Network Security Overview - Network Security

What is Network Security Overview?

In this modern generation, organizations greatly rely on computer networks to share information throughout the agency in an green and efficient way. Organizational computer networks are now becoming massive and ubiquitous. Assuming that every staff member has a dedicated computer, a massive scale employer might have few thousands workstations and many server on the network.

It is probably that these workstations may not be centrally controlled, nor could they have perimeter safety. they may have a selection of running systems, hardware, software, and protocols, with unique level of cyber awareness among users. Now consider, these thousands of workstations on organization network are immediately connected to the net. This form of unsecured community becomes a goal for an attack which holds treasured information and displays vulnerabilities.

In this chapter, we describe the primary vulnerabilities of the network and importance of network security. In subsequent chapters, we will discuss the techniques to obtain the same.

Physical Network

A network is defined as or more computing devices connected together for sharing assets efficiently. further, connecting two or greater networks together is known as Internetworking. therefore, the internet is just an internetwork – a set of interconnected networks.

For setting up its internal network, an organisation has numerous options. it can use a wired network or a wireless network to connect all workstations. nowadays, organizations are generally the use of a combination of both wired and wireless networks.

Wired & Wireless Networks

In a wired network, devices are related to each different using cables. usually, wired networks are based on Ethernet protocol where devices are related the use of the Unshielded Twisted Pair (UTP) cables to the different switches. these switches are further related to the network router for accessing the internet.

In wireless network, the device is connected to an access point through radio transmissions. The access points are further connected through cables to switch/router for external network access.

Network Security – Overview

Wireless networks have received recognition because of the mobility presented through them. mobile devices need not be tied to a cable and can roam freely within the wireless network range. This ensures efficient records sharing and boosts productivity.

Vulnerabilities & Attacks

The common vulnerability that exists in both wired and wireless networks is an “unauthorized access” to a network. An attacker can connect his device to a network though unsecure hub/switch port. on this regard, wireless network are considered less at ease than wired network, because wireless network may be easily accessed without any physical connection.

After accessing, an attacker can exploit this vulnerability to release attacks such as −

  • Sniffing the packet information to steal precious records.
  • Denial of carrier to legitimate customers on a network by way of flooding the network medium with spurious packets.
  • Spoofing physical identities (MAC) of legitimate hosts and then stealing data or similarly launching a ‘man-in-the-middle’ attack.

Network Protocol

Network Protocol is a fixed of rules that govern communications among devices related on a network. They consist of mechanisms for making connections, as well as formatting rules for information packaging for messages sent and obtained.

Several computer network protocols had been advanced every designed for specific purposes. The popular and widely used protocols are TCP/IP with related higher- and decrease-level protocols.

TCP/IP Protocol

Transmission control Protocol (TCP) and internet Protocol (IP) are awesome computer network protocols generally used collectively. because of their recognition and wide adoption, they are constructed in all operating systems of networked devices.

IP corresponds to the network layer (Layer three) whereas TCP corresponds to the transport layer (Layer four) in OSI. TCP/IP applies to network communications where the TCP transport is used to supply records across IP networks.

TCP/IP protocols are normally used with different protocols including HTTP, FTP, SSH at application layer and Ethernet on the data link/physical layer.

Network Security – Overview

TCP/IP protocol suite changed into created in 1980 as an internetworking answer with very little problem for security aspects.

It became advanced for a communication inside the limited trusted network. but, over a period, this protocol became the de-facto preferred for the unsecured internet communication.

Some of the common security vulnerabilities of TCP/IP protocol suits are −

  • HTTP is an application layer protocol in TCP/IP suite used for transfer documents that make up the web pages from the web servers. those transfers are done in plain text and an intruder can easily study the records packets exchanged between the server and a client.
  • Another HTTP vulnerability is a weak authentication among the client and the web server throughout the initializing of the session. This vulnerability can cause a session hijacking attack where the attacker steals an HTTP session of the valid user.
  • TCP protocol vulnerability is three-way handshake for connection establishment. An attacker can release a denial of provider attack “SYN-flooding” to take advantage of this vulnerability. He establishes lot of half-opened periods by now not completing handshake. This results in server overloading and eventually a crash.
  • IP layer is susceptible to many vulnerabilities. through an IP protocol header change, an attacker can launch an IP spoofing attack.

Apart from the above-noted, many other protection vulnerabilities exist inside the TCP/IP Protocol family in design as well in its implementation.

Incidentally, in TCP/IP based network communication, if one layer is hacked, the other layers do not become aware of the hack and the whole communication receives compromised. hence, there is want to employ protection controls at each layer to ensure foolproof security.

DNS Protocol

Domain Name System (DNS) is used to solve host domain names to IP addresses. network users depend on DNS functionality specially during browsing the internet through typing a URL inside the web browser.

In an attack on DNS, an attacker’s goal is to alter a legitimate DNS record so that it receives resolved to an incorrect IP address. it may direct all visitors for that IP to the wrong computer. An attacker can both exploit DNS protocol vulnerability or compromise the DNS server for materializing an assault.

DNS cache poisoning is an attack exploiting a vulnerability observed in the DNS protocol. An attacker may also poison the cache through forging a response to a recursive DNS question sent by way of a resolver to an authoritative server. once, the cache of DNS resolver is poisoned, the host gets directed to a malicious website and may compromise credential information by communication to this site.

Network Security – Overview

ICMP Protocol

Internet control management Protocol (ICMP) is a primary network control protocol of the TCP/IP networks. it is used to send errors and manage messages regarding the fame of networked devices.

ICMP is an essential part of the IP network implementation and thus is present in very network setup. ICMP has its own vulnerabilities and may be abused to release an assault on a network.

The common assaults that can occur on a network due to ICMP vulnerabilities are −

  • ICMP lets in an attacker to perform network reconnaissance to determine network topology and paths into the network. ICMP sweep includes discovering all host IP addresses that are alive in the entire target’s network.
  • trace course is a popular ICMP application that is used to map goal networking through describing the path in real-time from the client to the remote host.
  • An attacker can launch a denial of carrier attack the usage of the ICMP vulnerability. This assault includes sending IPMP ping packets that exceeds 65,535 bytes to the target device. The target computer fails to handle this packet properly and can reason the working system to crush.

Other protocols including ARP, DHCP, SMTP, etc. also have their vulnerabilities that may be exploited through the attacker to compromise the network security. we will discuss a number of these vulnerabilities in later chapters.

The least problem for the security aspect during layout and implementation of protocols has changed into a main reason of threats to the network security.

Goals of Network Security

As mentioned in earlier sections, there exists large number of vulnerabilities in the network. hence, at some point of transmission, records is highly vulnerable to assaults. An attacker can target the communication channel, obtain the information, and read the same or re-insert a false message to obtain his nefarious aims.

Network security is not only involved about the security of the computers at each end of the communique chain; but, it targets to ensure that the complete network is secure.

Network security includes protective the usability, reliability, integrity, and protection of network and information. effective network safety defeats a selection of threats from entering or spreading on a network.

The primary purpose of network security are Confidentiality, Integrity, and Availability. those three pillars of network safety are often represented as CIA Triangle.

  • Confidentiality − The feature of confidentiality is to protect precious business information from unauthorized persons. Confidentiality part of network security makes sure that the records is available only to the intended and authorized persons.
  • Integrity − This purpose manner maintaining and assuring the accuracy and consistency of information. The function of integrity is to make sure that the information is reliable and is not changed through unauthorized people.
  • Availability − The function of availability in network security is to ensure that the information, network resources/services are continuously available to the valid users, whenever they require it.

Achieving Network Security

Ensuring network security can also appear to be very simple. The goals to be carried out seems to be straightforward. but in truth, the mechanisms used to achieve these goals are highly complex, and information them includes sound reasoning.

International Telecommunication Union (ITU), in its advice on security architecture X.800, has described certain mechanisms to bring the standardization in techniques to reap network security. some of those mechanisms are −

  • En-cipherment − This mechanism presents information confidentiality services through transforming data into now not-readable forms for the unauthorized persons. This mechanism uses encryption-decryption algorithm with secret keys.
  • Digital Signatures − This mechanism is the electronic equal of normal signatures in electronic data. It presents authenticity of the information.
  • Access Control − This mechanism is used to provide access manage services. these mechanisms may use the identification and authentication of an entity to determine and enforce the access rights of the entity.

Having developed and recognized various protection mechanisms for achieving network security, it is critical to decide where to use them; both physically (at what region) and logically (at what layer of an architecture including TCP/IP).

Security Mechanisms at Networking Layers

Several security mechanisms were advanced in the sort of way that they may be developed at a selected layer of the OSI network layer model.

  • Security at Application Layer − security measures used at this layer are application particular. specific types of application would want separate security measures. in order to ensure application layer security, the applications want to be changed.

It is considered that designing a cryptographically sound utility protocol is very difficult and implementing it nicely is even more challenging. hence, utility layer security mechanisms for protecting network communications are preferred to be simplest standards-based solutions that have been in use for some time.

An example of application layer security protocol is relaxed Multipurpose internet Mail Extensions (S/MIME), that is usually used to encrypt messages. DNSSEC is another protocol at this layer used for secure exchange of DNS question messages.

  • Security at Transport Layer − security measures at this layer can be used to protect the information in a single communication session among two hosts. The most common use for transport layer protection protocols is protective the HTTP and FTP session traffic. The transport Layer security (TLS) and secure Socket Layer (SSL) are the most common protocols used for this purpose.
  • Network Layer − security measures at this layer can be applied to all programs; therefore, they are not application-particular. All network communications among two hosts or networks may be included at this layer without modifying any application. In some environments, network layer security protocol along with internet Protocol security (IPsec) presents a miles better solution than transport or utility layer controls due to the problems in including controls to individual applications. however, protection protocols at this layer presents less communication flexibility that may be required by using some applications.

Incidentally, a security mechanism designed to operate at a better layer cannot offer safety for information at decrease layers, because the lower layers perform features of which the higher layers are not conscious. hence, it may be important to deploy multiple security mechanisms for enhancing the network protection.

In the following chapters of the tutorial, we can discuss the security mechanisms employed at special layers of OSI networking architecture for achieving network security.

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd Protection Status

Network Security Topics