Network Security

IRJMST Vol 5 Issue 12 [Year 2014] ISSN 2250 – 1959 (0nline) 2348 – 9367 (Print) Network Security Ms. Sushila Student M.D.U sushiladahiya35@gmail.com Mrs. Sunita Assistant Professor Kanya Mahavidyalaya Kharkhoda malik.sunita82@gmail.com Abstract:- This paper present a review of how to secure our computer network. Today's attacks are succeeding far too frequently, all due to the limitations of legacy security tools. Because many security technologies arose in an earlier era—when attacks targeting sensitive information were fairly straightforward to identify—these tools fail when they cannot recognize a previously unknown attack or threat vector. In the last few years, the scale and sophistication of IT security threats have grown at an explosive rate. Organizations have to contend with industrialized attacks, which, in some cases, rival the size and sophistication of the largest legitimate computing efforts. In addition, they also have to guard against a more focused adversary with the resources and capabilities to target highly sensitive information, often through long-term attack campaigns. analysis etc. Disclosure of this information to a Introduction:competitor could have terrible consequences. In The use of internet is increasing day- by- day, addition to dangers of information leaking out, there thereby, causing the security of network more and is also a danger of information leaking in. In more crucial. The flow of data often faces several particular, viruses, worms and other digital pests can problems. The data is often corrupted, fabricated, breach the security, destroy the valuable data and modified and/or lost. When people use the internet, waste lost of time of database administrator to clean they have certain expectation. They expect up the mess. confidentiality and data integrity. If they receive any message, they want identify who sent it so that in Threats of Network:-Commercial and Government any case if sender denies then they can prove that Enterprises are reluctant to use the internet because of security concerns. During the past several year, the message infact has been sent by him or her. attacks on routers have become frequent. The Purpose of network:-The ability to connect any internet currently uses BGP(Border Gateway computer anywhere to any other computer anywhere Protocol) for inter - domain routing. Also, because is a mixed blessing. For individuals at home, BGP sessions use TCP to transmit data between wandering around the internet is lost of fun. For the routers, the recent increase in TCP based attacks is corporate security managers, it is nightmare. Most an additional threats to BGP security. In the past, company have large amount of confidential internet community used SNMP( Simple Network information on-line, trade secrets, product development plans, marketing strategies, financial International Research Journal of Management Science & Technology http://www.irjmst.com Page 4 IRJMST Vol 5 Issue 12 [Year 2014] ISSN 2250 – 1959 (0nline) 2348 – 9367 (Print) Management Protocols) to monitor the health of the network and to debug operational problems. Main Objectives of Data Security are Protections against:Interception:- The unauthorized person gets access to the system and capture the data in the network. The protection against interception is to confidentiality of data. Modification:- The unauthorized person gets access to the system and modifies the data in network. The protection against modification is to integrity the data. Fabrication:The unauthorized person insert spurious data in network or adds records in the files. The protection against Fabrication is to authenticate the data. Interruption:- The whole data or same parts of data are destroyed. The protection is to ensure availability of data. Non- repudiation:- The sender and receiver are prevented from denying the data sent and received respectively. Its means that a receiver must be able to prove that a specific message come from right source. Some people who cause security problems and why. Adversary Goal Student To have fun snooping on people’s e-mail Cracker To test out someone’s security system;steal data Sales rep To claim to represent all of europe not just Andorra Businessman To discover a competitor’s strategic marketing plan Ex-employee To get revenge for being fired Accountant To embezzle money from a company Stockbroker To deny a promise made to a costomer by e-mail Con man To steal credit card numbers for sale Spy To learn an enemy’s military or industrial secrets Terrorist To steal germ warfare secrets Internet Security techniques:1)Cryptography2)Firewall3)Disconnect when not in use4)Protocols5)Don’t open unknown email attachments Cryptography :-Cryptography means ‘Secret Writing’. Cryptography can provide confidentiality, integrity(honesty), authentication and non-repudiation message. It uses two techniques i.e Encryption and Decryption. The message which is to be encrypted is known as plaintext. The plaintext is transferred into ciphertext by using a key as a parameter. PlaintextEncryptionCiphertextDecryption Plaintext- Encryption:- Plaintext to ciphertext transformed the message. Ciphertext:- After the message is transformed is called ciphertext. Decryption:- Transformed the ciphertext back into plaintext.The origional message before being transformed is called plain text. The transformed International Research Journal of Management Science & Technology http://www.irjmst.com Page 5 IRJMST ISSN 2250 – 1959 (0nline) 2348 – 9367 (Print) Vol 5 Issue 12 [Year 2014] message is called ciphertext. Thus the message is to be sent is converted into a special message by encrypting it. The cracker(intruder,enemy) does not know the key and hence it copies down the cipher text. But the user/reciepent/receiver knows the function key. So, he can transfer the cipher text into plaintext by the process of decryption.So Cryptography helps in maintaining security of data. Firewall :-Firewall acts as a gatekeeper between a company’s internal network and the outside world. It acts as an electronic barrier to stop unauthorized entry. It basically performs two important functions.These are:-Gatekeeping:- It examines the location from which the data enters your system and then decides , based on your instructions, whether or not to allow that information.Monitoring:- Firewall also monitors information. Monitoring functions include logging of all system activities and generation of reports for system administration . Two types of monitoring:-A)Active monitoring B)Passive monitoring Active monitoring:- When an eventsor incident takes place , firewall sends information about the incident to the manager.Passive monitoring:Firewall records each incident (events) details on a disk. The manager check the details after a periodic interval and makes an evaluation or results. Network Firewalls (software/hardware based) provide some degree of protection against enemies/intruders attacks. Firewall architecture:-An organization that connects to the internet over a serial line might choose to implement a firewall as shown in the figure given below:Inside protected network outside  Firewall  Global Advantages of firewall:-Firewall is a system that enforces the security policy of an organization. It offers a convenient point where internat security can be monitored and alarms generated.Setting up an internet firewall without a security policy is like placing a steel door on a tent. Drawbacks of firewall:- An internet firewall can not protect against attacks that do not go through the firewall.It can not protect against transfer of virus infected software or files. It can not protect against threats caused by corporate spies from copying sensitive data onto floppy disk.It can not protect against data – driven attacks. A data – driven attack occurs when harmless data is mailed or copied to internal host and is executed to launch an attack. 3)Disconnect when not in use:- The users must turn off the computer or disconnect its Ethernet interface when user is not using it.An enemy/intruder can not attack a disconnected or powered of computer or otherwise completely disconnected from the network. 4)Protocols :- Some standardized set of protocols which is used to provide the security of network. e.g :- WEP, WEP Protocol is provided by 802.11 standards to make the security of a wireless LAN. 5)Don’t open unknown email attachment:- Before opening any email attachment, the source of the attachment should be ensured. Even the Mallissa virus can originate from a familiar address. E-mail when sent across network is more like a post card. It can be read by anybody who can lay hands on it. To ensure secrecy of message, the sender as well as receiver should agree on a secret key. Here starts the problem. If receipent is in a far away country, then you have to distribute key first to him before you can send him message. Public key cryptography was designed to overcome this problem. Another way of ensuring security of e-mail message is through the use of a technique called signing a message (Digital signature ensures that the message is not changed in International Research Journal of Management Science & Technology http://www.irjmst.com Page 6 IRJMST Vol 5 Issue 12 [Year 2014] ISSN 2250 – 1959 (0nline) 2348 – 9367 (Print) any way).Before opening an attachment and verification of its source, we suggest following procedure or steps. 1)Save the file to hard disk.2)Scan the file using an anti-virus software.3)Open the file.Following these steps will reduce the chance of spread of malicious code ( desired to harm others) contained in the attachment. Conclusion:- There are many categories of people who access data with different intentions that is the cause of security problems. Their aim may be different. Some categories are spy, students, cracker, intruder etc. To overcome these problems, we can use different internet security techniques like firewall, cryptography etc. Reference:1) Andrew S. Tanenbaum, Computer networks, Vrije Universiteit, Amsterdam, The Netherlands, PEARSON Prentice Hall. 2) Behrouz A. Forouzan, Network security, DeAnza College with Catherine Coombs and Sofia Chung Fegan, McGraw Hill. 3) Dr. Satinder Bal Gupta, Networking, Professor Vaish College of Engg. , rohtak, Haryana. 4) Er. Ashish goel, Data Communication,Executive, BSNL, Bhiwani Haryana. 5) Beyda, William J. Data Communications, NJ: Prentice Hall. International Research Journal of Management Science & Technology http://www.irjmst.com Page 7