Common Advantages Of Using Vpn Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Suggested solution for securing site to site connection between branches is by using Vitual Private Network. VPN technologies create a cure tunnel through the Internet from one office (site) to another and all the traffic transmitting in the tunnel is encrypted with designated algorithm solution.

Common advantages of using VPN are:

Cost - VPN doesn't need any cost included to buy equipment or tools to setup a secure connection. It only needs knowledge to implement it as well as skills to maintain the durability of its secure.

Scalability - With each location have Internet accessible the new connection can easily made. This differs with leased lines which the concept is greater distance between offices means higher cost due to the VPN uses a connection to the Internet and initiated the secure connection in WAN instead of a point-to-point connection between offices.

Performance - Applying VPN will not affecting the high speed connection provide to the company alongside with the site branch communicating each other.

Flexibility - If a company move one or more offices, VPN make it easy in terms of create new communication than a dedicated lease line link. The VPN can be initiated easily at the new site and apply for new secure connection certified by main branch.

VPN Protocols

To establish a connection, both the client and the server must be using the one of the same VPN protocol which stated below:

Point to Point Tunnelling Protocol (PPTP)

PPTP is a standard tunnelling protocol developed by PPTP Forum which consists of Microsoft and some other remote access vendors [3].

Layer Two Tunnelling Protocol (L2TP)

L2TP is a combination of PPTP and Layer Two Forwarding (L2F) developed by IETF.

Internet Protocol Security (IPSec)

IPSec is a framework of IETF open standards aim at securing traffic on the network layer [5].

Secure Socket Layer/Transport Layer Security (SSL/TLS)

SSL/TLS is a level 3 OSI layer security protocol developed by Netscape. SSL/TLS is commonly used with HTTP to enable secure Web browsing called HTTPS.

Question 1 (ii)

Phishing is an online identity theft which it imitate the original website and become almost fully legitimate website for user access. Not only phishing can imitate the original source of web data, it also can infect the intended users with malwares and perform unauthorized access on users' computer. For company who dictates what the securities may applied to deny the phishing problem to client, there are some approaches will be follow:

Detect and block the phishing Web sites in time

If we can detect the phishing Web sites in time, we then can block the sites and prevent phishing attacks. There are list two methods for phishing site detection.

The Webmaster of a legal Web site periodically scans the root DNS for suspicious sites (www. 1 malaysia.com.my VS www.malaysia.com.my).

Since the phisher must duplicate the content of the target site, he must use tools to automatically download the Web pages from the target site. It is therefore possible to detect this kind of download at the Web server and trace back to the phisher.

Enhance the security of the web sites

The business Web sites such as the Web sites of banks can take new methods to guarantee the security of users' personal information. One method to enhance the security is to use hardware devices such as:

PIN code and smart card for banking session

An-other method is to use the biometrics characteristic) for user authentication.

Provide SSL/TLS for company's website for HTTPS connection.

Block the phishing e-mails by various spam filters

Phishers generally use e-mails as 'bait' to allure potential victims. SMTP (Simple Mail Transfer Protocol) is the protocol to deliver e-mails in the Internet. Information related to sender, such as the name and email address of the sender, route of the message, etc., can be counterfeited in SMTP. Thus, the attackers can send out large amounts of spoofed e-mails which are seemed from legitimate organizations.

Install online anti-phishing software in user 's computers

Despite all the above efforts, it is still possible for the users to visit the spoofed Web sites. As a last defence, users can install anti-phishing tools in their computers. Nowadays, antivirus software have capability to detect spams which try to initiated access the users' computers.

Question 2 - Log Analysis

No

Time

IP address attacker

IP address victim

Type of intrusion

91

03/16-06:55:42.229046

(16 Mac 6:55 am)

61.194.38.35

62.231.131.238

BAD-TRAFFIC SSH brute force login attempt {tcp}

207

03/16-12:44:37.909380

(16 Mac 12:44 pm)

61.62.46.105

62.231.131.238

BAD-TRAFFIC SSH brute force login attempt {tcp}

BAD-TRAFFIC SSH brute force login attempt {tcp} - a possible false positive where it can be triggered by sending large numbers TCP

Overcome:

Passwords on all the accounts are well-chosen, long, and contain a mix of numbers, upper and lower case, and punctuation.

Using tools such as GNU Screen and Bitvise to monitor the SSH server log file as well as determine if there are too many failures, based on configurable criteria, from a given host and then modify firewall or tcp_wrapper rules to stop the offending host from connecting for some period of time.

Bind SSH to specific IP address - counter any unrecognized IP address which will using SSH to login.

Disable SSH root login.

No

Time

IP address attacker

IP address victim

Type of intrusion

183

03/17-01:02:16.686309

(17 Mac 1:02 am)

62.231.60.27

62.231.131.235

SHELLCODE x86 inc ebx NOOP {tcp}

69

03/23-02:54:59.223187

(23 Mac 2:54 am)

62.231.56.34

62.231.131.235

SHELLCODE x86 inc ebx NOOP {tcp}

SHELLCODE x86 inc ebx NOOP {tcp} - This event may indicate that a binary shellcode was sent to the server as part of a denial of service (DOS) attacks (typically using buffer overflow). It is possible someone was attempting a buffer overflow to gain unauthorized access to one of servers.

Overcome:

Secure the login with non-NULL password in MySQL server.

Establish port knocking daemon (nowadays use PKI certificate exchange)as additional layer of authentication for any SYN packets transmitting as well as port access.

Patches the important ports which using every everyday (telnet, http, ftp) with establish firewall as well as antivirus.

No

Time

IP address attacker

IP address victim

Type of intrusion

64

03/25-11:24:01.348497

(25 Mac 11:24 am)

62.231.131.230

204.16.208.60

ICMP Destination Unreachable Port Unreachable {icmp}

48

03/29-17:17:30.542696

(29 Mac 17:17 pm)

62.231.131.228

60.11.125.44

ICMP Destination Unreachable Port Unreachable {icmp}

ICMP Destination Unreachable Port Unreachable {icmp} - Gateways use ICMP Destination unreachable message to define datagram is not delivered. This can used even to cut some of the nodes in a network.

Overcome:

Limit the handshake initiation for re-authenticate their session(limit the accessibility of exploiting handshake by DOS)

Establish packet filtering firewall with DROP policy and add an ACCEPT rule for type 3 IMCP which exclude on the host network.

MALAYSIAN INSTITUTE OF

INFORMATION TECHNOLOGY

ADVANCED NETWORK SECURITY

IKB41103

ASSIGNMENT 1

E-COMMERCE AND LOG ANALYSIS

Prepared By:

Muhammad Haziq bin Muhammad Badri

52261210170

Prepared For:

MR. SHADIL AKIMI BIN ZAINAL ABIDIN

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.