COMPUTER NETWORK SECURITY PART 1

COMPUTER NETWORK SECURITY PART 1

I. INTRODUCTION OF SECURITY NETWORKS

Management of security can be seen from the side of risk management (Risk Management). Lawrie brown in "Lecture Notes Use with Cryptography and Network Security by William Stallings" suggests using "Risk Management Model" to deal with threats (managing threats).

Management of security can be seen from the side of risk management.

There are three components that contribute to Risk, namely:

• Assets consist of hardware, software, documentation, data, communication, environment and human.
• Threats (threats) consist of users, terrorists, accidents, carakcers, criminals, criminals, fates, ( acts of God ), foreign intelligence ( foreign intellegence )
• Vulneribalities (weaknesses) consist of software bugs, hardware bugs, radiation, tapping, crostalk, cracker via phone, storage media To overcome the risk (Risk) is done what is

called "countermeasures" which can be:

•          efforts to reduce Threat
•         efforts to reduce Vulnerability
•         effort to reduce impact
•         detect hostile events

Classification of Computer Crime

Computer crime can be classified to the very dangerous to the only annoying (annoying). According to  David Icove [13] based on security holes, security can be  classified into four, namely:

1. Physical security (physical security): including access

     People to the building, equipment, and media used. Some former computer criminals (crackers) say that they often go to the trash to look for the files who may have information about security. For example ever found a streak of passwords or manuals thrown away without being destroyed. Wiretapping or related things with access to the cable or computer used can also be incorporated into this class. Denial of service, which is the result of the resulting service not acceptable to the user can also be put into in this class. Denial of service can be done for example with turn off the equipment or flood the communication channel with messages (which can contain anything because it is preferred) is the number of messages). Some of that time then there is a security hole from the implementation of the TCP / IP protocol known as the Syn Flood Attack, where the system (host) the destination is flooded with requests so he becomes too busy and can even result in a system jam (hang).

2. Security related to person (personel):

     Including identification, and risk profile of the person who has access (workers). Often weaknesses of information system security depending on the human (user and manager). There is a technique known as "social engineering" which is often used by criminals to pretend to be the person entitled to access the information. For example this criminal pretending to be a user who forgot his password and ask to be changed to another word.

3. Security of data and media as well as communication techniques (communications).

Included in this class is weakness in software used to manage data. A criminals can install a virus or Trojan horse so it can collect information (such as passwords) as appropriate not entitled to access.

4. Security in operation: including the procedures used

To organize and manage security systems, and also include procedure after attack (post attack recovery).Aspects Of Network SecurityGarfinkel points out that computer security (computer security) covers four aspects, namely privacy, integrity, authentication, and availability. In addition to the four things above, still there are two other aspects that are also often discussed in relation with electronic commerce, namely access control and nonrepudiation.

•         Privacy / Confidentiality

   The main core aspect of privacy or confidentiality is the effort to keeping information from unauthorized persons accessing. Privacy more towards data which is private while confidentiality is usually associated with the data provided to other parties for certain purposes (eg as part of the registration of a service) and are only allowed to that particular purpose. Examples of matters relating to privacy is a user's e-mail should not be read by administrator. Examples of confidential information are the data personal (such as name, place of birth date, social security number, religion, marital status, illness ever suffered, credit card numbers, and so on) are the data wants to be protected against use and dissemination. Another example of confidentiality is the subscriber list of an Internet Service Provider (ISP).

Attacks on aspects of privacy for example is an attempt to do wiretapping (with sniffer program). Efforts which can be done to improve privacy and confidentiality is by using cryptographic technology.

•  Integrity

      This aspect emphasizes that information should not be changed without permission of the owner of the information. The presence of viruses, Trojan horses, or users others that change information without permission are examples problems to be faced. An e-mail can be "captured" (intercept) in the middle of the road, changed its contents, then forwarded to destination address. In other words, the integrity of the information is not awake. The use of encryption and digital signature, for example, can solve this problem.

      One example of a Trojan horse case is package distribution TCP Wrapper program (ie a popular program that can used to manage and restrict TCP / IP access) modified by irresponsible people. If you install the program containing the trojan horse, then when you assemble (compile) the program, he will send eMail to certain people who then allow him

log into your system. This information comes from CERT Advisory, "CA-99-01 Trojan-TCP-Wrappers" which was distributed Jan. 21 1999. Another example of an attack is the so-called "man in the middle." attack "in which a person places himself in the middle of a conversation and disguised as someone else.

•         Authentication

     This aspect relates to a method for asserting that information is genuine, or the person accessing or giving information is really the person in question. The first problem, proving the authenticity of documents, can be done with watermarking technology and digital signature. Watermarking can also be used to keep "intelectual property ", by marking the document or the work with "Signature" maker. The second problem is usually related with access control, which is related to the restrictions of people who can access the information. In this case the user must shows evidence that indeed he is a legitimate user, for example by using a password, biometric (typical features people), and the like. Use of smart card technology, nowadays seems to improve the security of this aspect.

•         Availability

    The availability or availability aspect relates to availability of information when needed. The information system attacked or uprooted may inhibit or exclude access to information. Examples of obstacles are the so-called attacks with "denial of service attack" (DoS attack), where the server is sent (usually fake) requests or requests which is beyond estimates and can not serve requests other or even down, hang, crash. Another example is the existence of a mailbomb, where a user is sent e-mail bertubitubi (say thousands of e-mails) with such a large size the user can not open his e-mail or trouble access the e-mail (especially if access is done through the channel telephone). Imagine if you sent 5000 emails and you must retrieve (download) the email by phone from home. Attack on availability in the form of DoS attack is the most popular at the time of this writing. On the other side it will be discussed about this DoS attack in more detail.

•          Access Control

     This aspect relates to the way access to information. This is usually related to the problem

authentication and privacy. Access control is often done using a combination of userid / password or with using other mechanisms. Non-repudiation This aspect keeps the person unable to deny having doing a transaction. For example, someone who is sending emails to order goods can not deny that he has sent the email. This aspect is very important in electronic commerce. Digital use signature and cryptographic technology in general can maintain this aspect. However, this must still be supported by law so the status of the digital signature is clearly legal. It will discussed in more detail in a separate section. System Security Attacks.

• Information

Security attack, or attack on the security of information systems,can be seen from the point of the role of computer or computer network whose function is as a provider of information. According to W. Stallings [27] there are several possible attacks:

• §     Interruption: The system device becomes corrupt or unavailable. Attacks are directed to the availability of the system. An example of an attack is a "denial of service attack".
• §       Interception: The unauthorized person managed to access the asset or information. An example of this attack is tapping (wiretapping).
• §      Modification: Unauthorized parties are not just successful access, but can also change (tamper) the asset. Examples of these attacks include changing the content of web site with messages harming the owner of the web site.
• §      Fabrication: Unauthorized parties insert a fake object into the system. An example of this type of attack is entering fake messages like fake e-mails into computer network.

Factors Causing Risks In Computer Networking

• §      Human weakness
• §      Weakness of computer hardware
• §      The weakness of the network operating system
• §     Weakness of network communication system

Computer Network Threat

PHYSICAL

• §     Computer hardware theft or
• §      network devices
• §     Damage to computers and network communications devices
• §     Wiretapping
• §     Natural disasters

LOGICS

• §      Damage to the operating system or application
• §      Virus
• §      SniffingSome Network Threats
• §      Sniffer Tools that can monitor the current process take place
• §      Spoofing Use of computers to imitate (by overwriting identity or IP address.
• §      Phreaking Behavior makes the phone security system weakened
•       Remote Attack

 Hole
Conditions of software or hardware that can be accessed by users who have no authority or increased levels access without going through the authorization process.

Hackers
The person who secretly studied that system it is usually difficult to understand and then manage it to share the results of the test he did. Hackers do not damage the system.

Crackers
- The person who secretly studies the system with malicious intent
- Appears due to human nature that always want to build (one of them damage)
Cracker features:
-Can create C, C ++ or pearl program
-Have knowledge of TCP / IP
-Using the internet for more than 50 hours per month
-Master the UNIX or VMS operating system
-Likes to collect old software or hardware
-Connect to the internet to perform the action
-Conducting the action at night, for reasons of time possible, communication lines are not solid, not easily known

other people
Cause of attack cracker:
-spite, disappointed, revenge
-sport, adventure
-profit, profit from the rewards of others
-stupidity, looking for attention
- cruriosity, looking for attention
-politics, political reasons

The characteristics of cracker-cracked target:
-Difficult to determine
-Usually large organizations and financial systems sophisticated security
-If a small network is broken into the security system usually weak, and the new owner in the field of internetThe target characteristics that "succeed" cracker cracked:
      - Users can access, can enter the network without "name" and "password"
      - The intruder may access, destroy, alter or the like to the data
      - The intruder can take control of the system
      - System hangs, fails to work, reboots or system is inside conditions can not be operated