Modern Day Attacks against Firewalls and VPNs - Essay Example

Modern Day Attacks against Firewalls and VPNs Introduction In the present era, internet has become omnipresent, both commercial and government organizations are making widespread use of internet for various purposes. The widespread use of internet and continuous technological advancement has been coupled with increasing risks of security breaches. Notably, Virtual Private Networks (VPNs) refer to a network, which is created by using public connection such as internet. The uses of VPNs help companies to access internet at the time of travelling. It is also used by the individual internet operator to secure the wireless connection. VPN is an important technological advancement for remote workers as well as organizations to share the data in privately. The security issues surrounding VPNs are cracking of offline password, deficiency of account lock out, poor default formation and VPN thumbprint among others (Hills, 2005). In the similar context, firewalls are the security system used as secure the flow of information between the two networks. Firewalls places a bottleneck between the networks which ensures the privacy and confidentiality of the data shared between the two networks. There are two types of firewalls such as ‘packet filtering firewall’ and ‘stateful inspection firewall’. The common threats pertaining to firewalls include attacks from malicious codes such as virus, worms and information theft among others (Rao et al., 2011). This paper intends to explain the modern day attacks against firewalls and VPNs by explaining concepts of these two information technology tools. In the light of aforesaid description, the essay intends to explain and discuss modern day attacks against firewalls and VPNs. Definition Firewalls The technology of firewalls was first established in 1980 and since then it has undergone several modifications and alternations. Firewalls are integrated security system designed to secure network from unauthorized access. Firewalls are also useful for protecting the outside fire. Firewalls are also considered as a system of network security which controls flow of traffic over the network created by set of protocols (Brown University, n. d.). Firewalls as act as a ‘software solution’ and ‘hardware appliance’. Firewalls can also be defined as the security measures, which protect local system as well as network system from the potential threats. The two types of firewalls are packet filtering and stateful inspection firewall. A packet filtering firewalls allows the flow of packets that meets certain specific criteria. The rules of the filtering depend on the information, which are limited in a network packet such as ‘interface’, ‘IP protocol field’ and ‘IP address among others. The stateful inspection firewalls sets certain protocols for the flow of traffic. The stateful inspection firewalls filters the same packet information based on individual packet. The policy of firewall depends on the private networks as well as machines of an individual which are devised to protect network or the system from malware (Hayajneh et al., 2013). Virtual Private Network (VPNs) VPNs are a network which is used in public connection such as internet. The VPNs facilitates in remotely accessing the intranet of an organization securely. VPNs also considered as the environment of communication where access is measured to authorize the connection. There are various motivations to develop the VPN. The several types of VPNs are ‘WAN VPN’, ‘Access VPN’ and ‘Extranet VPN’. WAN VPN is used in branch offices only while Access VPN is used for roaming operators only. Conversely, Extranet VPN is predominately used for suppliers as well as customers. VPNs are more acceptable when there are more locations, distance is long and bandwidth is less. VPNs are less acceptable when there are few locations distance is short and bandwidth is more (Jain, n.d.). The various components of VPNs are ‘tunnel’, ‘endpoints’ and ‘session’. Tunnel provides a secure route for communication and it can contain of many sessions. Endpoints are the points at which VPN tunnel ends. Sessions are related to the communication of a specific. There are a number of services, which are provided by VPNs. These services are ‘peers authentication’ here endpoints confirm the identity of each other’s to build a VPN tunnel. ‘Data confidentiality’ service wherein endpoints use an effective way to prevent illegal observing of transferred packet. This service helps in keeping the data confidential.’ Another service is ‘data integrity’ here endpoints ratifies that packets received from the source are identical to the packets. Other service include, ‘data origin authentication’ here endpoints ratifies that received date are originated from the source endpoint. VPNs permit computer as well as Wi-Fi method to send or obtain data across public connection. The VPN connection of internet is also related to the wide area network (Wadhwa & Pal, 2013) Modern Day Attacks Against Firewalls and VPNs Modern firewalls are designed to protect networks from malware. Due to the flow of data over the network, it is easy to attack the system. The modern attacks on firewalls can take the shape of service attack, virus, information theft and interruption among others. “Blind IP spoofing”, “non-blind IP spoofing”, “source porting” and “source routing” are the potential attacks associated with packet filtering firewalls. With respect to the application firewalls, the attacks can be due to poor security policy, improperly implemented policies, and incorrect configuration of SOCKs. In addition, ‘Denial of service’ (DoS) and ‘access to target resource’ are few examples of modern attack on firewalls. Firewalls used for the incoming as well as outgoing traffic over the network (Kamara et al., n.d.). There are some measures through which these attacks can be prevented. Through apply antivirus virus related attack can be recovered. Firewalls are essential program which helps the organization to keep their networks as well as system secure and also helps home operator to secure their personal computers from several various attacks such as ‘hostile’, ‘break-ins’ and ‘malicious software’. Firewalls also control the movement of network traffic among the networks and the crowds who work various types of security policies. The attacks on firewalls can be mitigated by designing advanced network to provide the security in network border. To protect the several attacks firewalls should provide various services such as FTP, SSH, DNS and SMTP among others. Information theft is one of the attacks of firewalls ((Kamara et al., n.d; Computer Science, n. d.). To protect this type of attack, firewalls should keep the information confidential through by designing advanced network. Network intrusion and interference is another attack on firewalls and to mitigate these attacks, firewalls should use spyware. Spyware helps in sending the information regarding the operator through network without the knowledge of operation (NIST, 2014). There are various types of firewalls technologies which are used in network such as the application layer, transport layer, internet protocol and hardware among others. Basic firewalls use at one or few layer but modern as well as advanced firewalls are used at the entire layers. Previously threats are more dominant in minor layers of network traffic, but now threats are more common in application layer. Application layer can be considered as the highest layer to obtain and send data for application such as DNS (Domain Name System), HTTP (Hypertext Transfer Protocol) and SMTP (Simple Mail Transfer Protocol). Transport layer delivers connectionless services for the application of transport. In this layer, the protocols which are used are TCP (Transmission Control Protocol) and UDP (User Datagram Protocol). Internet protocol is used in across the network. Sometime the technologies of firewalls are combined with the other technologies also. Firewalls also involve in prevention of intrusion technology. Firewalls should apply these measures to prevent the various attacks so that it can use without any problem (Krzyzanowski, 2004; (Kamara et al., n.d). VPNs are known as virtual private network and this network is useful for public network such as internet. The operators of the computer have trust on VPNs to secure information confidentiality. There are some modern attacks against virtual private network such as cracking of offline password, absence of account lock out, poor default formation and VPN thumbprint. To prevent these attacks VPNs have to apply some measures. These attacks have negative impact on VPNs as well as public network. There are various VPNs, which are used in many purposes. Suppliers, customers as well as remote users can use VPNs for their benefit. Remote access VPNs focus on the internal network only. Most VPN members use thumb printed or finger printed IDs to secure the storage of data. It can also provide useful information to the attacker. Many clients of VPN program are suggested to store some or entire authentication permits, but some client should avoid setting and when it is easy for VPN to use it because security risk is relatively high. If the valid username is acquired by Internet Key Exchange (IKE) Aggressive Mode, it is possible to acquire a hash from the VPN members and using these hash attackers can crack the password. Deficiency of account locks out is another weakness of VPNs as which makes VPNs vulnerable to several attacks. The common drive operating system allows account to be locked out due to some improper login attempts. But the implementation of VPNs does not support this type mistake. The implementation of VPNs also does not provide the correct documentation as well as information to the end user to make the informed decision regarding the uses of configuration (Hills, 2005). Other attacks on VPNs include intrusion and DoS. The attacks perpetrated on VPNs are serious in nature and thus are required to be effectively deal in order to prevent any losses. Intrusions generally involve unauthorized access into VPN. DoS attack might be from inside and outside of VPN and it can be from any point of the network. Intrusion affects the privacy, accessibility and reliability of resourced. Intrusion attacks can be mitigated by installing the Intrusion Detection System (IDS) through which the intrusion points can be controlled and there are no hidden points of intrusion. DoS attacks are also considered as the ‘protocol based attacks’ as well as ‘infrastructure attacks’. Protocol based attacks can be TCP, Teardrop and Black holes and the reason to occur this attack is inadequacy in the protocol. This attack can be protected by examining the vulnerabilities in the protocol. Infrastructure based attacks can be perpetrated router, core router and edge among others. It can cause loss of packets, delay and delivery ratio of packets. The attackers of the present internet infrastructure are unseen and it is quite difficult to locate the source of attack. The direct DoS attack at internet infrastructure has the serious impact on entire operation performed over the network. To prevent DoS attack users have to use faster hardware as well as filter packets because the use of faster hardware might be more effective in preventing the intention of hackers (Hills, 2005). Conclusion From the above discussion, it can be stated that firewalls are an integrated security measures intended to secure flow of data over the two networks. On other hand VPNs (Virtual Private Network) refer to a network, which is formed by using public connection such as internet. VPNs help the uses of the corporation to access internet remotely. The operators of the computers have trust on VPNs that the transmission and storage of information over VPNs can remain confidential. From the above discussion, it can observe that there are several modern attacks against firewalls and VPNs. The modern day attacks on firewalls are service attack and virus. The service attack of firewalls can be mitigated by designing advanced network. Virus attack can be combatted by installing the antivirus in the system. The modern day attacks on VPNs are intrusion and DoS attacks. Through checking the vulnerabilities in the protocol, protocol based attack can be prevented while with the use of faster hardware, DoS attack can be eliminated. To conclude, it can be stated that advent of internet has offered numerous opportunities for individual users and varied other sectors. However, the use of internet is also coupled with several threats and risks which have created an urgent requirement for determining solutions for tacking the challenges arising thereupon. In this regard, in order to protect the firewalls and VPNs from the modern day attacks, the users are required to ensure and take several measures. References Brown University. (n.d.). Firewalls, Tunnels, and Network Intrusion Detection. Firewalls, 1-24. Computer Science. (n.d.). Firewalls. First Notions, 1-10. Hills, R. (2005). Common VPN security flaws. NTA Monitor Ltd, 1-17. Hayajneh, T., Mohd, B. J., Itradat, A., & Quttoum, A. N. (2013). Performance and information security evaluation with firewalls. International Journal of Security and Its Applications, 7(6), 355-372. Jain, R. (n.d.). Virtual private networks. The Ohio State University, 2-29. Kamara, S., Fahmy, S., Schultz, E., Kerschbaum, F., Frantzen, M. (n.d.). Analysis of vulnerabilities in internet firewalls. Purdue University, 1-17. Krzyzanowski, P. (2004). System protection and firewalls. Lectures on Distributed Systems, 1-22. NIST. (2014). Protecting information systems with firewalls: revised guidelines on firewall technologies and policies. Firewall Bulletin, 1-7. Rao, C. S., Rama, B. R., & Mani, K. N. (2011). Firewall policy management through sliding window filtering method using data mining techniques. International Journal of Computer Science & Engineering Survey, 2(2), 39-55. Saraswathi, S., & Yogesh, P. (2012). Ingress filtering at edge network to Protect VPN service from dos attack. Anna University, 35-44. Wadhwa, S., & Pal, K. (2013). Providing security in VPN by using tunneling and firewall. International Journal of Engineering and Advanced Technology (IJEAT), 2(3), 381-382. Read More