CHAPTER 1: INTRODUCTION TO NETWORK SECURITY

1.Define network security

consists of the provisions and policies adopted by the network administrator to prevent and monitor unauthorized access,misuse,modification,or denial of the computer network and network accessible resources.

the authorization ofacess to data in a network which is controlled bye the network administrator

2.The need for security

prevent unauthorized access to the network that is of potential threats to the network and its resources.

ensure that the authentic users can effectively access the network and its services

application that can can protect the network from unauthorized access are in place

3.Threat analysis of network security

Asset identification

Vulnerability assessment

Threat identification

to identify the resources used in the network for various application

hnetwork device such as routers, switches and firewall should be taken care

network resource should be able to identify users privacy

4.Security model

5.Malaysian cyber law

7.Security organization roles-

8.Security method

9.Internet services

10.Threat terminology

11.Source of threats

security threats

12.security policies

13.method of attacks

14.Causes of successful attacks

Lack of basic password security

Lack of basic firewall port blocking

Lack of updating

Authentication compromises

Improper input validation

Sniffing Activities text

Denial of services(DOS)

Exploiting physical Access

Virus,worm and trojen

placed all network machine behind the firewall

Authenticate all network protocols

restrict access to secure parts of the network using MAC address.

do not allow external traffic into secure network areas

use VLAN for added levels of switch security

categories ✏data disclosure(the internal data are being exposed tooutside user), ✏data modification (the data are being alter from its original form) ✏data avaailability (information /data easily gathered by hackers

activities ✏hacking,cracking,spoofing,sniffing

insecure architectures

broadcast networks

centralized servers

internal threat organization

mobile and remote users

internet and TCP/IP

physical

phone attacks

social engineering

information theft

information warfare

unauthorized disclosure

accidental data loss

email and new - attach and sending document via email

file transfer - peer to peer or client server

remote access to host - remote administration to servers

real time conferencing services -SKYPE

logon using strong password

filesystem instal security patches regularly (install firewall)

data communication restricted connection

administration depending to the network security personnel

digital signature act1997transsaction conducted via the internet are increase and provided for the regulation of the public

computer crimes act 1997 give protection the misuses of computer and computer criminal activities such as unauthorised useof programmes

telemedicine act 1997ensure the only qualified medical practitioners can practice telemedicine and that their patient right and interest are protect and provide the future development and delevery of healthcare in malaysia

communication and multimedia act 1998ensures that information is secure and ensures high level of user confidence in the information and communication technology industry.

copyright (amendnent) act1997

electronic commerce act 2006

open security model the easiest to implement,simple password andserver security becomes the foundation of this model , suitable for LANs /public WANs thatare not connected to the internet and example hardware (router,switch)

restrictive security model more difficult to implement ,hardware (firewall and identity server become the foundation of this model and suitable for LANs /public WANs that are not connected to the internet

closed security model most difficult to implement ,all available security measures are implement in this design and example (firewall)

**6.network security trends*

wireless access ,the increase use ofwirelessLAN connection and the rapid rise ifinternet access from cell phonesin europe and asia are requiring entirely whole new approaches to security , radio ffrequency connection do not respect firewallyhe way wired connection do.

the need for speed the number of broadband connection to the internet from homes is exeeding projection

it staff shortages the application serviceprovider (ASP) business model will become increasingly common in the security world

IS0/IEC 17799 international organization for standardization intended to be common basic and practical guideline for developing organizational security standard and effective security management practice

SANS INSTITUTE develope andmaintains research document tabout varios aspect ofinformation security

ISC is the nonprofit organization that maintains a collection of industry best practice for information security

COMMON CRITERIA is an international standard for evaluating IT security

FIPS standard that specifies security requirement for cryptograpic modules

ICSA standard of set of functional and assurances criteria element

CERT/CC reporting center forinternet security issues,