Network Security
Essay by review • December 6, 2010 • Research Paper • 1,526 Words (7 Pages) • 1,306 Views
ABSTRACT :
This paper describes the basic threats to the network security and the basic issues of interest for designing a secure network. it describes the important aspects of network security. A secure network is one which is free of unauthorized entries and hackers
INTRODUCTION
Over the past few years, Internet-enabled business, or e-business, has drastically improved efficiency and revenue growth. E-business applications such as e-commerce, supply-chain management, and remote access allow companies to streamline processes, lower operating costs, and increase customer satisfaction. Such applications require mission-critical networks that accommodate voice, video, and data traffic, and these networks must be scalable to support increasing numbers of users and the need for greater
capacity and performance. However, as networks enable more and more applications and are available to more and more users, they become ever more vulnerable to a wider range of security threats. To combat those threats and ensure that e-business transactions are not compromised, security technology must play a major role in today's networks.
Why Networks Must Be Secured?
Attacks: -
Without proper protection, any part of any network can be susceptible to attacks or unauthorized activity. Routers, switches, and hosts can all be violated by professional hackers, company competitors. In fact, according to several studies, more than half of all network attacks are waged internally. To determine the best ways to protect against attacks, we should understand the many types of attacks that can be instigated and the damage that these attacks can cause to data. The most common types of attacks include Denial of Service (DoS), password, and root access attacks.
DoS attacks are particularly malicious because although they do not provide intruders with access to specific data, they "tie up" IS resources, preventing legitimate users from accessing applications. They are usually achieved by hackers sending large amounts of jumbled or otherwise unmanageable data to machines that areconnected to corporate networks or the Internet. Even more malicious are Distributed Denial of Service (DDoS) attacks in which an attacker compromises multiple machines or hosts. According to the 2001 Computer Security Institute (CSI) and FBI "Computer Crime and Security Survey," 38 percent of respondents detected DoS attacks, compared with 11 percent in 2000.
Historically, password attacks, attacks in which a perpetrator gains unauthorized access to network passwords in order penetrate confidential information, have been the most common type of attacks. When a hacker "cracks" the password of a legitimate user, he has access to that user's network resources and typically a very strong platform for getting access to the rest of the network. For example, in December of 2000, a hacker stole user passwords from the University of Washington Medical Center in Seattle and gained access to files containing confidential information regarding approximately 5000 patients. Hackers can often easily obtain passwords because users typically choose common words or numbers as their passwords, enabling the hacker's use of software programs to methodically determine those passwords. Hackers also deploy social engineering techniques to gain access to passwords. Social engineering is the increasingly prevalent act of obtaining confidential network security information through non technical means, such as posing as a technical support representative and making direct phone calls to employees to gather password information.
From the early days of the Internet, when only e-mail servers were on the network, a hacker's ultimate goal was to gain root access to the UNIX host that ran these applications. With root access, the hacker had full control of the system and could often collect enough information to gain access to the rest of the network and other partner networks. E-business application hosts have increased the number of targets for hackers. Hackers often exploit security vulnerabilities, or security holes, in the operating systems or applications of these hosts that system administrators have not safeguarded. Using buffer overflows, trojan horses, and other common techniques, hackers gain control of hosts that can be used as platforms for launching other attacks. These practices can lead to serious financial losses or legal liabilities.
Cost of Intrusions
Network attacks cause organizations several hours or days of downtime and serious breaches in data confidentiality and integrity. Depending on the level of the attack and the type of information that has been compromised, the consequences of network attacks vary in degree from mildly annoying to completely debilitating, and the cost of recovery from attacks can range from hundreds to millions of dollars.
Designing the Security Infrastructure
The objective of network security is to protect networks and their applications against attacks, ensuring information availability, confidentiality and integrity. When network security architectures has to be designed we must consider a number of factors. Not all networks and their associated applications have the same risks of attacks or possible costs of repairing attack damages. Therefore, we must perform cost-benefit analysis to evaluate the potential returns on investment for various network security technologies and components versus the opportunity costs of not implementing those items
Security Architecture
The access and security requirements of each service should be defined before the network is divided into modules with clearly identified trust levels. Each module can be treated separately and assigned a different security model. The goal is to have layers of security so that a "successful" intruder's access is constrained to a limited part of the network. Just as the bulkhead design in a ship can contain a leak so that the entire ship does not sink, the layered security design limits the damage a security breach has on the health of the entire network. In addition, the architecture should define common security services to be implemented across the network. Typical services include:
* Password authentication, authorization, and accounting (AAA)
* Confidentiality provided
...
...