Академический Документы
Профессиональный Документы
Культура Документы
1.INTRODUCTION
For the first few decades of their existence computer networks were primarily used by university researchers for sending email, and by corporate employees for sharing printers. Under these conditions, security did not get a lot of attention. But now , as millions of ordinary citizens are using networks for banking, shopping, and filling their tax returns network security is looming on the horizon as a potentially massive problem. Information systems have evolved in the last few decades from centralized and highly secure host-based systems to decentralized. Enterprise computing systems, in which computers and information resources are distributed throughout an organization. It is often said that in the enterprise model, the network is the computer. In the 1980s uses gained important ground in the information age with the personal computer. Suddenly they could store vast quantities of information at their own desktops, rather than on centralized computers controlled by information czars. But of course potential for data theft, corruption, and eavesdropping increased. The situation got worse as companies installed local area networks (LANs) to connect everything together and in the processed increased opportunities for security breaches. Ultimately, the systems so large that they were hard to manage effectively. To make things still worse, users of laptop and remote systems demanded connection into corporate offices from their homes, from hotel rooms, and from customer sites. Then the Internet become popular, and people inside the company wanted to connect out to it. To most administrators, the Internet is a nightmare that can potentially open the company's entire internal network to outsiders.
2. TYPES OF NETWORKS
A number of single user systems and multi user systems linked together for the purpose of data and resource communications is called as network
Most companies are still fairly relaxed about the way they interconnect their information systems. Network cables are open and anyone could have taped that cable on matter of minutes during the night. The end result of these interconnected networking was a mesh of cable running in all directions. A manager and technicians had trouble keeping track of every cable run. If you ran cable through the ceiling, then you had to be wary of air -conditioning service technician who might find some reason to II tap cable .If cable was concentrated in a telephone closets, the telephone repairer was suspect. Growing companies typically install cable through out the building and put connections in offices that are not yet occupied. Industrial spies who manage to get into your building may "set up office", posing as temporary employees or people from a branch office. They connect to the network and monitor its traffic using devices called packet snifters. Monitoring network traffic can provide vast amounts of information, such as logon names and passwords or information about the servers on your network and the types of services they provide.
people who log on to corporate systems. In many cases, these offices are understaffed and prone to break-ins. If salespeople and other staff are out in the field, the receptionist may be the only one in the office during long periods of the day.
You may not know any hackers personally; On the other hand, a hacker might be your next-door neighbors son--someone with a computer and modem who is familiar with what you do, and who might guess your logon password because you use some derivative of your kids' names. The people who do it see hacking as an electronic sport. They will spend all of their free time breaking into systems just for the thrill of having done so. Don't try to understand why, just know that they are out there. Dangerous hackers are very knowledgeable about computers and security techniques, and they use sophisticated techniques to break into computer systems. Your competitor may hire such a hacker. If hackers cover their tracks, you might never know that they have stolen your customer mailing list or trade secrets. The information that your competitors, foreign governments, and other hackers are after
may include the following: Research information Product information Customer lists and proprietary customer information Information about your organization, such as employee records, financial data, or legal information Almost anything else of value Hackers learn about hacking by sharing information with their fellow hackers. There is an incredible amount of information available. Bulletin boards and electronic newsletters exist for the purpose of spreading this information around. Hackers get online to brag about their techniques and exploits. Hackers often intend to make a profit or want to obtain free services. A phone hacker (or preacher) is intent on obtaining logon information to online services or on making long-distance phone calls through your phone system so that you pick up the charges. A hacker often uses information obtained during one break-in to access and break into another computer system. They might sell information obtained during a break-in, such as credit card numbers and access codes, to foreigners or competitors.
or external networks. Although packet sniffing an internet transition line is not necessarily informative, sniffing a cable that runs into your facilities who are armed with packet snifters, or from hackers who have penetrated your building and planted listening devices.
networks, including information on storage devices and in transmission. Make it your business to control and monitor the security of your systems and to implement security policies and procedures that people can follow. Identification and authentication: Identification and verification of users through a login process, and authorization to use other systems based on this security clearance Access control: Rights and permissions that control how users can access network resources and files Accountability and auditing: A system of tracking and logging activities on network systems and linking them to specific user accounts. Object reuse: Methods for providing multiple users with access to individual resources. Accuracy: Methods for protecting resources against errors, corruption, and unauthorized access. Reliability: Methods for ensuring that systems and resources are available and protected against failure or loss Data exchange: Methods for securing data transmissions over internal or external communication channels
Perform background checks on personnel and keep tabs on employees who are disgruntled, who are working closely with other companies, and who are in the process of leaving the company. Classify your employees much the way the military classifies its personnel, giving some people higher clearance for access to sensitive information than others. Make sure to differentiate between part-time and temporary employees.
5.5 BACKUPS
Backups are essential. You already know that. If your systems are stolen, destroyed by fire, or corrupted by hackers, you'll need to go back to the last uncorrupted backup. The National Computer Security Association provides some interesting figures. It estimated a cost of around $17,000 to recreate 20 megabytes of sales and marketing information. That figures goes to $19,000 for the same amount of accounting data and $98,000 for engineering data. The procedures you use to restore backups are critical in the case of virus attacks. Your backups may be corrupted, in which case you'll need to go back in the archive until you find a non-corrupted backup set. Back up as frequently as possible and place back up media into permanent archives as often as possible. Virus contamination can destroy a whole series of backups, and you may need to go into permanent achieves for the last good set of data. A user who backs up files must have read privileges in the directories that require backup and write privileges to restore files. You must give these rights to trust worthy people since they use them for unauthorized activities. Anyone restoring files must be knowledgeable of virus -contamination issues to prevent viruses from being writing to disk.
5.6 ENCRYPTION
You can use cryptographic techniques to protect files stored on disks and backups from prying eyes, or to conceal data transmissions and electronic mail. Encryption utilities scramble files and lock them with a password key. Using encryption may cause a drop in performance. Encryption may give you the feeling that your files are private, when in fact someone might have cracked your encryption key and begun reading all your files. The stronger the encryption system, the better, but sure to implement additional security measures as appropriate. Also be aware that someone who gains access to your system might replace your encryption program with a Trojan horse version of the program that steals your password. Make sure the encryption software is protected and secure. Then take actions to monitor for possible virus infections.
6. CONCLUSION
I conclude my seminar saying that as hackers and many algorithms are there to break passwords and much valuable information, which leads to a great loss. Hence network security provides the remedy by many ways. Hence much more advanced security measures would be more helpful. So always that should be an eye on network security as it is much and more important.