Kooksta.com |
Programming C++ C# Java JDK Lisp Python - Pandas-Python library - Beautiful Soup-Python Library php Spring VisualBasic React Go Javascript APIs JSON XML Selenium Security REST Assured Appium Ruby on Rails Blockchain Hashtag Platform Development AWS Developers - Alexa Microsoft Apple JIRA Confluence Bitbucket Jenkins DevOps Docker White Boards GitHub IT Skills Cisco CCNA Google Tools CompTIA Security Cloud Big Data |
Web Design HTML CSS php Python .NET Javascript jQuery Bootstrap - AngularJS - React.js - Node.js Wordpress WooCommerce Shopping Crats PayPal Stripe Square Photoshop Database SQL mySQL Oracle MondoDB Apache Kafka Mobile Apps Adroid iOS Google Flutter Swift Java React Native Dart Kotlin Ionic Game Design Unity C++ C# Java Unreal Engine Unreal Engine Blueprints 2D-games 3D-games Mobile Games Character Design Figure Drawing Virtual Reality - Autodesk Maya - in game payments, in game advertising |
HTML, HTML5 HTML Test HTML5 Test Bootstrap Test HTML5 Introduction HTML Examples HTML tutorial HTML Reference CSS Style Sheets CSS Test CSS Examples CSS Tutorial, CSS3 CSS Reference JavaScript Tutorial JavaScript Test jQuery Test JavaScript Examples JavaScript JavaScript Tutorial |
php programming PHP Test php Tutorial php Reference XML Test AJAX Examples ASP.NET programming ASP Test ASP.NET Examples ASP.NET Reference ASP.NET Tutorial SQL database calls SQL Test SQL Tutorial |
Network security is a complex and constantly evolving field. Practitioners must stay on top of new threats and solutions and be proactive in assessing risk and protecting their networks. The first step to understanding network security is to become acquainted with the actual threats posed to a network. Without a realistic idea of what threats might affect your systems, you be unable to effectively protect them. It is also critical that you acquire basic understanding of the techniques used by both security professionals and those who would seek to compromise your network’s security.
The Security Architecture and Models domain of the Common Body of Knowledge embodies the study of formal models for design and evaluation of systems needed for the highest levels of information security, including those that protect national secrets and other government property. The trusted computing base, or TCB, is the portion of a computer system that contains all elements of the system responsible for supporting the security policy and supporting the isolation of objects on which the protection is based. Included are mechanisms, properties, and concepts that are required for a formal evaluation prior to being used to protect resources and information.
Several evolving models of evaluation and assurance cover various aspects of confidentiality, integrity, and availability. TCSEC, otherwise known as the Orange Book, is primarily concerned with confidentiality and is based on the Bell-LaPadula model. ITSEC adds concerns about integrity and availability. The Canadian Criteria (CTCPEC) advances the work of TCSEC and ITSEC.
Access controls differentiate between identifying users of a system and authenticating them. This is done using discretionary means where an information owner decides who obtains access rights, mandatory means where the system decides access rights based on classifications and clearance, and role-based means that group people with a similar need for access together and tie access rights to the role people are assigned. Problems with passwords have led to the development of alternatives, such as tokens using one-time passwords and smart cards that use cryptography to prove a person’s identity.
DoS attacks are among the most common attacks on the Internet. They are easy to perform, do not require a great deal of sophistication on the part of the perpetrator, and can have devastating effects on the target system. Only virus attacks are more common. (And, in some cases, the virus can be the source of the DoS attack.)
Clearly, there are a number of ways to attack a target system: by Denial of Service, virus/worm, Trojan horse, buffer overflow attacks, and spyware. Each type of attack comes in many distinct variations. It should be obvious by this point that securing your system is absolutely critical. In the upcoming exercises, you will try out the antivirus programs by Norton and McAffee. There are so many ways for a hacker to attack a system that securing your system can be a rather complex task. Chapter 6 will deal with specific methods whereby you can secure your system.
Both Trojan horses and spyware pose significant dangers to your network. Trojan horses and viruses frequently overlap (i.e., a virus may install a Trojan horse). Spyware can compromise security by revealing details of your system or confidential data on the system. Adware is mostly a nuisance rather than a direct security threat. However as your computer becomes infected with more adware, such programs can eventually drain your system’s resources until your system becomes completely unusable.
The MITM attack is more difficult to interdict, since the machine in use may be trusted or commonly known keys in operating system distributions are not changed. However, strong authentication methods can be successful defeating the MITM attack. Reverse DNS look-up is not totally foolproof in ensuring the validity of source IP addresses, and it may be time-consuming. Reverse path forwarding (“Source Address Validation” in the RFC 1812 terminology) is faster because it involves a check of the local forwarding and/or route tables. It is prone to errors, however, due to asymmetrical paths in internetworks, as well as the vast quantity of public IP addresses that will map to the default route of any route table.
Identification and authentication techniques sometimes use biometric information to add further confidence that users are legitimate when attempting physical or logical access to system resources. Single sign-on and associated technologies and protocols aim to reduce the proliferation of IDs and passwords to better control the security of access control mechanisms both within and outside the organization. Industry alliances, such as the Liberty Alliance, are moving toward federated identities that permit single sign-on or reduced sign-on for e-commerce users.
Cryptography relies on two basic methods: transposition and substitution. With transposition, ciphertext is created by scrambling a message based on a shared secret key. In substitution, letters are exchanged with other letters based on a substitution pattern known by both the sender and receiver. The strength of a cryptosystem rests in the size and means used to protect cryptographic keys; in general, the longer the key, the harder it is to break the encryption. The same key can be used to both encrypt and decrypt information and is called a symmetric key, or different keys can be used for encryption and decryption and are called asymmetric keys.
Digital signatures are used in asymmetric key cryptography to protect a message’s content from disclosure, prove the integrity of a message upon receipt, and verify that the sender of the message is indeed who he or she claims to be. Digital signature technology relies on a Public Key Infrastructure for implementation and is at the heart of many commercial products that are used in modern electronic commerce.
Virtual private networks (VPN) are secure connections over the Internet that enable remote users and sites to connect to a central network. You can use PPTP, L2TP, or IPSec to create a VPN. IPSec is considered the most secure of the three. Administrators creating a VPN protocol should consider how the packets are encrypted, what sort of authentication is used, and whether the current hardware and software supports that technology. The protocols used by many common attacks are ICMP, UDP, and TCP. IP address spoofing is a serious threat, and although there are various techniques for avoidance, including reverse path forwarding, route filtering, and reverse DNS look-up exist, none are foolproof by themselves. Used in combination with other firewall methods, such as ignoring ICMP echo requests sent to broadcast addresses, it may reduce the impact of DoS attacks in which IP address spoofing is prevalent.
Each category of firewall has its own unique set of features and functionality, and you must perform a careful analysis to determine which firewall is needed in your environment. Personal firewalls are needed even in an environment where an enterprise firewall is installed, since they protect a computer from internal attacks. One economical personal firewall is available on any Windows XP system. It provides incoming protection and should be used if no other firewall will be installed on the host computer. Other personal firewalls, such as Zone Alarm, provide enhanced functionality that goes beyond the capabilities of the Windows Firewall.
This website is not affiliated with any educational organization, and all trademarks are the exclusive property of the respective owners. Kooksta.com is the work of a group of students in Bangkok, and all copyrighted works on this website are offered for educational purposes only, governed by the four-factor rule, section 107 of the US Copyright Act, 1976.