Network Security
An important aspect of data communications and networking is network security. Network security is based on cryptography which is the art of transforming messages to make them secure and less prone to attack. Both software and hardware components are needed to secure the network from unauthorized access. Various methods are used to defend security attacks involve encryption, digital signatures, firewalls fault tolerance and VLAN.
Authentication can be developed using public key cryptography, Kerberos,shared secret key etc. Firewalls can be used to block unwanted access to the network. The perfect server needs to have speed and reliability so that it can share its resources effectively. It is imortant to impliment external network security in homes, small offices, and large organisational networks. Different types of protocols such as SSL, IPSec, PPTP, and SLIP are used at different layers of the OSI model for providing security to the users
Threats
Anything that prevents users from accessing the required resources for performing their task is known as threat. Threats not only include hacking of the server but it also includes bad configuration, viruses and unintentional corruption of data by the users. Thus, threats can be broadly classified into two grous: internal and external threats.
Internal threats are wrong practices done by users in the network resulting in insufficient working of the network. Many a times the security violation does not come from an outside source but it originates within an organisation intentionally or unintentionally. Small organisations are more vulnerable to these types of attacks as they lack proper internal security. The common internal threats are:
Ø Unauthorized Access
Ø Data Destruction
Ø Administrative Access
Ø System Crash/ Hardware Failure
Ø Virus
Protecting from Internal Threats:
The methods of protecting internal threats are largely dependent on policies set by the network administrator for the different users rather than the technology. There are large number of user accounts and groups having different levels of rights/permissions spread around a network. Each time a user is granted access to a resource you create potential loopholes leaving your network vulnerable to unauthorized access, data destruction and other administrative threats. To protect the network from internal threats, the administrator needs to impliment passwords, permissions and policies on user accounts.
Ø Passwords – implementing password is the best practice to protect your network. Biometric devices like fingerprints and retina scan can also be used as a replacement for passwords.
Ø User Account Control –all the user accounts should be given the right permission to access the resources they need and nothing more. The best method of user a/c control is creating groups.
Ø Policies – it is also essential to implement various policies so as to restrict access to the resources or to prohibit them from doing certain tasks. For example, the administrator does not want the users to install any software on their computer.
Ø Fault Tolerance- fault tolernce is used in recovering data if data is lost due to disk crash. RAID technology is used for fault tolerance. In RAID, if one of the hard disk crashes, the data can be recovered from the other hard disk.
External Threats
External threats can exist in two forms. First, the attacker can manipulate your users to gain access to the network, a process called social engineering. In the second case, the hacker at the remote location can use technical weakness of your network to gain access. The common external threats are:
Social Engineering – Majority of the attacks come under social engineering where the person manipulates the people within the organisation to gain access to the network from outside. The hackers use organisational people to gain unauthorized information. The information can be a network login, credit card number or any other useful information that an organisation may not want that an outsider to know. Some of the types of social engineering attacks are infiltration, telephone scams, dumpster diving and physical theft.
Hacking: in hacking the hacker gains access to the network by means of internet worms and other internet hacking tools. The main aim of hackers is to try and get in to areas of public and private networks where they have no business. The hackers basically fall into four categories i.e. inspectors, interceptors, controllers and flooders depending upon their intentions.
Protecting from External Threats:
Securing the network from external threat is a competition between the hackers and the security personnel. The hackers always try to find the different software and hardware vulnerabilities in the network whereas the security personnel try to fix it. However, the hackers take advantage of well known new vulnerabilities which have not been fixed by the network administrator.
Ø Physical Protection – it is essential to protect your server. So, it is essential to lock the server to prevent physical access by any unauthorized persons.
· Firewalls
· Hiding the IPs
· Port Filtering
· Packet Filtering
Ø Encryption - encryption makes the packets unreadable. Encryption of data on the network occurs at various lavels, such as encrypting data while sending it over the internet.
Ø Authentication – it is necessary to authenticate the user along with encrypting the data. Modern network operating systems such as Windows NT/2000/XP/2003 and Netware 4.x/5.x/6.x use authentication encryption like Kerberos for authentication.
Ø Public Keys and Certificates- most strong encryption uses an asymetric key methodology which uses two keys: a public key and a private key. The other way of encryption is using digital certificates which are public keys signed with the digital signatures from a trusted third party known as certificate authority (CA).One of the popular CA for secure web sites is verisign.
Ø VLAN – Virtual LAN is a broadcast domain created using one or more switches. The switch creates a VLAN by adding some systems in a one VLAN and some in the other. VLAN not only provides security but also provides solution for reducing network traffic and helps in network administration.
Need for Network Security
Network security is a mechanism that protects the network resources from being attacked by the systems outside the network. Hackers constantly lookout for loopholes in the network security and watch secretly into a network. They constantly try to break the network protection barriers. Spywares and other adware programs get instelled into your computer and start transmitting private information and data from your computer to systems outside the network. Even the network traffic that is sent over the network and internet is not secure. IP snooping allows the monitoring the network trffic that is sent over the internet. Even the network data needs to be backed up in order to avoid loss of data. To overcome the problem of IP snooping, a proper security is to be designed.
Security Attacks
Security attacks break the security barrier of the network and access the network resources.
There are two types of security attacks carried on a network namely:
Ø Passive Attack – defines an attack where an attacker just monitors the network. The attackers aim is not to alter the traffic but to just monitor what information is being transmitted over a network. At any moment, the attacker can capture the traffic.
Ø Active Attack – defines an attack in which an attacker causes damage to the data being transmitted over a network. The attacker deletes, adds or alters information that is being transmitted over the network.
The purpose of security attacks is to violate the protection of the network and to access the network traffic and resources. The other types of attacks that are carried over a network are as follows:
Ø Denial of Service (DOS)
Ø Virus Attacks
Ø Password Cracking
Ø Domain Name Server (DNS) Spoofing
Ø IP Spoofing
Cryptography
Cryptography is a science that deals with securing information. It mainly deals with securing information that is stored in the systen or transferring data over a particular medium. In cryptography, plain text (simple text) is converted into into cipher text (encrypted text). Cryptography involves securing of messages, authentication and digital signatures. It also includes encryption and decryption. When the message is transmitted to over the network, the message is encrypted so that no other person can read it. At the receiving end, the user may require special software to decrypt the message.
Objectives of cryptography is:
Ø Message Confidentiality
Ø Message Integriy
Ø Message Authentication
Ø Message Nonrepudiation
Ø Entity Authentication
