2nd Topic for the week!~
Network Address Translation(NAT)
It is the process of mapping internal private IP address to a pool of global IP addresses (provided by the Internet Service Providers).
It allows one to one, and many to many IP translations.
When a organisation has many users, it is pointless to purchase an equal number of global IP addresses from the Internet Service Providers. So what can be done is to set up a private network using private IP addresses. Now, since private IP addresses can be repeated as many times as possible in private networks, they need something to allow their users to access the Internet normally. That is where the NAT would come in, mapping global IP addresses to private IP addresses allows users from private networks to access the Internet as per normal.
Port Address Translation(PAT)
Port Address Translation is an extension of Network Address Translation that allows multiple devices on a local area network (LAN) to be mapped to a single public IP address. The goal of PAT is to conserve IP addresses.
With PAT, multiple computers can be given the exact same IP address but with different port numbers assigned to it. This can happen simultaneously, and the router would still know which computer to send specific packets to because each computer has a unique internal address.
Port Address Translation is also called porting, port overloading, port-level multiplexed NAT and single address NAT.
Friday, 4 May 2012
Perimeter Router, Internal Router & Firewall
First off,
Perimeter Router
You may be wondering..
What the hell is a Perimeter Router and what is its purpose??
A Perimeter Router is a router that is installed on a perimeter segment of a network.
A perimeter segment is an area which connects a network to an untrusted network or an area which is located outside of the corporate firewalls.
Basically, a Perimeter Router is like the door to your house. It sits there and it connects your house (your network) to the world (the whole internet).
Its purpose is to offer and provide minimal protection to the trusted network from any untrusted networks apart from performing packet filtering on traffic.
Due to the fact that Perimeter Routers connect the networks that can be reached via the Internet, they are often the target of hackers trying to exploit any security vulnerabilities.
An unsecured perimeter router would be weak at filtering unwanted network traffic, as well as becoming an easy target for Denial Of Service (DoS) attacks, which can halt the network. Whereas a secured perimeter router can prevent network reconnaissance (the gathering of information to prepare for an attack) and therefore the attacks themselves.
__________________________________________________________________________________
Up next would be...
Internal Router
An Internal Router, a router that is normally set as a form of backup should the first router go down, whether due to an attack or a physical issue. This backup is to ensure that traffic can still flow within the internal network at all times.
Apart from that, it does filtering of traffic for the internal network as well.
__________________________________________________________________________________
And last but not least for the topic is...
Firewall
A Firewall is a set of related programs found at a network gateway server. It provides a certain level of protection on the resources of an internal network from users from other networks.
A Firewall is able to prevent outsiders from viewing private data and users from viewing certain outside resources.
Perimeter Router
You may be wondering..
What the hell is a Perimeter Router and what is its purpose??
A Perimeter Router is a router that is installed on a perimeter segment of a network.
Basically, a Perimeter Router is like the door to your house. It sits there and it connects your house (your network) to the world (the whole internet).
Its purpose is to offer and provide minimal protection to the trusted network from any untrusted networks apart from performing packet filtering on traffic.
Due to the fact that Perimeter Routers connect the networks that can be reached via the Internet, they are often the target of hackers trying to exploit any security vulnerabilities.
An unsecured perimeter router would be weak at filtering unwanted network traffic, as well as becoming an easy target for Denial Of Service (DoS) attacks, which can halt the network. Whereas a secured perimeter router can prevent network reconnaissance (the gathering of information to prepare for an attack) and therefore the attacks themselves.
__________________________________________________________________________________
Up next would be...
Internal Router
An Internal Router, a router that is normally set as a form of backup should the first router go down, whether due to an attack or a physical issue. This backup is to ensure that traffic can still flow within the internal network at all times.
Apart from that, it does filtering of traffic for the internal network as well.
__________________________________________________________________________________
And last but not least for the topic is...
Firewall
A Firewall is a set of related programs found at a network gateway server. It provides a certain level of protection on the resources of an internal network from users from other networks.
A Firewall is able to prevent outsiders from viewing private data and users from viewing certain outside resources.
WEEK 2 WEek 2 Week 2 week 2
This week, I am going to blog about 4 different topics, so there'll be 4 different posts.
1) Perimeter Router, Internal Router & Firewall
2) Network/ Port Address Translation
3) Common Threats To Router and Switch Physical & Mitigation
4) Secure Perimeter Routers & Disable Services & Logging.
I'll start posting about the topics stated above right after this messages..
OCP (Overseas Community Program) is coming right up most probably in our next Semester Break.
There will be NO subsidy, so you have to pay in full..
But all are encouraged to go.
Possible Countries are : Cambodia, Myanmar, China, Thailand, Germany, Britain, France, USA, and many more.
WHY WAIT?
Sign up now!
1) Perimeter Router, Internal Router & Firewall
2) Network/ Port Address Translation
3) Common Threats To Router and Switch Physical & Mitigation
4) Secure Perimeter Routers & Disable Services & Logging.
I'll start posting about the topics stated above right after this messages..
OCP (Overseas Community Program) is coming right up most probably in our next Semester Break.
There will be NO subsidy, so you have to pay in full..
But all are encouraged to go.
Possible Countries are : Cambodia, Myanmar, China, Thailand, Germany, Britain, France, USA, and many more.
WHY WAIT?
Sign up now!
Thursday, 26 April 2012
Security Policy
Security Policy, whats that?
Security Policy is the definition of what it means to be secure whether for a organisation or system.
For organisations, the security policies focuses on physical security like doors, wall and keys. For systems, it deals with constraints on functions, restrictions on access by external systems and other things including access control by any user and programs.
In this post, I would type about a few types of Security Policies, just like the previous post. (:
Different kinds of Security Policies
First
Access Control is a security policy whereby different users are given different levels of accessing any form of resource. The resource can be a building, a certain room or digital information.
It has been applied to nearly everywhere in our lives. A common example would be our keys to our homes, or the keys to our letter boxes. Even our bank cards are also a form of access control as it only allows the card holder to have access to the money in the bank.
The importance of access control is considerably high when certain information or equipment needs to be secured and kept safe.
Second
Network Security Policies are documents that contains the rules for computer network access, it also tells of how the enforcement of policies are done besides showing the basic layout of the company's security or network security environment.
Usually the document itself is quite long and drawn up by a committee, and it goes further beyond the simple purpose of "not letting anyone bad in". The document can be quite complicated and contains sentences which need time to be understood as it is meant to govern many important things ranging from data access, web-browsing permissions, passwords,, encryption and more. This document actually speaks in detail of each rule for lone users or a groups of users within the company.
Third
Last but not least I would be posting about User Account Policy.
Again, it is another document but it contains the requirements that needed to be fulfilled concerning Requesting and Maintain an account on the system or network in the organisation.
Massive sites like Facebook would most likely have their own User Account Policy implemented and given to all registering users to read and agree to it.
Some policy contents include things like
Some policy contents include things like
- Should state who has the authority to approve account requests.
- Should state who is the allowed to use the resources (eg. employees or students only)
- Should state any citizenship/resident requirements.
- Should state if users are allowed to share accounts or if users are allowed to have multiple accounts on a single host.
- Should state the users' rights and responsibilities.
- Should state when the account should be disabled and archived.
- Should state how long the account can remain inactive before it is disabled.
- Should stated password construction and aging rules.
The End
Common Networking Attacks Threats and Solution
Definition of Network Attack
Basically any method, way or means that is used to intentionally compromise any form of network security can be considered as a Network Attack.
How many Network Attacks are there?
Honestly, too many for myself to read on the Internet and type here. So I'll just post about a few, hopefully in words you and I can understand.Moving on...
Any information after this sentence should pertain to the subject or topic that is "Common Network Attacks", do feel free to comment about anything on this blog or its posts as long as it is made in a polite and friendly manner. (:
Or else I will find you and hunt you down.
I'm serious.
I don't joke.
HAHAHA
Okay okay, I hope you're enjoying this post as much as I have typing this out for you all!
HAHAHA
Okay okay, I hope you're enjoying this post as much as I have typing this out for you all!
Back to work!
First
Data modification or data manipulation is a form of network attack where changes are made to private company data whether the data has been interpreted, modified or deleted. This network attack is considered properly completed when the sender doesn't realize that the data has been tinkered with.
Solutions:
1) Backup the important data (whether its yours or the company's) regularly.
2) Implementing Access Control Lists (ACLs) which would manage the users and only allow a few qualified people you trust to have permission to access your data.
3) Insert codes into your applications that can actually validate the data input to ensure that the information or data has not been tampered with.
Second
Eavesdropping is done when the perpetrator, like some sort of pervert, actually stalks and snoops in on your network traffic and just reading any data he can find. What he understands of course, depends entirely on the level of protection applied to your data.
Solutions:
1) Use Internet Protocol Security (IPSec) to grant some form of protection on your data through encryption before the data gets sent over the network.
2) Security policies and procedures are also another way to defend your data from getting a sniffer on the network.
Note: Sniffer is a type of software or hardware that allows the user to log or record down moving traffic and intercept them on a network.
Third
IP address spoofing, in simple terms, identity theft but in IP style. The attacker masquerades his IP as one which belongs to a valid IP address to the company targeted. Upon doing so, the attacker would do his utmost best to discover the other computers on the network. Since most IP networks associate users with their specific IP addresses, this fake packet gets through the routers and lands up where ever the attacker wishes. He can then choose to change the flow of traffic or start a Denial of Service (DoS) attack.
Solutions:
1) Set up encryption at the traffics between routers and external hosts.
2) Implement ingress filters to block any inbound packets with source addresses coming from trusted users within the internal network.
The End
I have come to the end of my first post, and I do hope you all have enjoyed reading this little brief introduction on a few network attacks.
Wednesday, 25 April 2012
Subscribe to:
Posts (Atom)