Securing Networks from External threats

ethernetOverview

Securing the network from external threat is a competition between the hackers and the security personnel. Hackers are individuals who usually try to find out the vulnerabilities in different hardware and software’s whereas the security personnel try to fix these vulnerabilities. Hackers can take advantage of some known vulnerabilities which have not been fixed by the network or system administrators.

Physical protection

It is essential to protect your server. Hence, it is essential to lock the server to prevent physical access by any unauthorized persons. The authors can also access the network by plugging into a switch. It is therefore essential to lock all the switches. The network administrator should never leave the server logged in. He should log off the server or add a password protected screensaver when the server is not in use.

Firewalls

Firewalls protect your network using a number of methods. It uses techniques to hide IP addresses and blocking the TCP/IP ports to prevent unauthorized access to the system.

Hiding IP address

It is a common technique of protecting a network by hiding the real IP addresses of the internal network systems from the internet. You can hide IP addresses either using NAT or proxy server.

Port filtering

The second most common firewall tool is port filtering, also known as port blocking. Port filtering involves preventing TCP or UDP packets to pass through any port other than those prescribed by the network administrator.

Packet Filtering

Packet filtering blocks the incoming or outgoing packet from a particular IP address or a range of IP addresses. Packet filtering can block outgoing IP addresses better because the administrator knows all the IP addresses of the internal systems and can specify it. It is also known as IP filters.

Encryption

Encryption makes the packet unreadable. Encryption of data occurs at various levels, such as encrypting data while sending it over the internet. There are number of ways to encrypt network data. The choice of encryption methods depend on the methods used by communicating systems to connect to the network. Many networks consist of multiple networks linked together by some private connection like an ISDN. Microsoft uses encryption method like IP sec for these types of network. Encryption can also be used by TCP/IP applications. The most commonly used application encryption is Netscape’s Secure Socket Layer (SSL) security protocol. SSL is used to create secure website.

Authentication

It is necessary to authenticate the user along with encrypting the data. Modern network operating systems such as windows NT/2000/2003/XP and Netware use authentication encryption like Kerberos for authentication. Kerberos supports multiple brands of servers to authenticate clients having different operating systems. The common protocols used for authentication are Password Authentication Protocol (PAP), Channel Handshake Authentication Protocol (CHAP) and MS-CHAP. PAP is the oldest authentication protocol and least safe as it sends passwords in clear text. CHAP is the most common remote access protocol. MS-CHAP is the Microsoft’s version of CHAP.

Public Keys and Certificates

Most strong encryption uses an asymmetric key methodology which uses two keys: a public key and a private key. The way of encryption is using digital certificates which are public keys signed with the digital signatures from a trusted third party know as Certificate Authority (CA). One of the popular CA for secure websites is VeriSign.

VLAN

Virtual LAN is a broadcast domain created using one or more switches. The switch creates a VLAN by adding some systems in one VLAN and some in other. The switch separates the ports into multiple broadcast domains instead of single broadcast domain depending on the configuration. VLAN not only provides security but also provides solution for reducing network traffic and helps in network administration.

Summary

Securing networks against external attack is a complex subject and we have only just scratched the surface in this short article. There are plenty of other online resources for further information, or alternatively you might want to consider a training course. Some training providers run local courses ranging from 1 day up to a week in duration, depending upon your requirements. One Company in the UK which we’ve used on several occasions for our own staff is Paul Brown Training Ltd, offering 1 day courses from as little as £55 / person. Primarily Microsoft Office trainers, they also provide a range of network skills courses through their partners at QA at discounted prices.