Navigation
•
Home
•
Members
•
Papers
•
Forums
•
Search
•
Signup
•
Links
•
Contact Us
•
About
Top 10
Popular Essays
Rated Essays
Newest Essays
Report
Print
Add to Favorites
Report
Messages
Rate
Similar Reports
Help
Network security and firewalls (Click to select text)
Network Security and Firewalls In our age of decaying morals, we find the need for security in every aspect of life. There are far to many people that are willing and able to take anything they can that doesn't belong to them. We have security everywhere we look. There are armed guards in our stores and even schools. Police officers patrol the streets trying to keep people safe. We have people to provide security in a world where things are physical, but what to we do in a computer world, where what we want to keep safe is information? This is where computer security comes into play. We need to define computer security and discuss how computer systems are kept safe. Security is defined as the combination of all mechanisms which allow only authorized people to use the resources they are supposed to. These can be locks, people or physical barriers that stand in the way of a desired location or object. Computer security uses much of the same utilities. Passwords take the place of keys, security analysts take the place of guards, and firewalls take the place of physical barriers. Passwords and firewalls are the two most common ways to secure a computer system. Passwords are the most common forms of computer and network security. They are the most common because of three main reasons. First of all, passwords are cheap to implement. Virtually all computers have a password system built into it already. Every home computer can have a password to lock out certain programs from users other than yourself. Even networked computers and systems can have an elaborate password system at a minimal cost to the company. Passwords are also fast. When a computer prompts you for a user identification and password, you simply type it in and away you go. There is usually very little else that needs to be done. The third benefit to passwords are that they are easy to remember. A user usually chooses a password that is close to them, therefore, it cuts down on the amount of people having problems with getting into the programs they need. The latter benefit to passwords is also its greatest weakness. People's inherent nature is to pick a password that is close to them. They usually will choose a password that they can easily remember and that ends up being something that is easy to guess. One professional took a sample of 13,797 accounts and was able to successfully crack 3340 passwords. The bulk of the passwords cracked were either lists, common names, account names, patterns and machine names (Net Security, 3). These were easily guessed passwords, but they can be changed. There are many passwords that should not be used. These include passwords based on the account name, one's that match a dictionary word exactly, strings of numbers (including social security numbers, phone numbers or addresses), or patterns on the keyboard such as "aaaaa", "asdfg", and "qwert". The passwords chosen should also be longer than 5-6 characters. The best passwords are those consisting of nonsense words, using capital and lower case letters, and a number or two thrown in for good measure. A computer user with a good password can do wonders for computer security. If it is necessary for extreme security on a computer system, time-encrypted passwords can be used. These are memorized passwords that can only be used at a synchronized time on the computer. The difficulty lies in having the computers timed perfectly to each other so that the receiving computer knows it should accept the incoming password at this time. A second type of high security password system is a challenge-response system. This system makes the users memorize a set of rules to convert a challenge issued by the computer into the correct response (Net Security, 2). The drawback to this system is that if you have a large number of computer users, it is difficult to have everyone memorize the rules, make sure the rules are easy enough to remember, and keep the rules secret. No matter what kind of password system you use, there will always be drawbacks to it. Another way to offer security is to build walls around what you want secured. In the computer industry, these are called firewalls. A firewall is a sort of perimeter security. In order to gain access to the network, you must identify yourself to the firewall and it allows you through. There are three main types of firewalls. These are packet filters, circuit-level gateways and application gateways. Packet filters use simple checks to see that the information intended for a specific machine and user only goes to that machine. It does this by checking the computers IP address, which is a unique number assigned to a networked computer (SOS, 2). There are problems with this just as there are problems with passwords. A knowledgeable user can set a computer to "promiscuous" mode, allowing it to read all packets sent through the network. A circuit-level gateway is very much like a packet filter, with the difference being a circuit-level gateway does not give information about the computer doing the sending. It seems like the packet came from the firewall, so even if the packet is read by a promiscuous computer, they cannot use the information to access a computer in a higher level security bracket. The third common type of firewall is a bit of a hybrid of passwords and firewalls. It does control packets being sent and checks for the appropriate IP address, but it also performs a "strong authentication" which often times uses a one-time use password or a challenge response system (SOS, 2). This seems to be one of the better security features without having to get into retina scans or other very expensive ways to authenticate a user. We have been discussing the security of computers that are used in a corporation setting. But computer security can affect any computer user. We can be affected by security even in our own homes. "Any computer running Microsoft Windows that has a persistent Internet connection is vulnerable" (Gov. Computer, 1). Computer users that have programs like "Back Orifice" are capable of finding computers with a permanent Internet connection and trace the line backwards and get into your computer. From that point on they can get your account information if you have a checkbook balancer, for example. I myself am guilty, if that is the correct term, of running this security no-no. There are, however, several free software programs that can be added to your computer to keep basic backdoor programs from infiltrating your computer (Gov. Computer, 2). Just having these security programs installed on your computer is not always enough. More precautions should be done to protect your home computer. E-mail is one of the most popular ways for a devious computer user to destroy the files of an unsuspecting victim. Attachments are a common way for viruses to find there way to your computer. The simple way to stop these....don't open them if they are from people you do not know. The most sensible things to do to protect your computer would be to stay away from downloading anything suspicious from web sites and of course, stay away from strange attachments. From huge company networks to your home computer, everyone needs to be aware of computer security. External attacks on computer security are a companies main concern, but there is something else that many companies, including our own St.Cloud State University, have to be aware of. Many companies like Texas Instruments Inc. are now trying to prepare themselves for internal attacks. The more and more employees a company has, the more possible security hazards there are. Anytime there is information that is off limits to some people, there will be those that will try to access it illegally. Employees are just one group of people companies must be aware of; their customers are another. Companies with web pages and Internet stores are popping up all over the web. Often times these pages allow for "third-party access [into the network]..."(PC Week, 1) which requires that you have a strong authentication or network security system in place in order to keep would-be criminals out of secured sections of your network. Many companies use digital certificates to ensure that the person accessing information is supposed to be doing so. Digital certificates can be stored on the browser itself, checking identification through password and also verifying IP addresses of incoming computers. Nothing is foolproof yet, but we are able to provide enough security to keep almost anyone out of what is needed to be secure. For our truly top-secret computer networks, there is virtually no way a common computer user could ever access a secured system. Even the most skilled hacker would have to spend a considerable amount of time and money to attempt such a feat, and probably get arrested trying. These agencies, like our FBI and CIA, can spend millions of dollars on high tech applications, retinal and voice verification systems, and physical barriers to keep anyone they want off of the systems. As technology gets cheaper, though, more and more every-day companies and eventually you and I could afford these security features. Until that day comes however, we need to rely on what we have. When all is said and done there are a few simple rules that we and anyone should follow to keep our company and school networks safe. It all boils down to you. Use good passwords, ones that are not easily guessed. Change your password a couple times a year. For God's sake, don't tell anyone your password. Using common sense will keep most computer security breaches from taking place. We all need to do our part to keep our work, school and home computers safe from those who would like to damage them. Works Cited Web Sites: SOS Introduction to Firewalls http://www.soscorp.com/products/BS_FireIntro.html Security and Authentication in Computer Networks http://mogan.cc.metu.edu.tr/bildiriler/secur.htm Network Security Planning http://www.reliable.net/security.htm Computer and Network Security Consortium http://www.security.org.il/ The Network Guys Network Security http://www.networkguys.com/ Magazine/Journal Articles: App finds holes in IP network security Government Computer News May 10 1999, v.18, 13, 1(1 Arming the network with digital ID's. PC Week March 1 1999, 123(1) Agencies say security is a bigger task than Y2K Government Computer News May 10 1999, v.18, 13, 6(1) Army firewall contracts near. Government Computer News April 5 1999, v.18, 8, 28(1) Authentication Is Top Priority on RSA Agenda. PC Week Jan 18 1999, v.16, 3, 32(1) Blocking agents can keep hacker utilities at bay. Government Computer News August 30 1999, v.18, 28, 46
Recent Board Topics
Please drop by and sign up.
[
Submit Essay
] - [
Privacy
] - [
Disclaimer
] - [
Email Us
]
Copyright 2003 EssayFarm.com