COMPUTER NETWORKS SECURITY

Computer Networks Security

Table of Contents

Chapter One: Introduction5

Back ground of the Study7

Goal of the Study8

Methodology8

Structure of the thesis9

Chapter Two: Attacks and Attacks Mitigation10

Reconnaissance attacks11

Operation of reconnaissance attacks16

Packet Sniffers17

Packet sniffer mitigation18

Authentication18

Switched infrastructure18

Antisniffer tools19

Cryptography19

Port Scans and Ping Sweeps20

Ping Sweep20

Port Scans20

Port Scans and Ping Sweeps Mitigation21

Internet Information Queries21

Access Attacks22

Password attacks22

Password Attack Mitigation23

Trust Exploitation23

Trust Exploitation Mitigation24

Port redirection24

Port Redirection Mitigation24

Man-in-the-middle attacks25

Man-in-the-middle attacks Mitigation (MitM)25

Buffer overflow26

Buffer Overflow Mitigation26

DoS and Distributed DoS Attacks26

DoS (Denial of Service) Attacks26

Distributed DoS Attacks27

DoS and Distributed DoS Attacks mitigation27

Anti- spoof features27

Anti-DoS features28

Traffic rate limiting28

Viruses, Worms and Trojan horse Attacks28

Virus28

Worm29

Trojan horse29

Viruses, Worms and Trojan horses Mitigation29

Application Layer Attacks30

Application Layer Attacks mitigation30

Threats to management protocols31

SNMP Protocol31

SysLog Protocol32

Recommendations for using SysLog protocol32

TFTP Protocol32

Recommendations for using TFTP protocol33

NTP protocol33

Recommendations for using NTP protocol33

Chapter Three: Risk Analysis35

Identification of assets36

Identification of threats36

Threat-source identification37

Identification of vulnerability37

Identification of existing controls39

Types of risk analysis40

Qualitative risk analysis40

Quantitative risk analysis41

Chapter Four: Security policy43

Importance of a security policy43

Roles of a security policy44

Information assets45

Information infrastructure45

Information availability46

People46

Security services and mechanisms47

Security services48

Authentication48

Access control48

Confidentiality49

Integrity49

Non-repudiation50

Security mechanisms50

Encryption50

Digital signature51

Data integrity51

Examples of security policies52

Network access policy52

Purpose52

Persons affected53

Policy53

Enforcement53

Responsibilities53

Password policy53

Purpose54

Persons affected54

Policy54

Enforcement55

Responsibilities55

Chapter Five: Implementation and Results56

Implementation overview56

Network design56

Design description57

Mitigation of Packet Sniffing59

Results60

Mitigation of Ping Sweeps62

Results63

Mitigation of Port Scans64

Results65

Mitigation of Internet Information Queries66

Result66

Chapter Six: Conclusion68

References72

Chapter One: Introduction

For any organization, having a secure network is the primary thing to reach their business requirements. A network is said to be secure when it can sustain from attacks, which may damage the whole network. Over the last few decades, internetworking has grown tremendously and lot of importance is given to secure the network. To develop a secure network, network administrators must have a good understanding of all attacks that are caused by an intruder and their mitigation techniques. Choosing a particular mitigation technique for an attack has an impact on the overall performance of the network, because each attack has different ways for mitigation. By performing risk analysis, network administrators will identify the assets that need to be protected, threats and vulnerabilities that the network may posse. With the help of risk analysis administrators will have sufficient information about all risks which helps to build a network with high security. After risk analysis, designing a set of security policies is very important to provide high level of security. Security policies provide information for network users for using and auditing the network.

A wireless LAN is the perfect way to improve data connectivity in an existing building without the expense of installing a structured cabling scheme to every desk. Besides the freedom that wireless computing affords users, ease of connection is a further benefit. Problems with the physical aspects of wired LAN connections (locating live data outlets, loose patch cords, broken connectors, etc.) generate a significant volume of helpdesk calls. With a wireless network, the incidence of these problems is reduced. There are however, a number of issues that anyone deploying a wireless LAN needs to be aware of. First and foremost is the issue of security. In most wired LANs the cables are contained inside the building, so a would-be hacker must defeat physical security measures ...