This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
In SMEs, it seems that the standard level maintenance of network equipment is comparatively lower to that of MNCs. The security firewall setting in small enterprises is based on limited time period and they can go for updating new versions available. The equipment installed belongs to standard kind but are of less guarantee period. Small and upcoming IT firms continue their business with a quality of equipment which is mostly of lower scale.
File and print share, remote access by employees and clients, providing internet access to internal users are some of the reasons that can be taken into account, for establishing networks in small business. Using few of access methods, SMEs with network operating systems will most possibly have access to the internet. Due to high wages received usually by the personnel, the small organizations are unlikely to possess fulltime dedicated automation.
This may often result in installation of operating system that are not optimized for security, and not constantly updated with the very recent software patches.
Low cost and quick spread of high speed internet service is making path into the small and medium enterprise's business segments of the market. With raise in emphasis on telecommuting and home based offices, access to internet will become more crucial to daily business operations in the near future. The utmost growth, in business high speed internet access, will be in cable modem access to small and home based offices. In addition to small businesses, many of the medium based firms have established remote branch offices that involve high speed internet access to communicate with the main branch. The survey conducted by Cahners In-Stat Group of 322 businesses stated the following types of high speed access that are in use.
There is a possible security threat of data leakage from to another, as there is no monitoring mechanism.
Figure Present Frame work use of Internet by SME
Initially, the target computer system is mapped by the attacker. This helps in identifying the target by acquiring the information about the IP address in use, type of Operating System (OS) running on, and open access points like ports if any on the target. The target system may be the one that has direct links to the internet via DSL, cable modem and/or other high speed data communications circuits. Existence of scanning programs allows the attacker to specify a range of IP addresses, or telephone numbers for modems, thus allowing the scanner to attempt to locate address, phone numbers that have a computer system attached to them.
The next phase involves conducting investigation against the target. This is to determine whether the information can be developed which may make the attacker's effort easier to accomplish. Attacks during this period involve hunting for passwords and individual user account names. At first look, these may appear to be easily defended against attack, but is more difficult to handle in real. "Social Engineering" concept is often used by the attacker, where the contacts with targeted businesses can be made easily. The attacker pretends to be someone from help desk or internet service provider and gathers the confidential information like user name accounts and passwords. Once the connection is made and necessary data is collected, the attacker will attempt to logon to the computer/system and masquerade as a genuine user. One more technique practiced by the attacker is known as "Dumpster Diving". In this case, the attacker rummages through scrap of the target finding lists of employee's names, which can be used as ammunition for the attack through remote access. Occasionally, the access to the target system can be made in this phase itself.
Stage three, in which an attempt is made to gain access to the target system with no prior knowledge of a valid user id and password. There may be different methods of acquiring entry into the system depending on the software installed, where logon to the system is possible without user id and password. This phase requires a skilled attacker. The attacker needs to find a vulnerability on the target that can be compromised and acquire unauthorized access to the system. Operating system software installed without giving concern to security can leave a system with a default installation. This makes system unhardened to lower the possibility of unauthorized access, resulting in vulnerabilities. These vulnerabilities can be exploited by the attacker during this state of attack. Once, the access is gained, the attacker is free to roam about the network finding necessary content, planting Trojan horse programs, manipulating and deleting all data without the knowledge to the actual user.
System Map: The primary step is to identify actual set up of computer system. This step is required for both intranets (internal networks) and single systems linked to the internet along with any internal networks that are not connected to the internet but provide remote access. Following points can be considered when a system map is created.
Which computer systems are connected to internal network?
What kinds of software and OS is installed and running on those systems?
What is the present, updated version of the software that is installed?
Which systems are linked to the internet directly? Are these systems attached to the internal network?
Which computers have modems installed and are these modems set for auto answer?
What and where the virus scanning software is installed?
What type of IDS is installed? Are the logs reconsidered on a regular and frequent basis?
What are the firm's critical business applications and data?
Hardening the Software: This can be done by taking a critical look at the software that is installed on the system. The software should be updated with the current available services by examining the manufacturer's web pages. Frequently, systems are compromised by hackers when an update for particular software was available that could have stopped the hacker from acquiring access to the system through that particular software program.
Any sample system data or sample program data must be removed from the production system since some of these might pose a security hole on the system. This is principally true in case of usage of Microsoft Internet Information Server (IIS) which consists of sample program scripts that are easily compromised by hackers. The program becomes secure once the sample scripts are deleted. CGI (Common Gateway Interface), is the language used by programmers to read and display input to a WWW based form. The sample models furnished with WWW server programs are written, not considering security aspect. There is a strong chance for hackers to weaken these programs and cause them to run other programs.
Reducing and securing access points: The system map has to be reviewed to identify the systems that have direct access to the internet or remote access outside the network. The target is to lower the number of access points to the minimum required and then install software that assists to monitor the data flow into and from the network.