This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Peer to Peer networks are vulnerable to different kind of security issues but also have advantages of file sharing inside a small area. You can connect up to 10 Personal computers or laptops to the network before you will think about upgrading to the client server.
The followings are the main Assets in this peer to peer network.
Hardware: PC1 and PC2, Laptop, Printer, Scanner, Router, ADSL filter, Telephone Line
Window XP Professional
Data and Information
All the files including bills, invoices, photos, customer or friends information, data belonging to the customers.
The network in question has different possible weaknesses, which I will try to identify during this discussion. When you look at any type of computer network security, you always consider following things;
Confidentiality: Prevention of unauthorised disclosure of information.
Integrity: prevention of unauthorised modification of information.
Availability: hold users accountable for their actions.
Nonrepudiation: the ability to ensure that someone cannot deny his or her actions.
In this case, I don't know who is using the network, assuming it is used in a house, and then I just guess that it is a family of two or three.
Wired network is perfectly fine because no signal is being broadcast, but wireless network is really susceptible to all the nasty attacks, if you don't secure it, anyone can use your network and make your life really difficult a man in the middle attack will be a disaster for everyone's security.
A hacker's laptop will work as an access point and he/she will be able to do anything like, view your internet passwords your communications like emails and will be able to alter the information as well. Wireless sniffers, denial of service attacks, spoofing they can easily make this network disable forever. So one will need very good firewall software on all the computers and a very strong WPA-PS2 type security password for your router.
There is no mention of any anti-virus, anti-spam software in the description, which makes the entire computer network very easy target for malware or spam, anyone's computer could be infected with virus by just opening an email, a virus, spam or spoof scanner will be really a good idea to prevent the computers or the network from any catastrophic situation.
I also can't see any tenable file sharing area, where all the files can be saved and retrieved in case of a network or computer failure. A hard drive can be a big advantage, because if in case all the measures that normally will be taken in a secured network like firewall, anti-virus, WEP/WPA keys etc, didn't work and the computer crashed, you can retrieve all the vital information from an external Hard drive.
Also, there is no password setup on the computers, which is again really very vital in a network. Person with the control i.e. in this case the person who is the main computer user will at least have a password setup for the main file sharing area, on the main computer. Also encryption is really important for any computer all the information needs to be encrypted so that, If the laptop is lost or stolen then it will be really difficult for someone to take the data of the hard drive.
Network security involves protecting all the resources on a Computer network from different type of threats. You can't just consider the computer which is on the network but you also have to consider the data it is transmitting or receiving on the network, the devices, it is connected i.e. router, switch or an access point etc, are as important.
I agree with Thomas from SANS Institute InfoSec reading room that there are lots of precautions we can take to insure the security of the network. There are many different methods of locking out intruders from invading your systems. Simply using one method may not be enough to protect you from persistent intruders. Also, there are levels of protection. How much protection do you need? That depends on how many systems you are trying to protect, what kind and valuation of the data on the systems.
Just like in the real world, security is only good if the tools are used. Locks on cars and homes are provided to keep intruders out. Then why do some people leave their homes and vehicles unlocked? Is it because they don't understand the threats? Is it because they believe they have nothing of value to be stolen? Or are they simply Ignorant to the risks?
Your computer has tons of data collected about you. It keeps track of where you have been, what you have been browsing, who you are, personal information, bank account numbers, passwords, email, identity, etc.... Leaving your computer open and unsecured allows intruders to view every detail about you, not including the threat to personal properties. Some attacks can cause damage to your system and your data making that information inaccessible to even you, the owner.
2F94 998D FDB5 DE3D F8B5 06E4 A169 4E4
Even a secure home is never completely safe. Intruders break in or find back doors or loose windows. The same is true of your computer network. Hackers search for open doors to nudge their way through, others deploy agents or scanners set to check every loose connection to find a way in. Kim Thomas. In some cases, hackers set out highlight vulnerabilities in software programs. The results of these attacks are not always malicious in nature, but more like the common vandal. Vulnerability is a back door or a bug in a software program that defeats the functionality of the program. It could allow intruders to get through undetected, cause erroneous results or Denial of Service (DoS) attacks or any other of a number of different problems. A hacker wishing to disguise himself can even use your computer and identity to unleash a malicious virus, costing billions of dollars in cleanup and have the virus traced back to you. Attacks are not always personal in nature. There are almost as many reasons for attacks as there are attackers. It's better to protect yourself so that you are not a victim. (Thomas, 2001) SANS Institute- Reading Room site, Building a secure home network.17-12-2009
Cole and his other fellow writers are right in saying that, we can prepare ourselves and our networks for the threats that it might face if we could identify them. In a network, whether it is a small or a large network, certain things are really vulnerable.
- Accounts with the system privileges where the default password, such as 'Manager' has not been changed.
- Programs with unnecessary privileges.
- Programs with known flaws.
- Weak access control settings on resources, for example, granting everyone full control to shared folder.
- Weak firewall configurations that allow access to vulnerable services.
Vulnerability scanners (also called risk analysis tools) provide a systematic and automated way of identifying vulnerabilities. However, their knowledge base of know vulnerabilities has to be kept up to date. Organisations like SANS Institute or the Computer Emergency Response Team (CERT) provide this information, as do security advisories of software companies. One vulnerability scanner provided by Microsoft is the Microsoft Baseline Security Analyzer. (Cole, Krutz, Conley, Reisman, Ruebush, Gollman, Reese, 2008)
Microsoft Baseline Security Analyzer (MBSA)
MBSA is a tool that allows a user to scan one or more Windows-based computers for common security problems. The MBSA can be executed from any machine that is running Windows 2000 Professional, Windows 2000 Server, Windows XP Home or Windows XP Professional. After scanning MBSA generates a report based on its findings, which is divided into categories based on installations on the system.
Key areas that are scanned are:
- IIS & SQL
- The number and permissions of the administrator accounts
- Status of the guest account
- Password analysis which measures strength of the passwords
- Available published shares
- Performs an Microsoft Office check
- Analyzes Internet Explorer's security features
- OS and application HotFix and service pack levels
MBSA uses the HFNetChk tool to identify if security updates have been applied to a system. HFNetChk does this by referring to an XML security hotfix database that's constantly updated by Microsoft. This XML database contains information about the hotfixes that are available for each Microsoft product.
MBSA Version 1.1.1 is available for download at the Microsoft website. Anonymous (http://www.intelligentedu.com/computer_security_for_everyone/8-securing-windows.html) 2009-12-18.
Microsoft's STRIDE threat model for software security mentions the categories below.
The network in question will have a lot threats i.e.
- Spoofing identities: The perpetrator pretends to be someone else and try to access information, for example someone sent me an email and pretending to be my bank and asked me to click on a link which seems to be the link of my bank but has an hidden link which will take me to the fake website which will look exactly like my banks website.
- Tampering with Data: Someone in the organisation/ business let the hacker/ attacker in the system, by accidently downloading some pages, which gives him/her the way of manipulating the computer /network system files data to give them, more easier and privileged access.
- Repudiation: An employee or business/work colleague denies doing something naughty, like changing password of a colleague or making a accessing someone internet bank and buy thing using their bank details.
- Passwords: Giving you password to someone for them to access the information, your business can be in a big risk.
- Denial of service attack (DoS): The attacker will send some packets to keep your server or computer processor so busy that you won't be able to do anything on it.
- Virus attack: Biggest example was I love you virus which was created in May 2000 and it spread in 5 hours in three continents buy just sending a corrupted file via email. It had a disastrous affect on lots of organisation, even British Parliament House.
I am a big advocate of educating computer users, so that whatever security measures are put in place people are aware of them, and also they are aware of the consequences if they are not followed. After that I will take few more steps.
I will therefore
- Create an administrative area with a password, so that one person can be made responsible to look after that and control the shared file area.
- Install a internet security software i.e. AVG, Norton or mcAfee to make sure that I have no problems with file sharing and getting emails from anyone, I will also activate window firewall.
In the end I will recommend to have a server installed so that everything is controlled centrally, and also set up some policies and standards.