Many people use protocols like http/ftp to transfer the data, but sans of proper knowledge. How does it work? Whether it is safely reaching the desired destination, or it is being public, or someone illegally accessing it with out your consent.



Technologies

With the rapid growth of interest in the Internet, network security has become a major concern to companies throughout the world. The fact that the information and tools needed to penetrate the security of corporate networks are widely available has increased that concern.

Because of this increased focus on network security, network administrators often spend more effort protecting their networks than on actual network setup and administration. Tools that probe for system vulnerabilities, such as the Security Administrator Tool for Analyzing Networks (SATAN), and some of the newly available scanning and intrusion detection packages and appliances, assist in these efforts, but these tools only point out areas of weakness and may not provide a means to protect networks from all possible attacks.

Thus, as a network administrator, you must constantly try to keep abreast of the large number of security issues confronting you in today's world. This chapter describes many of the security issues that arise when connecting a private network to the Internet.

Security Issues When Connecting to the Internet When you connect your private network to the Internet, you are physically connecting your network to more than 50,000 unknown networks and all their users.

Although such connections open the door to many useful applications and provide great opportunities for information sharing, most private networks contain some information that should not be shared with outside users on the Internet. In addition, not all Internet users are involved in lawful activities. These two statements foreshadow the key questions behind most security issues on the Internet:

How do you protect confidential information from those who do not explicitly need to access it? How do you protect your network and its resources from malicious users and accidents that originate outside your network?

Network Packet Sniffers

As mentioned earlier, network packet sniffers can yield critical system information, such as user account information and passwords. When an attacker obtains the correct account information, he or she has the run of your network. In a worst-case scenario, an attacker gains access to a system-level user account, which the attacker uses to create a new account that can be used at any time as a back door to get into your network and its resources.

The attacker can modify system-critical files, such as the password for the system administrator account, the list of services and permissions on file servers, and the login details for other computers that contain confidential information.

Packet sniffers provide information about the topology of your network that many attackers find useful. This information, such as what computers run which services, how many computers are on your network, which computers have access to others, and so on, can be deduced from the information contained within the packets that are distributed across your network as part of necessary daily operations.

In addition, a network packet sniffer can be modified to interject new information or change existing information in a packet. By doing so, the attacker can cause network connections to shut down prematurely, as well as change critical information within the packet.

IP Spoofing

IP spoofing can yield access to user accounts and passwords, and it can also be used in other ways. For example, an attacker can emulate one of your internal users in ways that prove embarrassing for your organization; the attacker could send e-mail messages to business partners that appear to have originated from someone within your organization.

Such attacks are easier when an attacker has a user account and password, but they are possible by combining simple spoofing attacks with knowledge of messaging protocols. For example, Telnetting directly to the SMTP port on a system allows the attacker to insert bogus sender information.

Password Attacks

Just as with packet sniffers and IP spoofing attacks, a brute-force password attack can provide access to accounts that can be used to modify critical network files and services. An example that compromises your network's integrity is an attacker modifying the routing tables for your network. By doing so, the attacker ensures that all network packets are routed to him or her before they are transmitted to their final destination. In such a case, an attacker can monitor all network traffic, effectively becoming a man in the middle.

Denial-of-Service Attacks

Denial-of-service attacks are different from most other attacks because they are not targeted at gaining access to your network or the information on your network. These attacks focus on making a service unavailable for normal use, which is typically accomplished by exhausting some resource limitation on the network or within an operating system or application.

When involving specific network server applications, such as a Hypertext Transfer Protocol (HTTP) server or a File Transfer Protocol (FTP) server, these attacks can focus on acquiring and keeping open all the available connections supported by that server, effectively locking out valid users of the server or service. Denial-of-service attacks can also be implemented using common Internet protocols, such as TCP and Internet Control Message Protocol (ICMP).

Most denial-of-service attacks exploit a weakness in the overall architecture of the system being attacked rather than a software bug or security hole. However, some attacks compromise the performance of your network by flooding the network with undesired and often useless network packets and by providing false information about the status of network resources.

Security Tips
Firewall
Role of IP
Hacker
Technologies
VPN
FireWall security
Network security

Ever since man has learnt to interconnect his private network with other network, his second thought is how exchange only authorized data. Unknowingly many data gets allowed to be exchanged- sometimes intentionally data is assessed by others from one's private network. This is the called hacking. As the technology of exchanging data between personal networks increases the technology of unauthorized data assessing develops, man then thinks of a technology to prevent the unauthorized data accessing. This technology then took the shape of software- it is christened as firewall now.

Market Place
Home| About Us| Network security| Contacts| Site Map

  © 2005 www.secure-network.info, All rights reserved.