network security has become the

02:11

central topic of cyber security with

02:14

many organizations involving

02:15

applications from people with skills in

02:17

this area it is crucial for both

02:19

personal and professional networks most

02:22

houses with high speed internet have one

02:24

or more wireless routers which can be

02:26

vulnerable to attacks if they are not

02:27

adequately secured

02:30

data loss theft and sabotage risk may be

02:33

decreased with the usage of a strong

02:35

network security system

02:37

the workstations are protected from

02:39

hazardous spyware thanks to network

02:41

security

02:42

additionally it guarantees the security

02:44

of the data which is being shared over a

02:46

network

02:47

by dividing information into various

02:48

sections encrypting these portions and

02:51

transferring them over separate pathways

02:53

network security infrastructure offers

02:55

multiple levels of protection to thought

02:58

man in the middle attacks preventing

02:59

situations like eavesdropping among

03:01

other harmful attacks

03:03

it is becoming increasingly difficult in

03:05

today's hyper-connected environment as

03:07

more corporate applications migrate to

03:09

both public and private clouds

03:11

additionally modern applications are

03:13

also frequently virtualized and

03:15

dispersed across several locations some

03:17

outside the physical control of the itd

03:21

network traffic and infrastructure must

03:22

be protected in these cases since

03:24

assaults on businesses are increasing

03:26

every single day

03:28

we now understood the basics of network

03:30

security but we need to understand how

03:32

network security works in the next

03:34

section in slightly more detail

03:37

network security revolves around two

03:39

processes authentication and

03:41

authorization

03:43

the first process which is

03:44

authentication is similar to access

03:46

paths which ensure that only those have

03:48

the right to enter a building

03:50

in other words authentication checks and

03:52

verifies that it is indeed the user

03:55

belonging to the network who is trying

03:57

to access or enter it thereby preventing

03:59

unauthorized intrusions

04:01

next comes authorization

04:04

this process decides the level of access

04:06

provided to the recently authenticated

04:08

user

04:10

for example

04:11

network admin needs access to the entire

04:13

network whereas those working within it

04:15

probably need access to only certain

04:17

areas within the network

04:19

based on the network user's role the

04:21

process of determining the level of

04:23

access or permission level is known as

04:25

authorization

04:26

today's network architecture is complex

04:28

and faces a threat environment that is

04:31

always changing and attackers that are

04:32

always trying to find and exploit

04:34

vulnerabilities

04:36

these vulnerabilities can exist in many

04:37

areas including devices data

04:40

applications users and locations

04:44

for this reason many network security

04:46

management tools and applications are in

04:48

use today that address individual

04:50

threats

04:52

when just a few minutes of down times

04:54

can cause widespread disruption and

04:55

massive damage to an organization's

04:57

bottom line and reputation it is

04:59

essential that these protection measures

05:01

are in place beforehand

05:04

now that we know a little about network

05:05

security and it's working let's cover

05:08

the different types of network security

05:11

the fundamental tenet of network

05:12

security is the layering protection for

05:14

massive networks and stored data that

05:17

ensure the acceptance of rules and

05:18

regulations

05:20

as a whole there are three types

05:22

the first of which is physical security

05:24

the next being technical and the third

05:26

being administrative

05:29

let's look into physical security first

05:31

this is the most basic level that

05:33

includes protecting data and network

05:35

through unauthorized personnel from

05:37

acquiring control over the

05:38

confidentiality of the network these

05:40

include external peripherals and routers

05:43

that might be used for cable connections

05:45

the same can be achieved by using

05:46

devices like biometric systems

05:49

physical security is critical especially

05:51

for small businesses that do not have

05:53

many resources to devote to security

05:55

personnel and the tools as opposed to

05:57

large firms

05:59

when it comes to technical network

06:00

security it focuses mostly on

06:03

safeguarding data either kept in the

06:04

network or engaged in network

06:06

transitions

06:08

this kind fulfills two functions

06:10

one is depends against unauthorized

06:12

users

06:13

the other is a defense against

06:14

malevolent actions

06:16

the last category is administrative

06:19

this level of network security protects

06:21

user behavior like how the permission

06:23

has been granted and how the

06:25

authorization process takes place

06:27

this also ensures the level of

06:29

sophistication the network might need to

06:30

protect it through all the attacks

06:33

this level also suggests necessary

06:35

amendments that have to be done to the

06:37

infrastructure

06:38

i think that's all the basics that we

06:40

need to cover on network security

06:42

in which our next topic we're going to

06:43

go through two mediums of network

06:45

security which are the transport layer

06:47

and the application layer

06:50

the transport layer is a way to secure

06:52

information as it is carried over the

06:54

internet with users browsing websites

06:56

emails instant messaging etc

06:59

tls aims to provide a private and secure

07:02

connection between a web browser and a

07:04

website server it does this with a

07:06

cryptographic handshake between two

07:08

systems using public key cryptography

07:11

the two parties through the connection

07:12

exchange a secret token and once each

07:14

machine validates this token it is used

07:16

for all communications

07:18

the connection employs lighter symmetric

07:20

cryptography to save bandwidth and

07:22

processing power

07:24

since the application layer is the

07:26

closest layer to the end user it

07:28

provides hackers with the largest threat

07:30

surface

07:31

poor app layer security can lead to

07:33

performance and stability issues data

07:35

theft and in some cases the network

07:37

being taken down

07:38

examples of application layer attacks

07:40

include distributed denial of service

07:42

attacks or tdos attacks http flats hp

07:46

injections cross-site scripting etc

07:50

most organizations have an arsenal of

07:51

application layer security protections

07:53

to combat these and more such as web

07:56

application firewalls secure web gateway

07:58

services etc

08:01

now that we have the theory behind

08:02

network security has been covered in

08:04

detail let us go through some of the

08:06

tools that can be used to enforce these

08:08

network security policies

08:11

the first two to be covered in the

08:13

section is a firework

08:15

a firewall is a type of network security

08:17

device that keeps track of incoming and

08:19

outgoing network traffic and it decides

08:22

which traffic to allow or deny in

08:24

accordance to a set of security rules

08:27

for more than 25 years firewalls have

08:29

served a network security's first line

08:31

of defense

08:32

they provide a barrier between

08:34

trustworthy internal protected and

08:36

regulated networks from shady external

08:38

networks like the internet at some point

08:41

the next tool which can be used to

08:43

bolster network security is a virtual

08:45

private network or vpn for short

08:48

it's an encrypted connection between a

08:49

device and a network via the internet

08:52

the encryptment connection is the secure

08:55

transmission of sensitive data

08:57

it makes it impossible for unauthorized

08:59

parties to eavesdrop on the traffic and

09:01

enables remote work for the user

09:03

the usage of vpn technology is common in

09:05

both corporate and personal networks

09:08

next we cover the importance of

09:09

inclusion prevention systems in network

09:11

security or ips frameworks

09:15

an intrusion prevention system is a

09:16

network security tool that continually

09:19

scans the network for harmful activity

09:21

and responds to it when it does occur by

09:24

reporting blocking or discarding it

09:27

it can be either hardware or software

09:29

it's more sophisticated than an

09:30

inclusion detection system or an ids

09:33

framework which can just warn an

09:34

administrator and merely identify

09:36

harmful activities while in the case of

09:38

an ips it actually takes against that

09:40

activity

09:42

the next tool in this section and final

09:43

one are going to be behavioral analytics

09:46

behavior analytics focus more on the

09:48

statistics that are being carried over

09:50

and stored through months and years of

09:52

usage

09:53

when some kind of similar pattern is

09:55

noted that the idea administrator can

09:57

detect some kind of attack the similar

09:59

attacks can be stopped and the security

10:01

can be further enhanced

10:03

another day i've covered all that we

10:04

need to know about network security the

10:06

necessary tools it's different types etc

10:09

let's go through the benefits of network

10:11

security as a whole

10:14

the first which is protection against

10:16

external threats

10:17

the objective for cyber assaults can be

10:19

as varied as the defenders themselves

10:22

although they are typically initiated

10:23

for financial gain whether they are

10:25

industrial spies hacktivists or cyber

10:28

criminals these bad actors all have one

10:30

thing in common which is how quick

10:32

clever and covert the attacks are

10:34

getting a strong cyber security posture

10:36

that considers routine software updates

10:39

may assist firms in identifying and

10:41

responding to the abuse techniques tools

10:44

and the common entry points

10:46

the next benefit is protection against

10:48

internal threats the human aspect

10:51

continues to be the cyber security

10:52

system's weakest link

10:54

insider risk can originate from current

10:56

or former workers third party vendors or

10:59

even trusted partners and they can be

11:00

unintentional careless or downright evil

11:04

aside from that the rapid expansion of

11:06

remote work and the personal devices

11:08

used for business purposes while even

11:10

iot devices in remote locations can make

11:13

it easier for these kind of threats to

11:14

go undetected until it's too late

11:17

however by proactively monitoring

11:19

networks and managing access these

11:21

dangers may be identified and dealt with

11:24

before they become expensive disasters

11:27

the third benefit is increased

11:28

productivity

11:30

it is nearly impossible for employees to

11:32

function when network and personal

11:34

devices are slowed to a crawl by viruses

11:36

and other cyber attacks during the

11:38

operation of website and for the company

11:40

to run

11:41

you must significantly minimize

11:42

violations and the amount of downtime

11:44

required to fix the breach by

11:46

implementing various cybersecurity

11:48

measures such as enhanced firewalls

11:50

wireless scanning and automatic backups

11:53

employee identification of possible

11:55

email phishing schemes suspicious links

11:58

and other malicious criminal activities

12:00

can also be aided by education and

12:02

training

12:04

another benefit is

12:05

brand trust and reputation

12:08

customer retention is one of the most

12:09

crucial elements in business development

12:12

customers today place a premium on

12:14

maintaining brand loyalty through a

12:15

strong cyber security stance since this

12:18

is the fastest way to get other

12:19

businesses back get referrals and sell

12:22

more tickets overall additionally it

12:24

helps manufacturers get on the vendor

12:26

list with bigger companies as a part of

12:28

the supply chain which is only as strong

12:30

as its weakest link

12:32

this opens possibilities for potential

12:34

future endeavors and development

12:37

it's all really the all for the

12:38

theoretical part of network security

12:41

after covering so many topics let's go

12:43

through a small demonstration to drive

12:44

home this topic's importance so one of

12:46

the first things we're going to cover is

12:48

the installation of nmap

12:50

what are we using right now is actually

12:52

vmware a re-running an instance of a

12:55

relax distribution known as parrot

12:57

security operating system

12:59

the parrot security os is a debian based

13:01

linux distribution that is catered more

13:03

towards ethical hackers and penetration

13:05

testers the howard is created more is it

13:08

comes pre-installed with a lot of tools

13:10

that ethical hackers need including nmap

13:13

so let's say you're using another debian

13:15

based linux distribution

13:17

if you want to install nmap you can go

13:19

with the command of sudo

13:21

apt which is the package manager

13:24

install

13:25

and

13:26

and just press enter

13:28

at this point it's going to ask you for

13:30

your administrator password because of

13:31

the sudo command which you have used now

13:33

this epd will change depending on the

13:35

distribution let's say using a

13:37

distribution that is based on arch linux

13:39

that will be different if there is some

13:41

other distribution which is built from

13:43

scratch the commands will differ but

13:45

more or less a lot of the distributions

13:47

the main stream distributions that

13:49

people use like ubuntu zorinos max mint

13:52

they are debian bs so you're just going

13:54

to be using sudo apt install and map

13:57

if you give your administrator password

13:59

here

14:00

it's going to see that nmap is

14:03

smashed manually installed and it is

14:05

already the newest version at this point

14:07

if you do not have an app in your

14:08

distribution it's going to install the

14:10

necessary package files

14:13

if i just use the nmap command you can

14:15

see some help lines where it basically

14:18

says what kind of flags you can use what

14:19

are some of the most common commands the

14:21

version etc it gives a small sample for

14:25

the usage of nmap

14:27

now

14:28

the first one of the most basic

14:30

functions of nmap is to identify active

14:33

hosts on your network

14:35

and app does this by using a ping scan

14:37

or sometimes it's called a ping suite

14:39

this identifies all of the ip addresses

14:41

that are currently online without

14:43

sending any packets to these hosts

14:46

to run the command we're just going to

14:48

go with let me just clear the screen for

14:50

now

14:53

another thing you have to do before

14:54

running nmap just for our ease of use is

14:57

we're going to use the sudo suv command

15:00

this will turn our console into an

15:02

administrator console so let's say we

15:04

want to use some drivers or some

15:06

external adapters or anything that

15:08

requires administrative permission we

15:09

don't have to use the admin password

15:11

again and again

15:15

just going to give it a bit of time for

15:17

it to recognize

15:25

okay now that you see uh this dollar

15:27

sign has changed into a hash symbol

15:30

which means we now have root access

15:32

of this console right now of this

15:34

terminal so what we're going to do for

15:36

the pink suite where we have to check

15:37

existing course is are going to use the

15:39

command in map

15:41

minus sp

15:46

and go with the ip address

15:50

of the current subnet that you are in

15:52

which is always going to be minus one uh

15:54

it's always going to be 192 and 168.1.1

15:59

the 24 bracket

16:01

so this is going to take some time

16:02

considering this is going to check all

16:03

the hosts

16:05

in this particular subnet

16:08

the command then returns a list of posts

16:10

on your network which is this and the

16:12

total number of assigned ip addresses if

16:15

you can spot like any ip addresses that

16:17

you cannot account for in your network

16:19

or your server you can then add further

16:21

commands to investigate them further

16:22

using nmap itself

16:25

now coming to another feature of nmap

16:28

which is a very important usage

16:30

is

16:30

when scanning posts and mac commands can

16:33

use server names ip addresses or even

16:35

ip6 addresses

16:37

a basic nmap command will produce

16:39

information about the given host

16:42

so to run a basic port scan we can just

16:43

use the nmap command with the ip address

16:45

of the device or the ip address that we

16:48

are targeting

16:49

so for now the host machine that i am

16:51

using currently has this current ip

16:54

address

16:55

if you can see the current id address is

16:58

192.168.1.22

17:02

as it's written in the ipv4 address

17:03

preferred section

17:05

so now we're going to try and attack

17:07

this first machine using nmap on parent

17:09

security operating system

17:11

so we're just going to go with the end

17:13

map

17:14

192 162

17:18

and press enter and it's going to start

17:20

scanning the host for different services

17:23

and the ap address

17:24

that are being run on the system

17:29

the speed of these scans usually depends

17:31

on how quick the processor is and also

17:33

how quickly the two machines can connect

17:35

with each other but two machines i mean

17:38

the virtual machine in this case and the

17:40

machine that is being attacked which is

17:42

right now the host machine which is

17:44

running vmware workstation

17:52

as you can see the core scanning is

17:54

complete for this particular ip address

17:56

and you can see the number of ports is

17:58

mentioned and the services that these

18:00

posts are used for is also mentioned it

18:03

says which of these are open for example

18:05

the 53 tcp port we can see it is closed

18:08

while some of the other ports are open

18:11

now one more feature of nmap is the

18:13

ability to guess the operating system of

18:15

the ip address that we are attacking

18:17

for that we need to add one more flag

18:20

which is going to go with the normal

18:21

command is n map minus 4 and

18:25

the regular appearance that we are in

18:28

the process of attacking

18:30

let's give it a few minutes to run the

18:32

scan and it will try and put a small gas

18:34

on the operating system that this host

18:36

might be running

18:38

this gas might not always be accurate

18:40

but it puts a small idea and this is

18:43

much more accurate in the case of

18:44

actually unix based operating system

18:46

other than windows based operating

18:48

systems may be able to detect that if it

18:50

is a windows a linux macintosh

18:53

and so on

18:55

but it may have difficulty finding exact

18:57

single versions which becomes easier in

18:59

the case of linux because we can

19:01

identify different distributions by some

19:03

of the kernels

19:04

which and most of the vulnerabilities

19:06

comes from the kernels and not the

19:08

particular distributions

19:13

as you can see the os detection guess is

19:15

complete and you can see aggressive os

19:17

is over here which is microsoft windows

19:19

xp service pack or windows server and

19:22

there's the 98 guess that it's mostly

19:26

like i mentioned if you can guess if it

19:28

is a windows based system you can apply

19:30

the vulnerabilities and exploits

19:32

accordingly

19:33

now at times you may need to detect

19:35

service version and the and similar

19:38

information from these open ports

19:40

actually this is useful for

19:41

troubleshooting and scanning for

19:43

vulnerabilities or locating services

19:45

that need to be updated considering a

19:47

lot of the new updates are used to fix

19:50

these kind of open vulnerabilities so

19:53

the flag that we're going to use in this

19:55

case is minus

19:57

sv or hyphen s3 so only this is going to

20:00

change with the nmap and the ip address

20:02

of the whole system staying consistent

20:04

a lot of the services that are being run

20:06

on these ports are often not the most

20:08

safe for example apache web server which

20:10

is a very common web server being used

20:12

for even local and global projects uh a

20:15

lot of the older versions used to have

20:17

systems that can allow privilege

20:18

escalations or other vulnerabilities

20:21

that can allow hacker to get into your

20:23

system without even you getting a trace

20:25

of it

20:26

silhouetted versions tend to fix these

20:28

as quickly as possible and most of these

20:30

versions do not circulate in the real

20:32

world but can be used for ethical

20:34

hacking and testing on how these

20:36

validate and how these vulnerabilities

20:38

can be attacked further

20:45

now with the sv command scan is complete

20:48

we can see that it is mentioning some of

20:50

the version of the services that are

20:52

being run on the particular post

20:54

once again like i mentioned using these

20:56

version numbers you can identify

20:58

particular vulnerabilities and use the

21:00

exploits design for these

21:01

vulnerabilities to gain access to the

21:03

system

21:04

another thing that nmap does well is

21:07

port scanning it's now the basic

21:08

utilities actually that nmap offers and

21:11

consequently there are few ways that

21:13

this command can be customized further

21:15

for example to come to start a port scan

21:18

we're going to use the flag of my ipin p

21:21

we're going to specify a random port for

21:24

example 443 which we know it will be

21:26

open because it is the port used for

21:28

https connections which is obviously

21:30

essential for you to access the internet

21:32

and once again we are going to use the

21:34

ip address or local host

21:37

as the test machine that have been

21:39

attacked

21:41

as you can see it clearly states that

21:42

the four fourth report is open as

21:45

expected

21:46

now you can use multiple ports you can

21:48

check multiple ports this way for

21:49

example and map and p we're going to use

21:52

scan three different ports four four

21:54

three eighty and four four five

21:59

address again

22:02

and it's going to show

22:04

the state of all the three ports now you

22:05

can see this filter part here

22:08

which which does not mean it is open and

22:10

it cannot be exploited in any way at

22:11

least right now maybe there is any other

22:14

service that is being run it can be

22:16

exploited further but right now it is in

22:18

a filtered condition

22:19

that is how we can actually scan for

22:21

multiple ports together we can also we

22:24

can also use actually in a sports car in

22:27

a range format for example

22:29

let's say we're going to scan the ports

22:31

from 200

22:32

to 300 and once again going to use the

22:35

hyphen key flag

22:38

then the ip address of the system being

22:42

attacked

22:44

it's going to scan all the posts from

22:45

200 to 300 and mention what are the

22:47

ports that are open filtered or just

22:50

straight up closed

22:52

as you can see all the 101 stand posts

22:55

are in ignore state for example if we

22:58

try to scan a range in

23:00

a more reasonable range for example uh 4

23:03

4

23:04

3 2

23:06

4 6

23:07

that's it

23:08

we'll keep the ip address similar

23:14

and you can see two of them are open and

23:16

two of them are filtered for different

23:18

different reasons this is how you can

23:20

find out which of the ports are liable

23:23

for exploitation before attacking these

23:25

kind of devices

23:27

hope you enjoy this video

23:29

please let us know in the comments

23:30

section if you have any issues with

23:31

network security or the things that you

23:33

learned in this video subscribe to our

23:35

channel for more videos like this and

23:37

thank you for watching

23:41

[Music]

23:44

hi there if you like this video

23:45

subscribe to the simply learn youtube

23:47

channel and click here to watch similar

23:50

videos to nerd up and get certified

23:52

click here