Network Security Threat

NETWORK SECURITY THREAT

WHAT IS NETWORK SECURITY

Network security refers to any activities designed to protect your network. Specifically, these activities protect the usability, reliability, integrity, and safety of your network and data. Effective network security targets a variety of threats and stops them from entering or spreading on your network. Networks are subject to attacks from malicious sources. Attacks can be from two categories: "Passive" when a network intruder intercepts data traveling through the network, and "Active" in which an intruder initiates commands to disrupt the network's normal operation.

Understanding Attack Types

Due to the complexity of software and networks today, most systems and applications are susceptible to a number of different types of security attacks. Understanding the different types of attacks and methods that hackers are using to compromise systems is essential to understanding how to secure your environment. This section will introduce you to a number of different types of attacks.

There are two major types of attacks:

·         Social engineering attacks

·         Network attacks

 Social Engineering

With a social engineering attack, the attacker compromises the network or system through social interaction with an individual, through an e-mail message or phone call, and tricks the individual into divulging information that can be used to compromise security. The information that the victim divulges to the hacker would most likely be used in a subsequent attack to gain unauthorized access to a system or network. The key to protecting yourself and fellow employees from social engineering attacks is education! Keeping all personnel aware of the popularity of social engineering attacks and the different scenarios that could be examples of social engineering attacks will help raise the security level of the organization. There are a number of different examples of social engineering attacks.

 

The following are some of the most popular scenarios:

·         Hacker impersonates administrator in this example, the hacker may call the employee and impersonate the network administrator. The hacker will try to convince the employee to change their password or divulge password information.

·         Hacker impersonates user In this example, the hacker calls an unsuspecting network administrator and plays the role of a frustrated user who cannot log on to the network. The network administrator naturally helps the “user” by resetting the password and helping them log on—problem being it is actually the hacker!

·         Hacker impersonates vendor In this example, the hacker may e-mail a customer pretending to be the vendor of a piece of software. In this example, the hacker tries to get the user to install an update, but the user doesn’t realize the update is really a Trojan virus that gives the hacker access to the system.

Phishing Attack
A very popular type of attack today is what is known as a phishing attack! A phishing attack is when the hacker creates a fake web site that looks exactly like a popular site such as the bank or eBay. The phishing part of the attack is that the hacker then sends an e-mail message trying to trick the user into clicking a link that leads to the fake site. When the user attempts to log on with their account information, the hacker records the username and password and then tries that information on the real site.

 Network-Based Attacks

Most types of attacks are considered network-based attacks where the hacker performs the attack from a remote system. There are a number of different types of network attacks:

·         Eavesdropping attack this widely used type of attack typically involves the use of network monitoring tools to analyze and read communications on the network.

·         Spoof attack in a spoof attack, the hacker modifies the source address of the packets he or she is sending so that they appear to be coming from someone else. This may be an attempt to bypass your firewall rules.

·         Hijack attack in a hijack attack, a hacker takes over a session between you and another individual and disconnects the other individual from the communication. You still believe that you are talking to the original party and may send private information to the hacker unintentionally.

·         Denial of service a denial of service (DOS) is a type of attack that causes the system or its services to crash. As a result, the system cannot perform its purpose and provide those services.

·         Distributed denial of service (DDOS) The hacker uses multiple systems to attack a single target system. A good example is the SMURF attack, in which the hacker pings a number of computers but modifies the source address of those packets so that they appear to come from another system (the victim in this case). When all of these systems receive the ping request, all systems will reply to the same address, essentially overburdening that system with data.

·         Buffer overflow a buffer overflow attack is when the attacker sends more data to an application than is expected. A buffer overflow attack usually results in the attacker gaining administrative access to the system in a command prompt or shell.

·         Exploit attack in this type of attack, the attacker knows of a security problem within an operating system or a piece of software and leverages that knowledge by exploiting the vulnerability.

·         Password attack an attacker tries to crack the passwords stored in a network account database or a password-protected file. There are three major types of password attacks: a dictionary attack, a brute-force attack, and a hybrid attack. A dictionary attack uses a word list file, which is a list of potential passwords. A brute-force attack is when the attacker tries every possible combination of characters. With brute force a file is not read. A hybrid attack is similar to a dictionary attack in that it uses a word list file, but it also places numbers at the end of the word to catch passwords that are not dictionary words because the user placed a number at the end. For example, a dictionary attack would not find the password “pass1,” but a hybrid attack would.

Certification