Tutorial on network security basics
Network security refers to the practice of protecting computer networks and their infrastructure from unauthorized access, attacks and other potential threats. It encompasses a range of technologies, processes and security policies designed to ensure the confidentiality, integrity, and availability of data and resources within a network. The goal of network security is to create a secure environment that safeguards sensitive information, prevents unauthorized access, and maintains the overall functionality of the network.
Why Security is needed ?
The security has become very essential due to widespread use of internet in our daily life. Initially internet was developed for connectivity purpose. Now all the critical information related to banking, business correspondence, money transactions, online purchasing happens with the use of internet. Hence it is very important to protect subscriber personal information, confidential data, passwords, credit or savings card information (used for online purchasing) etc.
Today internet is evolving very fast and use of application specific online contents has become predominant on various networks. Security companies are working on different ways to handle security related aspects.
Types of Security
Security can be divided into three types viz. computer security, network security and internet security.
➨Computer security: It is related to collection of tools developed to protect data available in the computer.
➨Network security: It is related to protect data during their transmission.
➨Internet Security: It is related to protect data during their transmission over a collection of inter-connected network of networks (i.e. internet).
Attack Sources
There are two attack source types viz. active attack and passive attack.
➨The active attack involves writing data to the network in order to steal identity of traffic sender as well as
other information. Active attacks include spoofing, ARP poisoning, smurf attacks, SQL injection, buffer overflow etc.
➨Passive attack involves reading data from the network in order to breach confidentiality.
Passive attacks include port scanning, eavesdropping, reconnaissance etc.
Network attack types
As shown in the figure-1 there are three ways to sniff the network viz. internal sniffer, external sniffer and wireless sniffer. Sniffing can be run on all the layers of OSI stack.
• In internal sniffer type, hacker can run the tools on the LAN to capture the network traffic directly.
• In external sniffer type, hacker can attack through the firewall from outside of the LAN to steal the network information. This is possible with the use of spoofing techniques and analysis of intercepted network packets.
• In wireless sniffer type, hacker just sits nearby to the wireless network and penetrate to hack the network information. The packet sniffer software tools designed to capture and analyze the network related issues are being utilized by the hackers.
Layered Security and mitigation methods
TCPIP packet contains informations required to establish the network connection. It contains source IP address, destination IP address, port numbers, sequence numbers, protocol type etc. All these fields are very important for network layer of OSI stack to function properly.
As mentioned TCPIP protocol basically helps in reliable packet transmission over ethernet. It does not provide any mechanism to ensure network data security. It is the responsibility of the upper network layers to ensuer packet is not tempered over transmission path. Figure-2 depicts OSI layers and what information at each layers hackers can steal by way of sniffing.
Let us understand points to mitigate network security attacks:
➨Avoid using insecure protocols like basic HTTP authentication and telnet.
➨If you have to use an insecure protocol, try tunneling it through something to encrypt the sensitive data.
➨Run ARPwatch.
➨Try running tools like sniffdet and Sentinel to detect network cards in promiscuous mode that may be running sniffing software.
➨Use wireless networks which has built-in security algorithms such as WEP, WPA etc.
➨Use very strong password consisting of upper and lower case letters, numbers and symbols.
➨Do not reveal user-ID to any one.
➨Use secured application layer security protocols such as HTTPS, PGP, SMIME etc.
Algorithms
Various algorithms and protocols exists at hardware and software level in order to provide efficient network security. It include cryptography, symmetric key algorithms (DES, 3DES, AES, RC4, RC6, Blowfish), block and stream cipher etc.
Wireless network security considerations
Wireless networks are evolving quite rapidly in the internet infrastructure.
The common wireless networks are based on WLAN, zigbee, bluetooth, GSM, 3G, LTE, z-wave etc.
Security in such wireless networks involve protecting data transmitted over wireless connections (indoor, outdoor)
from unauthorized access, interception and hacking. Following security considerations are essential to prevent hacking of wireless networks.
• Strong authentication and encryption methods should be used. WPA3 or WPA2 methods are employed in wifi networks.
In cellular wireless networks, AKS (Authentication and Key Management) and AES techniques are used.
• Change default username and passwords for wireless routers or APs (Access Points).
• Implement IDPS (Instrusion Detection and Prevention System) solutions that can monitor wireless network traffic for suspicious activities
and block or alert network administrators about potential threats.
• Use RADIUS for strong authentication especially in enterprise environments.
• Ensure physical access to wireless APs and routers is restricted to authorized personnel. Physical tampering could compromise security.
• Conduct regular security audits and vulnerability assessments on your wireless network. This will help in identifying weaknesses
and in addressing potential risks.
Conclusion : Overall, network security involves protecting data transmitted over wired (e.g. Ethernet, fiber optic) as well as wireless connections (e.g. Wi-Fi, cellular) from interception, unauthorized access and hacking. There is no single security measure that is completely foolproof. Hence layered approach which combines multiple security strategies is the most effective way to secure your network and prevent hacking.