Computer Network: Botnet Problem - Research Paper Example

City

Computer Network/ Botnet Problem

Abstract

Network security has become paramount in today’s world due to multiple threats by unscrupulous individuals. Data has become the new currency of this world and such it should be protected. This paper offers solutions to combat these problems.

Keywords: nodes, bridges, TCP/IP, crypto-capable routers, Virtual Private networks, Application Gateways, Packet Filtering, Hybrid Systems, botnet.

Introduction

Data integrity and security has been under the risk of hacking, viruses, malware and other threats in recent times. People have lost personal information, money, and other important data due to these threats. It is therefore crucial to learn about computer networks and security measures. The paper aims to offer solutions to these problems.

Computer Network

For one to understand the intricacies of network securities, a good knowledge of a network is crucial. A computer network is also known as data network; it is a telecommunications network whose work is to facilitate transmission of data from one node (device) to another. In the communications network, the medium used to connect these computers is called the data link. The connections rely on physical media like cable or via a wireless connection. The greatest computer network is the internet, where millions of computers can communicate despite the geographical locations. The devices responsible for, sending routing and terminating transmission of data are called nodes. Examples of these nodes are computers, servers, mobile devices and other network related network hardware. Devices that are able to transmit data between each other are said to be networked regardless of whether they are connected directly or through proxies.

There are different types of computer networks mostly based on their set up (topologies), the communication protocols employed, size of the network among other factors. Applications of computer networking cover a wide array of services offered to the millions of users across the globe. Some of these services include: access to the WWW (World Wide Web), digital video and audio, storage of enormous data sizes passing of messages like emails and instant messages (IM). Depending on the applications used on a given network, the protocols can be laid out in a way that is layered.

Network Packets

In most networks, data is “transported” inform of network packets; a network packet is the format through which data is transmitted from node to node over a network via means of switches (network packet switches). When on transit, data is converted into packets and once they arrive to their destination they are converted back to their original format (data). Essentially, packets contain two types of data which are control information and payload (user data). The control information has the information the networks uses in order to determine the destination of the data transmitted. Among its constituents are addresses of both sender and receiver, codes for detecting errors, and other information needed for the network to ensure that data is received as sent and with integrity. The payload is the data being conveyed through the network.

Network Topology

Network topology is the physical layout of the network, its arrangement and positions of the network nodes. In summary it is the way the links and nodes are arranged in the network.

Network Links

These are the actual media used to connect computers in a network to facilitate communications. These media include cables (electrical); these physical cables include, electrical (Ethernet connections, power line communication, HomePNA), fiber optic communications, and lastly, the radio wave also known as the wireless network (Bejtlich 2013).

The OSI model places network links are defined on the first and second layers which are the physical and the data link layers. One of the most widely adopted means of transmission media is the LAN (Local Area Network) technology commonly known as the Ethernet. IEEE 802.3 is the protocol used in LAN where both copper and fiber cables apply. IEEE 802.11 is used in LAN networks to handle radio waves or infrared signals.

Wired Technologies

The following are some of the wired technologies employed in computer networking; they differ from one another based on their speed of transition:

• Coaxial Cable

These types of cables are mostly used in buildings, television systems, among other sites to implement LAN. The wires used for the cable are copper and aluminum which are insulated for protection from physical harm, distortion and interference.

• Twisted Pair

This the most famous of cables used in the telecommunication front; copper wires are twisted after being paired. Telephone wires are of the twisted pair type and their protocols are defined in IEEE 802.3 in an Ethernet connection.

• Optical Fiber

These are relatively recent type of cable; it is a fiber made of glass. Data in fiber optic are transmitted as pulses of light and have some advantages over metal wires in that they are not susceptible to electrical interference and low cost in data transmission (Kizza 2011). The speeds when fiber optics is increase exponentially compared to metal wires and can be laid undersea; they can also be used to connect points that are at a vast distances like continents.

Wired Technologies

• Terrestrial Microwave

In this technology, naturally occurring transmitters and receivers are used as they resemble satellite dishes. This microwave has a low range in terms of gigahertz hence they are not preferred since they limit communications (Gollmann 2011).

• Communication Satellites

These are essentially microwave radio waves that are not subject of deflection from the earth’s surface. Artificial satellites are situated in space and act as conduits for passing signals (data, television signal,).

• Radio and Spread Spectrum

Wireless LANs employ make use of high frequency to facilitate communications between many devices of relatively short distances in a specific area. This is where the application of Wi-Fi is used.

The above figure shows representation of a network topology

The data link layer

The physical layer

Network Nodes

• Network Interfaces

In a computer, the NIC (Network Interface Controller) gives the ability of the device (node) to access media transmition. Apart from that, the NIC is capable of processing low level information; it allows communication and exchange of data via a cable or a wireless network. In Ethernet networks, NIC have MAC (Media Access Controls) address. This address is permanent to every NIC to avoid network conflicts.

• Repeater and Hubs

Repeaters are boosters that receive data transmitted and amplify the signal when data is on transit; it does so to push the signal to further distances towards the receiver. Repeaters are found in the physical layer of the OSI model. Repeaters with numerous numbers of ports are referred to as hubs.

• Bridges

Bridges act as connectors between the sender and receiver networks; it receives data from sender and forwards it to the receiver’s address.

• Routers

These are the internetworking device whose work is to forward packets from a network to the next. It is found in layer 3 of the OSI model.

• Firewall

This technology is important in ensuring the security and integrity of the data being transmitted. It protects a device from illegal access by unauthorized third parties and prevents attacks that may be on the network like viruses and Trojan horses.

Network Security

In the last 25 years, there have been quite a few numbers of networks created each with their unique set up and protocols. Two of the more notable networks that offer public access are the UUCP and the internet. These two networks have differentiation in the services they provide on access.

UUCP

UNIX-to- Unix CoPy (UUCP) is one of the networks in existence and was initially created to offer connection to UNIX systems. Since its inception and over the subsequent years, UUCP has been modified to different architectures that include Macs, personal computers, Apple IIs and essentially everything that has network access capabilities.

Batch Oriented Processing

Systems under UCCP use batch processing technologies, this means that everything is queued up and processed after the specified time.

Implementation Environment

UUCP networks are usually built by the use of dial- up, commonly known as modem connections. This may be so, but UCCP is not confined to this type of connection alone as they can connect over any kind of connection, the internet included. The basic nature of building a UUCP network is simple in that two hosts are created and configured to recognize each other.

The Internet

The internet is the world’s cornucopia of networks and is the largest network of them all. In other words the internet is the interconnection of millions of Local Area Networks across the globe. Essentially, when one uses the internet they are given access to other LANs that are connected to the grid. The internet consists of millions of hosts ranging from supercomputers, mainframes, personal computers and other hardware capable of network access.

TCP/IP

This is universal “language” internet access; TCP/IP (Transport Control Protocol/ Internet Protocol) is the means through which devices communicate over the internet. It is found in the transport and network layer in the OSI model (Maiwald 2013).

Open Design

This feature means that TCP/IP is not technologically based and anyone with the intention of implement it can do so freely.

IP

It is found in the network layer of the OSI; it is the protocol that allows devices to communicate with each other over the internet. Without it there would be massive problems and poor communications between devices attempting to communicate over the internet. Among its functions is carrying of datagrams and internet address mapping. It also routes data to their intended destinations and makes sure that information gets to the intended device connected to the internet.

Attacks against IP

With many malicious characters using the internet, there are a number of ways through which IP can be under attack. The main reason why it is easy to attack IP is the fact that it does not facilitate .authentication. Based on this defect, packets can be manipulated in such a way that it would be difficult to accurately determine the place of origin. A packet can be perceived to be sent from a certain address but it is impossible to ascertain that it is true. Due to this “weakness”, the IP is placed in a higher layer in the OSI model. With advancements, applications that need to offer and check authentication of data are placed in the application layer.

IP Spoofing

More often than not, there are instances where a host may claim to have a certain address which turns out not to be true. Since most modern routers have the capability of filtering information or barring them from specific IP addresses, IP spoofing comes in handy and can therefore “fool” the router into granting passage. Some websites or applications may have protocols in place to reject access of certain IP address say IPs from a particular region; in this case spoofing enables the attacker to gain access.

IP Session Hijacking

IP session hijacking is illegal and is done by more advanced users who are technologically adept. Nowadays there are toolkits developed in the black market that can enable less skillful users to perform this task. IP session hijacking is the process through which a hacker gains control of the session used by an unsuspecting user and acts as them. Everything the hacked user is doing is seen by the attacker who has the ability to manipulate anything as would the original user.

TCP

The TCP is found in the top most layer of the OSI; it is responsible for the transport of data packets. Since their functions are similar to those of IP, they are now combined to form TCP/IP.

Guaranteed Packet Delivery

One of the most crucial functions of the TCP is guaranteed delivery to the destination device. Once the TCP sends data packets to receiver, there should be an acknowledgment sent back to the sender. If this does not happen, the user can then resend the information again. In case the data received is not in order as sent, the TCP then rearranges the data to its original state and presents it to receiver.

Risk Management

It is important to know that there is no single way to protect a network from all the attacks. If one was to do so, they would have to disconnect their device from the network and unplug form power. To get the best security protection, there has to be a combination of security protocols in place.

Types of Threats

There are myriads of ways through which the security can be breached over the internet:

Denial – of – Service

Also known as the DoS attack, it is one of the most disastrous attacks a host can encounter; once the attack is made it is hard for the user to address. Tracking them is extremely difficult and often hard to restrict access by the hacker who invaded the system.

Unauthorized Access

This is when a hacker is able to access personal information that may be confidential. Things like passwords, bank account information and other important information can be stolen.

Data Diddling

This is perhaps one of the most dangerous types of attack as it often can go on unnoticed by user. Data diddling is the manipulation of data in records like numbers in a spreadsheet, or changing account details like those of bank account numbers.

Botnets

Botnets are a group of computers in the same network that have been compromised due to malware attack. The attacker is able to access the information of all the devices in the network. In many organizations, an intranet is preferred to be used to prevent outside networks like the internet from accessing. In the event that one of the computers is connected to the internet, the hacker may use it as the access point through which they can access other computers in the intranet. The best way to fight such an attack is to implement robust firewalls.

Firewalls

Firewalls are essentially strong barriers that prevent access of a private network from outside networks like the internet.

Types of Firewalls

• Application Gateways

It involves one computer in a private network controlling access of the internet; it acts as a bastion host. It acts as a proxy server that defines what the internal network can access from the internet. It is found in the application layer.

• Packet Filtering

This technique involves routers having Access Control Lists (ACL); only addresses contained in the list is allowed to pass information and those that are not in the list are barred. It also helps in reducing network traffic and overheads.

• Hybrid Systems

Due to the many threats that are posed on a daily basis, devices that combine both packet filtering and ACL have been developed. It is convenient as the two functionalities are contained in on system.

Encryption Codes/ Algorithms for Computer Network

RSA

RSA is an excellent example of a public-key encryption algorithm; it is one of the standard for encrypting data sent via the internet. Moreover, it is also one of the methods most used in PGP and GPG programs.

RSA is viewed as an asymmetric algorithm predicated on its use of a pair of keys. There is the public key, which is used to encrypt messages, and a private function is to who key to decrypt it. The RSA makes sure that the data is contained in a spaghetti-like batch that would take hackers forever to decrypt.

The code for RSA is as follows:

Secure Network Devices

• Secure modems

They have increased security protocols and can filter network traffic more capably.

• crypto-capable routers

These routers have the ability to encrypt information sent over the internet barring people from snooping.

• Virtual Private networks

This makes it possible to use the internet to connect two offices in different geographical location, by creating VPNs; organizations can create their own private platform using the internet as a conduit (Stallings 2011).

Summary and Conclusion

It is possible to effectively protect the data integrity and maintain its security; it is advised to understand how computer networks work so one can choose the type and level of security that best suites.

Network Links

These are the actual media used to connect computers in a network to facilitate communications. These media include cables (electrical); these physical cables include, electrical (Ethernet connections, power line communication, HomePNA), fiber optic communications, and lastly, the radio wave also known as the wireless network (Bejtlich 2013).

The OSI model places network links are defined on the first and second layers which are the physical and the data link layers. One of the most widely adopted means of transmission media is the LAN (Local Area Network) technology commonly known as the Ethernet. IEEE 802.3 is the protocol used in LAN where both copper and fiber cables apply. IEEE 802.11 is used in LAN networks to handle radio waves or infrared signals.

Wired Technologies

The following are some of the wired technologies employed in computer networking; they differ from one another based on their speed of transition:

• Coaxial Cable

These types of cables are mostly used in buildings, television systems, among other sites to implement LAN. The wires used for the cable are copper and aluminum which are insulated for protection from physical harm, distortion and interference.

• Twisted Pair

This the most famous of cables used in the telecommunication front; copper wires are twisted after being paired. Telephone wires are of the twisted pair type and their protocols are defined in IEEE 802.3 in an Ethernet connection.

• Optical Fiber

These are relatively recent type of cable; it is a fiber made of glass. Data in fiber optic are transmitted as pulses of light and have some advantages over metal wires in that they are not susceptible to electrical interference and low cost in data transmission (Kizza 2011). The speeds when fiber optics is increase exponentially compared to metal wires and can be laid undersea; they can also be used to connect points that are at a vast distances like continents.

Wired Technologies

• Terrestrial Microwave

In this technology, naturally occurring transmitters and receivers are used as they resemble satellite dishes. This microwave has a low range in terms of gigahertz hence they are not preferred since they limit communications (Gollmann 2011).

• Communication Satellites

These are essentially microwave radio waves that are not subject of deflection from the earth’s surface. Artificial satellites are situated in space and act as conduits for passing signals (data, television signal,).

• Radio and Spread Spectrum

Wireless LANs employ make use of high frequency to facilitate communications between many devices of relatively short distances in a specific area. This is where the application of Wi-Fi is used.

The above figure shows representation of a network topology

The data link layer

The physical layer

Network Nodes

• Network Interfaces

In a computer, the NIC (Network Interface Controller) gives the ability of the device (node) to access media transmition. Apart from that, the NIC is capable of processing low level information; it allows communication and exchange of data via a cable or a wireless network. In Ethernet networks, NIC have MAC (Media Access Controls) address. This address is permanent to every NIC to avoid network conflicts.

• Repeater and Hubs

Repeaters are boosters that receive data transmitted and amplify the signal when data is on transit; it does so to push the signal to further distances towards the receiver. Read More