This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
The importance of network security in LAN/WAN
Security is a major factor within local and wide area networks. Secure a network Allows a business to function correctly to avoid interference or delay. example, if a small internet company failed to introduce or put security procedures or mechanisms in place, then to name four problems could develop for instance:
- All of their data such as customer records and suppliers details could be stolen or amended.
- Customers may defect if they know the business can be compromised.
- The business could be attacked by viruses and the network could be severally damaged.
All of the above could result in the business shutting down or forced closure.
The most at risk are internal servers that are overlooked and given little attention as they don't connect directly to the internet, this gives rise to any variations that will slip past anti-virus software.
These threats can be monitored by ensuring that both web browsing, e-mail software that requires security updated patches that are available.
In the case of e-mail attachments, which are the single most common security threat at present, they should be checked to verify attached security options are installed, allowing the blocking of all executable content in email attachments, like Microsoft Office XP which, includes attachment blocking automatically.
Workstation operating systems are generally the least secure when compared to, server operating systems, because worms and viruses without doubt take advantage of unprotected folders between machines within a LAN. A good practise to prevent this spread or reduce it would be to introduce policies for root program and operating system folders, as they should never be shared.
Folders that contain data files should be shared, but confidential data that need to be shared should in practice, be stored on a secure server where more security is available.
Even if these policies are followed, there is still a possibility that an infection may get past because even the best planned network security, can never be 100% secure.
(Copyright 2002, Rick Macmurchie)
Security in the WAN
The scalability of a WAN reduced the problem as many companies implement reliable security, However, information signals transmit outside of buildings and across all borders e.g. one country to another, is a factor that can make physical security redundant. LANs and WAN's are for information gathering, Data, Assets and keeping this information safe is imperative.
There are many different threats that can take advantage of a weak network. For Instance , a rival company could poach customers by stealing that information of customers Their details and prices can be invaluable for such attackers, and therefore common LAN/WAN countermeasures should be implemented and include:
- Intruder detection systems
- Intruder prevention systems.
- Usernames and passwords, etc.
Key concepts of C.I.A.
Information security has contained confidentiality, integrity and availability (recognised as the CIA triad) as the core of information security.
Confidentiality involves securing information, data, and other resources secure from others who do not have permission or access to see or alter them. A process of achieving confidentiality can involve implementing many security procedures such as, polices and tools, by making people login to view customer information in one place which can be enforced, these users could also have different access levels put upon them.
Confidentiality can also involve the use of firewalls and other protection software. Viruses and other malicious software can compromise data. Encryption is a common method which can be used to achieve confidentiality, thus keeping information secret/ private which restores confidence.
Means that data cannot be altered without authorization this can ensure protecting data and software from being lostfor instance losing disks or under any unforeseen
Circumstances like the data being destroyed by a fire or in the event of a flood. It can prevent deletion and avoid Corruptedscratches on disk if modifiedor written over, updated by mistake or disclosedunauthorised access.
The most important factor regarding any integrity is to backup files on a regular basis and the information kept on a floppy or hard drive or even data tape. The files can then be archived and kept in long term storage and accessed when needed.
Beynon-Davies P. (2004). Database Systems 3rd Edition. Palgrave, Basingstoke, UK
In-order for any data system to serve its purpose, it must be available at all times. IT systems are used as a storage and processors for information, and the safety and security controls used to protect it, in addition, the communication channels must function correctly and systems should remain available at all times, (also known as redundancy). I have included three examples below this could cause a failure.
- Power outages, caused by electronic surges.
- Hardware failures.
- System upgrades.
Ensuring availability must also involve prevention and denial-of-service attacks (DoS and DDoS) (Alan, 2001/p>
Topic: Identify and investigate three potential threats to a network.
Threat (1) Rontokbro worm - also know as Brontok.
This is a mass-mailing email worm that spreads via the USB ports and thumb drives, Brontok, are a multi-faceted approach virus which avoid detection and removal. It modifies a host's file to prevent access to antivirus sites. It can also disable other security software running on the system, and Block access to Registry Editor.
The variations can adopt either Microsoft Word or the folder icon with copies of the worm adopting a similar name as the folder in which they were left so if it copied itself to a folder named “New Folder”, it would do so using that filename, because Windows disables kill file extensions by default, so the worm may use the folder icon, this may make it appear as if the infected file was merely a nested new folder. This worm modifies the registry and causes the Folder Options menu item to disappear from the Windows Explorer Tools menu.
Some variants of the worm can cause a system to re-start when certain strings appear in task Windows. For example, if “exe” (Execute) appears as part of a title in a window, the worm will force the system to close down and restart and can even launch "Ping" attacks which, depending on the number of infected systems, may result in the form of a (DDoS) attack.
Removing the infection can be tricky and will require access to a second, non-infected PC or a separate clean “free-standing” backup hard disk.
Threat (2) The FAT Virus.
A FAT virus attacks the file allocation table on system's information. It presents itself like an index, and keeps information bout where on the hard drive materials are kept, which areas of the hard drives are empty, and so on. By attacking the file allocation table, the virus can cause serious damage to a computer system. It can work in various ways. If the virus is dominant enough, it can make a computer inoperative in addition to destroying its data, forcing a reformat.
The virus destroys the index and the architecture itself can also be changed; for example: - a computer which should be using the FAT32 protocol might abruptly say that it's using FAT12.
There are a number of ways to try to avoid infection with a FAT virus for example: - users should get in the habit of using robust antivirus software which is updated regularly, as most strong anti- virus software can be pre-set for full scans when the work of the day/week is complete (usually in the early hours).
They can scan their computers on a more regular basis for any signs of viruses and should avoid downloading material which does not derive from trusted sources, and obviously avoid websites identified as attack sites" by browsers and search engines, and if possible the download should be virus-scanned also.
They should use caution when connecting external devices to a computer. A friend's digital camera, just as an example, might carry a FAT virus which will be transferred along with the images on the camera, if they virus-scan the memory card then the Security Suite should tell them if the memory card is clear or not. The golden rule is regularly backup on a separate hard drive.
Written by S.E. Smith copyright Â© 2003 - 2009 conjecture corporation.
Threat (3) Trojan horse.
The Storm Trojan (2006)
The Storm Worm is a Trojan horse program and computers become vulnerable to remote access by the attacker.
Some hackers use this Worm to create a bot-net and attempt to cripple networks. The computers infected or being controlled, will then be used to access networks.
Storm doesn't cause any damage, or noticeable performance impact, to the hosts, but Like a parasite does. It needs its host to be intact and healthy to sustain its own survival, and as with most threats, it will only be noticed when it is far too late.
It affects computers running Microsoft Windows and because Microsoft are considered the most popular software, that means more than 90 per cent of the world's PCs are vulnerable, with millions of computers being infected at its peak.
Many versions of the Storm Worm fool victims by encouraging them to downloading applications through fake links for example news or video clips. The individuals behind the attacks would amend the subject of the e-mail to reflect current events.
An example being, the 2008 Olympics in Beijing where a new version of the worm appeared in e-mails. These emails would have links to information about the Olympics. When they requested the link they activated the download of the worm to their computer systems.
Identify the vulnerabilities and the risk factors of the three threats that you have identified.
A worm is a program which copies itself across a network and differs from a computer virus in that a worm can run itself where a virus needs a host program to run, and the virus code runs as part of the host program. A worm can spread without a host program, although some modern worms also use files to hide inside. A worm variant can contain either the Microsoft Word or a folder icon. Copies of a worm also often adopts the same name and manner as the folder in which it was left. It may also launch “Ping” attacks which, depending on the number of infected systems, could result in form of a (DDoS) attack and prevents access to antivirus software.
They embed themselves into files, so that when the FAT accesses the file, the virus is triggered.
They overwrite files and directories, also material on a computer which can become permanently lost. FAT viruses often manifest themselves in the form of corrupted files.
A Trojan horse virus
A Trojan horse is known to hide in software programs, thus when these are opened you release the virus and will start infecting other files in the computer, with the most common means of infection through email attachment and once the user opens the attachment, the Trojan horse Virus will immediately infects the system
Copyright 2009 Tech-FAQ.
Investigate some countermeasures for the three threats that you have identified above.
There should be a minimum of 2 firewalls in place, one being on the outer for the network, the other the intranet. Any routers within a network should be configured with passwords with the maximum amount of digits allowed.
All patches should be kept up-to date, including driver patches, but understood that even taking these necessary steps will not guarantee 100% protection as hackers nd virus designers are being eveloped on an ongoing basis.
Symmetric key encryption, often referred to as secret key encryption, which use a common key and the same cryptographic formula to scramble and unscramble a message.
Symmetric key encryption and decryption are mathematically inexpensive compared to asymmetric key; therefore, they have a major performance advantage. For any bulk encryption, the preferred method is symmetric encryption.
One such example of Symmetric Encryption, is known as the Caesar Cipher, which is simply a mathematical formula e.g.: M = 8. This method requires another individual to be able to understand both the alphabetic code, and the 25 combinations.
An example would be two users A and B, who want to communicate securely with each other. Both A and B have to agree on the same cryptographic formula to use for encrypting and decrypting data. They also have to agree on a common key, the secret key to use with their chosen encryption/decryption formula. There are negotiation protocols to arrive at mutually agreeable algorithms and keys.
A stream cipher is a 5 algorithm to encrypt GSM communications, and works with RC4 (Nist, 2009) one of the most secure and reliable block encryption is AES as this is capable of using 128, 192, 256 bits. It is recognized by NIST under specifications of (FIPS 197) which is the Federal Information Processing Standard.
Asymmetric encryption is often referred to as public key encryption. It can use either the same algorithm or different but complementary algorithms to scramble and unscramble data. Two different but related key values are required: a public key and a private key. With the keys, if plain text is encrypted using the public key, it can only be decrypted using the private key (and vice versa).
Some of the more common uses of public key algorithms are listed as follows:
- Data integrity.
- Data confidentiality.
- Sender nonrepudiation.
- Sender authentication.
Data confidentiality and sender authentication can be achieved using the public key algorithm.
They obtain each other's key numbers from a trusted site.
The following steps must take place if A and B is to have confidential data exchange:
Step 1)Both A and B create their individual public/private key pairs.
Step 2)A and B exchange their public keys.
Step 3)A writes a message to B and uses his public key to encrypt A's message. Then A sends the encrypted data to B over the Internet.
Step 4)B uses the private key to decrypt the message.
Step 5)B writes a reply, encrypts the reply with A's public key, and sends the encrypted reply over the Internet to A.
Step 6)A uses the private key to decrypt the reply.
Data confidentiality is ensured when (A) sends the initial message because only (B) can decrypt the message with his private key. Data integrity is also preserved because, to modify the message, a malicious attacker would need B's private key again. Data integrity and confidentiality are also ensured for the reply because only (A) has access to the private key, and is the only one who can modify or decrypt the reply with the private key. To pretend to be (A) and send a message to (B) encrypted with (B's) public key. The public key is, after all, widely available.
Verification that it was (A) who sent the initial message is important.
A stream cipher encrypts data one bit at a time. This is a much slower but a more secure process compared to the block cipher, A5, the algorithm used to encrypt GSM communications, is a stream cipher.
- A5/0 utilizes no encryption.
- A5/1 is the original A5 algorithm used in Europe.
- A5/2 is a weaker encryption algorithm created for export and used in the United States.
- A5/3 is a strong encryption algorithm created as part of the 3rd Generation Partnership Project (3GPP).
RC4 is described as a simple and fast form of encryption. It is also one of the most popular forms of this cipher in the world. It is commonly used in the WEP protocol which is used for wireless commutation.
A downside to RC4 which people need to be aware of is the fact that the encryption key used for each encryption can only be used once or the risk of decoding becomes greater.
Below is an example of the encryption at work showing text before and after being encrypted. If someone was to intercept an email when it has been encrypted it could just look like gibberish unless knew it was encrypted and they could crack it.
RC4 is used in many applications, including:
- TLS (Transport Layer Security),
- WEP (Wired Equivalent Privacy),
- WPA (Wi-Fi Protected Access),
- TKIP (Temporal Key Integrity Protocol),
- Microsoft XBOX,
Also: Oracle SQL, Microsoft PPTP, Microsoft Office, and Adobe Acrobat.
RC4 has been extensively analyzed since that time and has thus far proven to be secure against all reasonable attacks.
Copyright Â© Network System Architects, Inc. 1998-2009 - All rights reserved.
- Allen, Julia H. (2001). The CERT Guide to System and Network Security Practices. Boston, MA: Addison-Wesley. ISBN 0-201-73723-X.
- ciscobook.org.ua/cisco_wireless_lan_security/ch02lev1sec1.html -
- Copyright 2002, Rick Macmurchie - February 4, 2002
- Copyright 2009 Tech-FAQ.