Fundamentals of Computer Systems

 The network layout has much influence over the security of the network. The placement of servers with respect to the firewall and various other computers can affect both network performance and security. There may even be areas of the network which are more secure than others. Some of these areas may be further protected with an additional firewall. A typical secure network diagram is shown below in Figure 3.3: In the above diagram, the box labeled "IDS" is an intrusion detection system which may be a computer or devised designed to log network activity and detect any suspicious activity. In this diagram, it is shown outside the firewall on the semiprivate network and protecting the servers on the private network. It may be a good idea to place IDS just inside the firewall to protect the entire private network since an attack may be first launched against a workstation before being launched against a server. The IDS protecting the servers could be moved to protect the entire...

 In this unit, we have already learnt that the firewall is only one entry point to your network. Modems, if you allow them to answer incoming calls, can provide an easy means for an attacker to sneak around, your front door (or, firewall). Just as castlesweren't built with moats only in the front, your network needs to be protected at all of its entry points. Secure Modems, DialBack Systems If modem access is to be provided, this should be guarded carefully. The terminal server, or network device that provides dialup access to your network needs to be actively administered, and its logs need to be examined for strange behavior. Its passwords need to be strong not ones that can be guessed. Accounts that aren't actively used should be disabled. In short, it's the easiest way to get into your network from remote: guard it carefully. There are some remote access systems which have the feature of a twopart procedure to establish a connection. The first part is the remote user di...

 Network security is broad domain term which includes many key elements. Let us discuss these elements in brief: a) Firewall As we have discussed in our earlier discussion on the Internet and similar networks, connecting an organization to the Internet provides a twoway flow of traffic. This is clearly undesirable in many organizations, as proprietary information is often displayed freely within a corporate intranet (that is, a TCP/IP network, modeled after the Internet that only works within the organization). In order to provide some level of separation between an organization's intranet and the Internet, firewalls have been deployed. A firewall is simply a group of components that collectively form a barrier between two networks. Firewall systems protect and facilitate your network at a number of levels. They allow email and other applications, such as file transfer protocol (FTP stands for File Transfer Protocol. It is used for copying files between computer systems. FTP server...

There are many strong tools available for securing a computer network. Tools to protect your enterprise network have been evolving for the last two decades, roughly the same amount of time that people have been trying to break into computer networks. These tools can protect a computer network at many levels, and a wellguarded enterprise deploys many different types of security technologies. The most obvious element of security is often times the most easily overlooked: physical security—namely, controlling access to the most sensitive components in your computer network, such as a network administration station or the server room. No amount of planning or expensive equipment will keep your network secure if unauthorized personnel can have access to central administration consoles. Even if a user does not have evil intent, an untrained user may unknowingly provide unauthorized outside access or override certain protective configurations. Let us briefly discuss few of these network secur...

 Small and medium sized businesses use the Internet and networked applications to reach new customers and serve their existing ones more effectively. At the same time, new security threats and legislation puts increased pressure on business networks to be reliable and secure. Business Challenges According to recent studies, security is the biggest challenge facing small and mediumsized businesses. Everchanging security threats from both inside and outside the business network can wreak havoc on business operations, affecting profitability and customer satisfaction. Small and mediumsized businesses must also comply with new regulations and laws created to protect consumer privacy and secure electronic information. Security issues for small and medium – sized businesses are classified into 5 basic categories: Worms and Viruses As per research, Computer worms and viruses remain the most common security threat, with 75 percent of small and medium businesses affected by it.. Worms and v...

 When the term computer security is used, it specifically refers to the security of one computer, although the overall security of each individual computer is required for network security. When the term network security is used, it refers to the security of the network in general. This includes such issues as password security, network sniffing, intrusion detection, firewalls, network structure and so forth. Securing network infrastructure is like securing possible entry points of attacks on a country by deploying appropriate defense. Computer security is more like providing means to protect a single PC against outside intrusion. The former is better and practical to protect the civilians from getting exposed to the attacks. The preventive measures attempt to secure the access to individual computersthe network itselfthereby protecting the computers and other shared resources such as printers, networkattached storage connected by the network. Attacks could be stopped at their entr...

 There are various threats identified for network security. Let us discuss few of them in brief: Viruses: Computer programs written by devious programmers and designed to replicate themselves and infect computers when triggered by a specific event. Viruses reproduce themselves by attaching themselves to other files that the user does not realize are infected. Viruses spread today mainly through Email attachments. The attachment may be a file that is a legitimate file but the virus may be attached as a macro program in the file. An example is a Microsoft word file. These files can contain macro programs which can be run by Microsoft Word. A virus may infect these files as a macro and when they get on the next user's computer, they can infect other files. These virus programs normally take advantage of a security vulnerability of the running application. Viruses can directly affect executable files or Dynamic Link Library (DLL) files that the operating systems and applications use to...

 Let us first revisit the concept of network. A computer network is simply a system of interconnected computers. That is used every day to conduct transactions and communications among businesses, government agencies and individuals. The networks consist of "nodes", which are "client" terminals (individual user PCs), and one or more "servers" and/or "host" computers. They are linked by communication systems, some of which might be private, such as within a company and others which might be open to public access. The obvious example of a network system that is open to public access is the Internet, but many private networks also utilize publiclyaccessible communications. Today, most companies' host computers which can be accessed by their employees whether in their offices over a private communications network, or from their homes or hotel rooms while on the road through normal telephone lines. Hence, security plays a crucial role in that. Now...

 3.0 INTRODUCTION The previous two units discussed about the fundamentals of information as well as network security issues which lead to different kinds of problem: attacks, theft of essential information and software vulnerabilities. In this unit, we shall learn about how to build a secure network. We shall also learn about the various parameters which must be considered for network security. There can be various security issues involved in small and medium sized businesses which require utmost attention for creating the secure network. Then we shall be covering different kind of tools available for network security, critical elements of network security like Firewall, password mechanisms, encryption, authentication & integrity etc. Lastly, we shall study about some secure network devices like secure modems. Let’s first study the basics of network and network security. 3.1 OBJECTIVES After going through this unit, you should be able to:· understand the scope of network securi...

 Social Engineering is the name given to a category of security attacks in which someone manipulates others into revealing information that can be used to steal data access to systems, access to cellular phones , money or even your own identity. The complexity of such attacks may vary from very low to high. Gaining access to information over the phone or over website that one may visit has added new dimensions to the field of social engineering. Social engineering is basically the acquisition of sensitive information or inappropriate access privileges by an outsider based upon the building of an  inappropriate trust relationship with the insiders. The “outsider” does not always refer to a person who is not an employee of the company or is stranger to you; an employee who tries to tamper the company policies is also a social engineer. The goal of social engineering is to trick someone into providing valuable information or access to that information or resource. The social engi...

 Each kind of virus has different goals and objectives as we saw in the case of the previous two. Like a virus, a Trojan horse is a hidden piece of code. Viruses enter in a system secretly where Trojan horse enter by deceiving a user. A user allows or invites a Trojan into the system, believing in it, but actually Trojan horse contain some malicious code to perform some malicious activity. Before a Trojan can attack, it must find a way to entice the victim to copy, download and run it. Since few people would knowingly run a malicious program, Trojan must disguise themselves as other programs that the victim believes to be harmless (such as games, utilities or popular applications). This is not all, besides disguising themselves as harmless programs, Trojan horses can also disguise themselves into a legitimate program, such as Adobe Photoshop or Microsoft Excel. To do this, malicious hackers have created special wrapper or binder programs with names such as Saran Wrap, silk rope whi...

 A worm shares many characteristics with a virus. The most important characteristic is that worm is self replicating too. Worms seek to infect and replicate without targeting and infecting specific files already present on a computer. . The two most common ways a worm can spread are through email and security flaws in computers connected to a network or the Internet. If a virus infects a legitimate file, the virus code can be cleaned out and removed. But this is not the case with worms. Worms generally create and occupy the files that contain their code without using or involving any real data or binary files, the normal cleanup technique for worms is to delete all infected emails or messages that provide their containers. Worms which use email to spread are known as massmailing worms and are typically written in a variant of the Visual Basic programming language. They usually exploit the Microsoft Outlook or Outlook Express emailing programs on Windows. Typically, the worm checks ...

 A virus is a malware that, when executed tries to replicate itself into other executable code. When it succeeds, the code is said to be infected. The infected code when run can infect new code in turn. The virus are self replicating and parasitic. It replicates by being copied or initiating its copying to other program, computer boot sector or document. Viruses can be transmitted as attachments to an email note, downloaded file or be present on a diskette or CD. Some viruses start their effects as soon as their code is executed; other viruses lie dormant unless circumstances cause their code to be executed by the computer. Generally speaking, viruses hide within computer files rather than sitting out in open, in some obvious, visible and separate form. But viruses must be run in order to allow them to proceed with their destruction work. Until this happens they cannot do any harm. This explains why the most effective technique for fending off viruses is to inspect all files and me...

 To understand how a malware infects a system, we go back to the elementary working of a computer. On booting, the system carries out the ROM (Read Only Memory) instructions, the first being the power on Self Test which is followed by the bootstrap process of reading the boot record and loading of the disk operating system. The booting process culminates into the system prompt displayed on the monitor. The infection may begin as soon as a computer system boots from a contaminated disk or executes an infected program. Whatever malwares are present gets activated, which immediately begin to spread throughout the system. Another important aspect that needs mention here is the interrupt mechanism. All input/output activities on a PC are carried out by interrupts. We will try to understand the concept of interrupt with an example. Let us say, a user wishes to save his program and presses on the key board. This is treated as an interrupt. The main memory has specific routines to handle t...

 2.0 INTRODUCTION Software vulnerability is defined as we have studied in the previous unit, Virus is a common term understood as software vulnerability by average people. It is a problem that is potentially so dangerous that it threatens the proper functioning of the computer system in today's information age. In this unit you will learn about the unwanted software that is deliberately bad in intent which is “wrote for fun” or “for curiosity” or simply to challenge to create the most destructive software ever built. This software is popularly known as “malware” which is an acronym for malicious software. Malware does nothing useful but rather more harmful. In this unit we will study several types of malware each of which has different goals and propagates differently. 2.1 OBJECTIVES At the end of this unit you should be able to: · understand and define computer viruses and its evolution; · understand the process of malware infection; · knew different software vulnerabilities; · id...

 Before making security policies for a system, first you should analyse how the data is important for you. After knowing the values of your data, you need to develop a set of policies to prevent it. These types of policies are called security policies and may apply to users, department and an organization. The policies are categorized in three different areas listed below: · User Policies · IT Policies · General Policies User Policies Under these policies they cover issues related to the users. They define term related to users, what can users do with data or network. It has defined some terms which limit the users to keep the network secure such as access permission, restriction on programs etc. some policies are: Password Policies: This policy is used to prevent an unauthorized access on user account. It defines procedure for users must change their password often, complexity rule and other items. Internet Usage: Use of internet, mail, program with password or unencrypted data se...

Encryption ensures the confidentiality requirements of a system. Sensitive Information must travel over the public channels (such as the Internet) can be defended by the encryption, or secret codes. Information security relies heavily on encryption. The goal of encryption is to make it impossible for a hacker who obtains a cipher text(encrypted information) as it passes on the network to recover the original message. Encryption is the mutation of information in any form (text, video, and graphics) into a form readable only with the decryption key. A key is a very large number, usually a string of zeroes and ones. There are two main kinds of encryption known today: symmetric encryption and asymmetric encryption systems: 1.6.1 Symmetric Key Encryption Systems Symmetric encryption systems, also known as secret or private key encryption systems/conventional encryption/single key encryption were the only type of encryption in use prior to the development of asymmetric key encryption systems...

 The measures for data protection taken by an organization reflect its awareness and attitude towards information and Information Technology. The management should consider information as an important resource and shared get involved in securing essential information of the organization. One of the best and first steps in ensuring data security is to create awareness and develop a culture within the organization towards the ways in which information can be lost or altered and what would be the consequences, of such an occurrence, to the organisation and individuals. All other steps which can be taken are: · Information Technology (IT) planning: The organization must decide on a policy for introduction of IT. This must be done at the highest level and should address issues such as level of protection for various aspects of information relating to the organization. · Selection of technology, keeping in mind obsolesces due to new innovations and necessity for keeping in step. · Identi...

Under information security policies, they cover up all issues related to the software hacking. Practically, an organization must be ready to handle different types of attacks on the security of an organization. In this section we discuss the four types of threats for breaching the security of an organization. · Physical Security Threats · Network Security Threats · Software Security Threats · Password Security Threats 1.4.1 Physical Security Threats Physical security basically describes measures to prevent from attackers for accessing a resource, or information stored on physical media. It also provides guidance to the attackers how to design structures to protect various unfriendly acts. Physical security in an organization is not a trivial task as it might seems to be on the first sight. It might include a closedcircuit television to monitor an intruder’s entry and also to monitor to daytoday functioning of the internal workers so that they might also not be able to tamper with the s...