* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Jaden Terry CIS 280 Final Network Security From browsing the
Survey
Document related concepts
Cyber-security regulation wikipedia , lookup
Deep packet inspection wikipedia , lookup
Security-focused operating system wikipedia , lookup
Unix security wikipedia , lookup
Mobile security wikipedia , lookup
Cyberattack wikipedia , lookup
Wireless security wikipedia , lookup
Network tap wikipedia , lookup
Computer security wikipedia , lookup
Distributed firewall wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Transcript
Jaden Terry CIS 280 Final Network Security From browsing the Internet, to even logging on, we simply wouldn’t be able to use computers without the help of network security. The reasons for network security, means of attacking a network, types of network security, and major setbacks in history due to hacking will be understood throughout this paper. Most of the time, network security goes by unnoticed when using a computer. Factors such as a firewall, https, and even IP addresses are unknown to the general public. These are just a couple of features that network security has to offer. Due to how important it is to ensure that people are able to use computers privately or without anyone/anything intruding, privacy has lately been a hot topic. This has everything to do with network security. First, it allows us to protect valuable information from the outside. The government is a great example of protecting information from the public. They have a lot of information that is top secret and needs to be protected from anyone and everyone. If another country were able to view our government’s network, turmoil would ensue. Additionally, if businesses were unable to keep a secured network, employee/customer information and credit card numbers could be accessed, and competing businesses could look inside to see their strategies. This allows for businesses to keep an edge on other companies. Secondly, network security protects against hackers, malware, viruses etc. According to Wikipedia, a hacker is defined as, “Someone who seeks and exploits weaknesses in a computer system or computer network.” Some evil hackers may insert a virus or malware that could make a computer unusable. From hackers and viruses, to network privacy, the security of our networks is more important than most people are aware of. A survey from computerworld.com in 2011 showed that more than 90% of companies have been hacked at some point and 60% said that these attacks were within the last year. Since 2011, network security has made great strides, but computers are still at risk. One example, in September 2011, many well-known bank websites were shut down due to a hack. Hackers accomplished this by sending enormous amounts of data to the websites and therefore not allowing the website to operate properly. Another example was the hit that Sony took with their PlayStation network a couple of years ago. Account information such as credit cards, phone numbers, addresses, and names were stolen from over 77 million users that were using the PlayStation network. The network was shut down for almost 2 weeks, which eventually led to Sony suing the hackers that caused this event. Not only did this event push users away from the PlayStation and affected the business in the long run. Finally, Operation Shady RAT was a recent hack against the government that siphoned off data from government computers. This happened by using what is called a Remote Access Tool or RAT. McAfee, a network security company, has been tracking this case for over 5 years. This goes to show how anyone can be affected by these cyber attacks and the proper functioning of any given computer falls back on network security. There are many types of attacks that a hacker could exploit to break into a system. Some of these include: spoofing, denial of service, buffer overflow, wiretapping, and port scanning. Wiretapping is a device that plugs into the network and allows someone to listen or see the network traffic. This is similar to how phone tapping works. It allows a third party to listen in. When used by a government agency, this is called lawful interception. Secondly, port scanning is another popular method of hacking into a computer. Port scanning operates by identifying open ports on a computer and checking its accessibility. Once a port is found, the hacker looks for applications that are vulnerable and can be taken advantage of. Next, spoofing is defined as impersonating or concealing the IP address of another computer. Spoofing of an IP address is comparable to stealing the Social Security number of another person. Also, a denial of service attack is when a computer or network is made unavailable by sending large amounts of data directly at a target, which can lead to a server overload and shut down to the specified target. This technique was used in the September 2011 hack against the banks, as mentioned earlier. Finally, a buffer overflow technique is when the buffer is overrun with data. Once the buffer is overrun, the data can be given various directions and even sent elsewhere. These are just a few methods of hacking into a system among many others that hackers use today. There are many techniques of keeping a computer safe from mentioned attacks, such as Mac address filtering, Firewall, and WPA/WPA2. First, a firewall is a system that controls the incoming and outgoing traffic and determines whether or not packets should be allowed through. In the network layer, a firewall is also called a packet filter. The packet filter only allows packets through that match a certain rule set. The word firewall originated from a firefighting practice where they would build a barrier to prevent a fire from further spread. Just like packets, if they do not reach certain guidelines, then they will not be allowed any further. Next, Mac address filtering is a security method where Mac addresses are used to determine if the network is accessible. Mac stands for media access control, which is assigned to network interfaces for communications on the physical network according to Wikipedia. Mac addresses can be spoofed, which means that you can configure your computer to act as another Mac address so that you can bypass certain processes. Also, WPA/WPA2, or Wireless Protected Access, is what encrypts packets. Encryption is when messages are encoded; only allowing authorized personnel to read the message. If packets were intercepted when transferring from point A to point B, the packets would be unreadable due to encryption. WPA2 is the new and updated version of WPA and it is much more complex and harder to decrypt. WPA2 uses AES, which is an advanced encryption standard protocol for encrypting packets. With this said, WPA2 is more secure than WPA. Finally, an Anti-Virus can be used to detect any malicious activity happening on a computer. Some of these activities include: viruses, worms, adware and spyware, Browser Helper Objects, and Trojan Horses. All of these methods of security are not guaranteed to keep a computer out of trouble, but in the long run these security measures will be deemed beneficial. There are a few other ways of helping keep a network safe besides the ones mentioned above. First, when your computer has an update, it should be updated immediately. Usually a computer will notify the user when something needs to be updated. These updates can contain the latest securities and reliabilities. Also, computer users should change their Service Set Identifier or SSID. Most Internet service providers use the same name for each router making it difficult to determine whose is whose. A final step, which is not as important, is to create a password that is difficult for someone to presume. There is certain software out there that can allow someone to hack passwords. An intricate and difficult password will make hacking a it more complicated. All in all, network security continues to grow exponentially as time passes. Likewise, Internet technology is also becoming more advanced. The need for network security, ways of attacking a network, types of network securities, and major setbacks in history due to hacking are all important topics that should be kept in mind when determining if a specific network is secure. Sources http://en.wikipedia.org/wiki/Network_security http://windows.microsoft.com/en-au/windows/making-network-moresecure#1TC=windows-7 http://www.cisco.com/cisco/web/solutions/small_business/resource_center/articl es/secure_my_business/what_is_network_security/index.html