Information Security UNIT 3 NETWORK SECURITY AND AUTHENTICATION
Structure 3.0 Introduction 3.1 Objectives 3.2 Meaning of Network Security 3.3 Threats to Network Security 3.4 Comparison with Computer security 3.5 Security Issues for Small and Medium Sized Businesses 3.6 Tools for network Security 3.7 Elements of Network Security 3.8 Secure Network Devices 3.9 Significance of Network Layout in Network Security 3.10 Summary 3.11 Solutions/Answer 3.12 References/Further Readings
3.0INTRODUCTION The previous two units discussed about the fundamentals of information as well as network security issues which lead to different kinds of problem: attacks, theft of essential information and software vulnerabilities. In this unit, we shall learn about how to build a secure network. We shall also learn about the various parameters which must be considered for network security. There can be various security issues involved in small and medium sized businesses which require utmost attention for creating the secure network. Then we shall be covering different kind of tools available for network security, critical elements of network security like Firewall, password mechanisms, encryption, authentication & integrity etc. Lastly, we shall study about some secure network devices like secure modems. Let’s first study the basics of network and network security.
3.1OBJECTIVES After going through this unit, you should be able to: • understand the scope of network security; • understand the various kind of threats to any network; • understand Denial of Service attack and its counter measures; • compare Network security with Computer security; • understand the challenges to any business environment regarding the network; • understand different security issues involved with small and medium sized businesses; • understand the application of network security tools; • understand firewall and its types; • understand the password aging and password policy enforcement?; • understand the basics of secure network devices; and
42 Information Security • understand the importance of network layout in network security; and
3.2 WHAT IS NETWORK SECURITY Let us first revisit the concept of network. A computer network is simply a system of interconnected computers. That is used every day to conduct transactions and communications among businesses, government agencies and individuals. The networks consist of "nodes", which are "client" terminals (individual user PCs), and one or more "servers" and/or "host" computers. They are linked by communication systems, some of which might be private, such as within a company and others which might be open to public access. The obvious example of a network system that is open to public access is the Internet, but many private networks also utilize publicly accessible communications. Today, most companies' host computers which can be accessed by their employees whether in their offices over a private communications network, or from their homes or hotel rooms while on the road through normal telephone lines. Hence, security plays a crucial role in that. Now, let us understand the concept of Network Security.
Network security comprises the measures a company takes to protect its computer system and it is a prime concern for every company which uses computers. Compromised network security means a hacker or competitor may gain access to critical or sensitive data, possibly resulting in data loss, or even complete destruction of the system.
Network security involves all activities that organizations, enterprises, and institutions undertake to protect the value and ongoing usability of assets and the integrity and continuity of operations. An effective network security strategy requires identifying threats, risks and vulnerabilities and then choosing the most effective set of tools to combat them.
3.3THREATS TO NETWORK SECURITY There are various threats identified for network security. Let us discuss few of them in brief: Viruses: Computer programs written by devious programmers and designed to replicate themselves and infect computers when triggered by a specific event. Viruses reproduce themselves by attaching themselves to other files that the user does not realize are infected. Viruses spread today mainly through Email attachments. The attachment may be a file that is a legitimate file but the virus may be attached as a macro program in the file. An example is a Microsoft word file. These files can contain macro programs which can be run by Microsoft Word. A virus may infect these files as a macro and when they get on the next user's computer, they can infect other files. These virus programs normally take advantage of a security vulnerability of the running application. Viruses can directly affect executable files or Dynamic Link Library (DLL) files that the operating systems and applications use to run. Usually the virus will spread before it will do anything that may alert the user of its presence.
Unauthorized Access
43 “Unauthorized access'” is a very highlevel term that can refer to a number of different Network Security and sorts of attacks. The goal of these attacks is to access some resource that your machine Authentication should not provide the attacker.
Trojan Horse Programs Trojan horse software is the software that appears to have some useful function, but some hidden purpose awaits inside. This purpose may be to send sensitive information from inside your organization to the author of the software. To prevent Trojan horse programs from infiltrating your organization is to implement the countermeasures. Allowing only approved software with proper testing to be run in the organization will minimize the threat of these programs. The organizational security policy can help ensure that all members of the organization operate in compliance with this countermeasure. Data interception: It involves eavesdropping on communications or altering data packets being transmitted. Social engineering: Social engineering is concerned with obtaining confidential network security information through no technical means, such as posing as a technical support person and asking for people's passwords.
DoS (DenialofService) Attacks DoS (DenialofService) attacks are probably the nastiest, and most difficult to address. These are the nastiest, because they're very easy to launch, difficult (sometimes impossible) to track, and it isn't easy to refuse the requests of the attacker, without also refusing legitimate requests for service. The premise of a DoS attack is simple: send more requests to the machine than it can handle.
3.4 COMPARISON WITH COMPUTER SECURITY When the term computer security is used, it specifically refers to the security of one computer, although the overall security of each individual computer is required for network security. When the term network security is used, it refers to the security of the network in general. This includes such issues as password security, network sniffing, intrusion detection, firewalls, network structure and so forth.
Securing network infrastructure is like securing possible entry points of attacks on a country by deploying appropriate defense. Computer security is more like providing means to protect a single PC against outside intrusion. The former is better and practical to protect the civilians from getting exposed to the attacks. The preventive measures attempt to secure the access to individual computersthe network itself thereby protecting the computers and other shared resources such as printers, network attached storage connected by the network. Attacks could be stopped at their entry points before they spread. As opposed to this, in computer security the measures taken are focused on securing individual computer hosts. A computer host whose security is compromised is likely to infect other hosts connected to a potentially unsecured network. A computer host's security is vulnerable to users with higher access privileges to those hosts.
3.5 SECURITY ISSUES FOR SMALL AND MEDIUM SIZED BUSINESSES
44 Information Security Small and mediumsized businesses use the Internet and networked applications to reach new customers and serve their existing ones more effectively. At the same time, new security threats and legislation puts increased pressure on business networks to be reliable and secure.
Business Challenges According to recent studies, security is the biggest challenge facing small and mediumsized businesses. Everchanging security threats from both inside and outside the business network can wreak havoc on business operations, affecting profitability and customer satisfaction. Small and mediumsized businesses must also comply with new regulations and laws created to protect consumer privacy and secure electronic information. Security issues for small and medium – sized businesses are classified into 5 basic categories:
Worms and Viruses As per research, Computer worms and viruses remain the most common security threat, with 75 percent of small and medium businesses affected by it.. Worms and viruses can have a devastating effect on business continuity and the bottom line. Smarter, more destructive strains are spreading faster than ever, infecting an entire office in seconds. Cleaning the infected computers takes much longer. The catastrophic results are lost orders, corrupted databases and angry customers. As businesses struggle to update their computers with the latest operating system patches and antivirus software, new viruses can penetrate their defenses any day of the week. Meanwhile, employees spread viruses and spyware by unwittingly accessing malicious Websites, downloading untrustworthy material, or opening malicious email attachments. These attacks are unintentionally invited into the organization, but still cause significant financial losses. Security systems must detect and repel worms, viruses, and spyware at all points in the network.
Information Theft Information theft is big business today. Hackers break into business networks to steal credit card or social security numbers for profit. Small and mediumsized businesses are at risk because they are seen as an easier mark than large corporations. Protecting the perimeter of the network is a good start, but it isn’t enough, since many information thefts have help from a trusted insider, such as an employee or contractor. Information theft can be costly to small and mediumsized businesses, since they rely on satisfied customers and a good reputation to help grow their business. Businesses which does not adequately protect their information could face negative publicity, government fines or even lawsuits. Any security strategy must prevent theft of sensitive electronic information from both inside and outside the business.
Business Availability Computer worms and viruses can drastically affect the reliability of network resources, which in turn affects businesses’ ability to respond quickly to their customers; but worms and viruses are not the only threat to business availability. With networks so critical to daytoday business operations, cyberterrorists have begun targeting businesses for blackmail, threatening to bring down Websites and e commerce operations unless their demands are met. These denialofservice (DoS) attacks send large volumes of traffic to a critical network element, either causing it to
45 fail or to be unable to process legitimate traffic. Once again, the results are disastrous: Network Security and data and orders are lost and customer requests are not answered. Authentication
Check Your Progress 1 1) What is Network Security.
...... 2) Write down the different kinds of threats affecting network security?
...... 3) Differentiate network security with respect to computer security?
...... 4) Write down the different security issues related to small and medium sized business?
......
3.6TOOLS FOR NETWORK SECURITY There are many strong tools available for securing a computer network. Tools to protect your enterprise network have been evolving for the last two decades, roughly the same amount of time that people have been trying to break into computer networks. These tools can protect a computer network at many levels, and a well guarded enterprise deploys many different types of security technologies. The most obvious element of security is often times the most easily overlooked: physical security—namely, controlling access to the most sensitive components in your computer network, such as a network administration station or the server room. No amount of planning or expensive equipment will keep your network secure if unauthorized personnel can have access to central administration consoles. Even if a user does not have evil intent, an untrained user may unknowingly provide unauthorized outside access or override certain protective configurations. Let us briefly discuss few of these network security tools:
46 Information Security a) Antivirus software packages: These packages counter most virus threats if regularly updated and correctly maintained. b) Secure network infrastructure: Switches and routers have hardware and software features which support secure connectivity, perimeter security, intrusion protection, identity services, and security management. We will discuss switches and routers later in this unit. c) Dedicated network security hardware and software: Tools such as firewalls and intrusion detection systems provide protection for all areas of the network and enable secure connections. d) Virtual private networks: These networks provide access control and data encryption between two different computers on a network. This allows remote workers to connect to the network without the risk of a hacker or thief intercepting data. e) Identity services: These services help to identify users and control their activities and transactions on the network. Services include passwords, digital certificates and digital authentication keys. f) Encryption: Encryption ensures that messages cannot be intercepted or read by anyone other than the authorized recipient. g) Security management: This is the glue that holds together the other building blocks of a strong security solution. None of these approaches alone will be sufficient to protect a network, but when they are layered together, they can be highly effective in keeping a network safe from attacks and other threats to security. In addition, wellthoughtout corporate policies are critical to determine and control access to various parts of the network.
3.7ELEMENTS OF NETWORK SECURITY Network security is broad domain term which includes many key elements. Let us discuss these elements in brief:
a) Firewall As we have discussed in our earlier discussion on the Internet and similar networks, connecting an organization to the Internet provides a twoway flow of traffic. This is clearly undesirable in many organizations, as proprietary FTP stands for File information is often displayed freely within a corporate intranet (that is, aTransfer Protocol. It is TCP/IP network, modeled after the Internet that only works within theused for copying files organization). between computer In order to provide some level of separation between an organization's intranetsystems. FTP server uses well known port and the Internet, firewalls have been deployed. A firewall is simply a group of 21. components that collectively form a barrier between two networks. Firewall systems protect and facilitate your network at a number of levels. They allow email and other applications, such as file transfer protocol (FTP stands for File Transfer Protocol. It is used for copying files between computer systems. FTP server uses well known port 21) and remote login as desired, to take place while otherwise limiting access to the internal network. Firewall systems provide an authorization mechanism that assures that only specified users or applications can gain access through the firewall.
47 Firewall systems can also be deployed within an enterprise network to Network Security and compartmentalize different servers and networks, in effect controlling access Authentication within the network. For example, an enterprise may want to separate the accounting and payroll server from the rest of the network and only allow certain individuals to access the information. Unfortunately, all firewall systems have some performance degradation. As a system is busy checking or rerouting data communications packets, they do not flow through the system as efficiently as they would if the firewall system were not in place.
Type of Firewalls There are three basic types of firewalls, and we’ll consider each of them.
Application Gateways The first firewalls were applications gateways, and are sometimes known as proxy gateways. These are made up of bastion hosts which run special software to act as a proxy server. This software funs at the Application Layer of our old friend the ISO/OSI Reference Model, hence the name. Clients behind the firewall must be proxitized (that is, must know how to use the proxy, and be configured to do so) in order to use Internet services. Traditionally, these have been the most secure because they don’t allow anything to pass by default, but need to have the programme written and turned on it order to begin passing traffic.
Figure 3.1: A Sample Application Gateways These are also typically the slowest, because more processes need to be started in order to have a request serviced. Figure 3.1 shows an application gateways.
Packet Filtering Packet filtering is a technique whereby routers have ACLs (access Control Lists) turned on as shown in Figure 3.2. By default, a router will pass all traffic sent through it, and will do so without any sort of restrictions. Employing ACLs 48 Information Security is a method of enforcing your security policy with regard to what sorts of access you allow the outside world to have to your internal network and vice versa.
Figure 3.2: A Sample Packet Filtering Gateway Few terms specific to firewalls and networking are going to be used throughout this section, so let's understand them all together.
Router A special purpose computer for connecting networks together. Routers also handle certain functions, such as routing, or managing the traffic on the networks they connect.
Access Control List (ACL) Many routers now have the ability to selectively perform their duties, based on a number of facts about a packet that comes to it. This includes things like origination address, destination address, destination service port, and so on. These can be employed to limit the sorts of packets that are allowed to come in and go out of a given network.
Proxy This is the process of having one host act on behalf of another. A host that has the ability to fetch documents from the Internet might be configured as a proxy server and host on the intranet might be configured to be proxy clients. In this situation, when a host on the intranet wishes to fetch any web page, for example, the browser will make a connection to the proxy server, and request the given
b) Password Mechanisms
49 Passwords are a way to identify and authenticate users as they access the Network Security and computer system. Unfortunately, there are a number of ways in which a Authentication password can be compromised. For Example, someone wanting to gain access can listen for a username and a password and then can access to the network. Here are few mechanisms to protect your password.
Password Aging and Policy Enforcement Password aging is a feature that requires users to create new passwords every so often. Good password policy dictates that passwords must be a minimum number of characters and a mix of letters and numbers. Smart cards provide extremely secure password protection. Good password procedures include the following: • Do not use your login name in any form (as is, reversed, capitalized, doubled etc.). • Do not use your first, middle, or last name in any form or use your spouse’s or children’s names. • Do not use other information easily obtained about you. This includes license plate numbers, telephone numbers, social security numbers, the make of your automobile, the name of the street you live on etc. • Do not use a password of all digits or all the same letter. • Do not use a word contained in English or foreign language dictionaries, spelling lists or other lists of words. • Do not use a password shorter than six characters. • Do use a password with mixedcase alphabetic. • Do use a password with nonalphabetic characters (digits or punctuation). • Do use a password that is easy to remember, so that you don’t have to write it down. c) Elements of Networking Security: Encryption As we discussed earlier, a firewall system is a hardware/software configuration that sits at perimeter between a company's network and the Internet, controlling access into and out of the network. Encryption can be understood as a method of ensuring privacy of data and that only intended users may view the information.
Authentication and Integrity Authentication is simply making sure users are who they say they are. When using resources or sending messages in a large private network, not to mention the Internet, authentication is of the utmost importance. Integrity knows that the data sent has not been altered along the way. Of course, a message modified in any way would be highly suspect and should be completely discounted. Message integrity is maintained with digital signatures. A digital signature is a block of data at the end of a message that attests to the authenticity of the file. If any change is made to the file, the signature will not verify. Digital signatures perform both an authentication and message integrity function. d) Developing a Site Security Policy
50 Information Security The goal in developing an official site policy on computer security is to define the organization's expectations for proper computer and network use and to define procedures to prevent and respond to security incidents. In order to do this, specific aspects of the organization must be considered and agreed upon by the policymaking group. For example, a military base may have very different security concerns from those of a university. Even departments within the same organization will have different requirements. It is important to consider who will make the network site security policy. Policy creation must be a joint effort by a representative group of decision makers, technical personnel, and daytoday users from different levels within the organization. Decisionmakers must have the power to enforce the policy; technical personnel will advise on the ramifications of the policy; and dayto day users will have a say in how usable the policy is. A site security policy that is unusable, unimplementable, or unenforceable is worthless. Developing a security policy comprises identifying the organizational assets, identifying the threats, assessing the risk, implementing the tools and technologies available to meet the risks, and developing a usage policy. In addition, an auditing procedure must be created that reviews network and server usage on a timely basis. A response should be in place before any violation or breakdown occurs as well. Finally, the policy should be communicated to everyone who ever uses the computer network, whether employee or contractor, and should be reviewed on a regular basis.
Check Your Progress 2 1) Write down the different tools available for Network Security?
...... 2) What is firewall? Name the different types of firewall?
...... 3) Explain the role of antivirus software package in network security?
...... 4) Explain some few good password procedures for the security?
......
3.8SECURE NETWORK DEVICES In this unit, we have already learnt that the firewall is only one entry point to your network. Modems, if you allow them to answer incoming calls, can provide an easy means for an attacker to sneak around, your front door (or, firewall). Just as castles
51 weren't built with moats only in the front, your network needs to be protected at all of Network Security and its entry points. Authentication
Secure Modems, DialBack Systems If modem access is to be provided, this should be guarded carefully. The terminal server, or network device that provides dialup access to your network needs to be actively administered, and its logs need to be examined for strange behavior. Its passwords need to be strong not ones that can be guessed. Accounts that aren't actively used should be disabled. In short, it's the easiest way to get into your network from remote: guard it carefully.
There are some remote access systems which have the feature of a twopart procedure to establish a connection. The first part is the remote user dialing into the system, and providing the correct userid and password. The system will then drop the connection and call the authenticated user back at a known telephone number. Once the remote user's system answers that call, the connection is established, and the user is on the network. This works well for folks working at home but can be problematic for users wishing to dial in from hotel rooms and such when on business trips.
Other possibilities include onetime password schemes, where the user enters his user id, and is presented with a “challenge,” a string of between six and eight numbers. He/she types this challenge into a small device that he/she carries with him that looks like a calculator. He/she then presses enter, and a “response” is displayed on the LCD screen. The user types the response, and if all is correct, the login will proceed. These are useful devices for solving the problem of good passwords, without requiring dial back access. However, these have their own problems, as they require the user to carry them, and they must be tracked, much like building and office keys.
No doubt many other schemes exist. Take a look at your options, and find out how what the vendors have to offer will help you enforce your security policy effectively.
CryptoCapable Routers A feature that is being built into some routers is the ability to use session encryption between specified routers. Because traffic traveling across the Internet can be seen by people in the middle who have the resources (and time) to snoop around, these are advantageous for providing connectivity between two sites, such that there can be secure routes.
Virtual Private Networks Given the ubiquity of the Internet, and the considerable expense in private leased lines, many organizations have been building VPNs (Virtual Private Networks). Traditionally, for an organization to provide connectivity between a main office and a satellite one, an expensive data line had to be leased in order to provide direct connectivity between the two offices. Now, a solution that is often more economical is to provide both offices connectivity to the Internet. Then, using the Internet as the medium, the two offices can communicate.
The danger in doing this, of course, is that there is no privacy on this channel, and it's difficult to provide the other office access to ``internal'' resources without providing those resources to everyone on the Internet. VPNs provide the ability for two offices to communicate with each other in such a way that it looks like they're directly connected over a private leased line. The session between them, although going over the Internet, is private (because the link is
52 Information Security encrypted), and the link is convenient, because each can see each others' internal resources without showing them off to the entire world.
A number of firewall vendors are including the ability to build VPNs in their offerings, either directly with their base product, or as an addon. If you have needed to connect several offices together, this might very well be the best way to do it.
3.9 SIGNIFICANCE OF NETWORK LAYOUT IN NETWORK SECURITY The network layout has much influence over the security of the network. The placement of servers with respect to the firewall and various other computers can affect both network performance and security. There may even be areas of the network which are more secure than others. Some of these areas may be further protected with an additional firewall. A typical secure network diagram is shown below in Figure 3.3:
Figure 3.3: Typical Secure Network Diagram In the above diagram, the box labeled "IDS" is an intrusion detection system which may be a computer or devised designed to log network activity and detect any suspicious activity. In this diagram, it is shown outside the firewall on the semiprivate network and protecting the servers on the private network. It may be a good idea to place IDS just inside the firewall to protect the entire private network since an attack may be first launched against a workstation before being launched against a server. The IDS protecting the servers could be moved to protect the entire private network, but depending on cost and requirements it is also good to protect your servers, especially the mail server. The semiprivate network is commonly called a "DMZ" (for DeMilitarized Zone) in many security circles. In this diagram, the semiprivate network contains a mail relay box to increase security since the mail server is not directly accessed. The mail relay box routes mail between the internet and the mail server. Other network equipment used includes:
53 Network Security and • Routers: Used to route traffic between physical networks. Many routers provide Authentication packet filtering using access control lists (ACLs). This can enhance network security when configured properly. Routers can be configured to drop packets for some services and also drop packets depending on the source and/or destination address. Therefore routers can help raise the security between different segments on a network and also help isolate the spread of viruses. • Switches: A switch is used to regulate traffic at the data link layer of the OSI network model. This is the layer which uses the Media Access Control (MAC) address. It is used to connect several systems to the network and regulates network traffic to reduce traffic on the network media. This can reduce collisions. • Media: The physical cable that carries the signal for the network traffic. • Routers can be set up to perform packet filtering to enhance network security
Check Your Progress 3 1) What are cryptocapable routers?
...... 2) What is VPN?
...... 3) What is the purpose of using routers in networks?
...... 4) Define Switches?
......
3.10 SUMMARY
54 Information Security In this unit we have learnt the basics of network and its security. Computer network is defined as system of interconnected computers linked by communication systems and it can be both public and private where network security encompasses all the activities that organizations, enterprises and institutions undertake to protect the value and ongoing usability of assets and integrity and continuity of operations. In brief, we can say the network security deals in identifying all the risks and vulnerabilities to network and to select the best tools and practices to combat them.
An organizational network may be susceptible to various kinds of threats like virus, Trojan horse, unauthorized access, executing commands illicitly, vandals / destructive behavior (which includes data destruction and data diddling), social engineering, Denial of Service attacks etc.
To combat with above mentioned threats there are various kind of tools are available in the market. These tools can protect the computer network at many levels. These network tools are classified into different categories like antivirus software packages, secure network infrastructure tools, dedicated network security hardware a software tools, Virtual private network tools & identity services etc.
3.11 ANSWERS/SOLUTIONS
Check Your Progress 1 1) A computer network is simply a network of interconnected computers. The networks consist of several nodes called clients (individual user PCs), and one or more servers and/or host computers. Network security comprises the measures a company takes to protect its computer system and it is a prime concern for every company that uses computers.
2) The different types of network security threats are: • Virus • DoS Attack • Trojan horse • Social engineering • Unauthorized access • Data interception
3) The difference between computer security and network security are: In computer security, it specifically refers to the security of one computer but the overall security of each individual computer is required for network security. In network security, it refers to the security of the network in general such as password security, network sniffing, intrusion detection, firewalls, network structure and so forth.
4) There are three security issues related to small and medium sized businesses are: • Worms and Viruses • Information thefts • Business availability
55 Check Your Progress 2 Network Security and Authentication 1) The different kinds of tools to network security are: • Antivirus software • Encryption • Security management • Identity services • Virtual Private Networks • Secure network infrastructure
2) Firewall is defined as a software tool that provides separation between an organization's intranet and the Internet, firewalls have been employed. A firewall is simply a group of components which collectively form a barrier between two networks.
Firewall systems protect and facilitate your network at a number of levels. They allow email and other applications, such as file transfer protocol (FTP) and remote login as desired, to take place while otherwise limiting access to the internal network. Firewall systems provide an authorization mechanism that assures that only specified users or applications can gain access through the firewall The two types of firewall are: • Software firewall • Network firewall
3) There are a variety of antivirus software packages which operate in many different ways, depending on how the vendor chose to implement their software. What they have in common, though, is that they all look for patterns in the files or memory of your computer which indicate the possible presence of a known virus. Antivirus packages know what to look for through the use of virus profiles (sometimes called "signatures") provided by the vendor.
New viruses are discovered daily. The effectiveness of antivirus software is dependent on having the latest virus profiles installed on your computer so that it can look for recently discovered viruses. It is important to keep these profiles up to date.
4) Good password procedures include the following: • Do not use your login name in any form (as is, reversed, capitalized, doubled, etc.). • Do not use your first, middle, or last name in any form or use your spouse’s or children’s names. • Do not use other information easily obtained about you. This includes license plate numbers, telephone numbers, social security numbers, the make of your automobile, the name of the street you live on, etc. • Do not use a password of all digits or all the same letter.
56 Information Security • Do not use a word contained in English or foreign language dictionaries, spelling lists, or other lists of words. • Do not use a password shorter than six characters. • Do use a password with mixedcase alphabetic. • Do use a password with nonalphabetic characters (digits or punctuation). • Do use a password that is easy to remember, so you don’t have to write it down.
Check Your Progress 3 1) A cryptocapable routers have feature that is being built into some routers is the ability to use session encryption between specified routers.
2) VPN is a private network that uses a public network to connect remote sites or users together.
3) Routers are used to route traffic between physical networks. Many routers provide packet filtering using access control lists (ACLs). This can enhance network security when configured properly. Routers can help raise the security between different segments on a network and also help isolate the spread of viruses.
4) A switch is used to regulate traffic at the data link layer of the OSI network model. This is the layer which uses the Media Access Control (MAC) address. It is used to connect several systems to the network and regulates network traffic to reduce traffic on the network media. This can reduce collisions.
3.12 REFERENCES/FURTHER READINGS
• Networks Security Essentials: Application & Standards by W. Stallings, Pearson Education, 2000 • SelfDefending Networks: The Next Generation of Network Security by Duane DeCapite, Cisco Press, Sep. 8, 2006. • Network Security: PRIVATE Communication in a PUBLIC World, by Charlie Kaufman , Radia Perlman , Mike Speciner, PrenticeHall, 2002. ISBN • Security Threat Mitigation and Response: Understanding CSMARS, Dale Tesch/Greg Abelar, Cisco Press, Sep. 26, 2006. • http://netsecurity.about.com/ • http://www.cert.org/ • http://www.networknewz.com/ • http://www.developers.net • http://www.iec.org/
BLOCK GLOSSARY
57 Security: security in terms of data or information is the protection against accidental Network Security and or intentional destruction or modification of data. Authentication
Privacy: right of an individual to decide what information he wants to share with others or what information him to accept from others.
DNS: DNS stands for Domain Name System. DNS maps a name to an IP address and vice versa.
IP addresses: IP address is a unique 32 bit internet address that is used for communication in Internet Protocol version 4.
SNMP: SNMP stands for Simple Network Management Protocol. It is used to manage and monitor network devices.
Hackers: a hacker is a person who breaks into computers, usually by gaining access to administrative controls
Viruses: viruses are computer programs which are a collection of coded instructions.
MIS: MIS stands for Management Information System.
LAN: LAN stands for Local Area Network. It connects computers and resources with in a building or buildings closed to it.
Optical fiber: It is a type of guided media for the transmission of signals from source to destination.
Bulletin Boards: is a computer system running software that allows users to connect and login to the system using a terminal program. Once logged in, a user could perform functions such as downloading or uploading software and data, reading news, and exchanging messages with other users, either through electronic mail or in public message boards.
Authentication: the process of verifying a person or object.
Authorization: the process of specifying access rights to resources.
Symmetric encryption: Symmetric encryption systems, also known as secret or private key encryption systems/conventional encryption/single key encryption were the only type of encryption in use prior to the development of asymmetric key encryption systems.
Asymmetric encryption: Asymmetric key encryption systems are also known as Public –key encryption systems. These systems use two keys, one key to encrypt the message and the other corresponding key to decrypt the message
Cipher text: This is the scrambled message produced as output. It depends on the plaintext and the secret key. Public and Private Key: there are the two keys used in encryption and decryption of text. This is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption
58 Information Security Malware: acronym for malicious software.
Brain Virus: it is a first commercial application of viruses developed in 1985.
ROM: ROM stands for Read Only Memory.
VDU: VDU stands for Visual Display Unit. It is an output device to display the information on screen.
Antivirus: antivirus programs are designed to detect and remove computer viruses.
CHKDSK: CHKDSK stands for Check Disk. It is an MSDos command to check the status of disk.
Worm: worms are self replicating programs to infect and replicate without targeting and infecting specific files already present on a computer.
Trojan horse: Trojan horse is a hidden piece of code that enters into a system by deceiving a user.
Firewall: A firewall can isolate your computer network from any outside threats.
Rollback programs: rollback program is used to undo all the changes you made to your hard disk and return your computer to its previous condition.
Social Engineering: Social Engineering is a kind of security attacks in which someone manipulates others into revealing information that can be used to steal data access to systems, access to cellular phones , money or even your own identity.
VPN: VPN stands for Virtual Private Network.
Client: A client is an application or system that accesses a remote service on another computer system.
Servers: A server is any combination of hardware or software designed to provide services to clients.
Spyware: Spyware is software installed secretly on a personal computer to collect information about a user.
FTP: FTP stands for File Transfer Protocol.
ACL: ACL stands for access control list. It is a list of permissions attached to an object.
Proxy Server: a proxy server is a server that acts as a gobetween for requests from clients seeking resources from other servers.
Application Gateways: it referred to as application proxies. That is applications located between the end user and the Internet. Gateway: it is a communication device to interconnect LANs and WANs.
59 Network Security and Modems: Modem is an acronym for modulator demodulator. A modem is a Authentication communication device that converts binary signal into analog signals for transmission over telephone lines and converts these analog signals back into binary form at the receiving end.
SSL: it stands for Secure Sockets Layer, are cryptographic protocols that provide security and data integrity for communications over networks.
MAC address: MAC stands for a Media Access Control, it is a unique identifier assigned to most network adapters or network interface cards by the manufacturer for identification.
DHCP: it is a network application protocol used by devices to obtain configuration information for operation in an Internet Protocol network.
60