NETWORK SECURITY
1. What is Network Security
One thing to keep in mind that there is no network of anti tapping or no computer network is completely secure. The nature of the network is to perform communication. Any communication to fall into the hands of others and abused. Security systems help secure the network without blocking its use and place of anticipation when the network is successfully penetrated. Also, make sure that the user in the network have enough knowledge about security and make sure that they accept and understand the security plan that you created. If they do not understand this, then they will create a hole (hole) security on your network.
There are two main elements forming the network security:
• Wall of security, both physical and virtual, which is placed between the devices and network services used and the people who would do evil.
• Security Plan, which will be implemented together with other users, to keep the system can not be penetrated from outside.
Defined security aspects of these five points.
• Security Plan, which will be implemented together with other users, to keep the system can not be penetrated from outside.
Defined security aspects of these five points.
a. Confidentiality Require that information (data) can only be accessed by parties who have authority.
b. Integrity Requires that information can only be modified by parties who have
authority.
c. Availability Requires that information available to parties who have authority when needed.
d. Require that a sender authentication information can be correctly identified and there is no guarantee that the false identity is not obtained.
e. Nonrepudiation Requiring that both the sender and receiver of information can not deny sending and receiving messages.
Attacks (interference) for security can be categorized into four main categories:
a. Interruption
An asset of a system being attacked so become unavailable or can not be used by the authorities. An example is the destruction / modification of hardware or network channels.
An asset of a system being attacked so become unavailable or can not be used by the authorities. An example is the destruction / modification of hardware or network channels.
b. Interception
An unauthorized person gaining access to an asset. Parties in question can be a person, program, or other systems. An example is the interception of data in a network.
An unauthorized person gaining access to an asset. Parties in question can be a person, program, or other systems. An example is the interception of data in a network.
c. Modification
An unauthorized person can make changes to an asset. Examples are changes in the value of the data files, modify the program so that it runs with no proper, and the modification of message being transmitted in the network.
An unauthorized person can make changes to an asset. Examples are changes in the value of the data files, modify the program so that it runs with no proper, and the modification of message being transmitted in the network.
d. Fabrication
An unauthorized party inserts counterfeit objects into the system.
An example is sending false messages to others.
There are several principles that should be avoided in dealing with security issues:
Ÿ silent and all will be fine
Ÿ hide and they will not be able to find your
Ÿ technology used complex / complicated, meaning safe
Ÿ silent and all will be fine
Ÿ hide and they will not be able to find your
Ÿ technology used complex / complicated, meaning safe
2. Concern Network Problems
Overview
Defining security (on a computer network) can be done by looking at the targets to be achieved through the concept of 'safe'. Here is a list of features
that can prevent / anticipate the attacks from outside parties or the party inside.
Security Policy
Before proceeding to the implementation of a more distant level should be determined first what was to be protected and protected from whom. Some of the following questions to help determine the security policies are taken.
1. What information is considered confidential or sensitive?
2. You protect your system from whom?
3. Do you need remote access?
4. Are passwords and encryption enough to protect?
5. Do you need Internet access?
6. What action do you do if you find that your system is compromised?
And many other questions depend on the form of organization you manage.
Security policy depends for what you believe other people, inside or outside your organization. Policy should be a balance between allowing the user to access the information needed while maintaining system security.
Defining security (on a computer network) can be done by looking at the targets to be achieved through the concept of 'safe'. Here is a list of features
that can prevent / anticipate the attacks from outside parties or the party inside.
Security Policy
Before proceeding to the implementation of a more distant level should be determined first what was to be protected and protected from whom. Some of the following questions to help determine the security policies are taken.
1. What information is considered confidential or sensitive?
2. You protect your system from whom?
3. Do you need remote access?
4. Are passwords and encryption enough to protect?
5. Do you need Internet access?
6. What action do you do if you find that your system is compromised?
And many other questions depend on the form of organization you manage.
Security policy depends for what you believe other people, inside or outside your organization. Policy should be a balance between allowing the user to access the information needed while maintaining system security.
Physical Security
Physical in this section is defined as a situation where someone can get into the room server / network and can access these devices are illegal. Unauthorized persons could have been a guest, cleaning staff, delivery courier packages, and others who can get into the room and fiddling with existing devices. If someone has access to that room, that person can just install Trojan horse programs on the computer, booting from a floppy disk, or steal sensitive data (such as the password file) and unpack in a safer place.
To maintain security, put the server in a room that can be locked and make sure that the room was locked properly. To avoid surveillance, use a screen-saver that can dipassword. Set also all computers to perform the function of auto-logout after inactivity in a certain period.
Physical in this section is defined as a situation where someone can get into the room server / network and can access these devices are illegal. Unauthorized persons could have been a guest, cleaning staff, delivery courier packages, and others who can get into the room and fiddling with existing devices. If someone has access to that room, that person can just install Trojan horse programs on the computer, booting from a floppy disk, or steal sensitive data (such as the password file) and unpack in a safer place.
To maintain security, put the server in a room that can be locked and make sure that the room was locked properly. To avoid surveillance, use a screen-saver that can dipassword. Set also all computers to perform the function of auto-logout after inactivity in a certain period.
BIOS Security
Actually, an admin is recommended to disable boot from floppy. Or it could be done by creating a password on the BIOS and set boot password. Password Attack
Many people store important information on the computer and it is often a password that prevents others to see it. To avoid attack user password then you should use a password that is pretty good. Hint password selection:
• All passwords must consist of at least 7 characters.
• Enter a combination of letters, numbers, and punctuation as much as possible with a record that still easy to remember passwords. One way is to combine random words with punctuation or by combining the words with numbers. Examples: @ sweet melon flavor #, komputer0digital1, less 2001
• Use the first letter of a phrase that is memorable. Examples: parking is prohibited between the hours of 7 am and at 8 pm à dpap7php8s, no system is completely secure within the context of network à tasybbadkj
• Use a number or punctuation mark to replace the letters in the password. Example: success à k3b3rh45! L4n
• Change your passwords regularly
Malicious Code
Malicious code can be a virus, trojan or worm, usually in the form of code instructions that will burden the system so that system performance decreases. How to anticipate it could be seen at 6 the following example:
1. provide awareness to the user about the virus threat.
2. use a good anti-virus program on a workstation, server and internet gateway (if any).
3. teach and train users how to use anti-virus program
4. as admins should always update your anti-virus program and virus databases
5. Familiarize the user to NOT open the email attachment file or any file from a floppy before 110% sure or not an attachment / file page "clean".
6. Make sure your security policy up to date.
Many people store important information on the computer and it is often a password that prevents others to see it. To avoid attack user password then you should use a password that is pretty good. Hint password selection:
• All passwords must consist of at least 7 characters.
• Enter a combination of letters, numbers, and punctuation as much as possible with a record that still easy to remember passwords. One way is to combine random words with punctuation or by combining the words with numbers. Examples: @ sweet melon flavor #, komputer0digital1, less
• Use the first letter of a phrase that is memorable. Examples: parking is prohibited between the hours of 7 am and at 8 pm à dpap7php8s, no system is completely secure within the context of network à tasybbadkj
• Use a number or punctuation mark to replace the letters in the password. Example: success à k3b3rh45! L4n
• Change your passwords regularly
Malicious Code
Malicious code can be a virus, trojan or worm, usually in the form of code instructions that will burden the system so that system performance decreases. How to anticipate it could be seen at 6 the following example:
1. provide awareness to the user about the virus threat.
2. use a good anti-virus program on a workstation, server and internet gateway (if any).
3. teach and train users how to use anti-virus program
4. as admins should always update your anti-virus program and virus databases
5. Familiarize the user to NOT open the email attachment file or any file from a floppy before 110% sure or not an attachment / file page "clean".
6. Make sure your security policy up to date.
Sniffer
Sniffer is a computer network communication interception devices utilizing premicious mode on ethernet. Because the computer communication network consisting of random binary data will typically have sniffer protocol analyzer so that a random binary data can be solved. Sniffer for the management functions can be used for network maintenance, to an outsider can to break down the system.
The easiest way to anticipate the sniffer is using a secure application, for example: ssh, ssl, secureftp etc.
Scanners
Network services (network service) of different runs on different ports as well. Each network service running on a particular network address (eg 167.205.48.130) and listening (listening) in one or more ports (between 0 to 65 535). Both make up what is called a socket address that uniquely identifies a service within the network. Ports 0 to 1023 the most commonly used is defined as a well-known number in the UNIX convention and described in RFC 1700.
Port Scanner is a program designed to find the service (service) what is running on the host network. To gain access to the host, the cracker must know the points of weakness that exist. For example, if a cracker has to know that the host is running the ftp server, he can use the weaknesses that exist on the ftp server to gain access. From this passage we can conclude that the service is not absolutely necessary should be removed to minimize the security risks that might occur.
Similar to a port scanner in the previous section, network scanner provides information on the intended target, such as the operating system used, an active network service, type of machine that is connected to the network, and network configuration. Sometimes, network scanner also integrates port scanners in their applications. This tool is useful for finding information about the target as much as possible before doing the actual attack. By knowing the conditions and network configurations, one would more easily enter and damage the system.
Example scanners: nmap, netcat, NetScan Tools Pro 2000, SuperScan
Spoofing
Spoofing (impersonation), usually done by irresponsible parties to use the facilities and resources of the system. Spoofing is a technique that is detected as an undercover identity that is not true, eg: posing as a specific IP, computer name and even a certain e-mail address. The anticipation can be done by using a firewall application.
Denial of Service
Denial of Service (DoS) attack in which a party is to exploit aspects of the Internet Protocol suite to block access to those who are entitled to information or systems under attack. Hole that allows denial is in category C, which is in a low priority. These attacks are usually based on the operating system that is used. That is, this hole is in the network part of the operating system itself. When this kind of hole appears, this hole must be repaired by the owner of the software or patched by the vendor that issued the operating system. Examples of this are TCP SYN attack where a network connection request is sent to the server in a very large number. As a result, the server was flooded with requests and the connection becomes slow or even not be achieved at all. These holes are almost in all operating systems running TCP / IP to communicate on the Internet. This seems to be an issue contained in the design suite TCP / IP, and is something that is not easily solved.
In a DoS attack, someone can do something which interfere with the performance and operation of the network or server. As a result of this attack is slow in responding servers or networks, or can even cause crashes. DoS attacks interfere with the legitimate user to obtain a legitimate service, but does not allow a cracker to get into the existing network system. However, this kind of attack against a server that handles e-commerce activities can result in financial losses.
0 comments:
Post a Comment