INTRODUCTION
Computer Networks = Interconnected collection of autonomous computers.
CLASSIFICATIONS OF NETWORKS
Broadcast Networks
Single communication channel tat is shared by all the machines on the network
Allow the possibility of addressing a packet to all destinationd by using a special code in the address field.
When a packet with this code is transmitted, it is received and processed by every machine in the network. This is called broadcasting.
Point-to-Point Networks
Consist of many connections between individuals pairs of machines.
From source to destination, a packet may have to first visit one or more intemediate machines.
Often multiple routes of different lengths are possible, so routing algorithms play an important role in point-to-point networks.
Distance is important as a classification metric because different techniques are used at different scales
Local Area Networks (LAN)
- Georgraphically close group of computers that can talk to each other.
- Privately-owneed networks within a single building or campus of up to a few kilometres in size.
- Wide;y used to connect personal computers and workstations in company offices or factories to share resources
Metropolitan Area Networks (MAN)
- Bigger version of LAN.
- Normally uses similar technology
- Might cover a group of nearby corporate offices or a city and might be either private or public
- Can support both data and voice and might even be related to the local cable television network.
Wide Area Networks (WAN)
Spans a large geographical area, often a country or continent.and often associated with a large organization.
Can be made up of any combination and numbrs of WANs, LANs or single computers.
NETWORK TOPOLOGY
OSI MODEL
- Student - Have fun snooping on people's email
- Hacker - Test out someone's security system
- Sales rep - Claim to represent all of Europe not just Androrra
- Businessman - Discover a competitor's strategic marketing plan
- Ex-employee - Get revenge for being fired
- Accountant - Embezzle money from a company
- Stockbroker - Deny a promise made to a customer by email
- Con-man - Steal credit card numbers for sale
- Spy - Learn an enemy's military strength
- Terrorist - Steal germ warfare secret
- Secrecy
- Authentication
- Non-Repudiation
- Integrity Control
NETWORK SECURITY ISSUES
- Sharing
- Complexity of System
- Unknown perimeter
- Many points of Attack
- Unknown Path
SECURITY EXPOSURE
- Privacy
- Data Integrity
- Authenticity
- Covert Channels
NETWORK SECURITY THREATS
- Port protection
- Automatic Call-back
- Differentiated Access Rights
- Node Authentication
User Authentication
- Password
- Challenge-response system
Authentication in Distributed System
- Kerberos
Firewall Characteristics
- Entire All relation link or activity from within out have to pass firewall.
- Done or Conducted by block limiting either through physical all accessing to local and also in configuration.
- Only enlisted activity recognized which can pass firewall by arranging policy of at local security.
- Have to tie or strong relative to attack weakness.
Types of firewall
- Screening router
~Sees only addresses and service protocol type
~Auditing difficult
~Screens based on connection rules
~Complex addressing rules can make configuration tricky
- Proxy gateways
~Sees full text of communication
~Can audit activity
~Screes based on behavior of proxies
~Simple proxies can substitute for complex addressing rules
- Guards
~Sees full text of communications
~Can audit activity
~Screens based on interpretation of msg content
~Complex guard functionality can limit assurance
Intrusion Detection System (IDS)
- Device or software tools or hardware tools that monitor activity to identify malicious or suspicious events.
- Use to detect unauthorized access to a computer or network.
- Required to detect all type of malicious network traffic and computer usage.
- Compose of several components which are sensor, console and engine.
- Correcting system configuration error
- Installing and operating traps to record information about intruders
Types of IDS
- Signature-based Intrusion Detection
- Heuristic Intrusion Detection
0 comments:
Post a Comment