Network security - Lecture notes 3 PDF

Preview

Summary

Network security - Lecture notes 3...

Description

network security Encryption: this is the technique of making text unreadable by transforming it into a ciphertext which is hard to read unless you have the key to decrypt the cypher to make it readable. This can be useful for people who have a shared computer so then the person who is sharing the computer cannot access your confidential information as it is heavily encrypted. This can also be useful for e-commerce as they can encrypt the entire website for any other person except the user this is, so no one can view the user as they are filling in their personal details for the online payments. Encryption algorithms: there are two types of algorithms when you are trying to encrypt information; symmetric (Digital Encryption Standard) and asymmetric (Public Key Cryptography) and (Rivest Shamir Adleman.) DES works by using the same key to encrypt and decrypt information this can be more secure as only you have the key to open and decrypt the message that is encrypted. For PKC encryption, you only need to use the public key and the receiver has the private key that can decrypt the information that is being sent through the pubic key. This is widely used by banks as they need to decrypt all the confidential information that is being sent by the customers. Call-back: this is the process of calling the user by dialling them to confirm that it is them making the transaction etc. this phone can only be accepted from one location so only the user can accept the call and confirm it is them doing this transaction. This is a very old method of security but sometimes it is used by banks to confirm any large transaction being sent out of an account. Handshaking: this is the process of making a secure link with the server and everything done that is on a secure link is heavily encrypted, so no one can disrupt the link between the computer and the server. This is used openly by most websites as they all have a 3-step authorisation process before accessing the website from each computer acknowledging the server’s response to the computers request for a secure link. Diskless networks: it is very easy to steal data; it can be done by copying and pasting it onto a hard-drive and or a flash drive. However, with a diskless network, there are no ports on the workstation, so it is nearly impossible to steal data on the network unless you configure the BIOS of the network which is hard to do if you are inexperienced in configuring BIOS. Backup: this is one of the best ways to keep data safe and secure by regularly saving all the data on the network on a separate hard drive so if any data is lost, it can easily be replaced on the spot from the back up hard drive, this backup hard drive can be kept off site, so it can be edited and or worked on. And in case of a total data loss, you can easily upload the data back onto the system and avoid a complete disaster for a company. Audit logs: a log is a record of what is done and when by whom. So, an audit log is a log of the computer system, it logs all the records on how the computer was used and tracks

infringements. This can also be an alarm on the stock markets for example and monitor the other systems from the logs.

Firewall: a firewall is used to ensure an effective transmission of data transferring through the network system. It also blocks in coming traffic to the network this makes sure that it is running smoothly always. Organisations tend to use external and internal firewalls to track all the information going into the network and to make sure it is logged before it leaves the firewall. Virus checking software: this software runs in the background in the network checking all the information that goes into the network, if there is a virus in the application trying to get into the network it also monitors all the emails that are being transferred across the computer networks making sure none of them are infected with a virus. VPN: this stands for Virtual Private network. This is making sure that all communications across the network is encrypted heavily so no one can see all the things that they are doing on the network. This also makes this network hard to find as it is shielded with a fake IP address to cover the actual one. This makes it hard for other people to access the network and view all the confidential information that is going across the network. Intruder detection system: this monitors the system for manipulative programs that are used by hackers and detect the tools they use, it will record what tool is trying to be used against the network by the hacker and wait until instructed to do anything to this tool like reconfigure the firewall to make sure this tool will be blocked. Passwords: this is mandatory for all networks to have all user have a strong password that contains at least 8 characters, a capital letter and special cases this makes the password unpredictable for the person trying to access the users account. Also, the password must be changed on a regular basis which is around 3 months or so. Levels of access: this revolves around making sure that only select people can view a document as it either has important information in it or it needs to be checked, so the document is formatted to be read only so no one can edit the work and ruin it for the user. This is mainly used for agenda for a meeting; it can only be read and not edited by anyone except the creator of the document. Software updating: most software can get abandoned especially when it is outdated so hackers can experiment with the previous versions of the software to find an exploit to make it easy to hack into people’s networks. So, companies are encouraged to be sure that the software used is up to date, otherwise they will be at risk of a cyber-attack.

Disaster recovery: in case of a disaster to the system like an earthquake that destroyed the computer, systems needs to be recovered otherwise progress towards the company will slow down drastically that’s why they need to make sure that all the work is saved and there are multiple backups available to recover all the information that is lost in the natural disaster etc. Backup systems: some applications can save all your data elsewhere this is so even if all the data is lost, you can still access the applications to get back all the data that is saved onto the application an example of one of these applications are iCloud that can save and back up all the data on the iPhone or iMac so when you get a new phone or the macs data is lost, you can simply log in to the cloud to retrieve the data.

Whole system replacement: this is a rather extreme method of disaster recovery and is kept as a last resort as if you do get a whole system replacement, you need to re save and install all the data and software to all the computer systems that are required to keep the network secure, for example; antivirus software like MacAfee and Norton, firewalls and VPN.

operation and use of encryption techniques Encryption is the technique of making text unreadable by transforming it into a ciphertext which is hard to read unless you have the key to decrypt the cypher to make it readable, Encryption is mainly used by most e commerce’s as they are required to encrypt the website to keep all the users safe from fraud and identity theft, this is done by getting a secure hypertext transfer protocol (HTTPS) to keep all the information about the customer only available to the user and the e commerce and no one else. To generate a cypher key, there is an equation that needs to be performed to make a cypher and this is; position*3, mod 26 and the number you get should be within 26. Every number that is achieved through this equation can be matched to a letter; this will make a message that can be unreadable unless you can decrypt the text. There are two different techniques to encrypt messages and or websites and they are; Digital Encryption Standard (DES encryption) and Public Key Cryptography (PKC encryption.) DES encryption works by using the same cypher key to encrypt and decrypt information, this can be more secure as only you have the key to open and decrypt the message that is encrypted. this method of encryption is mainly used by people who have shared computers as the only one of the users can see the information if the other user tries to access their information, as only the other person has the key to decrypt the information, the person cannot access his/her private information this can be used for the other sharer of the computer also to keep private information from anyone who tries to get into the computer,

This technique is effective in securing the data as only you will be able to see the information that is encrypted which makes all the information that is stored safe from most threats to a personal computer.

For PKC encryption, the user only need to put all the confidential information into the public key and the receiver of this information has the private key so only they can decrypt the information that is being sent through the pubic key this is, so no person can intercept the information as it is traveling to the private key and as it is encrypted, it cannot be understood. This is widely used by banks as they need to decrypt all the confidential information that is being sent by the customers. And because all the information that is being sent to the bank is encrypted, no one can access the information and get a lot of bank details. Only the bank has the key to decrypt the confidential information, this technique is effective in securing the data as it is faster to process multiple requests from different people regarding different problems and the fact that all this encrypted information can only be accessed by one key makes it useful for the bank as they only have the source of decrypting all this confidential information.

ways to recover from a disaster A natural disaster is a catastrophic event caused by a natural process, for example; an earthquake or a tsunami. These disasters can severely damage a computer system for example a flood can cause severe water damage to the computer or server. An earthquake has the destructive force to destroy buildings so the server systems can be destroyed and data as well. Once the data is destroyed, the business will suffer greatly as they need to rebuild the offices and the server computer that was destroyed in that disaster. The business will lose a lot of money rebuilding these things, also, the business will have to set back up the websites as severs will be down as the server computer is not active. Natural disasters aren’t the only cause of computers being damaged; the environment around the computer also affects the damage dealt for example; if the air is humid, then there is a higher chance of the computer overheating and frying the motherboard which will lead to the total system break down. Another example of the environment playing a part in the damage is; if the air around the computer is wet, this will make the computer have water vapour/ particles seeping into the computer making it wet, inevitably making the PC short circuit as water affects the circuits heavily. There are ways to help recover data from this catastrophic event and they are; The Cloud: the organisation can have a massive cloud network that can save all the data in the computer system so in case of a massive disaster and data is lost as the computers that hold the data is destroyed, you can easily access the cloud network and retrieve the information that has been lost thus making sure that no valuable information is lost like the customer database which holds all the customers purchasing history and address etc. Building quality: if the building is well made, then it should survive most natural disasters like an earthquake and or a flood. The building must be shockproof if it is able to survive an earthquake and the interior of the building must be well organised in order to keep the many electrical appliances safe from the flood by keeping all the electronics up high on the desks making sure that is dry and or covering it or placing it in a waterproof bag to keep it dry, doing all this will help prevent a massive data loss. However , it is not impossible to not lose any data at all as the server room will be hard to keep safe in a flood as most of the server computers are very highly stacked together and it is hard to move away without any damage to it internally. Whole System replacement: if the disaster Is too powerful and most to all the data is destroyed, you can try to recover as much as you can but doing a whole system replacement is the last resort on this matter as getting a whole new system is also very expensive to

replace all the hardware that has been destroyed but also all the software you need to buy also for the computers that are being replaced. Overall this is the last resort for any disaster as it is the riskiest of the ways to recover information to the organisation. Post disaster assessments: this occurs after the disaster has come and gone and the people of the organisation can begin to recover the data this could start by assessing the damage done a setting a tier on the recovery scale then they can begin the process of trying to recover as much data as possible. This entire assessment will make the entire process of recovering data a lot more organised and that can benefit the time and efficiency of the data recovery as the employees know what data has been lost and they can begin to recover the data immediately so this is an effective method of recovering data as it is so structured, this can make the entire process a lot faster as everything that is lots and is important is stated in the assessment. Tiers of recovery: the tiers of recovery are a scale that goes from zero to seven, zero being the data is not recoverable and seven being the data is fully recoverable, this is given tiers depending on the amount of information that was lost and how bad the natural disaster had an impact on the computer systems around the organisation. Tier 0: Businesses with a Tier 0 business continuity solution have no business continuity plan. There is no saved information, no documentation, no backup hardware, and no contingency plan. The time necessary to recover in this instance is unpredictable. Tier 1: Businesses that use Tier 1 continuity solutions backup their data and send these backups to an off-site storage facility. The method of transporting these backups is often referred to as "PTAM" - the "Pick-up Truck Access Method." Depending on how often backups are created and shipped, these organisations must be prepared to accept several days to weeks of data loss. Tier 2: Businesses using Tier 2 business continuity solutions make regular backups on tape. This is combined with an off-site facility and infrastructure in which to restore systems from those tapes in the event of a disaster. This solution will still result in the need to recreate several hours or even days' worth of data. Tier 3: Tier 3 solutions build on the components of Tier 2. Additionally, some mission critical data is electronically vaulted. This electronically vaulted data is typically more current than that which is shipped via PTAM. As a result there is less data recreation or loss after a disaster occurs. The facilities for providing Electronic Remote Vaulting consists of high-speed communication circuits, some form of channel extension equipment and either physical or a virtual tape library and an automated tape library at the remote site. Tier 4: Tier 4 solution is used by businesses that require both greater data currency and faster recovery than users of lower tiers. Rather than relying largely on shipping tape, as is

common on the lower tiers, Tier 4 solutions begin to incorporate more disk based solutions. Several hours of data loss is still possible. Tier 5: These solutions are used by businesses with a requirement for consistency of data between the production data centre and the recovery data centres. There is little to no data loss in such solutions; however, the presence of this functionality is entirely dependent on the application in use. Tier 6: businesses continuity solutions maintain the highest levels of data currency. They are used by businesses with little or no tolerance for data loss and who need to restore data to applications rapidly. These solutions have no dependence on the applications or applications staff to provide data consistency. Tier 7: solutions include all the major components being used for a Tier 6 solution with the additional integration of automation. This allows a Tier 7 solution to ensure consistency of data above that which is granted by Tier 6 solutions. Additionally, recovery of the applications is automated, allowing for restoration of systems and applications much faster and more reliable....