Basically a network is a computing environment with more than one independent processor. Network resources include computers, OS, programs, processes and people.
Below is the illustration on the network architecture.
A network enables us the send and receive messages, executing programs, obtaining status information on local and other network users.
The types of network is shown below:
The basic network topologies that we are all already familiar with are star, mesh, ring and bus topology.
We have also learned the Open Systems Interconnection model.
The seven layers of the OSI model is as shown below:
Individuals who cause security problems are hackers, spies, students, businessmen, ex-employees, stockbrokers, terrorists, and etc.
The areas where network security problems can occur are as follows:
• Authentication
• Secrecy
• Non-repudiation
• Integrity control
Disadvantages of computer networks:
• Accidental sharing because inadequate access control.
• Complexity where a network may consist of two or more systems with different OS and different mechanisms for hosting a connection.
• Unknown perimeters where one host maybe a node on two or more networks.
• Many points of vulnerabilities
• Unknown paths
• Label format differences
• Anonymity
Hacking phases involve:
• Reconnaissance
• Scanning
• Gaining access
• Maintaining access
• Covering tracks
We have security exposures as a threat in networks, in terms of privacy, data integrity, authenticity, covert channels, impersonating, eavesdropping and denial of service. Packet replay is another network threat, which refers to recording and retransmitting of message packets in a network. Packet modification involves a system intercepting and modifying a packet destined for another system.
Network security controls consists of encryption, strong authentication, Kerberos and firewalls.
Encryption has two types being link encryption and end-to-end encryption, SSH encryption
A firewall is an access control device that filters all network traffic (internal access and external services). There are four types of firewall being:
• Packet filter
• Circuit level proxy
• Stateful packet filter
• Application level proxy
There are many ways in configuring a firewall because third party software has them. Please visit the software manufacturer website for further details.
Internet Protocol security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a data stream.
Kerberos is a computer network authentication protocol, which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner.
Intrusion Detection System is a device or software tool that monitors activity to identify malicious or suspicious events.
IDS components include:
• Sensor to generate security events
• Console to monitor events and alerts and control the sensors
• Central engine that records logged by the sensors in a database and uses system rules to generate alerts from security events received
Types of IDS include:
• Signature-based IDS
• Heuristic-based IDS
Limitations of IDS:
• Compensating for weak or missing security mechanisms in the protection infrastructure.
• Instantaneously detecting, reporting, and responding to an attack, when there is a heavy network or processing load.
• Detecting newly published attacks or variants of existing attacks
• Effectively responding to attacks launched by sophisticated attackers
• Automatically investigating attacks without human intervention.
• Resisting attacks that are intended to defeat or circumvent them
• Compensating for problems with the fidelity of information sources
• Dealing effectively with switched networks
0 comments:
Post a Comment