Chapter 7: Network security

7.1 Overview
Security management cannot be separated from network and system administration because security
requires a fully systemic approach/principles of security management/.

Security is about protecting things of value to an organization, in relation to the possible risks.

A system can be compromised by:

• Physical threats: weather, natural disaster, bombs, power failures etc.
• Human threats: cracking, stealing, trickery, bribery, spying, sabotage, accidents.
• Software threats: viruses, Trojan horses, logic bombs, denial of service.
Software security is a vast subject, because modern computer systems are complex.
Protecting against these issues requires both pro-active (preventative) measures and damage control after
breaches.

There are four basic elements in security:

1. Privacy or confidentiality: restriction of access.
A fundamental prerequisite for security is the ability to restrict access to data. This leads directly to a
notion of privilege for certain users.
2. Authentication: verification of presumed identity.
Different kinds of authentication:
• Entity authentication: checking the identity of an individual or entity.
• Origin authentication: checking the location of an individual or entity.
• Unilateral authentication: verifying the entity to the authenticator.
• Mutual authentication: verifying both parties to one another.
Establishing identity is ‘impossible’. Identification requires an initial introduction, based on trust.

3. Integrity: protection against corruption or loss (redundancy).

4. Trust: underlies every assumption.
Note:
There is always a non-zero level of risk associated with any system.
Extremely sensitive data should not be placed on a computer which is attached in any way to a public
network.

Security must be balanced against convenience of:

• From outside the organization?
• From inside the organization (different host)?
• From inside the organization (same host)?
• Against the interruption of services?
• From user error?

 Resources are we trying to protects are:

• Secrets: Some sites have secrets they wish to protect.
• Personnel data: any information private about employees, patients, customers or anyone else we deal
• CPU usage/System downtime: We might not have any data that we are afraid will fall into the wrong
hands. If the system is down, everything stops.
• Abuse of the system: do not want anyone using our system to do something for which they are not
authorized, like breaking into other systems.

 Who are we trying to protect them from?

• Competitors, who might gain an advantage by learning your secrets.
• Malicious intruders. People with malicious intent might come from inside or outside our organization/
no with proper access control/.
• Old employees with a grudge against the organization
Levels of security which need to be provided:
Physical Security: The general rule for physical security is that if someone can get physical access to
the hardware, he can gain access to all of the data and its trusted relationships with other machines on
the network. Some of the guidelines for physical security are:
 Ø Keep the servers in locked room with network and power cables snipped off.
 Ø Disable booting from floppy drive and CD-ROM Drives as well.
 Ø Protect BIOS settings with password
 Ø Keep the Backup media in a safe place.

Securing Services: The services offered by the operating system in networked environments need to be
protected. The system administrator should clearly configure each service in the view of security attacks.
If some of the services are not required, then they should be disabled and passwords must be based on
some mathematical algorithms, which will be difficult to break.
File system security should be based on the user and group privileges. Excessive care must be taken
while tuning the attack-pruned services like telnet, ftp.

Database Level Security: is more concerned with data security and unauthorized access. Data base
security is inherent part of the database design. Some of the data base security measures would be:
 Data base Integrity
 User Authentication
 Access Control
 Availability
 Consistency

CONTENT SECURITY: Access to the content should be modeled on the privilege levels. Data base
management system could greatly help in managing giga bytes of contents. The measures related to
content security in a library are
 l Preservation of digital contents
 l Intellectual Property Rights
 l Authorized access
 l Backup and recovery
There are many ways to attack a networked computer in order to gain access to it, or simply disable it.

Ping attacks
The RFC 791 specifies that Internet datagrams shall not exceed 64kB. Some implementations of the
protocol can send packets which are larger than this, but not all implementations can receive them.
Some older network interfaces can be made to crash certain operating systems by sending them a ‘ping’
request like this with a very large packet size. Most modern operating systems are now immune to this
problem (e.g. NT 3.51 is vulnerable, but NT 4 is not). If not, it can be combatted with a packet filtering
router.
Denial of service (DoS) attacks
Another type of attack is to overload a system with so many service requests that it grinds to a halt. One
example is mail spamming, in which an attacker sends large numbers of repetitive E-mail messages,
filling up the server’s disk and causing the sendmail daemon to spawn rapidly and slow the system to a
standstill.

TCP/IP spoofing
Most network resources are protected on the basis of the host IP addresses of those resources. Access is
granted by a server to a client if the IP address is contained in an access control list (ACL). Since the
operating system kernel itself declares its own identity when packets are sent, it has not been common to
verify whether packets actually do arrive from the hosts which they claim to arrive from.
IP spoofing is the act of forging IP datagrams in such a way that they appear to come from a third party
host, i.e. an attacker at host A creates a packet with destination address ‘host B’ and source address ‘host
C’.
Password sniffing
Many communication protocols (telnet, ftp etc.) were introduced before security was a concern amongst
those on the Internet, so many of these protocols are very insecure. Passwords are often sent over the
network as plain text. This means that a sophisticated cracker could find out passwords simply by
listening to everything happening on the network and waiting for passwords to go by.
 Preventing and minimizing failure modes
Prevention of loss is usually cheaper than recovery after the fact.
Data can be lost by accident, by fire or natural catastrophe, by disk failure, or even vandalism. Once
destroyed, data cannot be recovered. So, to avoid complete data-loss, you need to employ a policy of
redundancy,/backup/
Traditionally backups have been made to tape, since tape is relatively cheap and mobile/ mirror disks
across a network/
On both Unix and Windows, it is possible to backup filesystems either fully or differentially, also called
incrementally.
Loss of service might be less permanent than the loss of data, but it can be just as debilitating.
Downtime costs money for businesses and wastes valuable time in academia.
The basic source of all computing power is electricity. Loss of electrical power can be protected against,
to a limited extent, with an un-interruptible power supply (UPS).
Software can be abused in a denial of service attack /usually initiated by sending information to a host
which confuses it into inactivity/.

Many problems in network communication would be easily solved if there were transport layer
encryption of Internet traffic. Spoofing would be impossible, because attackers would have access to
cryptographic checksums of the packets (spoofing could be easily detected). Similarly sniffing the net
for passwords, leaked by old protocols, would be impossible, since no plaintext data would be sent.
IPSec is a security system developed for use with IPv6, but it has also been implemented for IPv4
(RFC1636).

IP filtering for firewalls

Filtering of TCP/IP data can be accomplished in numerous ways, both at routers and at the host level.
Filters can exact access control on datagrams, where the attributes are, amongst other things,
• Source port
• Destination port (service type)
• Source IP address
• Destination IP address
• TCP protocol attributes (SYN/ACK).
A firewall is a network configuration which isolates some machines from the rest of the network. It is a
gate-keeper which limits access to and from a network. Our human bodies are relatively immune to
attack by bacteria and viruses because we have a barrier: skin.

Cryptography can reformat and transform our data, making it safer on its trip between computers. The
technology is based on the essentials of secret codes,

Cryptography The art or science encompassing the principles and methods of transforming an
intelligible message into one that is unintelligible, and then retransforming that message back to its
original form
Analyzing network security
In order to assess the potential risks to a site, we form a list:
 What hosts exist on our site?
 What OS types are used?
 What services are running?
 What bug patches are installed?
 Run special tools, nmap, SATAN, SAINT, TITAN to automate the examination procedure and
find obvious holes.
 Examine trust relationships between hosts