Network Security Utilities - Report Example

Network Security Part Today, the computer networking systems are highly vulnerable and prone to the hackers, viruses and other cyber dacoits. Therefore the network security systems have to be sound dependable and free from risks (Marcel Dekker, New York, 1997). This is only possible if the systems and service packs are continuously updated and different versions are enhanced. This dream of a foolproof secure network system can only be realized when the computer hardware is 100% compatible with the policy of security protocols. The following check list helps out the situation in an effective manner. As far as the computer hardware compatibility list (HCL) is concerned the peripherals must be compatible with the operating systems. The HCL may be centrally controlled and user driven. An official HCL should be available on the website of the operating system. The Linux operating system provides the best HCLs (http://www.linuxquestions.org/hcl). Microsoft windows provide the HCL access to average users also due to their market dominance (http://www.microsoft.com/whdc/hcl/) Service packs update However network security policies aim at the protection of network and related accessible resources from unauthorized users. The administrators ensure the continuous monitoring and effective implementation of the security measures. In order to have a checklist in mind for fool proof security stem in the networking an example of defense of a house from thieves can help. The network attached storage helps the interconnected PCs from hacking and viruses. In this way the attacks at entry level are prevented when the alerts go through the whole network. The computer host security network is not dependable as the hackers can have access and can purchase the hosts rather more easily. Version Enhancement The net work security checklist includes the authorization and authentication of the user, creation of firewall for filtering the allowed services to the user, provision of the intrusion prevention system, monitoring for suspected traffics, and denial of unauthorized service (Duane DeCapite, Cisco Press, and Sep. 8, 2006). Depending on the size of the users, software for Antivirus likes Norton or McAfee etc are used. The bigger businesses use the security analyzers in addition to firewalls. And physical security checks against viruses and security fencing. In the UNIX operating environment the script files are created by using screen capture commands. This means that the user is trying to capture the interaction between the text file and UNIX operating system. Such a text file is called a script file and it is then printed and turned in the system as a program assignment and then it is handed over to the instructor who will see that the program has been properly executed. In order to complete this assignment it is necessary that the following system of commands may be carefully followed and every step should be carefully taken (www.unix.com/shell-programming-scripting/16682-how-create-flat-files-using-unix-shell-script.html) Therefore, it can be said that internet security policy largely depends on the compatibility of the computer hardware with the peripheral’s ability to respond and accommodate the network security features. In the absence of hardware compatibility with the security policy, a PC can not remain safe and secure from damages. The services packs have to remain updated and upgraded all the times to respond the new security requirements. The versions have to be enhanced to remain alive and fully defensive to the attacks of virus, and hackers etc. the security policy’s most immediate and permanent requirement is eternal vigilance. Some online merchants are hesitant to ship to international addresses because of the reasons that there are always physical risks attached with the IT infrastructures due to fires and floods. There are threats to the data posed to the software, files, data basis, by the viruses, Trojan horses, software bugs, server crashes, credit and payment frauds, and malicious attacks by inside or outside of business and human error of deletion of data by unskilled employees. An e-commerce business organization might not want to report being the target of cyber criminals because of the reason that more and potential risks are involved in doing so. Only a very few organizations have systems in place to standards in vetting their staff from hacking and bugging. The exploitation by hackers is always open and more risky process. The cyber criminals are always extremely expert in the IT knowledge and practice. The can do more harm to the reporting organizations in software application designs, technical application of system operations and exploiting the published data by hacking in the reports on cyber crimes. An environment free of security breaches is the precondition for the successful growth of electronic commerce around the world. The security breaches have become a commonplace practice in the countries of Middle East and Eastern Europe. Integrity as a security feature of e-commerce refers to the soundness of the parties on both side of the trade, i.e. selling and buying. Non-repudiation means the fulfillment of the transaction by both the parties without going back from the terms and conditions already determined by the online legal process. Authenticity means the parties, the transactions, the goods and the addresses must be verifiable and physically existent to the best satisfaction of either party and if needed, the government guarantees can be solicited by either party (Jeremiah Jacks at work again, this time at PetCo.com http://www.securityfocus.com/news/7581) The confidentiality refers to the ability and feature of the parties to maintain all the classified information of the goods services and transactions undisclosed, unless allowed by the other party in express consent. Privacy as a security feature refers to the unpublicized way of transactions as far as the business deal is not completed between the parties. Availability refers to the in time responsiveness of the parities without unnecessary botheration to the other party as far as the business transaction is not completed. A privacy incident would mean that a party sells the information about other party in an unauthorized way, in order to earn underhand profits from a third party. Mostly in the African and Middle Eastern countries this practice has become common. And privacy has emerged as a main issue in the E-commerce. Major points of vulnerabilities in the online transaction occur at the shopping cart and online payment systems because of financial nature of transactions. The other point of vulnerability at the end user point by SQL injection (1- SQL injection and Oracle, Pete Finnegan http://www.securityfocus.com/infocus/1644), buffer overflows and price manipulation by the cyber criminals. The vulnerable points need to be carefully closed for a safer business. Spoof e-mails and spoof websites (fraudulent and junk) interrupt the business transactions, try to hack the data and steal the information for their own use. The spoofing so often distracts the parties from fulfilling their genuine business obligations. Mostly the novice businessmen get trapped in spoof e-mails. Public key cryptography works on the principle that another person can never decrypt a message encrypted with the public key of a recipient without the recipients processing with the private key. Digital signature means a message signed by a sender by his private key and is verifiable by a person who knows the senders public key. This practice is used to ensure authenticity (Duane DeCapite). While comparing the two it can be said that Firewalls create guard against hackers and viruses while proxy server supports the original server in data exchange of a business. Firewalls are like the security guards for the safer computer operations. Computer with anti-virus software protected from viruses are not fully protected from viruses until updated well and anti virus software’s are installed on PCs. Five steps in developing an e-commerce security plan are to set up website, storefront, get a merchant account, setting up SS security and promotion of site. McColo Cyber Crime USA is the organization involved in tracking and studying cyber criminal activity. This organization has mostly tracked the hacking practices in the Internet world. Three of the business consequences that can result from growth in information density are subtlety, complexity and vulnerability of data node density as a consequence. Packet switching works is the network communication process that splits data into chunks or packets. Four generic business strategies for achieving a profitable business are the cost differentiation, value proposition, revenue modeling and market opportunity. While concluding it can be said that Internet security refers to the protection of computer’s Internet accounts and files from unauthorized intrusion from an outsider. The basic security measures involve the selected passwords, backup of the data on computer and a change of the file systems (Marcel Decker). Cyber crimes have become very profitable and rampant in the IT environment of today. The IT professionals have to remain vigilant and updated on how to deal with the security issues of the internet. IT professionals are required to be very well conversant with the features of penetration testing, intrusion detection, and incidence response and legal/audit compliance. Therefore, successful E-commerce is not possible without internet security. Part 2 A- 1- ROT13 is a simple cipher substitution used in the process of online forums as an effective means of hiding the spoilers, punch-liners, puzzle solutions, and some harmful offensive materials from the process of casual glancing. ROT13 has so far been termed as a "Usenet equivalent of a magazine that is used for printing the answer to a quiz in the way of upside down 2--ROT13 has its own well versed inverse; that is used to undo ROT13 in its turn. We apply in the universities the same algorithm, so we use the same action for encoding and decoding. The algorithm always provides no real cryptographically secure network and should this never be used for such purposes. It is so often cited as an example of weak encryption. ROT13 has so far inspired a variety of letters and word games on-line, and is also frequently mentioned in newsgroup conversations in the universities. Therefore most students use it as E-mail IDs. B. SYMMETRIC ENCRYPTION 111-In computer science, hexadecimal is a numeral system available in UA709. It often uses sixteen various and distinct symbols, most often the symbols 0–9 would represent values zero to nine, and A, B, C, D, E, F (or a through f) to represent values from ten to fifteen. 1V-The primary use of UA709 is as a human friendly representation of binary coded values that is often used in digital electronics and in the courses of computer engineering. Because each hexadecimal digit would represent four binary digits therefore it is also termed as a nibble. Its obvious use is it is compact and easily translated shorthand to express values in the base of two. ROTATIONS V-Since Standard Code 39 barcodes would not allow for the bar-coding of the lower ASCII characters, therefore the extended Code 39 character set will be needed. The Extended Code fonts are not to be installed by the initial installation program. The Extended Code fonts would need to be copied from the Extended39 directory folder in a zip file. Then the symbol of "Extended Code 39" barcode and "Function Key Emulation Mode" on the SC5USB scanner would have to be enabled for the above purpose. V1- Hex key holder includes a larger block including penetrating channels of circular section for retaining a plurality of first hex keys, and a pivot for pivotally securing the smaller block between the larger blocks and the smaller arm. This invention can very well facilitate access to the second hex keys by tilting the smaller blocks. That’s why is is extremely useful. V11-Substitution ciphers may be well compared with the transposition ciphers. In the transposition cipher, the plaintext units are rearranged in such a different order that units themselves are left unchanged. In comparison, in a substitution cipher, the units of the plaintext would be retained in the same arrangement, but the units themselves would be altered. V111-While applying ROT13 to a piece of text would merely require examining its alphabetic characters and changing each one by the letter 13 places further along the line in the alphabetical order and wrapping back to the beginning if necessary. Sources 1- SQL injection and Oracle, Pete Finnegan http://www.securityfocus.com/infocus/1644 2.Jeremiah Jacks at work again, this time at PetCo.com http://www.securityfocus.com/news/7581 3--Marcel Decker, New York, 1997 Security of the Internet (The Froehlich/Kent Encyclopedia of Telecommunications vol. 15., pp. 231-255.) ISBN 5648974 4- -Duane DeCapite, Cisco Press, Sep. 8, 2006 Self-Defending Networks: The Next Generation of Network Security, ISBN 2334653 5--myweb.stedwards.edu/laurab/help/scripthelp.html – 6--www.unix.com/shell-programming-scripting/16682-how-create-flat-files-using-unix-shell-script.html 7--Marcel Dekker, New York, 1997 Security of the Internet (The Froehlich/Kent Encyclopedia of Telecommunications vol. 15., pp. 231-255.) ISBN 5648974 8--Duane DeCapite, Cisco Press, Sep. 8, 2006 Self-Defending Networks: The Next Generation of Network Security, ISBN 2334653 9--Charlie Kaufman | Radia Perlman | Mike Speciner, Prentice-Hall, 2002 Network Security: PRIVATE Communication in a PUBLIC World. ISBN 7865434. 10-http://www.microsoft.com/whdc/hcl 11--http://www.linuxquestions.org/hcl Read More