6 Academic Script200311070703033939.pdf

Full Transcript

Introduction:

The value of computer increases when it is connected to other computers. It is just like
a telephone. If Mr. A has telephone then he can use his phone to call any of his friends provided
all his friends have telephones. Hence, where his friends are not having telephones then it is
useless for Mr. A to have telephones. Similarly, where Mr. A has computer it will be more
useful for him in case it is connected to other computers. This connection among the computers
constitute network. Therefore, a network is a collection of computers that are connected
through a communication channel i.e. cables, fibre optics and so on to share data, hardware
and software.

A network is defined as a system of interconnected computers, telephones, or other
communication devices that can communicate with one another and share applications and
data.

Another definition of network is “a network consists of two or more computers that are
linked in order to share resources (such as printers and CDs), exchange files, or allow electronic
communication. The computers on network may be linked through cables, telephone lines,
radio waves, satellites, or infrared light beams. Further under section 2(1)(j) of the Information
technology Act, 2000, computer network is defined as the inter-connection of one or more
computers or computer systems or communication device through.

i. The use of satellite, microwave, terrestrial line, wire, wireless or other
communication media; and
ii. Terminals or a complex consisting of two or more inter-connected computers
or communication device whether or not the inter-connection is continuously
maintained.

Therefore, when one or more computers or computer systems or communication device
are interconnected through any media mentioned above, it is called a network.

Why do we have Networks?

We need network due to following reasons;

i. To share peripherals devices.
ii. To share programmes and data.
iii. For better communication.
iv. For security of information.
v. For access to databases.

Types of Networks:

Network can be classified into several broad categories, depending on their scope and
connectivity.

1. Basic type networks such as LAN, WAN etc; and
2. Interconnected networks such as Intranet, Extranet, and Internet etc.
 1. Basic type networks such as LAN, WAN etc.

Local Area Networks (LANs)

A local network is communication networks that provide inter communication of a
variety of data communicating devices within a small area. These networks connect computers
and other information processing devices, which are located within a limited physical area
(roughly 1 km radius) like office, classroom, building, factory, work site etc. LANs are
essentially a part of many organizations for providing telecommunication network capabilities,
to the end users. A small LAN is known as TAN (Tiny Area Network).

Most of the LANs use a range of communication media, like twisted pair wire, co-axial
cable, wireless radio etc. which we have already learnt about to interconnect various
microcomputer and work satiations. For making this communication possible, every PC has
the circuit board known as Network Interface Unit (NIU). Most of the LANs use powerful
microcomputer having a large hard disk, commonly known as network server, which has a
network operating system which controls, telecommunications and the use and sharing of
network resources.

Now a day’s all the computers are designed so that it is easy to connect them to a LAN
without buying any extra equipment. When Mr. A wants to send some information through his
computer to Mr. B he will put the information in its NIU with address of Mr. B’s computer.
The job of NIU is to deliver the message safely to the computer of Mr. B. similarly, when Mr.
B wants to send the message to Mr. A, he will send it through NIU. The NIUs of all the
computers are connected to an electronic circuit called hub. Therefore, such interconnection of
computers in a small area is called LAN.

Types of LAN:

i. Clients-server LAN
ii. Peer to Peer LAN

Clients-Server LAN:

In this individual micro computer user/clients share the services of a centralised
computer called server.

Peer to Peer LAN:

Here computers share equally with one another without relying on a central server.

Wide Area Network (WANs)

Some of the organizations are very widespread, where officers are not limited to a
building but are spread throughout large city or metropolitan area. The communication
networks, which cover large geographic areas (roughly 100 sq. km.) are called wide area
networks (WANs).
 As in modern time day to day activities of many business organizations are spread
throughout therefore such networks have become quite necessary. WANs are used by many
companies for transmitting and receiving information among the workers, customers, clients
etc. across cities regions, countries etc.

Metropolitan Area Network (MAN)

When a communication network covering a city or metropolitan area like Mumbai,
Delhi, Kolkata and so on, then it is called metropolitan Area Networks (MAN). The connection
between the computers in a MAN is usually through the local telephone network. In India
telephone company Mahanagar Telephone Nigam Limited is playing very important role in
metropolitan cities. An example of MAN is DELNET i.e. a local network connecting the
libraries in Delhi. Any user may use DELNET to see which material is available in which
library.

Interconnected Networks:

Intranet: The network which connects various locations and gives connectivity within the
organization is called intranet. These networks are limited to the organization and these are
designed in such a way so as to provide easy access to the information available on the internet
website to the end users.

Extranet: Those networks which link some of the intranets of the company with those of its
business partners, customers, suppliers, consultants and so on, who can access selected internet
website and company’s database are known as extranet.

Internet: Use of ICTs, internet etc, is fast expanding in 21st century. The word internet is
derived from two words, interconnection and Networks. Also referred to as ‘Net’, internet is
worldwide system of computer networks, that is, a network of networks which allows the user
to share information on those linked computers. It consists of thousand of separately
administered networks of various sizes and types. Each of these networks comprises numbers
of computers or Local Area Network (LANs) are connected by using public switched networks
to create wide area networks (WAN) and when number of WANs and other interconnected
networks such as intranet and extranet are connected, it results in internet. Therefore, internet
is worldwide computer network. All computers connected to the internet communicate to each
other only by using a common set of rules which are commonly known as a protocol. For this
communication each computer should have its own address such address is called IP address.

Why do we need Network security?

Network security is a cause of concern and study for communication facilities. As
network is caused to communicate and exchange data by one person to another in a limited or
well defined area, therefore, network security measures are required to protect the network
from unauthorised outsiders like hackers. Network security is also essential to permit
authorised person to communicate securely without any fear of compromising the data. Further,
local network may also provide access to and from long haul communication and be part of an
internet.
Threats to Network Security;

A National Bureau of Standards has identified following threats to network security:

i. Organised and intentional attempts to obtain economic or market information from
competitive organizations in the private sector.
ii. Organized and intentional attempts to obtain economic information from
government agencies.
iii. Inadvertent acquisition of economic or market information.
iv. Inadvertent acquisition of information about individuals.
v. Intentional frauds through illegal access to computer data banks with emphasis, in
decreasing order of importance, on acquisition of funding data, economic data, law
enforcement data, and data about individuals.
vi. Government intrusion on the rights of the individuals.
vii. Invasion of individual rights by the intelligence community.

Types of Threats:

Two types of threats are there which necessitated network security.

i. Active threats
ii. Passive threats.

Active Threat;

Basically there are three types of active threats:

a. Message steam modification: It involves unauthorised access and some part of
legitimate message is modified or changed or message is delayed or replayed or
recorded in order to produce an unauthorised effect.
For example: a message meaning “allow Dr, Gupta to read confidential file accounts”
is modified to mean “allows Dr. Sharma to read confidential file accounts”.
b. Denial of Service: It prevents the normal use or management of communication
facilities. This attack may also have specific target.
For example: A person may suppress all messages directed to a particular destination.
Sometimes it also involves destruction of an entire network either by disabling a
network or by overloading it with messages so as to degrade performance.
c. Masquerade: In general it means misrepresentation i.e. one person misrepresents
himself to be another person and secures access. Such attack usually includes one or
other forms of active attack. It can take place by capturing and replying an authenticate
sequence.

Passive Threats:

As name indicates in passive threats, there is no active threat. There is neither any
authorised access or modification of data or message nor there is any denial of authorised
access. Though it is difficult to detect passive threat but it s possible to prevent them from
becoming successful. Here goal of attacker is known information is transmitted. It is
basically of two types:

a. Threat of release of message content: like telephone conversation, e-message or
transferred file may contain sensitive, personal or confidential data or information and
everyone would like the attackers would stay away from this.
b. Traffic analysis: it involves observing the pattern of the message sent. The attacker
can determine the location and identity of communicating host and can also observe the
frequency and length of messages exchanged. Such type of information may be useful
in knowing the nature of communication that is taking place. Basically it involves
description i.e. converting the encrypted data into plain data.

Meaning of Network Security:

Network Security means the protection of information systems and services on the
network against disasters, mistakes and manipulations so that the likelihood and impact of
security incidents is minimized. The aim is to implement measures which eliminate or
reduce significant threats to an acceptable level.

According to another jurist, Network Security can be defined as the protection of
network resources against unauthorised disclosure, modification, utilization, restriction or
destruction. Security has long been an object of concern and study for both data processing
systems and communications facilities. With computer network, these concerns are
combined. And for the local networks, the problems may be most acute.

Main elements of Network Security:

The main elements of network security are;

i. Assurance; it means confidence that a system behaves in an expected manner (i.e.
according to its specifications.
ii. Identification Authentication; Another element of Network Security is
identification Authentication when users or programs communicate with each
other, the two parties must identify each other and they must know with whom they
are communicating.
iii. Accountability/Audit Trial: It means the ability to know who did what, when and
where. It is important to note that users are responsible and accountable for their
actions. Automatic audit trial monitoring and analysis to detect security breaches is
an important element of the Network security.
iv. Access Control: Access Control is another element of network security. However,
purpose of access control is to ensure that only authorised users have access to the
system. Further access to and modification of particular portions of data is limited
to authorised individuals and programs. Access to specified resources can be
restricted to certain entities.
v. Accuracy: another element of the network security is accuracy which means that
objects are accurate and complete.
 vi. Secure Data Exchange: it involves following:
a. Confidentiality: It means that data should remain private during transmission.
b. Integrity; it means that should remain accurate and complete during
transmission. When e-mail is sent or when programs communicate with each
other, authentication is required because:
 In certain situations, it may be necessary to prove the place from where
information came from. This is called non-repudiation of origin.
 A sender may also require proof that the message was received by the
intended receiver. This is called non-repudiation of receipt.
c. Secure Data Communication: secure data communication is very important
for secure Data Exchange and Public Key Encryption, digital signatures are
some of the methods used to for this purpose.
d. Reliability of service; reliability is probability that a system or component will
perform its specified function for a specified time under specified conditions.
Reliability of a system depends upon the reliability of its individual components
and also on the system organization.
e. Legal Compliance: information/data that is collected, processed, used, passed
on or destroyed must be handled in accordance with the current legislation of
the relevant countries.

Network Security Measures:

i. General Security Measures:
a. Privileges and rights; The users, operators and system administrators should
have privileges and rights depending upon the role of individual. The categories
of users that are allowed access to the provided services must be documented.
b. Data Encryption Technologies; Data Encryption technologies may be
deployed, wherever required, to protect the confidentiality of sensitive
information.
c. Password; most common method of authentication is password and should be
hard to guess. All system level passwords should be changed regularly.
d. The system software installation should be carried out from original media.
User’s permission for individual files, folders may be set up.
e. Write/modify access permissions should be disabled for all executable and
binary files. Access to operating system source files, configuration files, and
their directories should be restricted to authorized administrators only.
f. Servers should be regularly audited and log files must be scanned for knowing
any attacks and intrusions, preferably daily. A log book may be kept of all
system administration activities on the server.
g. Steps should be taken for regular updating of anti-virus software. Full system
scan is recommended at the end of the day.
ii. Access to Server:
a. The system must be protected from unauthorised use, loss or damage.
b. Access to the server is very important and it must be limited to administrator
 c. Server log out and shut down should be done when leaving the office and the
door of the server room must be always kept locked.
d. UPS system with adequate battery backups should be installed, preferably with
a Genset to avoid any data loss or corruption due to power failure.
iii. Physical Security:
a. To access the system administrator login on the server, biometric authentication
technologies can be deployed.
b. Severs and other components generally remain operational round the clock,
therefore, the physical security of the network control centre should be ensured
by deploying the necessary manual security staff to take care of theft, fire and
power breakdowns.
iv. Backup and Media Management: all forms of data storage are subject to data
loss. Regular backups are must:
a. Server data backup: server data must be back up as per the defined policies
and procedures, at schedule time.
b. Storage of backup media; backup media should be stored either onsite or
offsite as per the backup policy with proper identification for quick retrieval.
c. Backup retention: The administration should ensure that the backup are
retained as per the policy requirement.
d. Verification of backup integrity: the administration should verify the integrity
of the backup by resorting the data on the test setup and taking confirmation
from the user on integrity and correctness of the data resorted. Removable
media may be checked regularly on another system for readability.
e. Media Identification and Reliability: the backup media may be marked with
a tag giving identification details like data base name, operating system, name,
application name, location of storage onsite or offsite and retention period etc.
f. Recovery from Backup Media; there could arise situations when server
crashes due to some hardware fault. Recovery methods may be documented for
reloading of the OS and server software, reinstallation of the application and
system software. Hard recovery software and anti-virus software should be
installed on the server and operating system of all the clients.
v. Firewall Security;
A firewall is a system of hardware and software that blocks unauthorised users inside
and outside the organization from entering the intranet. The firewall monitors all
internets and other network activity, looking for suspicious data and preventing
unauthorised access. A firewall is a set of related programs generally located at a
network gateway server. It examines each network packet too determine whether to
forward it toward its destination.

In general way we can say that firewall performs following functions:

a. It prevents unauthorised person from accessing the data.
b. It blocks access to certain undesirable sites such as pornography, games and so on.
c. It filters suspected E-mails i.e advertisement or from suspected source.
 d. It prevents remote login into a computer.

Further, each firewall is connected to public switched network through router.
However, routers are special purpose computers that have several NIUs and each of
them requires Internet Protocol (IP) address.

vi. Intrusion Detection System (IDS):
Intrusion detection system complements other security technologies. By providing
information to site administrator, IDS allows not only for the detection of attacks
explicitly handled by other security components (such as firewall and service
wrappers), but also attempts to provide notification of new attacks unforeseen by
other components. However main benefit of intrusion detection system is that it
also provides forensic information that potentially allows organizations to discover
the origin of an attack.

In this manner, ID system attempts to make attackers more accountable for their actions, and,
to some extent, act as a deterrent to future attacks.