Vulnerabilities of Networks and Internet - Essay Example

Vulnerabilities of Networks and Internet The paper presents a clear view of the issues involving computer network and its security. It tackles the basic networking structure and principle and the vulnerabilities behind it. The good practice of info- security in the preservation of data and its role in effective network management. The business and organizations reliance to IT and the risk involve in the implementation of such technology. The documented and identified attacks and the losses incurred by companies and government. The development in IT particularly in the prevention of attacks is continually developing to counter complex malicious and destructive activities. Technology, manufacturers and the government works hand in hand to fortify the network structure and further enhance network security management. The various networking security strategies are discussed along with alternatives. The wide variety of counter and preventive measures available today will help to ensure the safety and integrity of the data and will prevent more losses in the future. 1. Introduction Computers unquestionably make a large part of human movement faster, safer, and more appealing. They generate new modes of work and play. They continually spawn new ideas and offer many social benefits, yet at the same time they present increased opportunities for social harm. Public say that the information revolution can be compared to the industrial revolution, it is equally valuable as the coming of print media and perhaps even more significant. The dependence of the businesses, industries and economies in networking and the internet grew in quality decision making and implementation. The age information technology like any other development in our society brings good and evil. While our economy and businesses prosper through IT and other automation, high-tech crimes are also growing in numbers and sophistication. Prevention plays an important role in network security 2. The Practice of Information Security Information security or info-security main goal is to keep information on a network safe and secured. The other elements of info-security are divided into three important parts that serve as the foundation for all information security effort. These are confidentiality, integrity, and availability1 (CIA). Confidentiality The first goal is confidentiality; this is where data are being protected from unauthorized eyes or individuals. These data can be all information vital to the success of the company or may contribute to its downfall. Engineering plans for instance, financial information, business or marketing plans, and whatever secret data stored in a computer2. Integrity The second but equally important in the preservation of data is integrity. Integrity helps to ensure that original information or data remains unchanged and properly synchronized transversely in the system. This means that even people who are authorized within the system cannot change anything without proper consent or approval. A bank teller for instance is authorized to make changes in an account but they are not authorized to debit another persons account Availability Availability ensures that information saved is available to authorized users and can get access to it whenever necessary. Valid and secured information is nothing if you cannot get to it. This means information is just being kept from the bad guys while its often available to the right people. 1. Howlett, Tony, 2005, "Open Source Security Tools", Practical Applications for Security, pages 4-12. Prentice Hall, ISBN 0-321-19443-8 2. Kent Stephen, Millett Lynette, 2003 "Who Goes There: Authentication Through the Lens of Privacy ", National Academic Press, Washington D.C. 1. Business Risk - Information Security Standpoint Computer Crimes Computer related crimes affect every computer user in businesses and homes3. The FBI in the United States recorded over 90% of U.S. companies are victim of various forms of computer crime4. Around 80% suffered financial loss estimated to be in vicinity of $445 million with noticeable increase every year. This is with the fact that not all computer crimes are reported and these figures maybe lower than the actual. The FBI through their National Infrastructure Protection Center estimated that a more complex (like the Code red Worm in 2001) and frequent attacks will happen in the following years. They fear that hackers will exploit various avenues and they expect that cyber criminals will focus on network routers, firewalls, and other less monitored hardware that would give them full access to corporate local networks. The delay in the announcement of software security vulnerability by manufacturer will give companies very minimal time to respond. In 2003, for instance, Microsoft discovered vulnerabilities in its RPC (Remote Procedure Call) after the Blaster Worm attack. The growth of computer crimes was seen climbing every year as presented here in Figure 3.1. (taken from Howlett 2005) . 3. Mohay George, 2003, "Computer and Intrusion Forensics", Artech House Computer Security Series . Boston Artech House Inc. 4. Howlett, Tony, 2005, "Open Source Security Tools", Practical Applications for Security, pages 4-12. Prentice Hall, ISBN 0-321-19443-8 2. Attacks and Defences The most common attacks are combination of software vulnerabilities that take advantage of stack overflow to get to the root directory. Some of these software bugs can be found in the following: 1. The stack overflow attack on the BIND program usually found in UNIX and Linux operating systems resulting to easy account access. 2. CGI Programs found in Web Servers enabling hackers to control or deface web servers. 3. Stack overflow attack on RPC mechanism in LAN that gives intruders easy access to network accounts. 4. The IMAP and POP protocols that when mismanaged allow intruders to access emails remotely. 5. SNMP weak authentication that uses a default password "public"5. Noticeable that none of the preceding vulnerabilities can be prevented by encryption or fully thwart by a firewall. Weakness in Network Protocols and Management Operating systems line UNIX and Microsoft NT are by default sold and configured as "plug and play" to make easier for users to install and manage. This approach in reality open-up holes in the system for both local and internet zones. Mapping methods for IP addresses for instance provides weak points for the network. IP addresses (TCP) in the internets are translated into a higher level DNS or Domain names. A local network uses unique Ethernet addresses which are also mapped using Address Resolution Protocol (ARP). These components providing higher-level services were made years ago with less security in mind and they do not have built-in authentication. An attack on a LAN can happen when a person is given physical access to the network. An employee for instance can take over anybody's account by simply installing packet sniffer to collect passwords6. 5-6 Anderson Ross, 2001,"Security Engineering: A guide to Building Dependable Distributed Systems", Wiley Publishing, pages 367-390, Firewalls Firewall is the most widely use solution to network security. Firewalls stand between a LAN and the Internet. It filters out unwanted traffic that might be detrimental to the system. Many organizations prefer this one "solution in a box"6 and it is perceived as a crucial part of any corporate network. Firewalls can filter traffic in three levels, through IP packet level, TCP level, down to the application level. Packet filtering is a function of a firewall that filters packet addresses and port numbers. The same functionality found in routers and Linux OS. The purpose is to block external packets that seem to come locally from a host in the Local Area Network. It can prevent DoS attacks by filtering malformed packets sent to a host7. Circuit gateways are more complex and expensive than packet filtering. It works in the TCP level reassembling and examining all the packets passing through the firewall. It can do encryption from firewall to firewall keeping out unwanted websites and other malicious newsgroup8. Application Relays is another type of firewall which acts as a proxy for internet based services such as mail, telnet, and more9. . Encryption Encryption is one reliable tool to secure the data's integrity and confidentiality not only in the Internet but within the local network. Encryption can be the final defence against hackers who successfully broke-in to a network and trying to control the server. They still have to break the encrypted codes before they can view or manipulate the data. There are may various protocols for encryption and examining the OSI model we will notice the different encryption tools operating at different network levels. Here are some of them: PGP (Pretty Good Privacy) and GnuPG works at Layer 7 in the application level. 6-9 Anderson Ross, 2001,"Security Engineering: A guide to Building Dependable Distributed Systems", Wiley Publishing, pages 367-390, SSL and SSH works at layer 5 in the Session level. IPsec works at layer 3 in the Network level. There are two types of encryption. Symmetric and Asymmetric. Symmetric cryptography has been since the ancient times using secret key to scramble the data into incomprehensible rubbish. The receiver or the person at the other end need to use the same key unscrambles the data into a readable text. It is called symmetric because it uses the same key to encrypt and decrypt10. . Public Key cryptography (PKE) also known as asymmetric cryptography divides the key into smaller keys. One the keys are for public and the other is for private. The difference is you do not need the recipient's private key to send a secured message or sending the secret key in advance before you can transmit the secured message. It is normally implemented by the use of one-way mathematical functions that cannot be reverse11. 10-11 Howlett, Tony, 2005, "Open Source Security Tools", Practical Applications for Security, pages 4-12. Prentice Hall, ISBN 0-321-19443-8 Encryption is measured by key size and combinations of keys to counter brute force attacks. DES (Data Encryption Standard)- 56 bit TripleDES - effective key length of 168 bits RC4, RC5, RC6 effective key length up to 2,040 bits and variable lock size of up to 128 bits. AES capable of 256 bits cipher key 12 Encryption application may vary from one application to another. Hashes are use to provide authentication and verification using encryption. The most popular hashing algorithm is the MD513. Digital Certificates It is a certification to determine where the information is really coming from. Organizations like Verisign will verify your identity and will issue a certificate that would be in turn use to check and certify you in every secured transaction14. SSL or Secure Socket Layer is a protocol created for the Web. SLL was originally developed by Netscape to enhance e-commerce. It provides secured connection through data encryption, authentication, and certificates15. 5. Conclusion Intrusion and cyber crimes are here to stay and getting more complex every year. Billions of dollars loss from theft and destruction of precious data is too enormous to ignore. 12-15 Howlett, Tony, 2005, "Open Source Security Tools",Practical Applications for Security, pages 4-12. Prentice Hall, ISBN 0-321-19443-8 An organization, small or not should not hesitate to install and arm them with protection offered by various network security software and hardware. This is an investment they won't regret and surely will help them grow their business and free from worries of threats. The continuous development of various security gadgets and methods helps to ensure that newer forms of attacks are prevented. System or Network Administrators should be skilled enough to perform their duties in the preservation of their respective network. They should be vigilant and updated at all times. Individual and the community should bind together and practice safe computing at all times. Threats and attacks are not confined to businesses or big organizations alone. In fact, these cyber criminals are after every unsuspecting household and innocent child. Security and Information Technology must by all means work together to ensure the safety of information within a LAN and in the information highway. 6. References [1] Howlett, Tony, 2005, "Open Source Security Tools",Practical Applications for Security, pages 4-12. Prentice Hall, ISBN 0-321-19443-8 [2] . Gustin Joseph, 2004, "Cyber Terrorism: A Guide for Facility Managers "F. Publication: New York Marcel Dekker, Inc., page 139. [3] Anderson Ross, 2001,"Security Engineering: A guide to Building Dependable Distributed Systems", Wiley Publishing, pages 367-390, [4] Kent Stephen, Millett Lynette, 2003 "Who Goes There: Authentication Through the Lens of Privacy ", National Academic Press, Washington D.C. [5] Mohay George, 2003, "Computer and Intrusion Forensics", Artech House Computer Security Series . Boston Artech House Inc. Read More