Internet Security is a fashionable and fast-moving field; the attacks that are catching the headlines can change significantly from one year to the next. Regardless of whether they’re directly relevant to the work you do, network-based attacks are so high-profile that they will surely have some impact, even if you only use hacker stories to get your client to allocate increased budgets to counter the more serious threats. It is said that networks can be secured by encryption, by firewalls.
A Network Attack can be defined as any method, process or means used to maliciously attempt to compromise the security of the network.
In fact, there is «a group» between the attackers, who try to find loopholes, and the vendors, who develop patches for them. exploits that are not only well known but for which tools are available on the Net.
The individuals performing network attacks are commonly referred to as network attackers or hackers or crackers.
A few different types of malicious activities performed by network attackers and hackers are summarized here:
Unauthorized usage of user accounts and privileges:
• Stealing hardware
• Stealing software.
• Running code to damage systems.
• Running code to damage and corrupt data.
• Modifying stored data.
• Stealing data.
A few reasons why network attackers attempt to attack corporate networks are listed here:greed, Industrial espionage, Politics, Terrorism, Racism, Criminal payoffs.
Threats to the network can be initiated from a number of different sources, hence the reason why network attacks are classified as either external network attacks/threats, or internal network attacks/threats:
External threats: External threats or network attacks are carried out by individuals with no assistance from internal employees or contractors. These attacks are typically performed by a malicious experienced individual, a group of experienced individuals, an experienced malicious organization, or by inexperienced attackers. External threats are usually performed by using a predefined plan and the technologies (tools) or techniques of the attacker(s). These attackers are highly skilled on network design, the methods on avoiding security measures, Intrusion Detection Systems (IDSs), access procedures, and hacking tools. They have the necessary skills to develop new network attack techniques and the ability to modify existing hacking tools for their exploitations. In certain cases, the attacker could be assisted by an internal authorized individual.
Internal Threats: Internal attacks come from dissatisfied or unhappy inside employees or contractors. Internal attackers have some form of access to the system and usually try to hide their attack as a normal process. For instance, internal disgruntled employees have local access to some resources on the internal network already. They could also have some administrative rights on the network. One of the best means to protect against internal attacks is to implement an Intrusion Detection System, and to configure it to scan for both external and internal attacks.
With respect to network attacks, the core components which should be included when you design network security are:
1. Network attack prevention.
2. Network attack detection.
3. Network attack isolation.
4. Network attack recovery.
A hacker or network attacker is someone who maliciously attacks networks, systems, computers, applications; and who captures, corrupts, modifies, steals or deletes confidential company information.
Hackers these days are classified according to the hat they wear. This concept is illustrated below:
Black hat hackers are malicious or criminal hackers who hack at systems and computers to damage data or who attempt to prevent businesses from rendering their services. Some black hat hackers simply hack security protected systems to gain prestige in the hacking community.
White hat hackers are legitimate security experts who are trying to expose security vulnerabilities in operating system platforms. White hat hackers have the improvement of security as their motive. They do not damage or steal company data, nor do they seek any fame. Grey hat hacker: These are individuals who are somewhere between that of black hat hackers and white hat hackers.
Since there are many different types of network attacks, a few can be regarded as the the Common Types of Network Attacks. These network attacks are discussed in this section of the Article:
Data modification or data manipulation belongs to a network attack where confidential company data is interpreted, deleted, or modified. Data modification is successful when data is modified without the user being aware that it was tampered with.
A few methods of preventing IP address spoofing attacks are listed here:
1. Encrypt traffic between routers and external hosts.
2. Define ingress filters on routers and firewalls to stop inbound traffic where the source address is from a trusted host on the internal network
Sniffer Attacks: Sniffing refers to the process used by attackers to capture and analyze network traffic. The contents of packets on a network are analyzed. The tools which attackers use for sniffing are called sniffers or more correctly, protocol analyzers. While protocol analyzers are really network troubleshooting tools, they are also used by hackers for malicious purposes. Sniffers are used to monitor, capture and obtain network information, such as passwords and valuable customer information. When an individual has physical access to a network, he/she can easily attach a protocol analyzer to the network and then capture traffic. Remote sniffing can also be performed and is typically used by network attackers.
There are protocol analyzers or sniffers available for most networking technologies including:
Asynchronous Transfer Mode (ATM), Ethernet, Fiber Channel, Serial connections, Small Computer System Inter-face (SCSI), Wireless.
To protect against sniffers, implement Internet Protocol Security (IPSec) to encrypt network traffic so that any captured information cannot be interpreted.
Password Attacks: Password based attacks or password crackers are aimed at guessing the password for a system until the correct password is determined. There are two ways in which password based attacks are performed:
Online cracking and Offline cracking
A dictionary attack occurs when all the words typically used for passwords are attempted to detect a password match. There are some technologies that can generate a number of complex word combinations and variations.
A few methods of preventing brute force attacks are listed here:
Enforce the use of long password strings.
Implement an intrusion detection system
Flood the network with invalid data until traffic from authorized network users cannot be processed. In the long run the network would eventually become overloaded.
Physical destruction of the network. Crashing a router for instance would prevent users from accessing the system.
Discussing Skill Issues how to struggle Network Attack we can't mention about tight configuration management which is the most critical aspect of a secure network. Several tools are available to help the systems administrator keep things tight. In managing the most Secure aspects of Network Security as a safe backup should be mentioned about Nsauditor Network Security Auditor which is is a network security and vulnerability scanner that allows auditing and monitoring network computers for possible vulnerabilities. Nsauditor is Network Security and Vulnerability Scanner that gives you the power to scan, detect and correct any potential security risk on your network. Nsauditor allows monitoring network computers for possible vulnerabilities, checking enterprise network for all potential methods that a hacker might use to attack it and create a report of potential problems that were found.
One of the most secure tools and the most widely sold solution managed is the implementation of firewalls. This is a machine that stands between a local network and the Internet, and filters out traffic cleaning the work area. It may not require as much effort to manage a firewall as to configure every machine on your network properly in the first place, but it still needs some.
This long lasting description and survey of course can theoretically assist in managing of the effective working process however in the long run, additional cautiousness and being well- equipped with modern tools is the most corresponding way to avoid malicious treats and counterparts.
Article Submited by Karine Iskandaryan