Network security principles and practices

Network Security

History and Evolution of Network Security:

The term 'Network Security' refers to the concept of the creation of a 'secure platform' based upon which the user of the computer or of a program within the computer are allowed to perform only those specific tasks that are allowed within the parameters dictated by the security network of the computer, and banned from performing those that are not allowed. The tasks include the various operations of the access to a program, the deletion of any particular program and the modification to any program. (Network Security: The Concise Tech encyclopedia)

It was during the 1960's that the vacuum-based computers that were being manufactured in the U.S.A. began to become popular, and it was in the year 1967 that the idea of developing 'encrypted passwords' in order to maintain security for the user of the computer was mooted, and, accordingly, the first encrypted password that would bar access to unauthorized persons trying to access programs on the computer was created. There was further progression during the next decade when the year 1970 saw the development of the idea of a computer user being able to log onto a remote computer. Telnet initially introduced the concept. BBN, under Ray Tomlinson of ARPANET was able to introduce the '@' sign for the users of e-mail programs on the Internet in the same year. ARPANET also introduced the very first International Internet connections from the University College of London, England to Norway.

In the year 1974, Vint Cerf and Bob Khan introduced the first 'Transmission Control Program' in their publication, 'A Protocol for Packet Network Interconnection', and by the year 1977, the easy to use computer began to be mass produced and the first company to have achieved this is the 'Apple', followed by the introduction of the 'Personal Computer' by IBM in the year 1981. When in 1982 the TCP/IP a set of protocols for the Internet user was introduced by DCA and ARPA, the Internet began to be defined as a set of connected networks, and this idea became standardized. The 'domain name' system came into being in the year 1984 and this in itself led to the growing popularity of the Internet, and by the next year the term 'hacker' had come into being. The hacker is a person who is able to push his way through the security system of the computer in order to illegally gain access to whatever he needs from such a program.

Challenge response protocols and password tokens were soon introduced, and the 'Symbiolics.com' became one of the first names to be registered as a 'domain'. The concept of 'virus' came into being for the first time in 1986, and one of the first viruses to be discovered was the 'Brain' that had supposedly been developed in Pakistan. Hackers began to do brisk illegal business by the year 1988, and one of the famous hackers of the time is the 'Cuckoos Egg' hacker, and the 'worm' virus that was responsible for infecting about 6,000 internet hosts single-handedly was also discovered at this time. The CERT or the 'Computer Emergency Response Team' was founded in the same year and this team was supposed to respond to emergencies related to infections caused by viruses like the 'worm' and the 'brain'. The fact was that even in the year 1989 the security for the Internet was not at all sufficient enough to promise safety, as demonstrated by the example of a 14-year-old child being able to crack open the computer coding of the U.S. Satellite Positioning System.

It was only during the year 1990 that the issue of Internet security was given serious enough attention, and this led to the creation of modern software that promised to provide adequate Internet security for all its users. In 1991 the 'www' formula was created in order to establish dial up connections to the Internet, by which time the number of computer viruses that had been officially discovered was 1000. The year 1993 saw the creation of the concept of 'firewalls' to fight intruders of Internet security, and in order to provide better security for the more than 100,000 hosts who provided Internet services to the more than millions of users world wide. Internet security became even more important by the year 1994 when the idea of 'shopping' on the Internet began to gain in popularity, as did banking and also advertising for several products. In 1995, the first 'Internet Wiretap' was introduced officially, and this helped the Secret Service and also the Drug Enforcement Agency to apprehend some persons who had been conducting business over the Internet by selling some electronic devices and also certain equipment that could be used for the cloning of cell phones, thus setting a trend in the manufacture of equipment to fight for internet security.

In the year 2000, all the major websites that were in use at that time were forced into a crisis by an attack launched against them for 'denial of services'. Hackers were now being able to penetrate even the best kept and the most confidential records, like for example, the records of thousands of patients of the University of Washington Medical Center. The 'Code Red Worm' and also the 'Sircam' were discovered to have caused unlimited damage to thousands of servers and e-mail accounts at this time, and in the year 2002, there was a DDoS or 'distributed denial of service attack' wherein 13 out of 18 root servers were attacked and destroyed, and the SQL Slammer Worm was responsible for causing a massive attack of DDoS in about ten mere minutes and causing damages to five of thirteen root servers and also affecting bank ATMs and even air traffic control systems. The Sobig F virus, the Blasterworm and many other viruses also managed to damage a lot of sites and domains and this resulted in the introduction of the 'wildcard' service that was actually a site finder, to the various dotcoms. (History of Internet Security)

Motivation for the Development of Network Security:

IT industry is seeking for remedies to security problems which would enable to reduce the influence to their functioning of businesses. Hence an all-inclusive model for security solutions is essential for any firm which seeks to find a solution to the dangers involved in security concerns and for minimizing the expenses of business. (Brenton, 1998) Even though the idea of survival is foremost in the running of any sort of business establishment, the question of how to survive is more important, since all of the business's data is prone to a breach of security at any time, both external as well as internal. The results of such breaches can be extremely damaging to the enterprise in terms of losses or changes in important data, and a complete disruption of services. For example, even a high school student will be bale to penetrate all of the company's records and cause such a breach that it will lose important data that will make the company in - operational for quite some time. The breach may even occur in the company's web pages where an infiltrator can corrupt all its information, or even turn over the entire web page to a competitor, or add obscene and unwanted content or pictures into the web page, which the company will not even be aware of. However, there exists in the world of business a conflict between the objectives behind security and the operational requirements of the company. All organizations will produce information that is critical to the running of the company, and this information can be termed as 'high secret' or 'secret' or 'sensitive', and all such information will have to be protected under a blanket of security. This then is the motivation for a company to formulate and develop good security plans so that there is no breach in security. (Information Security Program Development)

The Importance of Network Security:

Despite all the facts about the various ways and means of breaching network security being used by professional all over the world, certain businesses are yet to come to terms of increasing the security for their computers and related networks. Today, companies are no longer the fortresses that could withstand any attack on their security network; they rather need more fortification against the newer methods being created by hackers and other breaches of the security of a network. It is therefore a basic requirement for all companies to have a written copy of all its formal security plans as well as of its various security policies, keeping in mind the fact that the management of the company must be able to accept this cost as part of the company's essential expenditure. (Head in the Sand- Importance of Network Security)

Network security would enable to break the hazards of the original perfect state of one's computer network. It also enables to threaten the monetary integrity of one's firm. Hence safeguarding one's network from the dangers occurring both inside as well as outside should be accorded great significance. Making efforts towards a reliable security network would safeguard one's organization. (Canavan, 2001) Security is therefore an important concept and it must not be ignored. All the companies that want or desire a secure network must adapt the three important areas of 'intruder detection', 'logon restrictions', and 'password restrictions'. Once this is achieved, any unauthorized persons wishing to access confidential information will be denied entry to the network and will therefore be unable to gain access to such information. (Help users understand the importance of network security)

An Overview of How the Technology Works:

One of the most important methods of maintaining a secure network is the idea of a 'firewall'. A firewall will not only protect large corporations but will also serve equally well in the home. The technology involves nothing more than the maintenance of a sort of 'barrier' that will help keep away any destructive material from the computer network. It functions very much like a firewall that is created to keep a raging fire from spreading to other areas that will also help contain the original fire. The basic function of the firewall is to serve, as the filter that will keep away unwanted information from the computer that will inadvertently make an entry through the Internet to its files. The filter will flag the incoming information and will ban it from entering the computer. When a large corporation installs a firewall, the computer network that the company will use in order to help keep all its members connected to one another and also to make available important information to the employees of the company must be made secure, and the firewall does exactly this.

One or several of these firewalling methods achieve this: Only some of the hundred computers being used by the employees will provide an Internet connection and this connection will be fire walled against any unauthorized access, and this fire walling may involve the rule that FTP connection will be allowed on only a few computers, etc. this helps in the control of access to the critical data that a company will produce and that all the employees must have access to, and which anyone using the Internet will be able to hack with a very minimum of knowledge. The firewall will help prevent this and offer the company a large amount of control over how its employees are using the network.

A firewall uses one or more of these methods: 'packet filtering' wherein packets of information are filtered and also analyzed against previously set up data, and only those packets of information that will be able to pass through the filters are sent to the receivers and the rest are discarded immediately, the method of 'proxy service' whereby all incoming information from the Internet is automatically received by the fire wall and only then sent on to the requesting system, and all information sent on by the requesting system is received by the firewall and only then sent on to the Internet receivers, the 'stateful inspection' method wherein the contents of each packet of information are not examined individually, rather, the information is compared to a pre-determined data of trusted information that will be defined by set characteristics and the fire wall will then compare these bits of information with the set information data and only then process it.

The advantage of a firewall is that it protects a company against remote login whereby an unauthorized person will gain access to sensitive information by just logging on to the computer and thereby attempt to control or destroy information within. It also serves to prevent the 'backdoor access' system that allows a person to gain access through the backdoor or hidden access to the program. A firewall will also prevent SMTP session hijacking or Spam, which is the method, used by hackers to send unauthorized e-mails to persons through the Internet. The 'denial of service' method; the 'e-mail bomb' method; the 'macros' and the various infamous 'viruses' are the other hacking and corrupting methods, against which the firewall offers appropriate protection. (How Firewalls Work)

Network security has become a matter of great importance over the past few years and large corporations are in fact adapting all the methods of protection that are currently available. Books are also being written on the subject, one of them being 'Technology Advances, Strategies and Change Drivers' that has as its primary focus all the issues and the innovations and the changes that are taking place in all the corporations as well as in businesses due to the changes in the network security. The book offers the most modern and latest information on network security from a team of experts in the field. (Network Security: Technology Advances, Strategies, and Change Drivers)

How you can fight back:

IT security policies are actually the foundation on which the entire information security within an organization is based. (IT Security Policies) The DES that is also known as the Data Encryption Standard is one of the technologies that deal with network security. This was a technology developed in the 1970's and it involves the encryption of data by using a private code or algorithm of numbers as a key to lock in the code. Initially the key was composed of just 56-bits, and this did not provide adequate security. Therefore this key was enlarged to the 'triple DES standard' that is more powerfully encrypted than the earlier ones and therefore affords higher security standards. With the triple DES, the selection of two 56-bit keys is done at the outset. Then the data is encrypted, three times over, the first time by the first key, the second time by the second, and the third time by the first key again. The entire process results in the creation of an unbreakable code and cannot be broken by the hackers of today. (DES-Data Encryption Standard)

However the fact is that the National Institutes of Standards and Technology considers the Triple DES to be applicable only to certain obsolete models and it advocates the use of the 'Advanced Encryption Standard'. This supports coding by using keys made up of 128 bits, 192 bits and 256 bits, also known as the Rijndael algorithm, and it is hoped that this will eventually replace the DES of 56 bits. This new and emerging standard of encryption offers more security than the earlier ones primarily because of the size of its key and also because the AES is much quicker than the triple DES in its encryption. (Advanced Encryption Standard) Another method of encrypting data for additional network security is the technology that involves the use of the 'secure sockets layer'. This is an industry standard security method that was created by Netscape Communications Corporation that involves the use of 40 bit and 128 bit strengths or 'session keys', and the longer the keys the better the encryption code. The SSL not only offers data encryption but also server authentication and also message integrity and client authentication for the connections based on TCP/IP connections. The fact that it is built in to the server allows the user to install a digital certificate that will turn on the SSL automatically when the computer is turned on. (Secure Sockets Layer)