Articles

Cyber security information, guides and research

Beginner's Network Security Basics

Small businesses and huge corporations alike need to utilize computer networks these days. This allows employees to share files, peripheral devices (printers, scanners, etc.) and even applications. A network will also allow people to communicate through email, voice over IP software, and so on.

Computer networks need to be protected, though. Hackers have discovered clever ways to infect a single network-connected device, be it a PC or a smartphone that hasn't been patched lately, and then they can infect the entire network by making use of advanced malware, which can bypass regular security systems.

However, network security specialists can take effective preventative measures, which make unauthorized access to the network almost impossible, and help fend off the attackers, in case that something goes wrong.

To keep out hackers, security consultants will try to prevent them from accessing the network in the first place. More than that, the users who are allowed to access the network will be given access to a limited set of resources. If a group of people only need Microsoft Office to do their jobs, for example, they won't be allowed to use other applications which can be downloaded from the Internet, and then run.

Firewalls are network security devices and applications which can monitor network traffic, inspecting data packets and deciding if they are allowed to pass through the network or not, based on a predefined set of rules. If a packet doesn't match all the filtering rules, it can be discarded silently or rejected. However, these types of firewalls can be vulnerable to DoS attacks, which can flood them with millions of requests each second.

Modern firewalls work at an application layer level, being able to understand the inner works of most programs, as well as the protocols that they are using. This way, the firewall can determine if a piece of software is trying to access the network using a strange port, or a protocol that it shouldn't ever use.

Some routers incorporate built-in firewalls which include deep packet inspection functionality, intrusion prevention systems, web application firewalls, and more. A dedicated, hardware-based firewall will often provide more options, of course.

Wireless security is an entirely different matter. To begin with, wireless networks are much less secure, because hackers who are close enough to one of the routers can intercept the data packets, and then decode them using specialized software. Unfortunately, even the most secure wireless communication protocol - WPA2 - can be broken. Mobile devices can be vulnerable as well, because several apps include backdoors created on purpose by their developers (or are poorly coded).

Many companies utilize Virtual Private Networks (VPNs) to increase the security of their networks. A VPN allows network clients to send and receive data over the Internet or other public networks without being intercepted by third parties. Virtual private networks utilize a tunneling protocol, which makes snooping almost impossible, at least in theory. Additionally, people use VPNs to bypass censorship, avoid geo-restrictions and protect their privacy.

To test network integrity, security experts use penetration testing software. These are applications that simulate cyber attacks, and their goal is to identify potential network weaknesses. Basically, the consultant will use software tools that are similar with the ones which may be used by a hacker to get access to the network. BlackArch, Kali Linux and WHAX are among the Linux-based distributions which have been created with penetration testing in mind.

Everything begins with reconnaissance, the phase that is used to gather as much relevant information as possible. Then, a network scanner is utilized to discover open ports (if any). The "attacker" is now ready to deploy some software which will make use of existing OS and application vulnerabilities. Once that access to the network is established, the white hat hacker will try to get access to, and then download as much data as possible. The consultant will cover his/her tracks, and then present the report to the person in charge.

If you want to keep your network safe, it is mandatory to employ a security consultant. Otherwise, your computer network will be exposed to all sorts of cyber attacks, which can make you lose a lot of time and money.