NetworkSecurity
Download
Report
Transcript NetworkSecurity
Network Security
Network Security
Network security starts from authenticating any user.
Once authenticated, firewall enforces access policies such as what
services are allowed to be accessed by the network users. Though
effective to prevent unauthorized access, this component fails to
check potentially harmful contents such as computer worms being
transmitted over the network. An intrusion prevention system (IPS)
helps detect and prevent such malware.
IPS also monitors for suspicious network traffic for contents, volume
and anomalies to protect the network from attacks such as denial of
service.
Firewall
A firewall is any device that is designed to restrict and control access to your
computer and files. Both hardware and software can be used to restrict
access to your computer or network.
There are a number of software titles that will allow you to control access.
Some of these firewalls are virtually invisible to you and run in the background,
silently protecting your computer.
Other firewalls protect you by alerting you to every potential security breach
Brief History
Packets
Messages - such as e-mail messages or web pages - that are sent along
the Internet are broken down into smaller packets of information. This is
done because there is limited room for message transmission along the
Internet. Keeping the messages to a standardized parcel size of fewer than
1500 characters ensures that traffic will continue to move smoothly.
Once the message is broken down into packets, each one is transmitted to
the destination computer individually. Packets that make up the same
message are often sent along different routes to its destination by the router
depending on the amount of traffic on any given channel at the time of
transmission. Upon arrival at the destination computer, the packets are
recombined into the original message.
Packet Headers
Each packet is given a header that contains important information such as the address of
the destination and of the source computer, the amount of data in the packet and how the
packets must be recombined to form the original message. The header also contains
information known as a checksum. The checksum is a numerical value based on the amount
of information contained in the message.
Pcket Filters - Evolution
First generation - packet filters: Packet filters act by inspecting the
"packets" which represent the basic unit of data transfer between computers
on the Internet. If a packet matches the packet filter's set of rules, the
packet filter will drop (silently discard) the packet, or reject it (discard it, and
send "error responses" to the source).
2 Second generation - "stateful" filters or 'stateful firewall' maintains
records of all connections passing through the firewall, and is able to
determine whether a packet is the start of a new connection, or part of an
existing connection. Though there's still a set of static rules in such a
firewall, the state of a connection can in itself be one of the criteria which
trigger specific rules.
3 Third generation - application layer: also known as proxy based
firewalls. The key benefit is that it can "understand" certain applications
and protocols (such as File Transfer Protocol, DNS or web browsing), and
can detect whether an unwanted protocol is being sneaked through on a
non-standard port, or whether a protocol is being abused in a known
harmful way.
This type of filtering can be carried out by proxy servers, but if the filtering is
done by a standalone firewall appliance, or in a device for traffic shaping,
the technology is likely to be referred to as deep packet inspection.
Others
Network address translation
Firewalls often have network address translation (NAT) functionality, and the
hosts protected behind a firewall commonly have addresses in the "private
address range"
NAT involves re-writing the source and/or destination addresses of IP
packets as they pass through a Router or firewall. Most systems using NAT
do so in order to enable multiple hosts on a private network to access the
Internet using a single public IP address
Access Control Lists (ACL)
In computer security, an access control list (ACL) is a list of permissions
attached to an object. The list specifies who or what is allowed to access
the object and what operations are allowed to be performed on the object.
In a typical ACL, each entry in the list specifies a subject and an operation:
for example, the entry (Alice, delete) on the ACL for file XYZ gives Alice
permission to delete file XYZ.
In an ACL-based security model, when a subject requests to perform an
operation on an object, the system first checks the list for an applicable
entry in order to decide whether or not to proceed with the operation.
Security threats software
Spyware
When you install any software that is free, you should suspect that it might
be spyware. This means that the software can gather information about
your computer and how you use it and send that information to marketing
companies. Those companies can gather information such as your email
address, calendar data, web sites you have visited, or what music you listen
to.
Spyware removal
If you notice that your machine is running slower than normal or the
command prompt box appears on your screen you may have spyware on
your computer. To deactivate the spyware, you may want to install antispyware software such as "Ad-Aware" or "Spybot".
Viruses
You can prevent most viruses by following these five commandments:
1.
install anti-virus software.
2.
avoid using floppy disks to transfer files from one computer to another.
3.
Do not open files from any email before checking the file with an antivirus program. If you need to receive files via email, be careful to check the
file extensions. This is not a foolproof protection, but you should know that if
you receive a file with the .exe extension, you should never open it.
These are usually programs that can either be spyware, viruses, or trojans.
Trojans are malicious software programs (also called "malware") that might
do things such as erase files from your hard drive.
4.
Be sure you know the source of your software. If you aren't sure the
software distributor is legitimate, don't take a chance and install the free
software, no matter how amazing it seems.
5.
Do not download free music, movies, or media files. These types of
files (along with other types of free images, media files or movies) often
have a catch. The catch is that there can be viruses embedded in these
files. If you download free music or media, be aware that at the very least,
the sites will drop spyware on your machine.
Following these commandments will help you prevent virus infection