Network Security
Network Security:
Network security is getting a lot of attention these days. There are a lot of threats going on and organizations need to defend them. In this section we will discuss the most important attacks. Before going into different types of attacks first we need to understand the difference between vulnerability and exploit.
Vulnerability: A weakness in the system is known as vulnerability.
Exploit: Exploit is any software or code which take an advantage of vulnerability to compromise the system.
Need of Network Security:
2. CIA Triad:
CIA stands for Confidentiality, Integrity and Availability.
Confidentiality:
It means that the communication should be kept secret between sender and receiver. It ensures unauthorized disclosure of data. If someone in the network captured the traffic he/she would not be able to read the actual data if he/she would not have permission to access that data. We can achieve confidentiality using different ways some of them are using firewalls, ACL, encryption and steganography helps to achieve the confidentiality.
Integrity:
Integrity means that to make sure that information is not corrupted or unchangeable. No one is allowed to alter the communication without permission or access. Simply means that data is not modified during the transit. Integrity can be achieved by hashing, digital signatures.
Availability:
Availability means that the data is available whenever needed to the authorized users. It can be achieved by the redundancy or fault tolerance. Below are the some methods that can be used for redundancy:
- Disk Redundancy
- Server Redundancy
- Load Balancing
- Site Redundancy
- Backups
3. Common Attacks:
- DOS:
Denial of service attack is an attack where the target system is overwhelmed with large volumes of request, causing it to consume its resources to the point where i can’t perform its intended functions.
- Social Engineering Attacks:
Influencing others to reveal confidential information.There different methods to perform social engineering attacks.
- Authority:
Using this someone pretends to be authority to get information like he/she may become IT help desk or CEO or any authority.
- Intimidation:
Using this intruder may threaten like if you don’t do this then your payroll will not be proceeded.
- Scarcity:
Create a trick to give victim benefits in a time stamp. If he/she will not do this then the offer will expire.
- Urgency:
Creating urgency if the victim will not do this then he/she has to face a big loss.
- Trust:
Building trust to the victim like if the victim provides confidential data then the attacker builds the trust he will help the victim.
- Insider Threats:
Some time we configure firewall,IPS and IDS but some attacks are performed within the organization. Some employees may gain some confidential information if we would not have a least privileges policy.
- Logic Bomb:
This is the very specific kind of malware.It deleting or removing information. It is based on logic like a specific date or time to occur this attack.
- Phishing:
Attackers may leverage the email or web pages that appear to be legitimate in an attempt to gain confidential information.
- Ransomware:
Malware that prevents users from accessing their data unless they pay a ransom.Attacker may encrypt the data so the victim is unable to read that data without paying.
- DNS poisoning:
Modify the DNS server record or send the fake response to legitimate DNS requests.
- Spoofing:
When malicious users falsify their IP address, in an attempt to conceal their identity, to access protected areas of the network or to impersonate a different device.
- Vlan Hopping:
When a user gets access to normally restricted vlans, either connected to trunk port or by using doubling the tag.
- MITM:
An attack where a malicious user somehow injects themselves inside a communication flow between two systems, enabling them to intercept that flow’s traffic.
Comments
Post a Comment