Which Are The Most Common Network Security Risks

written by: Yoko Jelkovich; article published: year 2006, month 07;


In: Categories » Computers and technology » Data security » Which Are The Most Common Network Security Risks

A network security incident isany network-related activity with negative security implications. Security incidents on the Internet can come in all shapes and sizes, launched from specific systems or networks. An intrusion may be a comparatively minor event involving a single site or a major event in which tens of thousands of sites are compromised. A typical attack pattern consists of gaining access to a user's account and using the victim's system as a launch platform for attacks on other sites. The following are other examples of security risks in the network environment.

Hacking

Hacking is any attempt by an intruder to gain unauthorised access to a computer system. Activities carried out by hackers can include denial of service (DoS), dumping, port scanning and sniffing. Denial of service (DoS) prevents or inhibits the normal use or management of communication facilities. The attacker can redirect or suppress all messages to a particular destination. DoS attacks are initiated with software and can be launched by rival businesses or individuals with little or no computer skills (NOIE, 2002). Internet 'dumping', more applicable to small businesses, is when someone utilises the company's modem to place calls to high-cost premium rate or international numbers. This can be achieved by inducing users (often by promising adult content) to download new Internet dialer software, replacing their ISP connection. Proving that dumping was conducted without the user's knowledge can often be difficult. To prevent dumping, telecommunications companies can place a bar on all premium calls starting with 190 (e.g., 1900, 1901, 1902, etc.) and on international phone services. If business computers are not equipped with modems, dumping should not be a problem (NOIE, 2002).

Port Scanning and Sniffing

Port scanning scans a range of TCP (Transport Control Protocol) port numbers, UDP (User Datagram Protocol) port numbers, or both for a single host IP (Internet Provider) address in order to identify services running on the host computers. Sniffing programs can be installed on computer systems to observe traffic, storing information (ID/Passwords) that can be used to access other systems. Sniffer software tracks data travelling over the Internet or a corporate network. Unauthorised sniffers can compromise a network's security because they are difficult to detect and can be inserted almost anywhere.

Viruses

A computer virus is a program that can infect other programs by modifying them to include a copy of itself. A virus can be transmitted through an attachment to an e-mail, and by downloading infected programs and files either from web sites, floppy disks or CDs. Depending on the code in the virus program, some will activate as soon as the file is opened, while others will lie dormant in the computer system until activated by a trigger such as a specific date, execution of a particular key on the keyboard or activation by a particular function such as forwarding an e-mail to another user in the organization. Similar to human viruses, computer viruses can grow, replicate, travel, adapt and learn and consume resources.
Other virus-related attacks include worms. Worms install themselves on a machine, and actively seek to send themselves to other machines to infest those machines. Without any human action worms can spread more quickly than viruses. On January 25, 2003 a worm called Slammer spread with an astonishing speed on the Internet. Within ten minutes the Slammer had infested about 90% of vulnerable hosts on the Internet. Although it was controlled within hours, it had achieved its aim of infesting all vulnerable servers before the world even realised what was happening. The best protection against computer viruses is to use anti-virus software installed on all computers, and updated regularly.

Flaws in Technology and Software or Protocol Designs

If systems obtained from vendors are not aligned to the organization's security system it can lead to easy break-in to networks. When software and systems are first installed they come in a number of default settings, sample programs, and templates that are vulnerable to attack. Ignorance of implementation details by system administrators, sometimes due to a lack of time, a lack of expertise, or improper management also sacrifices security (www.softheap.com). Protocols define the rules and conventions for computers to communicate on a network. If a protocol has a design flaw it is vulnerable to exploitation no matter how well it is implemented. With software implementations, if security is added on later, it sometimes does not respond to security checks as planned, leading to unexpected vulnerabilities.
S-HTTP is exactly what its name suggests: a security-enhanced extension of the Hypertext Transfer Protocol. S-HTTP works at the application level, encrypting the contents of messages relayed between a browser and a server, allowing client and server to negotiate the strength and type of encryption to be used. S-HTTP supports end-to-end secure transactions by incorporating cryptographic enhancements to be used for data transfer at the application level.

Intruders' Technical Knowledge

For an intruder to achieve access to a system, he or she would have to have a good understanding of network topology, operations, protocols, databases and information management structures. Intruders can examine source code to discover weaknesses in certain programs, such as those used for electronic mail. Source code sometimes is easy to obtain from programmers who make their work freely available on the Internet. Programs written for research purposes (with little thought for security) or written by naive programmers become widely used, with source code available to all.
It is difficult to characterise people who cause security incidents. An intruder may be an adolescent who is curious about what he or she can do on the Internet, a college student who has created a new software tool, an individual seeking personal gain, or a 'paid spy' seeking information for the economic advantage of a corporation or foreign country. A disgruntled former employee or a consultant who gained network information while working with a company may also cause a security incident. An intruder may also seek entertainment, intellectual challenge, and a sense of power, political attention, or financial gain.

legal disclaimer

1) Our website is not responsible for the information contained by this article as well for any and all copyright infringements by authors and writers. E-articles is a free information resource. If you suspect this article for any copyright infringements, please read the Terms of service and contact us to investigate the problem.
2) The E-articles directory team is not responsible for inaccuracies, falsehoods, or any other types of misinformation this tutorial may contain and will not be liable for any loss or damage suffered by a user through the user's reliance on the information gained here. Please read the Terms of service

Useful tools and features

Translate this article to...    Send this article to you or to a friend

Link to this article from your page   
If you like this article (tutorial), please link to it from your web page using the information above. Linking to this page, this is the only way to help us improve our service, the same time providing your visitors with a way to improve their online experience.

related articles

1. How to protect against Spoofing and Session Hijacking
Spoofing is the term hackers use to describe the act of faking information sent to a computer. This is a broad definition of spoofing, but there are many subtle variations of this attack. However, the purpose is generally the same: to disguise the location from which the attack originates. Session hijacking takes the act of spoofing one step further. It involves the faking of one's identity in order to take over a connection that is already established. Because spoofing is required in order to successfully hijack a conn...

2. The Most Common Network Security Tools and Technologies
The following taxonomy is useful in understanding the security systems, technologies and authentication tools widely available to support secure transmission and storage of information in a networked e-business environment. Firewalls Firewalls are used to keep a network secure from intruders. A firewall is a network node consisting of both hardware and software that isolates a private network. In order to understand how a firewall works, one should have an understanding of packets, IP addresses and DoS attacks. Howev...

3. Securing Multiple Servers and Domains with SSL
As organizations and service providers enhance their Web sites and extranets with newer technology to reach larger audiences, server configurations have become increasingly complex. They must now accommodate: Redundant server backups that allow Web sites and extranets to maximize site performance by balancing traffic loads among multiple servers Organizations running multiple servers to support multiple site names Organizations running multiple servers to support a s...

4. How to protect against Unexpected Inputs
When you surf the Internet, you download one of two types of Web pages to your computer: static or dynamic. A static Web page sits on a Web server until a client computer sends a request for it. Once requested, the Web page is then downloaded to the client computer exactly as it was created, where the Web browser then views the page. A static Web page is really nothing more than a brochure or advertisement, and does not allow the true power of the Internet to be expressed. However, a static page is relatively safe from hackers....

5. What are Buffer Overflows
Exploiting a buffer overflow is an advanced hacking technique. However, it is a leading type of security vulnerability. To understand how a hacker can use a buffer overflow to infiltrate or crash a computer, you need to understand exactly what a buffer is. A computer program consists of many different variables, or value holders. As a program is executed, these different variables are assigned a specific amount of memory as required by the type of information the variable is expected to hold. For example, a short integer ...

6. Protecting the Security of Information
The first and best line of defense against unwarranted intrusions into personal privacy is for individuals to employ e-commerce technology to protect themselves. Industry-developed and supplied encryption technologies and firewalls, for example, provide individuals with substantial tools to guard against unwarranted intrusions. Encryption is technology, in either hardware or software form, which scrambles e-mail, database information, and other computer data to keep them private. Using a sophisticated mathemati...

7. Why Is Authenticated SSL Necessary
Notions of identity and authentication are fundamental concepts in every marketplace. People and institutions need to get to know one another and establish trust before conducting business. In traditional commerce, people rely on physical credentials (such as a business license or letter of credit) to prove their identities and assure the other party of their ability to consummate a trade. In the age of e-business, authenticated SSL certificates provide crucial online identity and security to help establish trust between ...

8. Virus Prevention ~ How to protect against Internet Viruses
There are several elements to a good virus defense. The most important element requires some self-control—you must NEVER open a file/program unless you are 100% sure it is not infected. No matter how attractive the file is, where it came from, or what it promises you, you can never assume that a file is what it claims to be. For example, the Melissa virus reproduced through email and sent copies of itself to every one in the victim's address book. Because of this, relatives and friends of the victim were soon infected as ...

9. How to protect against Hostile Web Pages and Scripting
The dangers of Trojans and viruses are well known. However, many computer users are completely unaware of the dangers involved in viewing Web pages. Through scripting languages, Web page operators can upload and download files to your device (PC/PDA). They can also install mini-programs or grab information from you that can be used to destroy or take over your computer. Every time you go to a Web page, you actually download the full document to your computer. This includes all text, pictures, and even any code that is r...

10. Features of Windows Encrypting File System (EFS)
• Only available on Windows 2000 and Windows XP operating systems using NTFS partitions and volumes. (NTFS v5). • Encryption is transparent to the user. • Uses public-key encryption. Using a public key from the user’s certificate encrypts keys that are used to encrypt the file. The list of encrypted fileencryption keys is kept with the encrypted file and is unique to it. When decrypting the file encryption keys, the file owner provides a private key that only he has. ...