Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Resources > Lectures > Network security: intrusion risks and countermeasures
Go to: HSC Trainings
Version française
o Skills & Expertise
o Consulting
o ISO 27001 services
o Vulnerabilities monitoring
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o Training courses
o E-learning
o Agenda
o Past events
o Tutorials
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
o HSC Newsletter
o Press review
o Press releases
o Publications
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|Network security: intrusion risks and countermeasures  
> Access to the content HTML Beginning of the presentation  
> Description The aim is to show that intrusion risks in today's networks are real and more and more widespread, both in the company's external perimeter and inside. But security solutions exist for all cases, and they should be deployed.  
> Context & Dates ACTI'99 seminar - Les journées de l'audit et du conseil en projet technologies de l'informaiton, organised by the Ifaci with the AFAI, on 18 November 1999.
Slides reused for the Internet/intranet security presentation made at the general meeting of the ACTIF, on 16 June 2000.
> Author Hervé Schauer (Herve.Schauer@hsc.fr) 
> Type 41 slides [ French - HTML ]  
> Abstract &
Table of content
Plan de la présentation

Réseau TCP/IP
Format d'un paquet IP
Principaux champs d'un paquet IP
Identification d'une communication TCP/IP
Le périmètre

Méthodologie en sécurité

Risques d'intrusion : généralités
Attaques externes
Risques internes
Propriétarisation de l'Internet
Contournement par dialup-IP
Contournement par encapsulation de IP sur un service autorisé

Risques d'intrusion : attaques sur TCP/IP
TCP : rwwwshell
Usurpation d'adresse IP (IP spoofing)
Vol de session IP (IP hijacking)
Déni de service IP : land
Déni de service UDP : teardrop
Déni de service TCP : inondation de SYN (SYN-flooding)

Les audits
Audit de vérification
Audit d'agrément
Audit intrusif

Appliquer la sécurité

Sécurité sur le périmètre

Cloisonnement de réseau
Topologie physique
Topologie virtuelle
Démarche de cloisonnement
Exemple de cloisonnement HTTP


> Related documents
[Presentation]  ISO 27005 vs EBIOS, Mehari, RiskIT, ... [25 June 2010 - French]
[Presentation]  Risk evolution for the SME/SMI [22 June 2010 - French]
[Presentation]  ISO 27005 risk management methodology [15 April 2010 - French]
[Presentation]  ISO 27005 risk management methodology [12 June 2009 - French]
[Presentation]  Aristote seminary : Distributed Security : the reply of the CISO [11 June 2009 - French]
[Presentation]  ISO 27001 and risk management [10 April 2008 - French]
[Presentation]  ISO 27005 : Risk management [15 May 2007 - French]
[Presentation]  ISO 27001, the standard of the future ? Wich role in our information systems security strategy ? [26 April 2007 - French]
[Presentation]  ISO 27001 standards [28 March 2007 - French]
[Presentation]  Manage new computer security issues [30 June 2004 - French]
[Presentation]  DOS on Internet infrastructure [4 November 2003 - French]
[Presentation]  Security risks from outside [29 October 2002 - French]
[Presentation]  DBMS and security [1 April 2002 - French]
[Presentation]  Risks and solutions of an e-business project [28 September 2001 - French]
[Presentation]  Controling the risks associated with e-business [21 June 2000 - French]
[Article]  About Intranets' Lack of Security [August 1999 - French]
[Presentation]  Threats and risks in Internet/intranet security [19 March 1998 - French]
[Presentation]  Bypassing Internet security gateways [19 March 1997 - French]
[Presentation]  The risks of security gateways' bypassing [26 September 1996 - French]
themeNetwork Security
[Presentation]  Forcasting in French cyberdefence doctrines [24 November 2010 - French]
[Presentation]  IPv6 Networks Discovery [30 May 2007 - French]
[Presentation]  IPv6: Network Security Threats [15 November 2006 - English]
[Presentation]  IPv6: impacts and threats [14 November 2006 - French]
[Presentation]  Manage IS security of wide enterprise [12 April 2005 - French]
[Presentation]  SSL VPN connection multiplexing techniques [7 April 2005 - English]
[Presentation]  Stakes of network security [31 March 2005 - French]
[Presentation]  Ethereal: an open-source network analyzer and a must-have security tool [2 February 2005 - French]
[Presentation]  Network security stakes [14 October 2004 - French]
[Techno-watch]  CanSecWest 2002 Conference [4 May 2002 - French]
[Presentation]  Network security: Introduction and Bluetooth [9 November 2000 - French]
[Article]  Networks Security [25 July 2000 - French]
[Presentation]  Policy managment for network security [29 May 2000 - French]
[Presentation]  Firewalls, protection and supervision, VPNs: situation of the security tools market [20 January 2000 - French]
[Course]  TCP/IP Networks Security [25 November 1999 - French]
[Presentation]  Network security techniques [6 March 1997 - French]
> Copyright © 1999, Hervé Schauer Consultants, all rights reserved.


Last modified on 17 April 2002 at 17:19:04 CET - webmaster@hsc.fr
Information on this server - © 1989-2010 Hervé Schauer Consultants