Network security threats:
- Network security is a major part of a network that needs to be maintained because information is being passed between computers etc and is very vulnerable to attack.
- According to ITSecurity the following are ten of the biggest network threats: Viruses and Worms, Trojan Horses, Spam, Phishing, Packet Sniffers, Maliciously Coded Websites, Password Attacks, Hardware Loss and Residual Data Fragments, Shared Computers and Zombie computers and Botnets.
- A Virus is a program or piece of code that is loaded onto your computer without your knowledge. Viruses can cause a huge amount of damage to computers. An example of a virus would be if you opened an email and a malicious piece of code was downloaded onto your computer causing your computer to freeze.
- In relation to a network, if a virus is downloaded then all the computers in the network would be affected because the virus would make copies of itself and spread itself across networks A worm is similar to a virus but a worm can run itself whereas a virus needs a host program to run.
- A Trojan Horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk.
- In a network if a Trojan Horse is installed on a computer and tampers with the file allocation table it could cause a massive amount of damage to all computers of that network. Spam is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it.
- Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking emails in an attempt to gather personal and financial information from recipients.
- Some websites across the net contain code that is malicious. Malicious code is Programming code that is capable of causing harm to availability, integrity of code or data, or confidentiality in a computer system.
- Password attacks are attacks by hackers that are able to determine passwords or find passwords to different protected electronic areas. Many systems on a network are password protected and hence it would be easy for a hacker to hack into the systems and steal data.
- Hardware loss and residual data fragments are a growing worry for companies, governments etc. An example this is if a number of laptops get stolen from a bank that have client details on them, this would enable the thief’s to get personal information from clients and maybe steal the clients identities.
- Shared computers are always a threat. Shared computers involve sharing a computer with one or more people. A zombie computer, or “drone” is a computer that has been secretly compromised by hacking tools which allow a third party to control the computer and its resources remotely. A hacker could hack into a computer and control the computer and obtain data.
- A botnet is a number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the internet. This is a major security threat on a network because the network, unknown to anyone, could be acting as a hub that forwards malicious files etc to other computers.
Network security safeguards:
- Network security safeguards are means which network security threats can be reduced, avoided or prevented. Depending on level of security required there are many techniques used for network security.
Secure Network Equipment:
- The network equipment needs to be secured behind a door access limited to authorised personnel.
- Following provides a facility access checklist:
- Do network cables or power lines run through exposed vulnerable areas?
- Who has physical and logical access to computers?
- Who has access to your administrative passwords and how often they are changed?
Passwords Procedures:
- Passwords are required to access almost every resource in a network environment but poorly selected passwords can be determined easily.
- Software’s are available to break poorly selected passwords so implementing policies on passwords, so implementing policies on passwords is an important step in security.
- Use a password of mixed case alphabets, with non-alphabetic characters and use a password that is easy to remember. Dont't use your first, last name and birth dates.
Antivirus Software’s:
- A virus is hacker program. It can attack operating system directly. A virus can be just an annoyance such as those that modify display or replicate email to your entire distribution list or reformat hard disk drive or modify data
- More and more viruses are being transmitted through defects in email programs. Many take advantages of scripting languages built into systems such as Microsoft outlook
- A Trojan Horse is a hacker program that searches out other programs and infects them by embedding a copy of itself in them so that they become “Trojan Horses’
- Precautionary steps should be taken to prevent problems but antivirus software is a minimum requirement
Implement a firewall:
- Firewall is simply some type of mechanism for protecting your network from outside world. Firewall needs constant updates and attention.
- Functions of firewall are broken into following areas: Packet Filtering, Application Proxies and Stateful Inspection or dynamic packet Filtering.
Implement a Virtual Private Network:
- A VPN is implemented to secure remote access or communication between facilities over Internet. A VPN is a private connection between two or more network elements over a shared infrastructure.
- A virtual in VPN defines a logical definition between network not a separate physical network. The private in VPN defines separate address and routing.
- A VPN is used to describe service provide services of frame relay and ATM and also encrypted tunnel between network over and IP infrastructure.
- Encryption is process of using a secret code to alter data to make it run intelligible to unauthorized parties. There are three types of VPN: Secure remote access, Intranet access (site to site) and Extranet access (site to site or site to internet).