01-09-2016, 03:33 PM
1452185757-CSEnetworksecurityreport.pdf (Size: 531.09 KB / Downloads: 30)
Introduction
Network security is a complicated subject, historically only tackled by well-trained and
experienced experts. However, as more and more people become ``wired'', an increasing number
of people need to understand the basics of security in a networked world. This document was
written with the basic computer user and information systems manager in mind, explaining the
concepts needed to read through the hype in the marketplace and understand risks and how to
deal with them.
Some history of networking is included, as well as an introduction to TCP/IP and
internetworking. We go on to consider risk management, network threats, firewalls, and more
special-purpose secure networking devices.
This is not intended to be a ``frequently asked questions'' reference, nor is it a ``hands-on''
document describing how to accomplish specific functionality.
It is hoped that the reader will have a wider perspective on security in general, and better
understand how to reduce and manage risk personally, at home, and in the workplace.
What is Network Security?
Network security is a level of guarantee that all the machines in a network are working optimally
and the users of these machines only possess the rights that were granted to them.
This can include:
preventing unauthorized people from acting on the system maliciously
preventing users from performing involuntary operations that are capable of harming the
system
securing data by anticipating failures
guaranteeing that services are not interrupted
History
Internet security has been an issue since the Internet rose to an international phenomenon. By
1996, the Internet already connected 13 million computers, so early security protocols were
required.
These protocols required computer information to be confidential, available, and have integrity.
Because the Internet made information available to everyone, people needed network security to
make their information confidential. Because otherwise harmless information can expose a
computer network to compromise, network security was developed to close all loops.
Basic Network Security
When connecting a matching to a network, we need to make sure no one will easily break
in to it.
Even if you don't think anyone will try to break into your machines - chances are that
someone might try.
Crackers often run network scan utilities that check a large range of IP addresses, and
automatically try to find machines running servers with security holes.
To protect against that, one could simply disable any unnecessary network service they
are running.
First, disable all services launched via the inetd (or xinetd) daemon. Edit the file
"/etc/inetd.conf" (or the files under "/etc/xinetd/"), comment out (using a leading '#') in front of all services, and save the file. Then, restart the inetd process. One way to do that:
killall -HUP inetd
Now, check that the command 'telnet 127.0.0.1' shows you a 'connection refused' error -
this implies that the telnet service (if it was enabled) is now disabled.
Next, disable any daemons started by your system, by removing the relevant links in the
init directory "/etc/rc.d/rc3.d", such as sendmail, portmap and so on. Yo could also do
that using a run level editor.
Finally, you could set up firewalling rules (provided you have firewall support compiled
into your kernel), and then run services behind this protection. Enable connections to
services you still have running only from the IP address of '127.0.0.1' (which is a special
address used internally for communications between processes running on the same
machine). Info on firewall rules may be found in the firewall HOWTO.