This chapter is dedicated to talk about network security, of course, it is relatively general to talk about the characteristics of network security, common network security vulnerabilities, and network security control methods. In the process of reference should be combined with information security Management (2): What is called information security? The principles and requirements of information security are read and understood together. Because network security is already part of the previous chapter.
This article only recorded the fragments of the notes, later time to add. It should be said that the next time in the computer network or distributed network in detail. The first part of the network definition and characteristics, the second part of TCP/IP does not need to see, just used to make notes.
1 definition and characteristics of the network 1.1 definition of the network
(Don't bother to say.) Your own wiki)
The usefulness of the network
- What's a network ...
- Devices in a network ...
- LAN, WAN and Internetworks
- What does networks do ...
- Sharing resources
- Use/share applications
1.2 Characteristics of the network characteristics of networks
–anonymity
–automation
–distance
–opaqueness
–routing diversity
1.3 Network topology 2 TCP/IP
- Protocols ...
- Open Systems
2.1 Iso–osi Reference Model-7 Layers
- Application:end user processes like FTP, e-mail, etc.
- Presentation:format, Encrypt data to send across network
- Session:establishes, manages and terminates connections between applications
- Transport:end-to-end error recovery, flow control, priority services
- Network:switching, Routing, addressing, internetworking, error handling, congestion control and packet sequencing
- Data-link:encoding, decoding data packets into bits. Media Access Control sub-layer:data access/transmit permissions. Logical Link sub-layer:frame Synchronisation, flow control, error checking.
- Physical:conveys the bit stream (electrical, light, radio)
All people Seem to need Data Protection
People don't Trust Sales people always
Iso-osi seven-storey structure
tcp/ip2.2 related agreements
- Application Layer–ftp, Telnet, DNS, DHCP, Tftp,rpc,nfs, SNMP.
- Transport Layer–tcp, UDP
- Internet Layer–ip, ICMP, ARP, BOOTP ...
- Organisations/entities:icann, IETF, IAB, Irtf, ISOC,
- Other protocols
- Ipx/spx
- Atm
- DECnet
- IEEE 802.11
- AppleTalk
- Usb
- Sna
3 Security implications of the network 3.1 reasons for insecure networks
What makes network vulnerable
- Anonymity
- Multiplicity of points of attack
- Resource sharing
- Complexity of system
- Uncertain perimeter
- Unknown Path
- Protocol Flaws/protocol Implementation Flaws
3.2 Motives of the network attack
Motivations of network attacks
- Challenge
- Fame
- Organised Crime
- Ideology
- Espionage/intelligence
4 Threats to cyber security
Threats in Networks
4.1 Reconnaissance
Reconnaissance
- Port Scan
- Social Engineering
- Intelligence Gathering
- O/S and application fingerprinting
- IRC Chat Rooms
- Available Documentation and tools
- Protocol Flaws/protocol Implementation Flaws
4.2 Threats in the course of network transmission
Threats in Transit
- Eavesdropping/packet sniffing
- Media Tapping (Cable, microwave, satellite, Optical fibre, Wireless)
4.3 Network impersonation
Impersonation
- Password guessing
- Avoiding authentication
- Non-existent Authentication
- Well-known authentication
- Masquerading
- Session Hijacking
- Man-in-the-middle
4.4 Information Privacy Threats
Message Confidentiality Threats
- Mis-delivery
- Exposure–in various devices in the path
- Traffic Flow Analysis–sometimes The knowledge of existence of message
Can be as important as message content
4.5 Information Integrity Threats
Message Integrity Threats
- Falsification
- Noise
- Protocol failures/misconfigurations
4.6 Operating system-based threats
Operating System based threats
- Buffer-overflow
- Virus, Trojans, rootkits
- Password
4.7 Application-based threats
Application based threats
- Web-site defacement
- DNS Cache Poisoning
- XSS (Cross-site Scripting)
- Active-code/mobile-code
- Cookie Harvesting
- Scripting
4.8 denial of Service
Denial of Service
- Syn flooding
- Ping of Death
- Smurf
- Teardrop
- Traffic re-direction
- Distributed denial of Service
- Bots and Botnets
- Script Kiddies
5 Network security Control
Network Security Controls
5.1 Weaknesses and threat analysis
Vulnerability and Threat Assessment
5.2 Network Structure control
Network Architecture
- Network segmentation
- Architect for availability
- Avoid SPOF (single points of failure)
- Encryption
- Link encryption
- End-to-end encryption
- Secure Virtual Private Networks
- Public Key Infrastructure and certificates
- SSL and SSH
5.3 Enhanced Encryption system
Strong authentication
- One time Password
- Challenge Response Authentication
- Kerberos
5.4 Firewall settings
Firewalls
- Packet Filters
- Stateful Packet Filters
- Application Proxies
- Diodes
- Firewall on end-points
5.5 Intrusion detection and defense system
Intrusion Detection/prevention Systems
- Network Based/host Based
- Signature based
- Heuristics Based/protocol Anomaly Based
- Stealth mode
5.6 Use policies and procedures
Policies and procedures
- Enterprise-wide Information Security Policy
- Procedures
- Buy-in (from executives and employees)
- Review, enhancement and modification
5.7 Other network control methods
- Data-leakage Protection Systems
- Content Scanning/anti-virus/spyware Control Systems
- Secure e-Mail Systems
- Design and implementation
- ACLs (Access Control Lists)
Reference documents:
- Principles of information security systems–texts and Cases–gurpreet dhillon-chapter 5:network security
- Security in Computing–charles & Shari pfleeger-chapter 7:security in Networks
- Information Security principles and Practices–mark Merkow & Jim breithaupt-chapter 12:telecommunications, Networ K and Internet Security
Information security Management (3): Network security