Retrieved from https://studentshare.org/other/1411945-network-securty-hardware-and-ids-systems
https://studentshare.org/other/1411945-network-securty-hardware-and-ids-systems.
Topic The hardware device, which I have selected for discussion is a router. A router is a device, which operates at the network layer of the OSI model. It is used to transfer data from source to destination by forming a connection between different networks. A router makes use of a configuration table to decide whether it should allow sending of a packet or not. A router establishes an appropriate and valid path for the packet that a source computer sends to a desired destination. A configuration table includes information on which connections lead to particular groups of addresses, connection priorities, and rules for handling the traffic (Franklin, n.d.).
Routers have a built-in mechanism, which ensures LAN protection by blocking the packets invalid packets from moving on the LAN. A router not only checks for the valid destination address but also ensures the delivery of flawless packets to the destination. If a router finds any sort of error in a packet, it discards that packet and sends the remaining message to the destination. Therefore, we can say that a router is a very important data transfer device used on a network. Topic # 2 An Intrusion Detection System (IDS) is a software application, which not only detects and stops unauthorized activities but also reports them to the network administrators for further action.
One of the most famous Intrusion Detection Systems is Snort, which is used to detect the presence of worms, malicious activities, and unauthorized accesses. Haas (2010) states, “Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system”. People make use of Snort software to detect the hacking attempts on their networks. Snort examines every packet that a computer transfers over a network and reports transfer of suspicious packets to the administrators.
Snort software manages a database in which it keeps all traffic signatures. Whenever a computer sends a packet over a network, Snort finds the MAC address of that packet in the database. In case a match is found, snort configures the rules to take the required actions. Topic # 3 In this part, we will discuss honeypots, which are used as a security tool to detect encrypted attacks and online credit card frauds. This highly flexible and reliable security tool not only detects attacks but also prevents the attacks and gathers in-depth information about the attack and the hacker.
Honeypots have two basic types, which include production honeyputs and research honeyputs. Companies and corporations use production honeyputs whereas military and government institutions use research honeyputs. One of the key advantages of honeypots is that they trap the hackers by making them fool. Hackers think that they have reached the desired network whereas in actual, they are trapped in a honeypot. Some other advantages of honeypots include capturing bad activities, capturing hackers using new tools and tactics, use of minimal resources, encryption in IPv6 environments, and simplicity (Spitzner, 2003).
Some of the disadvantages include capturing only directly interactive activities and presence of hijacking risks. References Franklin, C. (n.d.). How Routers Work. Retrieved from http://communication.howstuffworks.com/convergence/router2.htm Haas, J. (2010). Snort. Retrieved from http://linux.about.com/cs/linux101/g/snort.htm Spitzner, L. (2003). Definitions and Values of Honeypots. Retrieved from http://www.tracking-hackers.com/papers/honeypots.html
Read More