Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Web Security

advertisement 
Web Security
The nature of the internet makes it vulnerable to attack. Estimates claim that there are
over 2 billion users connected via the Internet. Originally designed to allow for the freest
possible exchange of information, it is widely used today for commercial purposes. This
poses significant security problems for organizations when protecting their information
assets. For example, hackers and virus writers try to attack the Internet and computers
connected to the Internet.
Some want to invade others’ privacy and attempt to crack into databases of sensitive
information or sniff information as it travels across Internet routes.
The concept of Web
The Internet Protocol is designed solely for the addressing and routing of data packets
across a network. It does not guarantee or provide evidence on the delivery of messages.
There is no verification of an address. The sender will not know if the message reaches
its destination at the time it is required. The receiver does not know if the message came
from the address specified as the return address in the packet. Other protocols correct
some of these drawbacks.
1. Web Security Threats
There are two major classes of security threats:
• Passive Attacks.
• Active Attacks.
2. Passive attacks
This class of network attacks involves probing for network information. These passive
attacks can lead to actual active attacks or intrusions/penetrations into an organization’s
network.
By probing for network information, the intruder obtains network information as that can
be used to target a particular system or set of systems during an actual attack.
Types of Passive attacks
Examples of passive attacks that gather network information include the following:
• Network Analysis
• Eavesdropping
• Traffic Analysis
3. Active Attacks
Once enough network information has been gathered, the intruder will launch an actual
attack against a targeted system to either gain complete control over that system or
enough control to cause certain threats to be realized. This may include obtaining
unauthorized access to modify data or programs, causing a denial of service, escalating
privileges, accessing other systems. They affect the integrity, availability and
authentication attributes of network security.
4. Types of Active attacks
Common form of active attacks may include the following:
• Masquerading – involves carrying out unauthorized activity by impersonating a
legitimate user of the system.
• Piggybacking – involves intercepting communications between the operating system
and the user and modifying them or substituting new messages.
Spoofing – A penetrator fools users into thinking they are interacting with the operating
system. He duplicates logon procedure and captures pass word.
• Backdoors/trapdoors – it allows user to employ the facilities of the operating system
without being subject to the normal controls.
• Trojan Horse – Users execute the program written by the penetrator. The program
undertakes unauthorized activities e.g. a copy of the sensitive data.
5 Threat Impact
It is difficult to assess the impact of the attacks described above, but in generic terms the
following types of impact could occur:
• Loss of income
• Increased cost of recovery (correcting information and re-establishing services)
• Increased cost of retrospectively securing systems
• Loss of information (critical data, proprietary information, contracts)
• Loss of trade secrets
• Damage to reputation
• Degraded performance in network systems
• Legal and regulatory non-compliance
• Failure to meet contractual commitments
6. Methods to avoid internet attacks:
1. Define the problem
The start of handling the problem would be to know the problem or the security threat
seeking management’s attention. Only then can the people be appointed to address the
threat.
Greatest concern about network attacks is finding the right people to handle daily
network security operations. It's critical that you have key people with the right
experience and background. There's no magic bullet, it doesn't come because we buy nice
software and put it in our budget and have a nice appliance somewhere. It's got to be
through the use of people. They have to be well-trained.
Consolidate standards and purchasing power
Internet attacks, as discussed can be from various sources. The attackers tend to be more
creative by identifying new weaknesses in the systems. All major threats the management
feels the information systems is vulnerable to should be consolidated. This would help in
identifying standards and security products which can help in securing the system against
that particular set of internet attacks. There are instances where the organizations end up
buying more that one security products to address the same security threat, thus
increasing investment.
Think risks
The network attackers are getting smarter every day. Organizations and people want their
data to be protected. Businesses must operate within a similar risk management culture.
A comprehensive risk based approach starting from identifying risks may be a better
solution.
4. Fix configurations
Configuration management is going to be very important. Without configuration
standards, applying software security tools becomes too costly. If a laptop is
misconfigured or doesn't have the right security software, the next step should be to deny
network access to that laptop until it meets the standard. Enforcing safe software
configurations is especially critical on mobile devices that use wireless connections to
access agency networks. With good configuration management practices, agencies can
provide centrally managed security and still protect handheld and mobile devices.
Better people mean more secure networks
The shortage of trustworthy people with IT security skills is a chronic problem that is
unlikely to ever disappear. Enough engineers and computer scientists should be trained in
computer security skills getting people with the right technical background to do the
work has been the biggest need of all.
Identify problems early and react fast
The most common approach to computer and network security is to wait for an attack and
then go after it. The organization’s management needs to be more proactive with
embedded security services to get ahead of significant threats before they can pull the
company off its routine operations.
Factors Encouraging Internet Attacks
Generally, Internet attacks of both a passive and active nature occur for a number of
reasons, including availability of tools and techniques on the Internet or as commercially
available software that an intruder can download easily. For example, to scan ports, an
intruder can easily obtain network scanners; various password cracking programs are
available free or at a minimal cost. Lack of security awareness and training among an
organization’s employees. No matter how perfect a system is made by removing all
possible vulnerabilities, there are still chances that weaknesses exist and the system can
be intruded at any given time. Inadequate security over firewalls and operating
systems may allow intruders to view internal addresses and use network services
indiscriminately.
Related documents
Lecture 3
Lecture 3
Network Security
Network Security
Cryptography and Network Security 4/e
Cryptography and Network Security 4/e
sequence authentication
sequence authentication
Cryptography and Network Security Chapter 1
Cryptography and Network Security Chapter 1
Computer Security: Principles and Practice, 1/e
Computer Security: Principles and Practice, 1/e
Introduction to Network Security
Introduction to Network Security
Download
advertisement