Network Security Needs at the Organizational Level
 |
| Network Security Needs at the Organizational Level |
Attacks on Network
It is considered a hard job to maintain network security and performance to execute different tasks accurately and successfully. The services' performance depends on a secure network. A network is attacked by different viruses, users, online hackers, and sometimes due to system corruption. Malik (2002, p. 405) notes that there are different types of network attacks, but normally they are categorized into two main groups. They are known as:Denial of services
Network access attacks
Newman (2009, p. 32) notes that computer vulnerabilities can easily be exploited, which is known as a computer security risk. An attacker knows all such weaknesses in computer networking, so he easily attacks such threats, bringing harm to network security and stealing information and secure data. A network attack can be of four types:“Fabrications”
“Interceptions”
“Interruptions”
“Modifications”
Fabrication attacks are very common and are used to deceive network users, making it difficult to distinguish between the original message and the deceptive one.
Interception attacks are another popular type of network attack, occurring when an intruding message mixes with the original message, misleading it from its original path. The intruder hacks the information.
Interruptions mean pauses or breaks during the communication process when online communication is performed using a network connection. This can be due to lower connection speed, technical problems, or poor service quality.
Modifications can be understood as “the alteration of the data contained in the transmissions.” (Newman, 2009, p. 32)
Active and Passive Attacks
Forouzan (2007, p. 5) writes that attacks on networks can further be classified into two main categories: active attacks and passive attacks. An active attack is considered any attack that modifies the information or gains access without permission and authorization, stealing and tampering with the information. The writer notes that managing such attacks is easier than preventing them, as they occur in different ways and by different means. However, the procedure of passive attacks is different. A passive attacker tries to steal information and data from the computer or network server without modifying the information or causing harm. During such attacks, the computer system or main server keeps working normally, but the information sent from the host to the receiver can be compromised. Such attacks can be detected when the sender and receiver notice any issues while exchanging information or messages. Passive attacks can be prevented “by encipherment of the data” (Forouzan, 2007, p. 5).Social Engineering
Clarke (2009, pp. 598-9) notes that attackers use deception techniques to interpret networks and steal information. Such attacks are known as social engineering attacks, aimed at accessing information resources. These attacks increase with social interaction and are carried out through emails, interaction with individual users, phone calls, stealing passwords, and deceiving network managers by impersonating users. Intruders can physically attack network servers by obtaining employee IDs and gaining physical access to control rooms. Clarke (2009, p. 599) describes various forms of social engineering attacks:“Hacker impersonates administrator”: The hacker persuades company employees to change passwords, stealing or tampering with information resources.
“Hacker impersonates user”: The hacker convinces the network administrator to steal information resources by asking for a new password.
“Hacker impersonates vendor”: The hacker attacks individual computer systems or entire networks by posing as a software application seller, often through emails. This attack can severely damage systems with viruses like Trojan.
Newman (2009, p. 33) writes that such attacks occur if employees are new, untrained, or unaware of network security. To maintain network security, different measures can be adopted:
Train and educate employees about network security needs and threats.
Create a company policy to inform employees about network security.
Implement strict authentication systems for internal and external technical staff.
Reduce remote access to the network and install a proper validation system.
Prioritize email security and ensure secure communication between sender and receiver.
Restrict the publication of network information to prevent attackers from finding loopholes. (Newman, 2009, p. 33)
Software Attacks
Giladi and Serpanos (2006, p. 18) note that software attacks have increased compared to past times. Some software attacks occur within a computer system, while others activate when software applications are installed. They further note that “software attacks due to viruses, worms, and Trojan horse applications have proliferated not only to personal computers but also to embedded appliances such as cell phones and PDAs.” These attacks can be reduced by installing antivirus programs, updating software applications, and using licensed software. Many network service providers now have their software application architecture to prevent such attacks and maintain a good flow of network service.Attack Supported by Email
Newman (2009, p. 132) notes that electronic mail is the most common method of communication and information sharing globally. It is also a common method for intercepting, modifying, or disfiguring information in a hacker’s attack. The internet connects millions of people who communicate through a main server. Some companies create their network systems for communication, while others use services provided by international network service providers such as Google, Yahoo, MSN, AOL, etc. Emails travel on the network using SMTP and TCP. Emails stay on the host server until the user comes online and accesses them. If an email ID or log in details are hacked, the specific information is also hacked. This allows an attacker to hack information and damage the network server.Newman (2009, p. 33) writes that managing email security is essential because it is the main method of corrupting network services, especially in business contexts. Organizations use Internet networks to execute business activities, prioritizing message confidentiality. Hackers either hack the complete source of information or use encryption techniques. This system is known as the “Data Encryption Standard.” To prevent such threats, senders use digital signature techniques to secure and unmodified information sources.
Threat of Users
It is well known that network users are considered internal threats to any organization, causing significant harm to network security. IT Managers must prioritize managing this problem by monitoring network users and authenticating their passwords. A computer user changes many applications and IP addresses to access the network, bringing harm to network security. Network managers manage network connections using modems to distribute network facilities to multiple users. “The modem creates a backdoor from the internet into the network, and as a consequence, the network is no longer secure.” Network users also cause problems by changing explorer settings during internet searches, allowing viruses and Trojans to attack the network. Sometimes, a user takes assistance from a friend instead of the network manager, causing further problems (Pool, 2003, pp. 38-39).Leidigh (2005) notes that most network problems are caused by network users who forget or regularly change their passwords without securing their online accounts. In a business organization, employees are bound to keep their information secret and are supervised by IT Network Managers responsible for managing network security. The writer further analyzes and compares all network threats, dividing them into internal and external security threats and then analyzing the results of these threats on network performance.
Threats
- Internal/External
- Threats and Results
- E-mail with virus
- External origination, internal use
- Could infect the system reading email and subsequently spread through the entire organization
- Network Virus
- External
- Could enter through unprotected ports, compromising the whole network
- Web-based virus
- Internal browsing to external site
- Web server attack
- External to web servers: If a web server is compromised, the hacker could gain access to other systems internal to the network.
- Denial of service attack
- Network user attack (internal employee)
- Internal to anywhere
- Traditional border firewalls do nothing for this attack. Internal segmentation firewalls can help contain damage. (Leidigh, 2005, p. 5)
WEP, WAP, and Network Security Maintenance
Wireless internet is widely used in recent times; it is because of its access at any place that enables the user to perform its work easily. Wireless is accessed as a single connection and in the form of broadband as well. Such wider use of wireless has created concerns as well because this increases the rate of network attacks. The need for network security has increased due to such attacks and different measures are adopted to eliminate network security threats. Organizations to avoid any such network security problems install software applications, strengthen their firewalls, and implement different security standards to make security sure and certain. All the threats and measures against these threats are adopted because the damage to wireless network security is far easier. The following examination of WEP and WAP will show how it is necessary to manage network security to save an organization’s information and information assets.WEP (Wired Equivalent Privacy)
WEP stands for “Wired Equivalent Privacy” and its purpose is to strengthen the network security and be more result-oriented. Technology is changing rapidly so as the standards and measures that are helpful to maintain network security. In the beginning, WEP was considered a foolproof security measure to maintain the network safer and secure. However, in recent times different concerns about using WEP have appeared dominantly. Security analysts in the light of their research have pointed out many weaknesses in WEP. To avoid any network exploitation network administrators use other software applications to stop any type of information hacking or stealing. The wireless network is actually radio wave transmission which is easy to be interrupted and thus network is damaged. WEP working procedure indicates that a key is set to access the network safely. The setting of this key depends on the user's choice and is employed for login purposes. “WEP uses the RC4 stream chipper, combining a 40-bit WEP key with a 24-bit random number known as an Initialization Vector (IV) to encrypt the data” (sans.org, 2003). The WEP authentication system is based on two methods which are:;1. Open system authentication
2. Shared key authentication
3. Open system authentication
This process eases the client to log on and use the internet facility without producing personal details. To establish a connection with the desired network WEP key is a major tool. This is the only requirement as the user does not require any further authentication passwords or secret keys. “If an access point uses Open System Authentication, a station can associate with that access point based only on knowing the access point’s SSID. A Client should not attempt to authenticate with an access point that has a different SSID than the client” (CWNA, 2005, p. 339). The working procedure of WAP is based on two following steps. For example,
In the first step, the authentication request is sent to the access point which indicates that the client requires open system authentication. This request is acknowledged by AP and known as ACK.
In the second step, the access point or network after acknowledging the request sends a message to the client which is known as a positive response. This makes certain that the client has been authenticated. To approve this procedure client sends a message to the access point which is actually an acknowledgment that that the client is using the service now (CWNA, 2005, p. 340).
1. During this process client sends a request to the access point.
2. Access point responds with a challenge text known as cryptography
3. This is the stage when a designated “WEP key of 64 bits or 128 bits is used to encrypt the challenge”. For authentication purposes, the request is again sent to the access point.
4. The client is granted access to the network based on earlier sent messages.
5. During this process text matching is the core of access; if the matching text is not similar then the request of access is not granted. (documentation.netgear.com, 2009)
After all these procedures data encryption takes place that shows shared key authentication is secure compared with open system authentication.
2. With the start of the wireless network, users disregarded the use of the WEP key which raised concerns about network security. Information hackers found many networks without key protections which facilitated them to break into the system to steal the information and to damage the network in general.
3. A shared key is also a major problem because the network connection becomes easier to connect. Such losses can be reduced only if a key management protocol is used for the safety of the network.
4. Key-breaking software applications are available to damage the network.
5. “In 2007, Erik Tews, Andrei Pychkine, and Ralf-Philipp Weinmann were able to extend Klein's 2005 attack and optimize it for usage against WEP. With the new attack, it is possible to recover a 104-bit WEP key with a probability of 50% using only 40,000 captured packets. For 60,000 available data packets, the success probability is about 80%, and for 85,000 data packets about 95%. Using active techniques like death and ARP re-injection, 40,000 packets can be captured in less than one minute under good conditions. The actual computation takes about 3 seconds and 3 MB of main memory on a Pentium-M 1.7 GHz and can additionally be optimized for devices with slower CPUs. The same attack can be used for 40-bit keys with an even higher success probability.” (en.wikipedia.org, 2009)
This process eases the client to log on and use the internet facility without producing personal details. To establish a connection with the desired network WEP key is a major tool. This is the only requirement as the user does not require any further authentication passwords or secret keys. “If an access point uses Open System Authentication, a station can associate with that access point based only on knowing the access point’s SSID. A Client should not attempt to authenticate with an access point that has a different SSID than the client” (CWNA, 2005, p. 339). The working procedure of WAP is based on two following steps. For example,
In the first step, the authentication request is sent to the access point which indicates that the client requires open system authentication. This request is acknowledged by AP and known as ACK.
In the second step, the access point or network after acknowledging the request sends a message to the client which is known as a positive response. This makes certain that the client has been authenticated. To approve this procedure client sends a message to the access point which is actually an acknowledgment that that the client is using the service now (CWNA, 2005, p. 340).
Shared key authentication
The process of shared key authentication depends upon different methods. For example,1. During this process client sends a request to the access point.
2. Access point responds with a challenge text known as cryptography
3. This is the stage when a designated “WEP key of 64 bits or 128 bits is used to encrypt the challenge”. For authentication purposes, the request is again sent to the access point.
4. The client is granted access to the network based on earlier sent messages.
5. During this process text matching is the core of access; if the matching text is not similar then the request of access is not granted. (documentation.netgear.com, 2009)
After all these procedures data encryption takes place that shows shared key authentication is secure compared with open system authentication.
Difficulties in using WEP
1. It is well well-known problem of WEP that the same key cannot be used for second-time access.2. With the start of the wireless network, users disregarded the use of the WEP key which raised concerns about network security. Information hackers found many networks without key protections which facilitated them to break into the system to steal the information and to damage the network in general.
3. A shared key is also a major problem because the network connection becomes easier to connect. Such losses can be reduced only if a key management protocol is used for the safety of the network.
4. Key-breaking software applications are available to damage the network.
5. “In 2007, Erik Tews, Andrei Pychkine, and Ralf-Philipp Weinmann were able to extend Klein's 2005 attack and optimize it for usage against WEP. With the new attack, it is possible to recover a 104-bit WEP key with a probability of 50% using only 40,000 captured packets. For 60,000 available data packets, the success probability is about 80%, and for 85,000 data packets about 95%. Using active techniques like death and ARP re-injection, 40,000 packets can be captured in less than one minute under good conditions. The actual computation takes about 3 seconds and 3 MB of main memory on a Pentium-M 1.7 GHz and can additionally be optimized for devices with slower CPUs. The same attack can be used for 40-bit keys with an even higher success probability.” (en.wikipedia.org, 2009)
6. A shared key is accessible from different places so it is easier to break any security wall of protected buildings. (en.wikipedia.org, 2009)
WAP has a strong problem that is, integration with other hardware components and with other software applications. This is a strong barrier that creates security lapses. To avoid any such problems network managers buy different software applications which are designed according to the need of WAP. It is also important that WAP can be used on certain operating systems such as Windows Server 2003, XP, etc (Posey, 2003).
2. cisco.com, (2009) http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_9-3/ipv6_internals.html
3. Clarke, E. G. (2009) CompTIA Network +Certification Study Guide. 4th Ed. Tata McGraw Hill
4. CWNA, (2005) Certified Wireless Network Administrator Official Study Guide (Exam PW0-100) 3rd Ed. Certification Press. McGraw Hill Osborne.
5. documentation.netgear.com, (2009) http://documentation.netgear.com/reference/fra/wireless/WirelessNetworkingBasics-3-14.html
6. en.wikipedia.org, (2009) “Wi Fi Protected Access” http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access
7. en.wikipedia.org, (2009) http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy
8. Forouzan, A. B. (2007) Cryptography & Network Security. Tata McGraw Hill, Special Indian Edition 2007.
9. Furnell, S. (2005) Computer Insecurity: Risking the System. Springer-Verlag London.
10. Geldenhuys, P., Bothma, C., and Botha, J. (2008) Managing E-Commerce in Business. 2nd Ed. Juta & Company Ltd.
11. Giladi, R. and Serpanos, N. D. (2006) Security and Embedded Systems: 2 NATO Security Through Science Series: Information and Communication Security. IOS Press US, Illustrated Edition
12. Leidigh, C. (2005) Fundamental Principles of Network Security. White Paper no: 101. APC.
13. Leo, R. ed (2005) The HIPAA Program Reference Handbook. CRC Press
14. Posey, B.(2003) “WPA wireless security offers multiple advantages over WEP” http://articles.techrepublic.com.com/5100-10878_11-5060773.html
15. Rist, C. R. and Kusek, Z. J. (2004) Ten Steps to a Results Based Monitoring and Evaluation System. The World Bank.
sans.org, (2003) “The evolution of wireless security in 802.11 networks: WEP, WPA and 802.11 standards” http://www.sans.org/reading_room/whitepapers/wireless/the_evolution_of_wireless_security_in_802_11_networks_wep_wpa_and_802_11_standards_1109
WAP (Wireless Application Protocol)
Wi-Fi Protected Access” WAP is used to manage network security from external and internal threats to an organization. It is the latest form of algorithm which has more options for users to use to strengthen their network security. Posey, (2003) notes that the “Temporal Key Integrity Protocol” known as TKIP encrypts the data in WAP, and TKIP is considered one of the highest security maintaining internet protocols. TKIP processes clients' requests for a connection and allows them to use wireless internet after making checks. The permission is granted by allowing certain WAP keys which saves the network from certain malicious attacks. WAP has a very strong reason to be used that is its strength. WAP is 64 to 256 bits long. It is difficult for a network attacker to remember such a long key and damage the system. Posey, (2003) notes that due to such key differences, WAP is different from WEP as it is evident that in WAP every user uses their own individual key which increases the level of security. For example, WAP uses different internet protocols to manage network security such as 802.1x.WAP has a strong problem that is, integration with other hardware components and with other software applications. This is a strong barrier that creates security lapses. To avoid any such problems network managers buy different software applications which are designed according to the need of WAP. It is also important that WAP can be used on certain operating systems such as Windows Server 2003, XP, etc (Posey, 2003).
Summary
Network security in organizational environments is a critical task for IT managers and administrators. Ensuring secure communication and preventing attacks from hackers and cybercriminals is essential to protect organizational information and assets. Implementing security protocols, training employees, and using advanced technologies like WEP and WAP can help maintain network security, ensuring smooth and secure operations.References
1. Cahn, S. R. (1998) Wide Area Network Design: Concepts and Tools for Optimization. Morgan Kaufmann Publishers, Inc. USA.2. cisco.com, (2009) http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_9-3/ipv6_internals.html
3. Clarke, E. G. (2009) CompTIA Network +Certification Study Guide. 4th Ed. Tata McGraw Hill
4. CWNA, (2005) Certified Wireless Network Administrator Official Study Guide (Exam PW0-100) 3rd Ed. Certification Press. McGraw Hill Osborne.
5. documentation.netgear.com, (2009) http://documentation.netgear.com/reference/fra/wireless/WirelessNetworkingBasics-3-14.html
6. en.wikipedia.org, (2009) “Wi Fi Protected Access” http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access
7. en.wikipedia.org, (2009) http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy
8. Forouzan, A. B. (2007) Cryptography & Network Security. Tata McGraw Hill, Special Indian Edition 2007.
9. Furnell, S. (2005) Computer Insecurity: Risking the System. Springer-Verlag London.
10. Geldenhuys, P., Bothma, C., and Botha, J. (2008) Managing E-Commerce in Business. 2nd Ed. Juta & Company Ltd.
11. Giladi, R. and Serpanos, N. D. (2006) Security and Embedded Systems: 2 NATO Security Through Science Series: Information and Communication Security. IOS Press US, Illustrated Edition
12. Leidigh, C. (2005) Fundamental Principles of Network Security. White Paper no: 101. APC.
13. Leo, R. ed (2005) The HIPAA Program Reference Handbook. CRC Press
14. Posey, B.(2003) “WPA wireless security offers multiple advantages over WEP” http://articles.techrepublic.com.com/5100-10878_11-5060773.html
15. Rist, C. R. and Kusek, Z. J. (2004) Ten Steps to a Results Based Monitoring and Evaluation System. The World Bank.
sans.org, (2003) “The evolution of wireless security in 802.11 networks: WEP, WPA and 802.11 standards” http://www.sans.org/reading_room/whitepapers/wireless/the_evolution_of_wireless_security_in_802_11_networks_wep_wpa_and_802_11_standards_1109