Network Security Attack Methodologies - Essay Example

Network Security Attack Methodologies Grade (December 11, Network Security Attack Methodologies Abstract The current computer network security systems are faced by numerous attacks, thus creating the need for robust means of protecting the systems against the threats and potential attacks. Traditionally, the attack on network security systems was purely a matter of fun, where the computer systems attackers and hackers were doing it for the fun of enjoying their prowess in managing to tamper and penetrate through established network security systems. However, the modern objective for computer systems and network security attacks has changed from that of fun into a business objective. Thus, the security system attackers and hackers are now using the information obtained after penetrating through the security systems to attack the target individuals or organizations and defraud them. Without full understanding of the nature of threats to the network security systems and the methods of attacks applied, it would not be possible to establish a strong security mechanism that will effectively protect the network systems and their associated data from attack. The understanding of the Network Security Attack Methodologies is therefore pertinent to the establishment of the most effective defense mechanisms and capabilities. Introduction The modern computer and network security systems are faced by diverse threats, owing to the fact that there has been a general growth in the internet accessibility and use, as well as the overall growth in the number of targets comprising of both individual and organizational computer and network security systems [1]. The attack capabilities has also increased, due to the development of more advanced hacking and attack tools, following the increased knowledge and skills of computer operation and usage that have come with the advanced technology wave. Securing the network security systems against potential threats, both for the individuals and business organizations is a present effort that seeks to protect older systems already established, while also securing the newly acquired systems. While the protection of the network security systems against known threats could be easy, there is a need to ensure the continuity of proactive efforts to detect emerging new threats and understand their defense mechanisms [2]. The understanding of the network security attack methodologies require a broad focus on who is interested in attacking, what their motivation is and what capabilities they have to exploit the network security weaknesses [3]. The network security systems are far ahead of the available defense mechanisms, owing to the fact that the development of the defense mechanisms is reactionary [4]. Thus, the protection of the network security systems ca only be done against the threats that have already been identified. Therefore, understanding the exploit mechanisms applied by the security system attackers can enable the development of active measures that will not only protect against the known threats, but also the foreseen and predicted attacks [5]. The computer and network security can be attacked through a thousand of methodologies, but which can be classified into a few limited categories. Thus, this discussion seeks to analyze the network security attack methodologies, with a view to recommending the proactive measures that can be undertaken to protect against these security breach mechanism. Network Attack Methodologies Physical attack Physical attack is a network attack methodology that occurs through the unauthorized access of the computer and network security systems of an individual or organization by individuals with a malicious intent [6]. Physical attack methodology is applied by individuals who have direct access to the network security systems of the target, for example organizational employees, who can then easily access the network security systems of the organization and gain the desired information [7]. The attack technique applied under the physical attack methodology is information theft, where the unauthorized access of the network security systems results in the attackers stealing important information either regarding the system or other important data that they can eventually use to their advantage [8]. The information stolen can then be used to try to connect to the network security system from outside the organization, with the intention of accessing and using the data available in the network security system for different gains. Fingerprinting Reconnaissance/surveillance Fingerprinting surveillance is a network attack methodology that is applied by computer pirates and hackers to monitor the key addressing information of a security network system of the target individual or organization [9]. Before any attack can be launched on an individual’s or organization’s network security system, the first step must be to always obtain the network’s addressing information, also known as the network fingerprinting [10]. Thus, the fingerprinting surveillance as a network attack methodology entails gathering as much information as possible regarding the target network infrastructure and then retrieving the information for possible use against the system [11]. The notable information that the computer and network security hackers gather under the fingerprinting surveillance include the IP addresses of the computers of the target individual or the organization, as the blueprint for specification of the exact location where the attack is to be launched [12]. Additionally, the pirates and hackers also gather information related to the domain name and network protocols of the target computers, since such information is key not only for enabling attack on the target computers, but also for obtaining the pathways and channels through which the attack can be launched [13]. Finally, information regarding the server architecture and the activated services of the target computers form the other relevant information that is surveyed and retrieved by the computer hackers and pirates [11]. The information related to the server architecture and also the activated services of the target individual or the organization enables the hackers and the pirates to know the extent of gains that can be possibly reaped from the attack, such as the financial gains through defrauding the activated financial services of the target [14]. The greatest danger posed by the fingerprinting methodology of network security attack is the fact that obtaining the IP addresses or the domain name of one computer by the pirates or attackers is capable of leading them to obtain the addressing information of the entire network [15]. The fingerprinting information is crucial to a network security system, and its breach makes it possible for the pirates and hackers to compute the range of the IP address of the entire organization computer network systems, and manage to break the information into the possible sub-networks [16]. Software programming weakness exploitation The exploitation of the weaknesses in the programming software is yet another network security attack methodology that is applied by the computer network security hackers and pirates [17]. There are some software that are programmed with inherent security weaknesses, either by the software manufacturers or by the customized organizational or individual software programmers. Such inherent weaknesses offer the computer network pirates and hackers an opportunity to gain access to the other vital installations of the individual or organizational computer networking systems [18]. A single software with inherent weaknesses, which might arise out of the software being outdated or created with some minor problems poses a great risk for the computer network system, since the pirates and hackers possess the technological knowledge and IT savvy skills in programming or decoding the software program languages, which can then allow them to collect other information related to the computer in which the software with the weaknesses is installed [16]. Thus, it is paramount that an individual or organization is fully certain of the authenticity and appropriateness of the software programs that are installed in the networked computer systems, since software with some weaknesses pose the treat of the security system being hacked into. Denial of service Denial of service is a network security attack methodology that is applied by computer systems hackers and pirates, which disrupts the programs or software of the target individual or organization, causing them to stop functioning [19]. This attack methodology can also be applied by attacking some of the programming of the organization, such that it prevents the organization from using the service through network service disruption. The denial of service is achieved through the introduction of disruptive datagrams that have been carefully crafted to be able to disrupt and cause the network connections to fail or get terminated. Additionally, the introduction of malicious application commands can be introduced into the network programming, thus causing the network connection program to become extremely busy or to stop functioning altogether. This results in the whole system failing to work, and thus denying the target individual or the organization essential services. Thus, the prevention of suspicious network flows into an individual’s or organization’s system is an important strategy for addressing the denial of service threat, since the disruptive and the malicious datagrams are introduced through the network flows or malicious program installations [20]. Spoofing and eavesdropping The spoofing and eavesdropping network attack methodology comprises of the computer system hackers and pirates configuring and then installing programs that either mimic or copy the information flow into the computer network security system [9]. Once the data has been mimicked or copied, it can then be easily retrieved by the hackers, and used to access the other important information related to the network security system. This threat is most especially targeted at computer network security systems with activated broadcast network technologies that allow for multiple sharing of files and documents [8]. The attackers and hackers take advantage of the broadcast technologies to trace the source computer as well as the recipient computers, through mimicking or copying their important security information such as IP address and passwords [13]. This information can eventually be applied to attack both the source and the recipient computers. Recommendations The most plausible defense mechanisms against the physical attack methodology is strict control and specification of who can access and use the personal or the organizational security systems. This way, it will be possible to ensure that those who can access and use the network security system are the intended users, thus minimizing the risks of physical access and tampering with the security systems or their associated data. Secondly, fingerprinting surveillance is the initial network security methodology that is applied by the pirates and hackers. Therefore, guarding the fingerprinting information such as the domain names and the IP addresses of the individual or organizational computer networks is a crucial defense mechanism against this method of attack [1]. To overcome the threat of exploitation of the weaknesses in software programming, it is important to update and advance the versions of the software programs installed into the most updated versions [1]. This is because; most of the computer vendors and manufactures are unable to guarantee the security of the outdated versions of the software [2]. The effort to counter the threat of denial of service attack requires declining all program and software installation and update requests that are not generated and initiated from within the normal and routine program installation or updating schedule of the organization [6]. This will hinder malicious programs from installing into the organization’s computer security network. The threat of spoofing and eavesdropping can be overcome through ensuring to avoid activating any broadcast technologies on the individual or organizational computers [4]. The use of IP firewall security system as well as the use of data encryption for all the data communicated and transmitted from one computer to the other is also an effective defense mechanism against the attack on the computer network security system caused by spoofing and eavesdropping [5]. Bibliography [1] W. Cheswick. S. Bellovin et al. Firewalls and Internet security: Repelling the wily hacker. Boston: Addison-Wesley, 2007. [2] V. Sugumaran. Intelligent information technologies: Concepts, methodologies, tools, and applications. Hershey, PA: Information Science Reference, 2008. [3] O. Kirch. Linux network administrators guide. Sebastopol, Calif: OReilly, 1995. [4] T. Bautts, D. Tony, et. al. Linux network administrators guide: [infrastructure, service, and security]. Beijing: OReilly, 2005. [5] B. Cunningham. Network security evaluation using the NSA IEM. Rockland, Mass: Syngress Pub 2005. [6] C. Bryton. Cracking DES: Secrets of encryption research, wiretap politics & chip design. Sebastopol, Calif: OReilly, 1998. [7] R. Stevens. TCP/IP illustrated: 1. Reading, Mass. [u.a.: Addison-Wesley, 1994. [8] W. Schmidt. Diophantine Approximation. Berlin, Heidelberg [usw.: Springer, 1980. [9] M. Rash. Linux firewalls. San Francisco: No Starch Press, 2007. [10] S. Garfinkel and G. Spafford. Web security, privacy and commerce. Cambridge, Mass: OReilly, 2002. [11] G. McGraw. Software security: Building security in. Upper Saddle River, NJ: Addison-Wesley, 2006. 72-75. [12] C. McNab. Network security assessment. Beijing: OReilly Media, Inc, 2008. 46-49. [13] A. Sloan. Network Troubleshooting Tools. Sebastopol: OReilly Media, Inc, 2009. 46-58. [14] Guttman, Barbara and Roback, Edward. An introduction to computer security: The NIST handbook. Washington: US Govern. Printing Office, 1995. 65-67. [15] Linux Document Project. Linux Network Administrators Guide: Methods of Attack, 2014. Web. December 13, 2014. < http://www.tldp.org/LDP/nag2/x-082-2-firewall.attacks.html> [16] D. Harley, R. Slade et al. Viruses revealed. Berkeley, Calif: Osborne/McGraw-Hill, 2001. 24-23. [17] Information Resources Management Association. Wireless technologies: Concepts, methodologies, tools and applications. Hershey, PA: Information Science Reference, 2012. 210-239. [18] G. Hoglund and G. Mcgraw. Exploiting Software: How to Break Code. Pearson Education, 2004. 33-34. [19] H. Nemati. Information security and ethics: Concepts, methodologies, tools and applications. Hershey PA: Information Science Reference, 2008. [20] D. Nagamalai. Advances in Network Security and Applications: 4th International Conference, Cnsa 2011, Chennai, India, July 15-17, 2011, Proceedings. New York: Springer-Verlag Inc, 2011. 16-17. Read More