Information security Management (3): Network security

Source: Internet
Author: User

This chapter is dedicated to talk about network security, of course, it is relatively general to talk about the characteristics of network security, common network security vulnerabilities, and network security control methods. In the process of reference should be combined with information security Management (2): What is called information security? The principles and requirements of information security are read and understood together. Because network security is already part of the previous chapter.

This article only recorded the fragments of the notes, later time to add. It should be said that the next time in the computer network or distributed network in detail. The first part of the network definition and characteristics, the second part of TCP/IP does not need to see, just used to make notes.

1 definition and characteristics of the network 1.1 definition of the network

(Don't bother to say.) Your own wiki)
The usefulness of the network

    • What's a network ...
    • Devices in a network ...
    • LAN, WAN and Internetworks
    • What does networks do ...
      • Sharing resources
      • Use/share applications
1.2 Characteristics of the network characteristics of networks

–anonymity
–automation
–distance
–opaqueness
–routing diversity

1.3 Network topology 2 TCP/IP
    • Protocols ...
    • Open Systems
      • ANSI, IETF, ISO, IAB
2.1 Iso–osi Reference Model-7 Layers
    • Application:end user processes like FTP, e-mail, etc.
    • Presentation:format, Encrypt data to send across network
    • Session:establishes, manages and terminates connections between applications
    • Transport:end-to-end error recovery, flow control, priority services
    • Network:switching, Routing, addressing, internetworking, error handling, congestion control and packet sequencing
    • Data-link:encoding, decoding data packets into bits. Media Access Control sub-layer:data access/transmit permissions. Logical Link sub-layer:frame Synchronisation, flow control, error checking.
    • Physical:conveys the bit stream (electrical, light, radio)
      All people Seem to need Data Protection
      People don't Trust Sales people always

Iso-osi seven-storey structure
tcp/ip2.2 related agreements
    • Application Layer–ftp, Telnet, DNS, DHCP, Tftp,rpc,nfs, SNMP.
    • Transport Layer–tcp, UDP
    • Internet Layer–ip, ICMP, ARP, BOOTP ...
    • Organisations/entities:icann, IETF, IAB, Irtf, ISOC,
    • Other protocols
      • Ipx/spx
      • Atm
      • DECnet
      • IEEE 802.11
      • AppleTalk
      • Usb
      • Sna
3 Security implications of the network 3.1 reasons for insecure networks

What makes network vulnerable

    • Anonymity
    • Multiplicity of points of attack
    • Resource sharing
    • Complexity of system
    • Uncertain perimeter
    • Unknown Path
    • Protocol Flaws/protocol Implementation Flaws
3.2 Motives of the network attack

Motivations of network attacks

    • Challenge
    • Fame
    • Organised Crime
    • Ideology
    • Espionage/intelligence
4 Threats to cyber security

Threats in Networks

4.1 Reconnaissance

Reconnaissance

    • Port Scan
    • Social Engineering
    • Intelligence Gathering
    • O/S and application fingerprinting
    • IRC Chat Rooms
    • Available Documentation and tools
    • Protocol Flaws/protocol Implementation Flaws
4.2 Threats in the course of network transmission

Threats in Transit

    • Eavesdropping/packet sniffing
    • Media Tapping (Cable, microwave, satellite, Optical fibre, Wireless)
4.3 Network impersonation

Impersonation

    • Password guessing
    • Avoiding authentication
    • Non-existent Authentication
    • Well-known authentication
    • Masquerading
    • Session Hijacking
    • Man-in-the-middle
4.4 Information Privacy Threats

Message Confidentiality Threats

    • Mis-delivery
    • Exposure–in various devices in the path
    • Traffic Flow Analysis–sometimes The knowledge of existence of message
      Can be as important as message content
4.5 Information Integrity Threats

Message Integrity Threats

    • Falsification
    • Noise
    • Protocol failures/misconfigurations
4.6 Operating system-based threats

Operating System based threats

    • Buffer-overflow
    • Virus, Trojans, rootkits
    • Password
4.7 Application-based threats

Application based threats

    • Web-site defacement
    • DNS Cache Poisoning
    • XSS (Cross-site Scripting)
    • Active-code/mobile-code
    • Cookie Harvesting
    • Scripting
4.8 denial of Service

Denial of Service

    • Syn flooding
    • Ping of Death
    • Smurf
    • Teardrop
    • Traffic re-direction
    • Distributed denial of Service
      • Bots and Botnets
      • Script Kiddies
5 Network security Control

Network Security Controls

5.1 Weaknesses and threat analysis

Vulnerability and Threat Assessment

5.2 Network Structure control

Network Architecture

    • Network segmentation
    • Architect for availability
    • Avoid SPOF (single points of failure)
    • Encryption
      • Link encryption
      • End-to-end encryption
      • Secure Virtual Private Networks
      • Public Key Infrastructure and certificates
      • SSL and SSH
5.3 Enhanced Encryption system

Strong authentication

    • One time Password
    • Challenge Response Authentication
    • Kerberos
5.4 Firewall settings

Firewalls

    • Packet Filters
    • Stateful Packet Filters
    • Application Proxies
    • Diodes
    • Firewall on end-points
5.5 Intrusion detection and defense system

Intrusion Detection/prevention Systems

    • Network Based/host Based
    • Signature based
    • Heuristics Based/protocol Anomaly Based
    • Stealth mode
5.6 Use policies and procedures

Policies and procedures

    • Enterprise-wide Information Security Policy
    • Procedures
    • Buy-in (from executives and employees)
    • Review, enhancement and modification
5.7 Other network control methods
    1. Data-leakage Protection Systems
      • Network Based/host Based
    2. Content Scanning/anti-virus/spyware Control Systems
      • Network Based/host Based
    3. Secure e-Mail Systems
    4. Design and implementation
    5. ACLs (Access Control Lists)
Reference documents:
    1. Principles of information security systems–texts and Cases–gurpreet dhillon-chapter 5:network security
    2. Security in Computing–charles & Shari pfleeger-chapter 7:security in Networks
    3. Information Security principles and Practices–mark Merkow & Jim breithaupt-chapter 12:telecommunications, Networ K and Internet Security

Information security Management (3): Network security

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.