The Driving Need For Network Security
We Write Essays for Students
Tell us about your assignment and we will find the best writer for your paper
Get Help Now!Contents
Introduction. 1
Network Threats. 2
Security vulnerabilities. 4
The commands that reveal the information of the user. 6
Asynchronous transfer mode. 6
Internet security technology. 7
IP Protocol IPv6 security issues. 7
Assessing the Web Security tools. 8
Network security Current Developments. 9
Software developments. 10
Conclusion. 10
Introduction
Technology and especially in the network security arena has undergone several changes in recent times. The new operating systems, Software as-a- service and personal devices have made network security a great challenge. However, improvements in network infrastructure such as the connection of devices across and within the network enables the developments to be a reality. Threats to network security keeps on changing as new attacks emerge. There is therefore an urgent need to curb these threats. The attacks may appear in various forms such as user, hostile or ill educated. The Operating System (OS) could be attacked due to known and updated vulnerability or one which is unknown. The Linux platform and Apple Macintosh have been regarded as free from virus and therefore thought to be safe. The Android platform on the other hand is downloaded with several apps. It is necessary for individuals to have the knowledge of the need for network security and make use of it to avoid damages.
Network security is made available to help in protecting the network for the user. This activity involves protecting the data integrity, reliability, network and usability safety. There is a great need for people using the internet to make sure that the network is protected. This is due to the many network threats which are widely spread on the internet. The most common threats on the web include viruses, worms, hour attacks, Trojan horse, adware, identity theft, spyware, and hacker attacks, among others. The aim of network security is to prevent there threats from getting entry and spreading through the network (Bishop, 2003:67).
It is however necessary to note that users need several securities such that if any of the securities fail, the ones remaining can offer protection. These securities become complete when in hardware and in software. The latter is supposed to be managed updated for it to function well in offer protection from emerging threats. There are various components on network security that work in unison (Bishop, 2003:69). This lowers maintenance and improves the level of security.
IPv6 is a new protocol that has replaced the IPv4. This new protocol is a replacement meant to make the IP addresses to be available. However, there are certain important changes that require to be considered in the security policy some of which will be mentioned in this paper. This paper aims at assessing the various types of network threats that exist today, the Operating system and internet vulnerabilities, the potential attacks and countermeasures and the current development in the hardware and software network security.
Network Threats
Denial of Service (DoS)
DoS are attacks thought to be very difficult to deal with. They are launched very easily and therefore are difficult to track. The user is not able to refuse the request of the attacker not unless she/he does not agree to the service request. The premise of attack is very easy as several requests are sent which the machine is able to handle. The attacker’s program connects on service port to forge information in the packet header. If for instance the attacker sends sixty requests per second while the thirty are answered by host, it (host) will be unable to work on each and every request from attacker (Cleveland, 2006:1082).
Trojan horses
These are programs which have a hidden code. They are just like normal programs. When the user is working on a normal program, the hidden code also runs. This may then delete files which may destroy the computer. Most of these are spread through attachments in e-mail. For example Melissa, a virus which was able to lead to service denial in the entire world in 1999.
Viruses
Viruses occur when the attacker defines a code (Virus) or comes up with it. The attacker then makes use of hacking technique and could break into a system targeting to plant the code. The virus have been a great threat in the environment they are exposed into. They occur in various forms and usually take time as they destroy the system. Most of the viruses are spread by emails and also through disks (Bishop, 2003:68).
Worms
Worms are certain programs that travel from one system to another independently across the network connections. They contain several parts that run on a couple of computers. One unique thing about them is that they do not change any programs. However, they could contain some codes that may change programs.
Cracking of password
This is a method attackers employ to access systems making use of other user’s account. This happens because several users make use of passwords that are very weak. For instance, women will use the names of their husbands or children. They attackers could also guess words with the use of a dictionary (Sun et al, 2005:14).
E-mail hacking
Electronic mail can be regarded as a common feature in the internet. If an individual has internet access, she/he is in a position to connect in the globe freely. Threats related to email are;
Impersonation where the address of person sending email is untrusted as sender could have a false address to return email with. The user could be in apposition to modify the on transit header. On the other hand, the sender is likely to connect directly to SMPT with the aim if targeting the computer for the email to enter.
Packet replay, where retransmission or recording of information in the packets is done using network. This threat involves programs that require authentication sequence. This is so because an intruder could replay a message authentication in a sequence to have access to system. The packet replay is not undetached easily. It could be prevented through the use of time stamping or sequence counting(Bishop, 2003:68).
Packet modification is where a system modifies or intercepts a packet that is destined in a separate system. Information may also be damaged.
Eavesdropping is done when the headers or even e-mail contents are sent when not using the encryption. The contents are sent in a clear text. The contents in the message could be read while in transit and sometimes even altered. The header is in such a way as to hide or change the sender. The email could even be redirected.
Security vulnerabilities
Attackers employ a number of methods to utilize the vulnerabilities while achieving their goal. Vulnerabilities can be termed as loopholes or weak points in security that the attackers always exhaust to access networks and resource. Notable weak points include;
Password
This continues to be contentious until when the users decide to make a point of choosing one. The issue is about memorizing correct password from the several from which the designated user is to be familiar with. As a result users decide on a common password that can be easily remembered when in need. The users tend to rely on the birth dates, names of close relatives and the date when they married can also be used. This can be vulnerability because individuals are given opportunities to guess accounts password and use them(Bishop, 2003:68).
Protocol designs
The communication protocols are also examples of weak points. The TCP/IP is full of weak points that give access to spoofing of IP address and this in turn attacks TCP connection. The attackers tend to make use of this example in order to obtain relevant information that can grant them access to these vital systems (Cleveland, 2006:1082).
Telnet protocol
In most cases this is used to administer respective systems that always operate UNIX and MS Windows 2000. When the user is utilizing this telnet client to enable a connection from a UNIX system to Microsoft or vice versa, passwords as well as the usernames are always transmitted.
File Transfer Protocol. (FTP). When user’s wants information retrieved or sent from location assumed to be secure, then the passwords and usernames are transmitted as clear text that resembles the Telnet protocol system (Bishop, 2003:68).
The commands that reveal the information of the user
It is possible to get the interoperability of UNIX versions and the Microsoft products. The commands that tend to reveal this system & command information is considered big threat since the cracker could use the information to break onto the system making it vulnerable (Bishop, 2003:68). Examples of ways that are used include, the finger client within Windows 2000 & MS Windows NT that can always be used in connection of a finger daemon operating on a computer that uses systems based on UNIX. This will show the intended information about the user. The information concerning the user logged in is displayed within the system as finger program is operating without arguments. Another one that is common is Rexec. This utility is provided just like a client on Windows 2000 & MS Window NT. Client utility gives way to the UNIX system remote execution that operates while using the rexec service. User always sends a message which specifies relevant password as well as the username and the command name executed. The program is vulnerable to abuse because it might to probe systems that have names with valid accounts (Bishop, 2003:68).
Asynchronous transfer mode
Commonly abbreviated as ATM, asynchronous transfer mode is mostly compromised by “manhole manipulation.” ATM is a situation where the user is free to directly access connections plus network cables to park garages underground and in elevator shifts. In addition, the Frame relay also resembles the ATM.
Device administration. The routes plus the switches can be easily managed by the use of command line / HTTP interface. As long as the passwords become weak, this system allows the users with inadequate technical knowledge access to the device.
Modems have nowadays become very common to desktop and laptop users. Unauthorized modems have become a great concern when it comes to security issues. The danger zone in this case is that modems can be used by passing firewall which provides safety to intruders. If attackers make use of war dialer, to access phone number for the modem, and the password cracker for breaking weak passwords, it is very easy to have access on the system. Whenever the hacker has access to one computer, s/he can access others too (Bishop, 2003:68).).
Internet security technology
Cryptographic systems are essential tools in security engineering. They make use of ciphers and codes to transform unintelligible data to information (Zheng, & Jamalipour, 2009: 1). Firewall is a border control mechanism used to block outside or inside traffic or any unauthorized access from private network.
IDS (Intrusion detection system) helps to ward off intrusions in a computer. They help monitor connections to determine whether there are attacks being launched.
Antimalware scanners and software are involved in detecting malicious software such as worms and viruses.
Secure Socket Layer is a protocol used to achieve security among a website and web browser.
IP Protocol IPv6 security issues
IPv6 is more advanced than IPv4 in security though it is also vulnerable to attacks. It does not protect against servers that are misconfigured, poorly designed or not protected. This is due to mobility issues, flooding issues and issues with header manipulation. Spoofing is a security threat common in IPv6 protocol. Port scanning is an attack that occurs when the entire network section is scanned to get potential targets in the open services. Mobility is one feature that has been incorporated to the IPv6. This requires special measures of security(Bishop, 2003:69).
Assessing the Web Security tools
Security related Websites and Newsgroup. The malicious users never devise the exploits alone. They get the codes plus techniques from the websites and also newsgroup. Once they obtain the exploits, the user is able to use the network very safely.
Software patches User is supposed to see to it that the system is always updated especially on the side of software patches. These ensures the problem is fixed that may have been discovered long time before the patch is released. Users are supposed to frequent software vendors for updates.
TCP/IP Understanding The protocols are important for protecting networks. Several exploits make use of features that are not known of these protocols.
Private IP Addressing. Several years ago, the internet had a method of numbering the unnecessary networks to be reached via internet. Some of the address blocks maybe allocated to networks that use big portions of the system. It is not of great need for the machine to make use of internet. All IP addresses are to some extent private(Bishop, 2003:68).
Backups, Signature and Disaster Recovery. The Checksums plus Digital signatures in systems of critical configuration provide mechanisms used to detect the unauthorized changes in computer system. They identify the modified files. This makes it possible for the user to detect when there is a problem and is in a position to identify the altered files by intruders. (Ericsson, 2010:1508).
Network security Current Developments
Hardware developments
Previous research shows that biometrics are used for secure logins within different workstations that is connected to a network, it tends to protect the individual user since each workstation requires a specific software for the biometric identification as well as for the individual user. Despite the several advancement in system security there have challenges facing the implementation of the latest development trends. For example, the cost of installation of each biometric device on hardware as well their respective software’s tend to be costly especially on companies operating on low budgets. Once the biometric is installed, it will replace the current password system that have been proved to be vulnerable and hence whether expensive to set they save on maintenance and administration (Sendonaris, 2003:1930).
In addition, the use of smart cards too is also considered effective in enhancing system security and it is designed in such a way that all the encryption keys and alternative information relied on by the user for authentication and other identification purposes. The use of a smart card on a system software is a security system that is non vulnerable due to the fact that it provides undeniable proof of an individual user identity. The cards are also considered very safe since even when stolen they possess an authentication pin that is comparable to the ATM and as result will not grant access to the other user. This PIN is important since without the card it is useless and the smart card without the PIN is also considered useless.
Software developments
The important aspects of software security such as firewalls, vpn, and intrusion detection, among others are involved in the software developments. Despite this several challenges have impacted the development and as a result when new viruses emerge all that can be done at the time is to upgrade the existing antivirus to guard against the expected threats. As the security hardware is believed to transitions to biometrics through this software there is also need for relevant interface to enable its use, consequently current research is being undertaken on security software with the use of neural networks. The objective of this research is to employ the use neural networks for the facial recognition software system (Bishop, 2003:68).
Future trends
Future trends are tested to enhance security of system for individual users such as enhancing further developments on biometrics use on system hardware. In addition, many small and complex devices can be connected to the internet at the same time. Several current security algorithms are computational in that it is intensive and so far this requires substantial processing power which is costly (Zheng, & Jamalipour, 2009: 1). The power needed is a limitation since it is not available in small devices like the sensors. As a result there is a need for designing light‐weight security algorithms which a research in progress.
Conclusion
The network securities are very dynamic. They change in almost every day. To avoid being left behind, users need to have solutions and make use of them. Network security is aimed at protecting the network of the user. Network security covers and protects the usability safety, data and network integrity, and reliability, among other things. Several threats in network security have been highlighted which include the Trojan horses, denial of service, and worms.
The field of network security is very essential as it is gaining attention rapidly with the expansion of the internet. The threats in network security were well analyzed with the aim of determining the best security technology. This security technology is very much contained in the software, though it is still found in the hardware part. The development of network security is currently not very much appealing. Initially, it was thought that both the software and hardware parts would be researched actively. It however came as a surprise that the developments were allowed to proceed in the current technology. The security of the internet protocol IPv6 could offer several benefits to the user. Even though it has several issues, it is avoids most of the attacks. The combination of IPv6 with security tools like firewalls, authentication mechanisms and intrusion detection would be an effective way to guard the intellectual property for the future.
It is therefore necessary for users to come up with counter measures that are able to curb this issue. The users should also be able to fully use these counter measures for effective security network. The field of network security should also evolve at a fast rate to be in a position to deal with the threats in the near future.
Reference List
Bishop, M. 2003. What is computer security? Security & Privacy, IEEE, 1, 67-69.
Cleveland, F. IEC TC57 Security Standards for the Power System’s Information Infrastructure-Beyond Simple Encryption. Transmission and Distribution Conference and Exhibition, 2005/2006 IEEE PES, 2006. IEEE, 1079-1087.
Ericsson, G. N. 2010. Cyber security and power system communication—essential parts of a smart grid infrastructure. Power Delivery, IEEE Transactions on, 25, 1501-1507.
Sendonaris, A., Erkip, E. & Aazhang, B. 2003. User cooperation diversity. Part I. System description. Communications, IEEE Transactions on, 51, 1927-1938.
Sun, G., Chen, J., Guo, W. & Liu, K. R. 2005. Signal processing techniques in network-aided positioning: a survey of state-of-the-art positioning designs. Signal Processing Magazine, IEEE, 22, 12-23.
Zheng, J. & Jamalipour, A. 2009. Wireless sensor networks: a networking perspective, Wiley. com.
PLACE THIS ORDER OR A SIMILAR ORDER WITH GRADE VALLEY TODAY AND GET AN AMAZING DISCOUNT
The post The Driving Need For Network Security appeared first on Grade Ninjas.
Welcome to originalessaywriters.com, our friendly and experienced essay writers are available 24/7 to complete all your assignments. We offer high-quality academic essays written from scratch to guarantee top grades to all students. All our papers are 100% plagiarism-free and come with a plagiarism report, upon request
Tell Us “Write My Essay for Me” and Relax! You will get an original essay well before your submission deadline.
