24-01-2010, 10:00 PM
NETWORK SECURITY full report.DOC (Size: 818.5 KB / Downloads: 799)
NETWORK SECURITY
ABSTRACT
John, sitting desperately in front of his system tries to hack his friend Williamâ„¢s bank account. But after a tiresome job, all he could succeed in getting was an encrypted code, which did not make any sense to him and would take a lifetime to decode making use of the concept of probability. Thanks! to the advanced techniques of security which saved William from getting bankrupt and losing his lifetime savings. In the present day scenario, where the earth is shrinking rapidly, such that the entire world is now on your desktop, security is gaining much significance consequently. Cryptography, authentication and access control mechanisms play a very important role in secured communication as they form the major disciplines of network security.
INTRODUCTION
What is security?
Freedom from danger, fear or ensuring safety is security. Measures adopted to prevent the authorized use, misuse, modification or denial of use of knowledge or facts, data or capabilities. Network security is an issue of great significance today where a single problem can change the fate of the companies and organizations.
Orange Book: -
The National Computer Security Center (NCSC), an agency of the U.S government published an official standard called Trusted Computer System Evaluation Criteria universally known as the Orange Book. The Orange Book defines a series of ratings a computer system can have based on itâ„¢s security features and the care that went into itâ„¢s design, documentation and testing. This rating is intended to give government agencies and commercial enterprises an objective assessment of a systemâ„¢s security and to goad computer manufacturers into placing more emphasis on security. The official categories are D, C1, C2, B1, B2, B3, and A1 ranging from minimal protection or unrated to most secure. When computers are networked together, new security problems occur which can prove to be great threats to major companies. The orange book did not address the issue of networked computers. The Red Book took all the requirements of the Orange book and attempted to address a networked environment of computers, thus creating the concept of network security A single layer of security cannot ensure good security. Effective security is achieved by the combination of all security disciplines. The prominent security technologies and product categories used today are anti-virus software, firewalls, smart cards, biometrics, intrusion detection, policy management, vulnerability scanning, encryption etc.
COMMON ATTACKS AGAINST NETWORK ASSETS
Attacks may occur through technical means such as specific tools designed for attacks or exploitation of vulnerabilities in a computer system, or they may occur through social engineering, which is the use of non-technical means to gain unauthorized access.
Orange Book: -
The National Computer Security Center (NCSC), an agency of the U.S government published an official standard called Trusted Computer System Evaluation Criteria universally known as the Orange Book. The Orange Book defines a series of ratings a computer system can have based on itâ„¢s security features and the care that went into itâ„¢s design, documentation and testing. This rating is intended to give government agencies and commercial enterprises an objective assessment of a systemâ„¢s security and to goad computer manufacturers into placing more emphasis on security. The official categories are D, C1, C2, B1, B2, B3, and A1 ranging from minimal protection or unrated to most secure. When computers are networked together, new security problems occur which can prove to be great threats to major companies. The orange book did not address the issue of networked computers. The Red Book took all the requirements of the Orange book and attempted to address a networked environment of computers, thus creating the concept of network security A single layer of security cannot ensure good security. Effective security is achieved by the combination of all security disciplines. The prominent security technologies and product categories used today are anti-virus software, firewalls, smart cards, biometrics, intrusion detection, policy management, vulnerability scanning, encryption etc.
COMMON ATTACKS AGAINST NETWORK ASSETS
Attacks may occur through technical means such as specific tools designed for attacks or exploitation of vulnerabilities in a computer system, or they may occur through social engineering, which is the use of non-technical means to gain unauthorized access.