Network problems and how to prevent its
Defining security (on a computer network) can be done by looking at the targets to be achieved through the concept of 'safe'. Here is a list of features that can prevent / anticipate the attacks from outside parties or parties in.
Security Policy
Before proceeding to the implementation of a more distant level should be determined first what he would be protected and protected from anyone
Wisdom of security depending on how much you trust other people, inside or outside your organization. Policies must be a balance between allowing a user to access the information needed while maintaining system security.
Physical Security
Physical in this section is defined as a situation where someone can get into the server room / network and can access these devices are illegal. Unauthorized persons could have been a guest, staff cleaning, package delivery courier, and others who can get into the room and tamper with the existing tools. If someone has access to the room, the person may just installed Trojan horse program on the computer, booting from a floppy disk, or steal important data (such as the password file) and unpack in a safer place.
To maintain security, put the server in a room that can be locked and make sure that the room is locked properly. To avoid surveillance, use a screen-saver that can be in the password. Set also all the computers to perform the function of auto-logout after inactivity in a certain period.
BIOS Security
Actually, an admin is recommended to disable booting from floppy. Or it could be done to put a password on the BIOS and set the boot password.
Password Attack
Many people store important information on computers and often a password thing that prevents other people to see it. To avoid the attack then it should be user passwords using a password that is good enough. Hint password selection:
• All passwords must consist of at least 7 characters.
• Enter a combination of letters, numbers and punctuation as much as possible with a note that the password is still easy to remember. One way is to combine random words with punctuation or by combining the words with numbers.
• Use the first letter phrases easy to remember.
• Use a number or punctuation mark to replace the letters in the password.
• Change passwords regularly
Malicious Code
Malicious code can be a virus, trojan or worm, usually in the form of coded instructions that will burden the system so that system performance decreases. How to anticipate it could be seen at 6 the following example:
1. provide awareness to the user about the threat of viruses.
2. use a good anti-virus program on workstations, servers and Internet gateways (if have).
3. teach and train users how to use anti-virus program
4. as an admin you should always update anti-virus program and virus database
5. Familiarize the user to NOT open the email attachment file or any file from the floppy before 110% sure or not an attachment / file to be "clean".
6. Make sure your security policy up to date.
Sniffer
A sniffer is a wiretap device by utilizing a computer network communication mode on ethernet premicious. Because the computer communication network consisting of random binary data will typically have a sniffer protocol analyzer so that a random binary data can be solved. Sniffer for the management functions can be used for network maintenance, for an outsider could to break down the system.
The easiest way to anticipate the sniffer is using a secure application, for example: ssh, ssl, etc. secureftp
Scanners
Network services (network service) of different runs on different ports as well. Each network service running on a specific network address (eg 167.205.48.130) and listening (listening) on one or more ports (from 0 through 65535). Both of them form what is called a socket address that uniquely identifies a service within the network. Ports 0 to 1023 the most commonly used is defined as a well-known number in the UNIX convention and described in RFC 1700.
Port Scanner is a program designed to find the service (service) what is running on the host network. To gain access to the host, the cracker must know the points of weaknesses. For example, if the cracker has to know that the host running the ftp server, he can use the weaknesses that exist on the ftp server to gain access. From this passage we may conclude that the service is not absolutely necessary should be removed to minimize the security risk that may occur.
Similar to a port scanner in the previous section, network scanner provides information on the intended target, such as the operating system used, an active network service, type of machine that is connected to the network, and network configuration. Sometimes, network scanner also integrates port scanners in their applications. This tool is useful for finding information about the target as much as possible before doing the actual attack. By knowing the conditions and network configurations, one would more easily enter and damage the system.
Example scanners: nmap, netcat, NetScan Tools Pro 2000, SuperScan
Spoofing
Spoofing (impersonation) usually done by irresponsible parties to use the facilities and the resource system. Spoofing is a technique that is detected as an undercover identity that is not true, eg: posing as a specific IP, computer name even e-mail address given. Anticipation can be done using a firewall application.
Denial of Service
Denial of Service (DoS) attacks where a party is to exploit aspects of the Internet Protocol suite to block access to those who are entitled to information or systems being attacked. Hole that allows denial is in category C, which is in a low priority. These attacks are usually based on the operating system used. That is, this hole is in the network part of the operating system itself. When this kind of hole appears, this hole must be repaired by the owner or the software is patched by the vendor that issued the operating system. Examples of this are TCP SYN attack where a network connection request is sent to the server in a very large number. As a result, the server is flooded with requests and the connection becomes slow or even not be achieved at all. These holes are nearly on all operating systems running TCP / IP to communicate on the internet. This seems to be a problem in the design contained in the suite of TCP / IP, and is something that is not easily resolved.
In a DoS attack, someone can do something that interferes with the performance and operation of the network or server. As a result of this attack is slow in responding servers or networks, or can even cause crashes. DoS attacks disrupt legitimate user to obtain a legitimate service, but does not allow a cracker to get into the existing network system. However, this kind of attack against the server that handles e-commerce activities will could result in financial losses.
06:29
|
Labels:
Networking
|
Followers
Contributors
- Unknown
1 comments:
Your blog has always been a rich source of information for learning so much about network related issues and policies. This article gave me a complete introduction about various network problems and their respective solution.
digital id
Post a Comment