3.3 THREATS TO NETWORK SECURITY

 There are various threats identified for network security. Let us discuss few of them in brief:

Viruses: Computer programs written by devious programmers and designed to replicate themselves and infect computers when triggered by a specific event. Viruses reproduce themselves by attaching themselves to other files that the user does not realize are infected. Viruses spread today mainly through Email attachments. The attachment may be a file that is a legitimate file but the virus may be attached as a macro program in the file. An example is a Microsoft word file. These files can contain macro programs which can be run by Microsoft Word. A virus may infect these files as a macro and when they get on the next user's computer, they can infect other files. These virus programs normally take advantage of a security vulnerability of the running application. Viruses can directly affect executable files or Dynamic

Link Library (DLL) files that the operating systems and applications use to run. Usually the virus will spread before it will do anything that may alert the user of its presence.

Unauthorized Access

“Unauthorized access'” is a very highlevel term that can refer to a number of different sorts of attacks. The goal of these attacks is to access some resource that your machine should not provide the attacker.

Trojan Horse Programs

Trojan horse software is the software that appears to have some useful function, but some hidden purpose awaits inside. This purpose may be to send sensitive information from inside your organization to the author of the software.

To prevent Trojan horse programs from infiltrating your organization is to implement the countermeasures. Allowing only approved software with proper testing to be run in the organization will minimize the threat of these programs. The organizational security policy can help ensure that all members of the organization operate in compliance with this countermeasure.

Data interception: It involves eavesdropping on communications or altering data packets being transmitted.

Social engineering: Social engineering is concerned with obtaining confidential network security information through no technical means, such as posing as a technical support person and asking for people's passwords.

DoS (DenialofService) Attacks

DoS (DenialofService) attacks are probably the nastiest, and most difficult to address. These are the nastiest, because they're very easy to launch, difficult (sometimes impossible) to track, and it isn't easy to refuse the requests of the attacker, without also refusing legitimate requests for service. The premise of a DoS attack is simple: send more requests to the machine than it can handle.


Comments

Post a Comment

Popular posts from this blog

3.8 SECURE NETWORK DEVICES

 In this unit, we have already learnt that the firewall is only one entry point to your network. Modems, if you allow them to answer incoming calls, can provide an easy means for an attacker to sneak around, your front door (or, firewall). Just as castlesweren't built with moats only in the front, your network needs to be protected at all of its entry points. Secure Modems, DialBack Systems If modem access is to be provided, this should be guarded carefully. The terminal server, or network device that provides dialup access to your network needs to be actively administered, and its logs need to be examined for strange behavior. Its passwords need to be strong not ones that can be guessed. Accounts that aren't actively used should be disabled. In short, it's the easiest way to get into your network from remote: guard it carefully. There are some remote access systems which have the feature of a twopart procedure to establish a connection. The first part is the remote user di...
Read more

3.5 SECURITY ISSUES FOR SMALL AND MEDIUM SIZED BUSINESSES

 Small and medium sized businesses use the Internet and networked applications to reach new customers and serve their existing ones more effectively. At the same time, new security threats and legislation puts increased pressure on business networks to be reliable and secure. Business Challenges According to recent studies, security is the biggest challenge facing small and mediumsized businesses. Everchanging security threats from both inside and outside the business network can wreak havoc on business operations, affecting profitability and customer satisfaction. Small and mediumsized businesses must also comply with new regulations and laws created to protect consumer privacy and secure electronic information. Security issues for small and medium – sized businesses are classified into 5 basic categories: Worms and Viruses As per research, Computer worms and viruses remain the most common security threat, with 75 percent of small and medium businesses affected by it.. Worms and v...
Read more

3.4 TOPOLOGIES

Image
 In computer networking, topology refers to the layout of connected devices. You can think of a topology as a structure of a network. This shape does not necessarily correspond to the actual physical layout of the devices on the network. Network Topology is the study of the arrangement or mapping of the elements (links, nodes, etc.) of a network interconnection between the nodes. It also determines the strategy for physically expanding the network, in future Topologies can be physical or logical. Physical Topology means the physical design of a network including the devices, location and cable installation. Logical Topology refers to the fact that how data actually transfers in a network as opposed to its design. Following are the considerations for choosing a Topology: · Costing: Some kind of topology may be less expensive compared to others in terms of installation (for example Bus topology). · Length of cable: It is needed to connect machines in a network. · Network scalability:...
Read more