Network Security Research Paper

Excerpt from Research Paper :

Network Security: Past, Present and Future

The work of Curtin (2007) states that a network is defined as "any set of interlinking lines resembling a net, a network of roads -- an interconnected system, a network of alliances." Quite simply a computer network is a system of computers that are interconnected. There are seven layers of communication types identified by the International Standards Organization (ISO) Open Systems Interconnect (OSI) Reference Model as well as the interfaces among them. Each layer is stated to be dependent on the services that the layer above it provides including the physical network hardware.

Technology: Description and Area of Research

The most popular networks which have been used over the past twenty-five years and which include both private and public networks include the following network services: (1) UUCP -- Unix-to-Unix CoPy: This was developed originally for connecting Unix hosts together however, since that time UUCP is reported to have "been ported to many different architectures, including PCs, Macs, Amigas, Apple IIs, VMS hosts, everything else you can name, and even some things you can't. Additionally, a number of systems have been developed around the same principles as UUCP." (Curtin, 1997) (2) Batch-Oriented Processing: UUCP and similar systems are batch-oriented systems, everything that they have to do is added to a queue and then at some specified time, everything in the queue is processed. (Curtin, 1997) (3) Implementation Environment -- UUCP networks most commonly were built for use with dial-up or modem connections. However, UUCP can be used over any type of connection between two computers and this includes over an Internet connection. The construction of UUCP networks is simply a matter of "configuring two hosts to recognize each other, and know how to get in touch with each other. Adding on to the network is simple; if hosts called A and B. have a UUCP network between them, and C. would like to join the network, then it must be configured to talk to A and/or B. Naturally, anything that C. talks to must be made aware of C's existence before any connections will work. Now, to connect D. To the network, a connection must be established with at least one of the hosts on the network…" (Curtin, 1997)

There are security tradeoffs with any networking application and this is true as well of the UUCP network. The UUCP is limited in its applications making it harder to break the security of these type networks and since it has been in use for quite a while the largest part of its weak points have been identified and corrected. UUCP networks work through a system-wide UUCP user account and password therefore any system connected with a UUCP connection and then connecting to another is required to know the password for the uucp or nuucp account. Recently an additional layer of authentication has been added requiring the hosts have the same sequence number which is stated to be "incremented each time a connection is made." (Curtin, 1997) Another type of network is the Internet stated to be the largest of all networks in the world. The Internet connection is actually a connection first to a network, which is connected to the 'Internet backbone', which is described as a network of "extremely fast (and incredibly overloaded!) Network components." (Curtin, 1997) The Internet uses a language known as TCP/IP or 'Transport Control Protocol/Internet Protocol. Any type of machine that can speak TCP/IP can interact on the Internet. One of the primary features of the TCP/IP is one that is non-technological in that the protocol is what is known as an open protocol and therefore anyone that wishes to implement this protocol is free to do so. The Internet Engineering Task Force is a group that engineers and scientists worldwide participate in designing the protocols that run the functioning of the Internet. The IP or Internet Provider is a 'network layer' protocol, which enables the hosts to communicate among one another. IP is stated to have two features, which are very important and which make it a strong protocol that has plenty of flexibility. There are reported to be several potential attacks against an IP, which effectively "exploit the fact that IP does not perform a robust mechanism for authentication which proves that a packet arrives from its identified point of departure. What this really means is that the higher layer of the ISO/OSI Reference Model must provide host authentication. And those requiring strong host authentication do so at the application layer. One type of attack is known as "IP Spoofing" which is when one host makes the claim to have another IP address. "IP Session Hijacking" is described as an attack with relative sophistication (Curtin, 1997) and in fact is "very dangerous…because now there are toolkits available in the underground community that allow otherwise unskilled bad-guy-wannabes to perpetrate this attack." (Curtin, 1997) The 'TCP' or 'Transport Layer Protocol' is such that it requires to be seated atop a network layer protocol and designed to also be seated atop the IP. The 'UDP' or 'User Datagram Protocol' is a simple transport-layer protocol which does not have the same features as the TCP and is not considered reliable although considered as being ill-suited for some applications however, being more applicable in other applications than in the TCP. The types and sources of threats that are dealt with by Network Security applications are various and include such as the 'Denial-of-Service' threat which are reported as "…probably the nastiest, and most difficult to address." (Curtin, 1997) These attacks are reported to be in terms of their launch and difficult in tracking. In addition, refusing the attacking request proves difficult without additionally refusing legitimate service requests. This type of attack is what is known as a DoS attack, which is quite simply the sending of more requests that the machine has the capacity to handle and since underground toolkits are available, the individual perpetrating the attack simply has to purchase a program that is running and instruct it which host to send the requesting attacks to. These were common attacks in the later 1990s. Defense against these types of attacks include such as: (1) Not running your visible-to-the-world servers at a level too close to capacity; (2) Using packet filtering to prevent obviously forged packets from entering into your network address space; (3) Obviously forged packets would include those that claim to come from your own hosts, addresses reserved for private networks as defined in RFC 1918 and the loopback network (127.0.0.0); and (4) Keeping up-to-date on security-related patches for your hosts' operating systems. (Curtin, 1997) A second type of DoS attack is the 'unauthorized access attack which includes several various types of attacks. These attacks are stated to attack a machines resource that should be restricted to the attacker. Other types of attacks include such as 'confidentiality breaches' and 'destructive behavior' attacks which results in the destruction of data. The adequately address security Curtin (1997) states "all possible avenues of entry must be identified and evaluated. The security of that entry point must be consistent with your stated policy on acceptable risk levels." Curtin reports that there are necessary steps to take in case an attack is successfully executed and these are the following stated steps: (1) have backups; (2) do not store data where it does not need to be; (3) avoid systems with single points of failure; (4) stay current with relevant operating system patches; (5) watch for relevant security advisories; and (6) have a staff member who is familiar with practices of security. (Curtin, 1997) There are three types of firewalls, which include: (1) Application Gateways; (2) Packet-Filtering; and (3) Hybrid-systems. (Curtin, 1997) Application gateways are also known as proxy gateways. This type of software is stated to run "at the Application Layer of the ISO/OSI Reference Model and Clients behind the firewall are required to be "prioritized" or in other words to know how to make use of the proxy and be configured to use the proxy if they are to use the Internet services. These are stated to traditionally be the most secure of all firewalls since nothing can pass by default but are required to have the programs written and then turned on for them to begin passing traffic. Packet filtering is another firewall technique stated to contain routers with ACLs or 'Access Control Lists' that are turned on and that results the router by default passing all traffic it is sent and to do so void of any type of restrictions. The Hybrid System was created in an attempt to make the security of the application layer gateways compatible with the flexibility and speed of packet filtering. Some systems use both principles. Some of the systems require that new connections be authenticated and approved at the application layer and others include the potential of the use of packet filtering and application layer proxies. Benefits include the provision of protection against machines that provides services to the…

Cite This Research Paper:

"Network Security" (2011, January 15) Retrieved August 19, 2017, from
https://www.paperdue.com/essay/network-security-121776

"Network Security" 15 January 2011. Web.19 August. 2017. <
https://www.paperdue.com/essay/network-security-121776>

"Network Security", 15 January 2011, Accessed.19 August. 2017,
https://www.paperdue.com/essay/network-security-121776