Chapter 10: Network Security Threats and Solutions
Network security threats are of two types
Passive threats: Passive threats or attacks involve attempts by an intruder to monitor a communication; in order to steal sensitive information that two devices transmit over a network During a passive attack, the attacker does not affect the communication. Email, file transfers and client-server exchanges are some examples of transmissions that can be monitored by passive attackers. Passive threats are sometimes referred to as eavesdropping attacks or sniffing and snooping attacks
Active threats: Active threats involve modification of transmitted data and attempts to gain unauthorised access to networked computers. In an active attack, the attacker alters the information stored on a computer, prevents users from accessing the network or web resources and pretends to be a legitimate user to gain access to the network.
Unauthorised Access
Security Solution
- Implement strong authentication policies.
- Protect login credentials (usernames and passwords) from reaching unreliable sources.
- Do not provide unnecessary access to any one
Eavesdropping
Security Solutions
- Implement strong encryption policy using digital certificates (SSL certificates) to mitigate the risk of eavesdropping attacks.
- Create network segments to prevent eavesdropping and other network attacks.
- Employ Network Access Control (NAC) to authenticate every device before establishing any connection.
DDOS
Security Solutions
- Monitor the packets to save your server from the entrance of the counterfeit packets
- Timely upgrade the security patches on your host's operating system.
- Beware of running of your server very close to full capacity
IP Spoofing
Security Solutions
- Use a firewall on eveny computer on your network
- Monitor packets, analyse logs between systems on your internal network and spot unusual activities.
- Filter the data packets entering into the network. Additionally., fiter all incoming and outgoing traffic.
- Use Access Control List (ACL) to prevent forged IP addresses from entering the network.
- Use SSL certificates-to significantly reduce risk of spoofing
MITM (Men In The Middel ) Attack
Security Solutions
- Use Public Key Infrastructure (PKI) based authentications
- Set up passwords and other high-level secret keys.
- Use time testing techniques such as Latency Examination.
Other Security Threats
Computer Viruses and Worms
Security Solution: Install an antivirus suite on your computer that can protect against threats such as viruses and worms.
Trojan Horses
Security Solution: Security suites such as Norton Internet Security help prevent you from downloading attachments that are likely to contain Trojan horses. All such attachments are scanned prior to downloading and the appropriate corrective action is taken instantly by the tool.
Spams
Security Solution: Spam fitters can effectively be used to stop spam mails. Most email service providers are pre-equipped with spam fitters that separate spam mails from your important mails and often store them in a separate folder.
Phishing
Security Solution: Phishing filters can be used to filter out these unwanted mails and to prevent this threat
Packet Sniffer
Security Solution: By using encryption, all packets become unreadable to anyone except the destination address, making the packet sniffers irrelevant.
Maliciously Coded Websites
Security Solution: Using a security suite such as AVG, we can detect infected sites and prevent the user from entering the site.
Zombies and Botnets
Security Solution: A good antivirus can help prevent zombie computers whereas a Network Intrusion Prevention (NIP) system can help prevent botnets. The best protection is to set your operating system, antivirus, ant-spyware and web browser programs to automatically look tor latest updates and patches and install them whenever they are available.
Shared Computers
- Never leave a computer unattended while you are logged in.
- Always sign out completely
- Clear the web browser cache
- Be careful of shoulder surfers
- Avoid confidential transactions
- Be wary of spyware
- Never save passwords
- Change your password frequently