Network Security In this age of digital reliance, there has been a rapid growth in the amount of information that is placed on a computer and sent from one user to another by way of internet communications or through an internal network. Some of this data contains critical pieces of information that a hacker or any non-authorized person could use to cause harm to a company, school or a person. This fact has birthed a new type of field that is quickly growing to become an important player in securing user pertinent data, this field is Network Security. Network Security is a broad term that is used to describe the securing of a network by use of policies, procedures, provisions and technologies to prevent and monitor misuse, modifications, denial of server and any unauthorized use or access to the network that is not warranted by the Network Administrator. This field is a complex area that requires multiple layers of security, provisions and policies to work correctly. Any one failure to comply with these may leave the entire network vulnerable to attacks. Network Security is also a misunderstood field. Some people, security experts and researchers may view this field as an important one while others view it as an area that only gives the authorized user of the network a false sense of security. Those who understand this area and have worked many years in engineering, administering and securing networks realize that a network can never be completely secured. This is due to many factors which include, but are not limited too - human error, technological failures, inadequate training on the policies, procedures and the malicious users dedication to the misuse of a target computer or network. An Electromagnetic Pulse can also disable the security and compromise the network. This in turn, has caused outside viewers to believe that Network Security is a mere false sense of hope whilst that could not be further from the truth. In the practice of securing networks, there are many layers of protection that are readily available to the authorized user. These security measures can be as simple as the network prompting the user to enter a username and password, when the username is matched against a list of authorized passwords, access is granted, otherwise it's denied and the user can not gain access. To complex cryptographically encoded passwords, anomaly based intrusion systems, firewalls, antivirus software and even physical security. All of these security measures can aid in deterring malicious users from entering the network. Businesses and Governments routinely layer these security measures in a systematic order to enhance security beyond the normal realm, limiting the vulnerabilities that a malicious user looks for before executing an attack. Another important and often overlooked security measure for businesses and other complexes that store pertinent and restricted data is raising employee awareness on the importance of network security and what their role in it is. There should be a set and strict policy on the sharing of passwords, network related information and what information can not be shared by way of electronic mail or electronic messaging systems. These policies should be enforced from the beginning of employment and continued training should be an option. The importance of them should be stressed. It is also recommended that password authentication should be changed on a bi-weekly or monthly basis. Physical security also plays a key role in network security. A wide number of malicious attacks can easily be executed if the malicious user has access to the network in which he plans on attacking. If the attacker gains physical access to the servers, mainframe or the administrators computer the attacker can upload keyloggers, viruses, gather user passwords and even shutdown the network causing a great negative impact to the victim. Physical security can be implemented by a system that requires all who are attempting to enter the area to swipe an authorization card, fingerprint scanners, pass codes and employing security officers to provide further protection to restricted areas where information can be leaked and exploited. They should also guard areas where the servers, routers and computers are stored and operated. These security measures also can be layered to enhance security efforts. There is one security measure in particular that is common to government agencies and other organizations, this measure is referred to as "whitelists". A whitelist, otherwise known as an "approval list" is a predetermined list of users that are granted permission to use the network, send e-mails to a particular network. An e-mail whitelist can either have a list of acceptable users that it will accept messages from or it can have a filter which checks for keywords in which it will deny the message or place it in the trash folder. A whitelist for Local Area Networks is also common. This can be accomplished by the Network Administrator setting up MAC address whitelists or a MAC address filter. This method is commonly used when encryption is not a practical solution for the network. Though, there is research and knowledge that supports the idea that this method can frequently be ineffective due to the ease of a malicious user falsifying his MAC address, otherwise known as "MAC Spoofing". This leads me to an important subject, which is "Transport Control Protocol/Internet Protocol" or TCP/IP. This is the language of the internet and if something/someone can learn this "language" than it can communicate with the Internet. TCP/IP was created by the Department of Defense to connect multiple separate networks that were designed by different companies to each other inside of a "network of networks". As with many other communications devices, TCP/IP is composed of different layers which work cooperatively to effectively work. The layers of TCP are: TCP, IP and Sockets. The I.P, or "Internet Protocol" moves packets of data between nodes. The I.P. transmits each packet based on the I.P. number or "Destination Address". The I.P. operates through machines that transmits the data from the Local Level (i.e. "LAN") to Regional (i.e. "MAN") to all the way around the world (i.e. WAN). The TCP, or "Transport Control Protocol" verifies the delivery of the data from client to server. Since data can be lost within transmissions, the TCP can detect error and then retransmit the data until the data is corrected and the delivery is sent. The final layer is the Sockets which are also referred to as an "Application Programming Interface". This is defined as an "...endpoint of a bidirectional inter-process communication flow across an Internet Protocol-based computer network, such as the Internet." They are the mechanism for the actual delivery of incoming data packets to the appropriate thread, based on I.P. Addresses and Port numbers. The socket address is sometimes referred to as a "telephone" because of how it operates (phone number and an exclusive extension). Sockets in relation to network equipment such as routers, are not required to utilize the transport layer, but network firewalls and proxies should be used to keep track of all active sockets. What does it mean to be secured? After you have spent a good amount of research, you would generally have a good amount of knowledge on Network Security but unless you have an understanding of what the term "secured" means in relation to network security, databases and servers then you will have limited success in the field. To be "secured" does not mean that the network is absolutely impenetrable or invulnerable. You can take all of the security measures that have been presented to you, utilize and layer them and still have the potential of being attacked, after all, as the old saying goes - "nothing is impossible". To be secured means that in a general internet environment, you are not openly vulnerable to attacks and your security is not transparent. Security is the mitigation of undesirable flow of restricted information. A secured network will possess not only a firewall, antivirus software, cryptographic passwords, algorithms and the sorts but it will have a strict "response plan" from the point that the compromise is detected to how to eliminate it. To be secured is not absolute robustness, but it's limiting the amount of possibilities and vulnerabilities that an attacker can attack and exploit. You will need to figure out, based on your network needs, what an "acceptable risk" is. After all, even the strongest firewalls and security measures could be compromised due to system failures, human error or a malicious user. Common Network Attacks. An important aspect of network security is the knowledge of the types of attacks that could cause harm to the network, loss of data, leak of personal information. The malicious users creativity is ever growing and for every solution that network security specialists come up with, the attacker follows up with a response and finds a way around it. There are a plethora of attacks that are available and are sometimes all too simple to execute. Some common types of attacks that are executed daily are - Denial of Service Attacks, Man in the Middle, Sniffers, TCP Session Hijacking and ARP Spoofing. All of these attacks could be detrimental to your personal life, business organization or to a government agency. Here is a basic layout of what these attacks are. - Denial of Service Attack: This attack is one that has a great potential of causing harm to the victim. This attack prevents legitimate users from accessing information or services by targeting the computer and disrupting the connection to the network. A common way of executing this attack is by sending a massive amount of data to a server. A website can only process a certain amount of information before it is overloaded and that is what this execution of the attack does. It overloads the server and denies access to it. It's a relatively simple attack and any system that is on the Internet is a potential Denial of Service victim. This attack can leave your network open to further attacks and block traffic so legitimate users can't access it.