Network Security
Let's First of all have a look at all those problem that creates a hurdle in our security. We will summarize them here shortly. then we will carry on in detail about each problem. how to solve them, how to counter them. Also we must understand the is need of security because the information we store is a valuable asset for us. We might take help of information security services like:
- Confidentiality
- Maintaining
the privacy of data
- Integrity
- Detecting
that the data is not tampered with
- Authentication
- Establishing
proof of identity
- Nonrepudiation
- Ability
to prove that the sender actually sent the data
- Access
Control
- Access
to information resources are regulated
- Availability
- Computer
assets are available to authorized parties when needed
Security Problems
n Computer
networks are typically a shared resource used by many applications representing
different interests.
n The
Internet is particularly widely shared, being used by competing businesses,
mutually antagonistic governments, and opportunistic criminals.
n Unless
security measures are taken, a network conversation or a distributed
application may be compromised by an adversary.
n Consider
some threats to secure use of, for example, the World Wide Web.
n Suppose
you are a customer using a credit card to order an item from a website.
n An
obvious threat is that an adversary would eavesdrop on your network
communication, reading your messages to obtain your credit card information.
n It
is possible and practical, however, to encrypt messages so as to prevent an
adversary from understanding the message contents. A protocol that does so is
said to provide confidentiality.
n Taking
the concept a step farther, concealing the quantity or destination of
communication is called traffic confidentiality
n Even
with confidentiality there still remain threats for the website customer.
n An
adversary who can’t read the contents of your encrypted message might still be
able to change a few bits in it, resulting in a valid order for, say, a
completely different item or perhaps 1000 units of the item.
n There
are techniques to detect, if not prevent, such tampering.
n A
protocol that detects such message tampering provides data integrity.
n The
adversary could alternatively transmit an extra copy of your message in a replay
attack.
n To
the website, it would appear as though you had simply ordered another of the
same item you ordered the first time.
n A
protocol that detects replays provides originality.
n Originality
would not, however, preclude the adversary intercepting your order, waiting a
while, then transmitting it—in effect, delaying your order.
n The
adversary could thereby arrange for the item to arrive on your doorstep while
you are away on vacation, when it can be easily snatched. A protocol that
detects such delaying tactics is said to provide timeliness.
n Data
integrity, originality, and timeliness are considered aspects of the more
general property of integrity.
n Another
threat to the customer is unknowingly being directed to a false website.
n This
can result from a DNS attack, in which false information is entered in a Domain
Name Server or the name service cache of the customer’s computer.
n This
leads to translating a correct URL into an incorrect IP address—the address of
a false website.
n A
protocol that ensures that you really are talking to whom you think you’re
talking is said to provide authentication.
n Authentication
entails integrity since it is meaningless to say that a message came from a
certain participant if it is no longer the same message.
n The
owner of the website can be attacked as well. Some websites have been defaced;
the files that make up the website content have been remotely accessed and
modified without authorization.
n That
is an issue of access control: enforcing the rules regarding who is allowed
to do what. Websites have also been subject to Denial of Service (DoS) attacks,
during which would-be customers are unable to access the website because it is
being overwhelmed by bogus requests.
n Ensuring
a degree of access is called availability.
n In
addition to these issues, the Internet has notably been used as a means for
deploying malicious code that exploits vulnerabilities in end-systems.
n Worms,
pieces of self-replicating code that spread over networks, have been known
for several decades and continue to cause problems, as do their relatives, viruses, which are spread by the transmission
of “infected” files.
n Infected
machines can then be arranged into botnets which can be used to inflict
further harm, such as launching DoS attacks.
So that's it. We are done with problems. Now we will discuss solution and many techniques to counter these problems for you in next post. Stay Tuned.
.jpg)
Hello everyone, I'm back with hacking tutorial. This time i'm introducing to you how to hack facebook account using simple text ...
Hello there, Welcome to our blog. How you all are, Hope you all doing great. On our blog you will find support for tech, hacking and socia...
Access Control Lists Introduction Hello everyone. How are you all. This time i'm going to discuss about Access control list with ...
Certified Ethical hacking Hello Folks, How ...
0 comments:
Post a Comment