Verified Document

Network Security Research Paper

Network Security: Past, Present and Future The work of Curtin (2007) states that a network is defined as "any set of interlinking lines resembling a net, a network of roads -- an interconnected system, a network of alliances." Quite simply a computer network is a system of computers that are interconnected. There are seven layers of communication types identified by the International Standards Organization (ISO) Open Systems Interconnect (OSI) Reference Model as well as the interfaces among them. Each layer is stated to be dependent on the services that the layer above it provides including the physical network hardware.

Technology: Description and Area of Research

The most popular networks which have been used over the past twenty-five years and which include both private and public networks include the following network services: (1) UUCP -- Unix-to-Unix CoPy: This was developed originally for connecting Unix hosts together however, since that time UUCP is reported to have "been ported to many different architectures, including PCs, Macs, Amigas, Apple IIs, VMS hosts, everything else you can name, and even some things you can't. Additionally, a number of systems have been developed around the same principles as UUCP." (Curtin, 1997) (2) Batch-Oriented Processing: UUCP and similar systems are batch-oriented systems, everything that they have to do is added to a queue and then at some specified time, everything in the queue is processed. (Curtin, 1997) (3) Implementation Environment -- UUCP networks most commonly were built for use with dial-up or modem connections. However, UUCP can be used over any type of connection between two computers and this includes over an Internet connection. The construction of UUCP networks is simply a matter of "configuring two hosts to recognize each other, and know how to get in touch with each other. Adding on to the network is simple; if hosts called A and B. have a UUCP network between them, and C. would like to join the network, then it must be configured to talk to A and/or B. Naturally, anything that C. talks to must be made aware of C's existence before any connections will work. Now, to connect D. To the network, a connection must be established with at least one of the hosts on the network…" (Curtin, 1997)

There are security tradeoffs with any networking application and this is true as well of the UUCP network. The UUCP is limited in its applications making it harder to break the security of these type networks and since it has been in use for quite a while the largest part of its weak points have been identified and corrected. UUCP networks work through a system-wide UUCP user account and password therefore any system connected with a UUCP connection and then connecting to another is required to know the password for the uucp or nuucp account. Recently an additional layer of authentication has been added requiring the hosts have the same sequence number which is stated to be "incremented each time a connection is made." (Curtin, 1997) Another type of network is the Internet stated to be the largest of all networks in the world. The Internet connection is actually a connection first to a network, which is connected to the 'Internet backbone', which is described as a network of "extremely fast (and incredibly overloaded!) Network components." (Curtin, 1997) The Internet uses a language known as TCP/IP or 'Transport Control Protocol/Internet Protocol. Any type of machine that can speak TCP/IP can interact on the Internet. One of the primary features of the TCP/IP is one that is non-technological in that the protocol is what is known as an open protocol and therefore anyone that wishes to implement this protocol is free to do so. The Internet Engineering Task Force is a group that engineers and scientists worldwide participate in designing the protocols that run the functioning of the Internet. The IP or Internet Provider is a 'network layer' protocol, which enables the hosts to communicate among one another. IP is stated to have two features, which are very important and which make it a strong protocol that has plenty of flexibility. There are reported to be several potential attacks against an IP, which effectively "exploit the fact that IP does not perform a robust mechanism for authentication which proves that a packet arrives from its identified point of departure. What this really means is that the higher layer of the ISO/OSI Reference Model must provide host authentication. And those requiring strong host authentication do so at the application layer. One type of attack is known as "IP...

"IP Session Hijacking" is described as an attack with relative sophistication (Curtin, 1997) and in fact is "very dangerous…because now there are toolkits available in the underground community that allow otherwise unskilled bad-guy-wannabes to perpetrate this attack." (Curtin, 1997) The 'TCP' or 'Transport Layer Protocol' is such that it requires to be seated atop a network layer protocol and designed to also be seated atop the IP. The 'UDP' or 'User Datagram Protocol' is a simple transport-layer protocol which does not have the same features as the TCP and is not considered reliable although considered as being ill-suited for some applications however, being more applicable in other applications than in the TCP. The types and sources of threats that are dealt with by Network Security applications are various and include such as the 'Denial-of-Service' threat which are reported as "…probably the nastiest, and most difficult to address." (Curtin, 1997) These attacks are reported to be in terms of their launch and difficult in tracking. In addition, refusing the attacking request proves difficult without additionally refusing legitimate service requests. This type of attack is what is known as a DoS attack, which is quite simply the sending of more requests that the machine has the capacity to handle and since underground toolkits are available, the individual perpetrating the attack simply has to purchase a program that is running and instruct it which host to send the requesting attacks to. These were common attacks in the later 1990s. Defense against these types of attacks include such as: (1) Not running your visible-to-the-world servers at a level too close to capacity; (2) Using packet filtering to prevent obviously forged packets from entering into your network address space; (3) Obviously forged packets would include those that claim to come from your own hosts, addresses reserved for private networks as defined in RFC 1918 and the loopback network (127.0.0.0); and (4) Keeping up-to-date on security-related patches for your hosts' operating systems. (Curtin, 1997) A second type of DoS attack is the 'unauthorized access attack which includes several various types of attacks. These attacks are stated to attack a machines resource that should be restricted to the attacker. Other types of attacks include such as 'confidentiality breaches' and 'destructive behavior' attacks which results in the destruction of data. The adequately address security Curtin (1997) states "all possible avenues of entry must be identified and evaluated. The security of that entry point must be consistent with your stated policy on acceptable risk levels." Curtin reports that there are necessary steps to take in case an attack is successfully executed and these are the following stated steps: (1) have backups; (2) do not store data where it does not need to be; (3) avoid systems with single points of failure; (4) stay current with relevant operating system patches; (5) watch for relevant security advisories; and (6) have a staff member who is familiar with practices of security. (Curtin, 1997) There are three types of firewalls, which include: (1) Application Gateways; (2) Packet-Filtering; and (3) Hybrid-systems. (Curtin, 1997) Application gateways are also known as proxy gateways. This type of software is stated to run "at the Application Layer of the ISO/OSI Reference Model and Clients behind the firewall are required to be "prioritized" or in other words to know how to make use of the proxy and be configured to use the proxy if they are to use the Internet services. These are stated to traditionally be the most secure of all firewalls since nothing can pass by default but are required to have the programs written and then turned on for them to begin passing traffic. Packet filtering is another firewall technique stated to contain routers with ACLs or 'Access Control Lists' that are turned on and that results the router by default passing all traffic it is sent and to do so void of any type of restrictions. The Hybrid System was created in an attempt to make the security of the application layer gateways compatible with the flexibility and speed of packet filtering. Some systems use both principles. Some of the systems require that new connections be authenticated and approved at the application layer and others include the potential of the use of packet filtering and application layer proxies. Benefits include the provision of protection against machines that provides services to the Internet and the provision…

Sources used in this document:
References

Bouchard, Mark (2009) WANTED: The Future of Network Security for Service Providers -- Now!AimPoint Group, LLC. Juniper Networks. Retrieved from: http://www.juniper.net/us/en/local/pdf/whitepapers/2000301-en.pdf

Cisco Security Planning and Design Service (2010) Cisco Systems. Retrieved from: http://www.planetcisco.org/en/U.S./services/ps2961/ps2952/services_datasheet_securitypd.pdf

Graff, Mark (2002 ) The Future of Internet Security. Para-Protect. Retrieved from: http://www.markgraff.com/mg_writings/TFOIS6000.pdf

Keohane & Nye (2000) in: Schneider, Jim (2003) Globalization and Think-Tanks: Security Policy Networks. SAREM International Seminar, Istanbul, May 30, 2003. Retrieved from: http://www.policy.hu/schneider/GlobalTTs.pdf
McGann, James G. & Weaver, R. Kent. eds. (2000) Think-tanks and Civil Societies: Catalysts for Ideas and Action, Transaction Publishers, New Brunswick in: Schneider, Jim (2003) Globalization and Think-Tanks: Security Policy Networks. SAREM International Seminar, Istanbul, May 30, 2003. Retrieved from: http://www.policy.hu/schneider/GlobalTTs.pdf
Schneider, Jim (2003) Globalization and Think-Tanks: Security Policy Networks. SAREM International Seminar, Istanbul, May 30, 2003. Retrieved from: http://www.policy.hu/schneider/GlobalTTs.pdf
Stone, Diane (2001) Think Global, Act Local or Think Local, Act Global ? Knowledge Production in the Global Agora, CEU Conference, Budapest Stone, Diane (2002) 'Think-tanks' in: Elsevier Encyclopaedia [p.15668-671] in: Schneider, Jim (2003) Globalization and Think-Tanks: Security Policy Networks. SAREM International Seminar, Istanbul, May 30, 2003. Retrieved from: http://www.policy.hu/schneider/GlobalTTs.pdf
Cite this Document:
Copy Bibliography Citation

Related Documents

Network Security
Words: 1437 Length: 4 Document Type: Case Study

Network Security for a Medium Sized Company: Network security is an important component for all companies including small and medium sized firms because very few businesses can operate without a network of computers. The network of computers facilitates improved communication in order for the company to improve its profitability or productivity. However, the improved communication between computers is also associated with some inherent risks such as malware and unauthorized access. The

Network Security
Words: 3486 Length: 8 Document Type: Term Paper

Network Security History and Evolution of Network Security: The term 'Network Security' refers to the concept of the creation of a 'secure platform' based upon which the user of the computer or of a program within the computer are allowed to perform only those specific tasks that are allowed within the parameters dictated by the security network of the computer, and banned from performing those that are not allowed. The tasks include

Network Security the Practice of
Words: 1551 Length: 5 Document Type: Term Paper

Conclusion The purpose of this discussion was to examine the network security measures that are available. The research found that the proper configuration provides the first line of defense as it relates to securing a network. In addition, firewalls serve an essential role in securing networks against outside intrusions. The research also indicates that anti-virus software, encryption software and biometrics allow organizations to secure networks in a more comprehensive manner. There are

Network Security: Opening to the
Words: 575 Length: 2 Document Type: Term Paper

The main lesson learned from viewing the tutorials and programs is the ease and flexibility of configuring each specific session to the unique needs of an audience. Feasibly these technologies could be used for creating highly unique and tailored learning experiences for students who were learning through online universities only for example. The ability to tailor all forms of digital content, from music and video to drawing boards and

Network Security As an Issues for Business Data Communication
Words: 1631 Length: 5 Document Type: Term Paper

Network Security: An Issue for Business Data Communication Computer security and the protection of data has been an issue since the early 1980s when computers became standard office equipment. Company sensitive information is stored on computers. Protecting the access to and integrity of this information has been a key concern for managers and computer specialists alike. The issues in data security have not changed, however the advent of the Internet has

Network Security and Security
Words: 1504 Length: 5 Document Type: Research Paper

Network Security Systems for Accounting Firm Vulnerabilities Assessment In the contemporary IT environment, the implementation of the IT tools has become an effective strategy that organizations employ to achieve competitive market advantages. In other words, the IT tools have become an effective strategy that organizations can employ to be ahead of competitors, and be first in the market. One of the crucial features of the information systems is the network connectivity that

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now