O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Network Security Threats and Solutions

158.562 visualizações

Publicada em

Publicada em: Educação
  • Entre para ver os comentários

Network Security Threats and Solutions

  1. 1. By Colin Daly W20028223 February 2009
  2. 2. <ul><li>With an increasing amount of people getting connected to networks, the security threats that cause massive harm are increasing also. </li></ul><ul><li>Network security is a major part of a network that needs to be maintained because information is being passed between computers etc and is very vulnerable to attack. </li></ul><ul><li>Over the past five years people that manage network security have seen a massive increase of hackers and criminals creating malicious threats that have been pumped into networks across the world.(Source [1]: ITSecurity, 2007) </li></ul>
  3. 3. <ul><li>According to ITSecurity.com the following are ten of the biggest network threats: </li></ul><ul><li>“ 1.Viruses and Worms”, </li></ul><ul><li>“ 2.Trojan Horses”, </li></ul><ul><li>” 3.SPAM”, </li></ul><ul><li>“ 4.Phishing”, </li></ul><ul><li>“ 5.Packet Sniffers”, </li></ul><ul><li>” 6. Maliciously Coded Websites”, </li></ul><ul><li>” 7. Password Attacks”, </li></ul><ul><li>“ 8.Hardware Loss and Residual Data Fragments”, </li></ul><ul><li>“ 9. Shared Computers”, </li></ul><ul><li>“ 10.Zombie Computers and Botnets” (ITSecurity [2], 2007) </li></ul>
  4. 4. <ul><li>A Virus is a “program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes (Webopedia [3], 2007)”. </li></ul><ul><li>Viruses can cause a huge amount of damage to computers. </li></ul><ul><li>An example of a virus would be if you opened an email and a malicious piece of code was downloaded onto your computer causing your computer to freeze. </li></ul>
  5. 5. <ul><li>In relation to a network, if a virus is downloaded then all the computers in the network would be affected because the virus would make copies of itself and spread itself across networks (Source [4]: Trendmicro.com, 2008). </li></ul><ul><li>A worm is similar to a virus but a worm can run itself whereas a virus needs a host program to run. (Source [5]: TechFAQ, 2008) </li></ul><ul><li>Solution: Install a security suite, such as Kaspersky Total Protection, that protects the computer against threats such as viruses and worms. </li></ul>
  6. 6. <ul><li>A Trojan Horse is “a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. (SearchSecurity.com [6], 2004)” </li></ul><ul><li>In a network if a Trojan Horse is installed on a computer and tampers with the file allocation table it could cause a massive amount of damage to all computers of that network. </li></ul><ul><li>Solution: Security suites, such as Norton Internet Security, will prevent you from downloading Trojan Horses (Source: Symantec [7], 2007). </li></ul>
  7. 7. <ul><li>SPAM is “flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. (Spam.abuse.net [7], 2009)”. </li></ul><ul><li>I believe that SPAM wouldn’t be the biggest risk to a network because even though it may get annoying and plentiful it still doesn’t destroy any physical elements of the network. </li></ul><ul><li>Solution: SPAM filters are an effective way to stop SPAM, these filters come with most of the e-mail providers online. Also you can buy a variety of SPAM filters that work effectively. </li></ul>
  8. 8. <ul><li>Phishing is “an e-mail fraud method in which the perpetrator sends out legitimate-looking emails in an attempt to gather personal and financial information from recipients. (SearchSecurity.com [9], 2003)” </li></ul><ul><li>In my opinion phishing is one of the worst security threats over a network because a lot of people that use computers linked up to a network are amateurs and would be very vulnerable to giving out information that could cause situations such as theft of money or identity theft. </li></ul><ul><li>Solution: Similar to SPAM use Phishing filters to filter out this unwanted mail and to prevent threat. </li></ul>
  9. 9. <ul><li>“ A packet sniffer is a device or program that allows eavesdropping on traffic travelling between networked computers. The packet sniffer will capture data that is addressed to other machines, saving it for later analysis. (Wisegeek.com [10], 2009)” </li></ul><ul><li>In a network a packet sniffer can filter out personal information and this can lead to areas such as identity theft so this is a major security threat to a network. </li></ul><ul><li>Solution: “When strong encryption is used, all packets are unreadable to any but the destination address, making packet sniffers useless. (Wisegeek.com [11], 2009)” So one solution is to obtain strong encryption. </li></ul>
  10. 10. <ul><li>Some websites across the net contain code that is malicious. </li></ul><ul><li>Malicious code is “Programming code that is capable of causing harm to availability, integrity of code or data, or confidentiality in a computer system… (Answers.com [12], 2009)” </li></ul><ul><li>AVG report that “300,000 infected sites appear per day (PC Advisor [13], 2009)” </li></ul><ul><li>Solution: Using a security suite, such as AVG, can detect infected sites and try to prevent the user from entering the site. </li></ul>
  11. 11. <ul><li>Password attacks are attacks by hackers that are able to determine passwords or find passwords to different protected electronic areas. </li></ul><ul><li>Many systems on a network are password protected and hence it would be easy for a hacker to hack into the systems and steal data. </li></ul><ul><li>This may be the easiest way to obtain private information because you are able to get software online that obtains the password for you. </li></ul><ul><li>Solution: At present there is no software that prevents password attacks. </li></ul>
  12. 12. <ul><li>Hardware loss and residual data fragments are a growing worry for companies, governments etc. </li></ul><ul><li>An example this is if a number of laptops get stolen from a bank that have client details on them, this would enable the thief’s to get personal information from clients and maybe steal the clients identities. </li></ul><ul><li>This is a growing concern and as of present the only solution is to keep data and hardware under strict surveillance. </li></ul>
  13. 13. <ul><li>Shared computers are always a threat. </li></ul><ul><li>Shared computers involve sharing a computer with one or more people. </li></ul><ul><li>The following are a series of tips to follow when sharing computers: “Do not check the “Remember my ID on this computer” box … Never leave a computer unattended while signed-in … Always sign out completely … Clear the browsers cache … Keep an eye out for “shoulder surfers” … Avoid confidential transactions … Be wary of spyware … Never save passwords … Change your password often (security.yahoo.com [14], 2009)” </li></ul>
  14. 14. <ul><li>“ A zombie computer, or “drone” is a computer that has been secretly compromised by hacking tools which allow a third party to control the computer and its resources remotely. (WiseGeek.com [15], 2009)” </li></ul><ul><li>A hacker could hack into a computer and control the computer and obtain data. </li></ul><ul><li>Solution: Antivirus software can help prevent zombie computers. </li></ul>
  15. 15. <ul><li>A botnet “is a number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the internet. (SearchSecurity.com [16], 2004)”. </li></ul><ul><li>This is a major security threat on a network because the network, unknown to anyone, could be acting as a hub that forwards malicious files etc to other computers. </li></ul><ul><li>Solution: Network Intrusion Prevention (NIP) systems can help prevent botnets (Source: SearchSecurity.com [17], 2009). </li></ul>
  16. 16. <ul><li>Network Security is a very broad field and being a Network Security manager is not an easy job. </li></ul><ul><li>There are still threats such as password attacks that have no prevention. </li></ul><ul><li>Many of the threats set out to get personal information. </li></ul>
  17. 17. <ul><li>[1] ITSecurity. (2007) Network Security Threats for SMBs. Available at: http://www.itsecurity.com/features/network-security-threats-011707/ (Accessed: 11 th February 2009). </li></ul><ul><li>[2] ITSecurity. (2007) Network Security Threats for SMBs. Available at: http://www.itsecurity.com/features/network-security-threats-011707/ (Accessed: 11 th February 2009). </li></ul><ul><li>[3] Webopedia. (2007) Virus. Available at: http://www.webopedia.com/TERM/v/virus.html (Accessed: 11 th February 2009). </li></ul><ul><li>[4] Trend Micro. (2008) Network viruses . Available at: http://us.trendmicro.com/us/threats/enterprise/glossary/n/network-viruses/index.php (Accessed: 11 th February 2009). </li></ul><ul><li>[5] TechFAQ. (2008) What is a Computer Worm? Available at: http://www.tech-faq.com/computer-worm-virus.shtml (Accessed: 11 th February 2009). </li></ul><ul><li>[6] Search Security. (2004) Trojan horse. Available at: http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213221,00.html (Accessed: 11 th February 2009). </li></ul>
  18. 18. <ul><li>[7] Symantec. (2007) Trojan Horse. Available at: http://www.symantec.com/security_response/writeup.jsp?docid=2004-021914-2822-99 (Accessed: 11 th February 2009). </li></ul><ul><li>[8] Spam.abuse.net (2009) What is spam? Available at: http://spam.abuse.net/overview/whatisspam.shtml (Accessed: 11 th February 2009). </li></ul><ul><li>[9] Search Security. (2003) phishing. Available at: http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci916037,00.html (Accessed: 11 th February 2009). </li></ul><ul><li>[10] Wise Geek. (2009) What is a Packet Sniffer? Available at: http://www.wisegeek.com/what-is-a-packet-sniffer.htm (Accessed: 11 th February 2009). </li></ul><ul><li>[11] Wise Geek. (2009) What is a Packet Sniffer? Available at: http://www.wisegeek.com/what-is-a-packet-sniffer.htm (Accessed: 11 th February 2009). </li></ul><ul><li>[12] Answers.com (2009) malicious code. Available at: http://www.answers.com/topic/malicious-code (Accessed: 11 th February 2009). </li></ul>
  19. 19. <ul><li>[13]PC Advisor. (2009) Websites hosting malicious code on the up. Available at: http://www.pcadvisor.co.uk/news/index.cfm?newsid=110102 (Accessed: 11 th February 2009). </li></ul><ul><li>[14] Yahoo Security Center. (2009) Using shared computers. Available at: http://security.yahoo.com/article.html?aid=2006102604 (Accessed: 11 th February 2009). </li></ul><ul><li>[15] Wise Geek. (2009) What is a Zombie Computer? Available at: http://www.wisegeek.com/what-is-a-zombie-computer.htm (Accessed: 11 th February 2009). </li></ul><ul><li>[16] Search Security. (2004) botnet. Available at: http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci1030284,00.html (Accessed: 11 th February 2009). </li></ul><ul><li>[17] Search Security. (2009) Network Intrusion Prevention (IPS) . Available at: http://searchsecurity.techtarget.com/topics/0,295493,sid14_tax299840,00.html (Accessed: 11 th February 2009). </li></ul>