Network Security
Network Security
Network Security
The network security solutions protect various vulnerabilities of the computer systems such as:
1. Users
2. Locations
3. Data
4. Devices
5. Applications
2. Antivirus and Anti-malware Software: Malicious software like Viruses, Trojans, and Worms is
handled by the same. This ensures that not only the entry of the malware is protected but also that the
system is well-equipped to fight once it has entered.
3. Cloud Security: Many businesses embrace SaaS applications for providing some of their employees
the allowance of accessing the data stored in the cloud. This type of security ensures creating gaps in
the visibility of the data.
4. Email Security: Email Security depicts the services, and products designed to protect the Email
Account and its contents safe from external threats. For Example, you generally see, fraud emails are
automatically sent to the Spam folder. because most email service providers have built-in features to
protect the content.
6. Application Security: Application security denotes the security precautionary measures utilized at
the application level to prevent the stealing or capturing of data or code inside the application. It also
includes the security measurements made during the advancement and design of applications, as well as
techniques and methods for protecting the applications whenever.
Method of protecting data by encoding it in such a way that it can only be decrypted or accessed by an
individual who holds the correct encryption key.
Data encryption is the process of converting data from a readable format to a scrambled piece of
information
In short, symmetric encryption uses one key for both locking and unlocking, like a regular lock and key.
Asymmetric encryption uses two keys, one for locking and one for unlocking, making it more secure for
communication.
Hashing
Hashing generates a unique signature of fixed length for a data set or message. Each specific message has
its unique hash, making minor changes to the information easily trackable. Data encrypted with hashing
cannot be deciphered or reversed back into its original form. That’s why hashing is used only as a method
of verifying data.
What is an Encryption Algorithm?
Used to convert data into ciphertext. By using the encryption key, an algorithm can alter data in a
predictable manner, resulting in the encrypted data appearing random, but it can be converted back into
plaintext by using the decryption key.
The Advanced Encryption Standard (AES) is the trusted standard algorithm used by the United
States government, as well as other organizations. Although extremely efficient in the 128-bit
form, AES also uses 192- and 256-bit keys for very demanding encryption purposes. AES is
widely considered invulnerable to all attacks except for brute force. Regardless, many internet
security experts believe AES will eventually be regarded as the go-to standard for encrypting data
in the private sector.
Triple DES.
Triple Lock: It's like locking your secret box three times with DES for extra security.
Triple DES is the successor to the original Data Encryption Standard (DES) algorithm, created in
response to hackers who figured out how to breach DES. It’s symmetric encryption that was once
the most widely used symmetric algorithm in the industry, though it’s being gradually phased out.
TripleDES applies the DES algorithm three times to every data block and is commonly used to
encrypt UNIX passwords and ATM PINs.
RSA. (Rivest-Shamir-Adleman)
Two Keys: Think of it as having two magic keys—one to lock and one to unlock. You give the
"unlock" key to others, and only you have the "lock" key.
RSA is a public-key encryption asymmetric algorithm and the standard for encrypting
information transmitted via the internet. RSA encryption is robust and reliable because it creates
a massive bunch of gibberish that frustrates would-be hackers, causing them to expend a lot of
time and energy to crack into systems.
Blowfish.
Fast Lock: Blowfish is like a speedy lock that's also secure. You choose the key size, making it
adaptable.
Blowfish is another algorithm that was designed to replace DES. This symmetric tool breaks
messages into 64-bit blocks and encrypts them individually. Blowfish has established a
reputation for speed, flexibility, and is unbreakable. It’s in the public domain, so that makes it
free, adding even more to its appeal. Blowfish is commonly found on e-commerce platforms,
securing payments, and in password management tools.
Twofish. Twofish is Blowfish’s successor. It’s license-free, symmetric encryption that deciphers
128-bit data blocks. Additionally, Twofish always encrypts data in 16 rounds, no matter what the
key size. Twofish is perfect for both software and hardware environments and is considered one
of the fastest of its type. Many of today’s file and folder encryption software solutions use this
method.
Diffie-Hellman:
Secret Key Exchange: Imagine two people sharing secrets in a locked box. Diffie-Hellman helps
them safely exchange keys, so they can communicate securely.
Blowfish
Rivest-Shamir-Adleman (RSA)
DES, AES, and RSA are the three primary encryption types
4. Antivirus/Anti-Malware Appliances:
Function: Scans network traffic and endpoints for viruses, malware, and other malicious
software to prevent infections.
Deployment: Typically used as appliances or software on servers.
6. Proxy Server:
Function: Acts as an intermediary between client devices and the internet, enhancing
security and anonymity by masking users' IP addresses.
Use Cases: Content filtering, caching, and anonymizing web browsing.
7. Load Balancer:
Function: Distributes network traffic evenly across multiple servers or data centers to
ensure high availability and optimal performance.
Benefits: Prevents network overload and improves scalability.
8. Network Access Control (NAC) System:
Function: Enforces policies to control which devices can connect to the network and
under what conditions.
Use Cases: Ensures that only authorized and compliant devices can access the network.
9. Unified Threat Management (UTM) Appliance:
Function: Combines multiple security features into a single device, such as firewall,
antivirus, intrusion detection, and content filtering.
Simplification: Streamlines network security management.
In a modern business network, administrators might control a half dozen or more separate
network appliances with security functions. If multiple products come from different
vendors, managing a quickly-unfolding network threat can be challenging.
UTMs combine a network firewall, an intrusion detection system, an intrusion prevention
system, and other features. For smaller businesses or those without significant IT
resources, using a UTM can save lots of time and money. However, UTMs are not
always better than discrete equipment: they create a single point of failure that can take
down the whole network if something goes wrong.
10. Content Filtering Appliance:
Function: Filters and blocks access to websites and online content based on predefined
policies, helping to enforce acceptable use policies.
Use Cases: Prevents access to inappropriate or malicious websites.
Attack Types
1) Malware Attacks:
Explanation: Malware (malicious software) includes viruses, worms, Trojans, and spyware. These
programs are designed to infect computers and networks, causing damage, stealing data, or gaining
unauthorized access.
Objective: The goal of malware attacks is often to compromise the integrity and confidentiality of data or
gain control over network resources.
2) Phishing Attacks:
Explanation: Phishing involves tricking individuals into revealing sensitive information like passwords
or credit card numbers. Attackers use fake emails, websites, or messages that appear legitimate.
Objective: The aim is to steal personal or financial information for fraudulent purposes.
6) SQL Injection:
Explanation: Attackers inject malicious SQL code into input fields of a web application. If not properly
validated, this code can manipulate or access the database.
Objective: To gain unauthorized access to databases or manipulate data within them.
8) Password Attacks:
Explanation: These attacks involve attempting to guess or crack passwords through methods like brute
force, dictionary attacks, or password spraying.
Objective: To gain unauthorized access to accounts, systems, or networks.
9) Eavesdropping (Sniffing):
Explanation: Attackers capture and monitor network traffic to intercept sensitive information, such as
login credentials or confidential data.
Objective: To gather valuable data for malicious purposes.
SSH KEYS
SSH (Secure Shell) keys are a pair of cryptographic keys used for secure communication between a client
and a server. SSH keys provide a secure way to authenticate and establish encrypted connections over a
network, such as the internet. SSH keys are commonly used for remote login, file transfers, and other
secure network services.
Here's a brief overview of SSH keys and how they work:
1. Key Pair: SSH keys consist of two parts: a private key and a public key. These keys are
mathematically related, but they serve different purposes.
Private Key: The private key is kept secret and should never be shared with anyone. It is
used to authenticate the user or client to the server. Whoever possesses the private key
can prove their identity to the server.
Public Key: The public key is shared with the server or other users. It can be freely
distributed. The public key is used by the server to verify the client's identity. If the server
can successfully verify the client's identity using the public key, it allows access.
2. Key Pair Generation: SSH key pairs are typically generated using key generation tools.
Common algorithms used for SSH keys include RSA, DSA, and ECDSA. The key pair is
generated on the client machine, and the private key is securely stored there.
3. Authentication: When a user attempts to log in to a remote server or perform other secure
actions, the client presents its public key to the server. The server checks whether the
corresponding public key is authorized for that user. If authorized, the server sends a challenge to
the client, which is signed with the private key. If the server can verify the signature using the
stored public key, the client is authenticated and granted access.
4. Security Benefits:
SSH keys are more secure than traditional password-based authentication because they
are resistant to brute-force attacks.
They allow for automated, secure, and passwordless logins, making them suitable for
scripts and automated processes.
SSH keys can be protected with a passphrase, adding an extra layer of security. This
means that even if someone gains access to the private key file, they would still need to
know the passphrase to use it.
5. Key Management: Proper key management is essential. Private keys should be kept secure and
never shared. Public keys should be distributed to the servers or users where authentication is
required.
SSH keys are widely used in various IT and DevOps scenarios for secure access to servers, version
control systems, and other networked resources. They are a fundamental component of secure
communication in many organizations and are considered a best practice for remote access and
automation.
Q.) Which of the following options is correct based on the below statements?
Statement I : SSH keys can be used to hide backdoors.
Statement II : SSH keys are changed on regular basis.
Statement II: SSH keys cannot be kept offline.
Statement IV : SSh keys replaced the insecure .rhosts authentication that was vulnerable to active
network-level attacks.
A. Except Statement III, all are true
B. Only I and IV are true
C. All Statements are true
D. Except Statement II, all are false
Answer: C
A. Authenticating hosts
B. All of the mentioned options
C. Single sign-on
D. Automated logins
Answer: B
Distributed Coordination:
Imagine you have a group of people working together on a project. Each person has a specific task, and
they need to communicate and coordinate their actions to get the job done smoothly. Distributed
coordination in computer science is similar. It's about making sure that different parts of a computer
system work together efficiently.
In a computer system, there can be multiple components like servers, databases, and software
applications, and they need to cooperate to complete tasks. Distributed coordination helps them do that by
managing things like who gets to use shared resources, who can access data, and when different parts
should perform their tasks. It's like ensuring everyone in the group knows what they're doing and doesn't
interfere with each other.
One common example of distributed coordination is in distributed databases, where data is stored in
different locations, and the system needs to ensure that updates happen in the correct order and that no
one overwrites someone else's changes.
Point Coordination Function (PCF):
Now, let's talk about the Point Coordination Function (PCF), which is a concept often associated with
wireless networks, especially Wi-Fi.
Think of a Wi-Fi network as a busy radio station. Many devices, like smartphones and laptops, want to
talk to the radio station (access point) and share their information (data). To avoid everyone talking at
once and causing interference (like everyone talking over each other on the radio), we need a way to
manage who gets to transmit data when.
The PCF in a Wi-Fi network is like the traffic cop or the radio station DJ. It decides which device gets to
"speak" on the network at any given time. It takes turns, allowing one device to send data, then another,
and so on. This way, there's order and fairness in how devices access the network.
The PCF is responsible for making sure data is sent and received efficiently, without collisions or chaos.
It helps organize the "conversation" among devices in a way that prevents data from getting lost or
garbled.
So, in simple terms, distributed coordination is like teamwork among different parts of a computer
system, and the Point Coordination Function in Wi-Fi networks is like the traffic cop making sure devices
take turns talking on the network to avoid chaos and interference.
Q). Which of the following function for collision avoidance before transmission is optional?
A. both Distributed Coordination Function and Point Coordination Function
B. Point Coordination Function
C. None of the mentioned options
D. Distributed Coordination Function
Answer: B