c




  


c 
  
In the field of networking, the specialist area of network security consists of the provisions
and policies adopted by the network administrator to prevent and monitor unauthorized access,
misuse, modification, or denial of the computer network and network-accessible resources.

Network security involves all activities that organizations, enterprises, and institutions undertake
to protect the value and ongoing usability of assets and the integrity and continuity of
operations. An effective network security strategy requires identifying threats and then choosing
the most effective set of tools to combat them.



 
Viruses: Computer programs written by devious programmers and designed to replicate
themselves and infect computers when triggered by a specific event.
Trojan horse programs: Delivery vehicles for destructive code, which appear to be harmless
or useful software programs such as games.
Vandals: Software applications or applets that cause destruction.
Attacks : Including reconnaissance attacks (information-gathering activities to collect data that
is later used to compromise networks); access attacks (which exploit network vulnerabilities in
order to gain entry to e-mail, databases, or the corporate network); and denial-of-service
attacks (which prevent access to part or all of a computer system).
Data interception: Involves eavesdropping on communications or altering data packets being
transmitted.
Social engineering: Obtaining confidential network security information through nontechnical
means, such as posing as a technical support person and asking for people's passwords.
 
!
 

è „ith the rapid growth of application of internet in various walks of life, the study of
Network Security has become inevitable.
è The very nature of the internet makes it vulnerable to attack.
è So many businesses set up firewalls to control access to their networks by persons using
the internet.
è Types of Firewalls:-
è First generation firewall (packet filtering)
è Second generation firewall (proxy servers)
è Third generation firewall

INTRODUCTION TO FIRE„ALLS:

Firewalls make it possible to filter incoming and outgoing

traffic that flows through your system.
They can be used to do one or more of the following things:
è To protect and insulate the applications, services and machines
of your internal network from unwanted traffic coming in from the
public Internet.
è To limit or disable access from hosts of the internal network to
services of the public Internet.
è To support network address translation (NAT), which allows your
internal network to use private IP addresses and share a single
connection to the public Internet

[ rasic problem ƛ many network applications and protocols have security problems that
are fixed over time
· Difficult for users to keep up with changes and keep host secure
· Solution
è Administrators limit access to end hosts by using a firewall
è Firewall is kept up-to-date by administrators
[ A firewall is like a castle with a drawbridge
· Only one point of access into the network
· This can be good or bad
[ Can be hardware or software
· Ex. Some routers come with firewall functionality
· ipfw, ipchains, pf on Unix systems, „indows XP and Mac OS X have built in
firewalls


 

Antivirus software packages: These packages counter most virus threats if regularly
updated and correctly maintained.
Secure network infrastructure: Switches and routers have hardware and software features
that support secure connectivity, perimeter security, intrusion protection, identity services, and
security management.
Dedicated network security hardware and software-Tools such as firewalls and intrusion
detection systems provide protection for all areas of the network and enable secure
connections.
Virtual private networks: These networks provide access control and data encryption
between two different computers on a network. This allows remote workers to connect to the
network without the risk of a hacker or thief intercepting data.
Identity services: These services help to identify users and control their activities and
transactions on the network. Services include passwords, digital certificates, and digital
authentication keys.
Encryption: Encryption ensures that messages cannot be intercepted or read by anyone other
than the authorized recipient.
Security management: This is the glue that holds together the other building blocks of a
strong security solution.

None of these approaches alone will be sufficient to protect a network, but when they are
layered together; they can be highly effective in keeping a network safe from attacks and other
threats to security. In addition, well-thought-out corporate policies are critical to determine and
control access to various parts of the network.


 
è All the three techniques discussed in this presentation i.e.
network security, cryptography and firewalls are most
widely used and implemented networks security tools.
è For example, a single organization or establishment to
maintain privacy of information within itself can use
cryptography
è Digital signatures are one of the latest developments in
the field of cryptography.
è So this field is putting up a big employment potential for the
young generation of today.
è There is no end to the complexity of this subject, which means
that any amount of research will not go futile for the world of
computers.