Windows Server 2008 and Internet

Windows Server 2008 and Internet Security

In this paper, we discuss Windows Server 2008 and Internet Security. We begin with the definition of IPSec and a description of the threats that users face when using unsecured TCP/IP. The basic goals achieved by using IPSec are also analyzed. We then develop security strategies to address various threats that are addressed by IPSec that users who use unsecured TCP/IP face. Two methods of configuring the IPSec securities policies are also explored for Windows Server 2008.We then analyze file encryption in Windows Server 2008 as well as how it uses public and private key encryption.

The concept of internet security has proven to be valuable in this era of network attacks and the threat of cyber terrorism. Security in the context of computer systems is defined as "the ideal state where all information can be communicated across the internet secure from unauthorized persons being able to read it and/or manipulate it" (Essinger, 2001. p. 43).

Thesis statement

Network security is one of the fastest growing fields in computer technology. However, there are various vulnerabilities that exists in the process of data transmission over the network (at the network layer).It is therefore important to ensure that the necessary protocols are employed in order to secure the content of the packets being transmitted. IPSec is such a protocol which should also be deployed appropriately in order to ensure that the data confidentiality, integrity and availability are ensured. IPSec is however concerned with the integrity aspect of the data being transmitted.

Definition and discussion of the three basic goals achieved by IPSec

What is IPSec?

IPSec which stands for Internet Protocol Security is a security framework that uses a set of protocols used in securing network at packet processing a layer of a particular network communication (intelligentedu.com, 2006).It is a framework that uses open standards used in ensuring that a secure communication takes place over the Internet Protocol networks by employing a set of cryptographic security services. The fundamental idea of the IPSec is to mark individual packets prior to being deployed or rather transmitted over a communication network. The mark is then used in the authentication of the source of the packets at the receiving end. IPSec also authenticates the packet's content in order to confirm that they are the same as the ones being generated by the source. This is to ensure that there is no modification to the content being transmitted (Intelligentedu.com, 2006). IPSec further checks whether the packet sent is a duplicate of a previously sent packet that had already been received. IPSec is also involved in the definition of a framework used for the encryption of data in order to ensure that the data being transmitted is not understood by eavesdroppers as it is carried in the packets. The Internet Protocol Security can therefore be described as a set of protocols that are used in so as to achieve a secure and private data communication over the internet. It is therefore considered as an emergent security standard utilized at the packet processing or network level of network communication.

Application of IPsec

CEEnet (2000) provides the following as the applications of IPSec

Provision of the capability of securing data communications across a LAN, public WANs, private WANs and across the internet. Example of uses includes; the securing of branch offices' connectivity over an internet link and the securing a remote access over an internet connection such as FTP link

The main benefit associated with the use of IPSec is the fact that security measures can be employed without necessarily altering the individual user workstations.

Security strategies for threats addressed by IPSec that users face in an unsecured TCP/IP network

The IPSec makes use of two main security services;

1. Authentication Header (AH) which is basically used to allow authentication of the sender data

2. Encapsulating Security Payload (ESP) which is used in supporting of both the senders authentication as well as the encryption of the data.

It is worth noting that the specific information that is associated with these services is seamlessly inserted into the packet. The specific location of insertion is at the header following the IP packet header. Then separate key protocols can then be selected for example ISAKMP or Oakley protocol (Graupner and Sahai,2005).

Threats that users face when using unsecured TCP/IP

The following are the main threats that users of unsecured TCP/IP faces when exchanging data over a network (Rodgers, 2001)

The first faced by a user of an unsecured TCP/IP is SYN flooding. This occurs when a server happens to receive more connection requests that are incomplete and that it cannot possibly handle. This kind of attack's source code were released in 2006 by 2600 and Phracks two well-known underground hacker magazines. The second threat is IP Spoofing which is an attack which involves the impersonation of a legitimate host user at the IP layer. The third one is sequence number attack. The third one is TCP session hijacking. The third threat is denial of service attacks Security strategies to address various threats that are addressed by IPSec that users who use unsecured TCP/IP face

In order to ensure that users of unsecured TCP/IP don't fall victims to the threats outlined above, the following strategies must be employed;

Countering SYN Flooding:

The ISPs that are responsible for the IP packets must block the non-internal addresses that are responsible for the flooding. The attacker would then be forced to use official IP source to send the packets which can be used to trace them (via server audit logs).The lack of anonymity would then deter the would-be attackers from launching the SYN Floods. The other one preventive measure is to use make changes to the network aspects of a given operating system and also the inclusion of intrusion detection tools (Rodgers, 2001).

Countering IP spoofing:

Changing of the routing tables of the routers and gateways of the spoofed routing tables by means of protocols such as BGP4,RIP (Rodgers, 2001).

Methods of configuring the IPSec securities policies

There are basically two methods. These are transport mode and tunnel mode They are described by Ferguson, Poulton and Barrett (2004) as follows:

Transport mode

IPSec can effectively be used in the transport mode in order to secure communication happening between two workstations that are ion the same network. The arrangement can either be a server-to-client or a server-to-server communication. Then IPSec gives an end-to-end surety on the basis of the encryption setting and the authentication that is applied (Ferguson, Poulton and Barrett, 2004).