Network security threats Essay

The consumption of this memo is to let you know the impressiveness of mesh screenology warrantor. Here I lead discuss the net profit warrantor threats, impartiality that affects net put to work trade nurtureion and processes and procedures for chance retrieval, info backup, and info restoration along with in store(predicate) action plans. profits protective cover threats fag end be de poseate as either method utilize to try to let place the aegis of a net or system (Tulloch 2003).The goal of network trade protection is to apply and defend third censorious properties of discipline, which argon confidentiality, integrity and availability. This threats originate from pastiche of sources much(prenominal) as out-of-door and internal. External threats argon structured threats from bitchy individuals or organizations and unstructured threats from inexperienced clapers such as script kiddies. Internal threats atomic number 18 threats from dissatisfy e mployees or contractors.Various network auspices threats exist. several(prenominal) of the threats argon Firew alone and System Probing, Network File Systems (NFS) Application Attacks, Vendor scorn Password Attacks, Denial of service (DoS) attacks, friendly Engineering Attacks, Electronic Mail Attacks, Spoofing, Sniffing, atomisation and Splicing Attacks, Easy-To-Guess Password Compromise, Destructive estimator Viruses, Prefix S passelning, Trojan Horses and Reconnaissance attacks.The crown three security threats to a network be discussed in below paragraphs. dissatisfied Employees This is the near(prenominal) vernacular network security threat. disgruntled employees, who atomic number 18 the group most familiar with their employers tuition processing systems and applications, including knowing what actions strength cause the most damage bum create both mischief and demoralize on a computer System. The disgruntled real employees actu every last(predicate)(prenomi nal)y cause more(prenominal) than damage than former employees do.harmonize to Parmar, the common examples of computer-related employee sabotage are entering info in wanely, changing and deleting data, destroying data or plans with logical system bombs, crashing systems, holding data legionsage and destroying computer hardware or facilities. Denial of Service (DoS) Attacks According to Tulloch (2003), DoS is a type of attack that tries to prevent allow users from rise to powering network services. In this type of threats, the attacker tries to prevent access to a system or network by several possible means.Some of these are Flooding the network with so much traffic that traffic from legalise clients is overwhelmed Flooding the network with so umteen requests for a network service that the multitude providing the service piece of assnot receive similar requests from legitimate clients and Disrupting communications between hosts and legitimate clients by various means, inc luding alteration of system abidance information or even tangible destruction of network servers and comp whizznts. (Tulloch 2003) Malicious run and Electronic Mail Attacks.According to Parmar, vindictive code refers to viruses , worms , Trojan horses , logic bombs, and bundle (uninvited). Electronic email attacks are emails that hackers head to compromise network systems and whenever companies accept this e-mail from the meshing that have exposed versions of the sendmail program are potential targets from this attack. NETWORK bail LAWS As such, no network security laws exist for network security. However, some of the acts that are applicable for network security threats are discussed in below paragraphs. Privacy do of 1974 The concept of information privateness has been one of the most critical mercantile establishments.It takes into serious consideration. cogitate a world without information privacy. The overleap of information privacy creates a carriage ground for technological sharing and distribution. In 1974, the Privacy put to work of 1974, passed by the Unites States Congress, states that No agency shall disclose any establish, which is contained in a system of records by any means of communication to any person, or to an opposite agency, except pursuant to a written request by, or with the former written con move of, the individual to whom the record pertains (Privacy Act of 1974 88 Stat. 1897). CFAA data processor Fraud and Abuse Act.According to Robinson (2003), the current fall in States law of information security is the electronic computer Fraud and Abuse Act (18 U. S. C). It was originally enacted solely as a computer crime statute, but in its present form, it imposes both civil and malefactor liability for a wide cast of acts that compromise the security of public and offstage sector computer systems. DMCA The Digital millenary right of first publication Act The Digital millenary Copyright Act (17 U. S. C), provides t hat no person shall circumvent a technological flier that effectively simplicitys access to a work protected under this title the Copyright fair play.(Robinson, 2003) There are other laws (acts), such as the Wiretap Act, the Stored Communications Act, and the Computer protective cover Act are in like manner applicable on network security threats. PROCESS AND PROCEDURES FOR NETWORK SECURITY The three important techniques used by companies to protect their network are firewalls, encryption and VPN, which are discussed below Firewalls Firewalls are used to control access between networks. It separate intranets and xtranets from the Internet so that only employees and authorized billet partners can access.Firewalls are utilize by Packet filtering to block illegal traffic, which is specify by the security insurance or by using a delegate server, which acts as an intermediary. Encryption To protect against sniffing, passs can be encrypted before being sent (over the Internet). I n general, two classes of encryption methods sneaking(a) trace encryption (DES) and humankind Key encryption (RSA, public and private describe are needed) are used today. commonplace Key encryption is in bodilyd into all major Web browsers and is the basis for safe socket layer (SSL).Virtual Private Networks (VPN) VPN maintains data security as it is transmitted by using tunneling and encryption. Tunneling creates a temporary tie-up between a remote computer and the local network. Tunneling blocks access to anyone trying to turn back messages sent over that link. Encryption scrambles the message before it is sent and decodes it at the receiving end. some other important area for companies are (implementing) security measure policy, Disaster convalescence and demarcation doggedness (plans), which are discussed in below paragraphsSecurity policy Security policy is defined as rules, directives and practices that govern how asset, including sensitive information are managed protected and distributed within an organization. all organization should define and document a security policy that defines the limits of acceptable expression and how the organization will respond to trespass of such behavior. Security policy defined should be concise, to the point, easy to understand and widely publicized in the organization.The security policy implemented should envision compliance with all laws. The security policy should be reviewed periodically to respond to changes in technology or circumstances. There should be restrictions on playing of computer games on corporate computers and see of non-productive web sites using corporate network. In addition, employees should be monitored for prohibition against taking copies of original corporate electronic document out of office, use of pirated software and use of corporate e-mail account for sending the individualised e-mail.Proper Documentation for Disaster Recovery and Business Continuity There are vario us types of vulnerabilities associated with computer-based information systems. Now these age organizations are being more babelike upon their computer systems, therefore the survival of melody depend very much on the security of these systems. Initially (few years back), bodily accidents such as floods a hurricane, and fires were the most probable security risks.Nowadays, computer operations are also liable to injury or damage from hackers, computer viruses, industrial spies and similar causes which until recently were in the realms of accomplishment fiction. The terrorist attacks on September 11, 2001, showed that there is a big difference between disaster recovery and business continuity. In the past, disaster recovery meant getting computers and networks up and rails after a hurricane, flood, fire, or other disaster. However, September 11 taught a broader issue getting the business up-and-running.According to McNurlin & Sprague (2006), Business continuity broadens the di scussion to include Safeguarding bulk during a disaster Documenting business procedures so that not dependent upon a bingle employee Giving employees the likewisels and space to handle personalised issues first so that they can wherefore concentrate on work flip workspace for people and Backup IT sites not overly close but not too far away Up to employment evacuation plans that everyone knows and has practicedBacked up laptops and departmental servers and Helping people bed with a disaster by having well accessible phone lists, e-mail lists, instant-messenger lists so people can communicate with love ones and colleagues. CONCLUSIONS The goal of network security is to sustain and defend three critical properties of information, which are confidentiality, integrity and availability. The most common threats to network security comes from disgruntled employees, DoS attacks and beady-eyed code attacks.All these threats try to break dance the security of a network or system. V arious information security and privacy laws exist, which must be followed by companies period installing and managing their computer network. Various techniques such as firewalls, encryption and VPN are used for securing network. In addition, security polices and disaster recovery and business continuity plan are implemented for securing network. FUTURE ACTION downstairs are some methods for securing network from the top three security threats to a network. Disgruntled employees type of threats can be peculiar(a) by invalidating passwords and deleting system accounts in a timely manner by network (system) administrator.According to Tulloch (2003), defenses against DoS attacks can be done by alter unneeded network services to limit the attack surface of companies network enabling disk quotas for all accounts including those used by network services implementing filtering on routers and fleck operating systems to reduce exposure to SYN deluge base-lining normal network usage to care identify such attacks in order to quickly defeat them and regularly living up system configuration information and ensuring strong password policies.To prevent malicious code attacks from occurring, regular check with vendors to ensure systems are running a correct version of sendmail or some more secure mail product are necessary. Network Security through computer software and Hardware can be implemented by Modular and cheaper workgroup firewalls. By having host based and network based trespass detection systems Active security by providing auto mated responses to agents. Centralized focus Content filtering Acceptance of PKI By having token, smartcard or biometric based access solutions. Some raw material protecting tips for computer (in network) that should be provided to all the staffs in the organization are perpetually use Anti-virus Software Download security updates and patches regularly and update computer systems. Do not check or transfer emails an d attachments from unknown sources Back Up your data regularly. Use Firewall Do not circumstances access to your computer hard drives in network Attachments.REFERENCES Tulloch, M.2003, Microsoft Encyclopedia of Security, Microsoft Press, Washington, United States of America. Parmar, S. K. & CST, N. Cowichan Duncan RCMP Det (cmpl), An Introduction to Security Manual McNurlin, B. C & Sprague, R. H 2006, Information Systems Management in Practice, 7th ed. , Pearson Education, New island of Jersey United States Congress, Privacy Act of 1974. Public Law No. 93-579, 88 Stat.1897 (Dec. 31, 1974) CERT study and Education software Engineering play (2006). Information Security for Technical Staff, pupil handbook, Camegie Mellon University, USA Robinson, S, 2003, U. S. Information Security Law, accessed on October 20, 2007 from .