Nowadays there has been a great advancement in information technology. This has resulted in many people incorporating information technology in their businesses and organizations. The advancement of information technology has enabled the learning institutions, hospitals, businesses as well as government agencies to employ information technology in their day-to-day activities.
This has resulted to increased performance in these institutions. Information Technology has boosted the expansion of many businesses by enabling them to expand their operations across borders by adapting e-business.
The adaption of e-business has helped businesses to augment their market niche as well as improve their communications within the companies as well as with other stakeholders such as their suppliers and shareholders. A computer network is a system that comprise of interconnected computers that communicate with each other.
For instance, computers may be connected through the physical hardwires such as the use of wires and networking cards or wirelessly.
The networking of computers allows the computers within the network to communicate with each other, share files as well as share some other resources such as the printer. The networking process enables computers to be linked with the internet which increases the usability of a computer network (EcommercePrgrgram.com, 2007).
Network Security entails the requirements that are required in an organization to assist in protecting the computer systems, network as well as the resources that are accessible through the network. Network security involves preventing unauthorized access, malicious damages of files, monitoring continuous and consistency of traffic flow as well as effectiveness of the computer network.
Network security is a common concern for every company that has a computer network. It is very important for a system administrator to ensure that he/she puts effective security measures to ensure that the network is secure from unauthorized access.
A compromised network security gives hackers or competitive rivals an opportunity to enter into the network and damage sensitive files as well as interfere with the system and completely crush it down. The loss of important data as well as alteration of some sensitive data can result to very serious repercussions to the company affected.
The term information security is taken to refer to security of computer system from within an organization, while network security refers to security of the network from outside intruders. The security of any network starts from authentication of a user who logs into the network.
Authentication of such type is referred as one factor authentication, while a two factor authentication occurs when one uses an Automated Machine or a mobile phone. Three factor authentications happen in biometrics, where body parts such as the eye retina or finger prints are used to verify the user.
The authentication procedure is followed by firewalls that leverage the programs or services that will be accessed by authorized users. Firewalls are effective in preventing unauthorized access of sensitive information, but they fail to prevent entry of worms into the network which are transmitted across network.
To overcome the entry of viruses as well as worms inside the network, the system network administrator should make sure that he/she installs appropriate firewall as well as IPS settings. The evolvement of information technology has resulted to advancement of the network security systems.
The introduction of e-businesses has resulted to the need to modify the computer security systems from keeping the unwanted users away, but enabling the targeted people to access the network. The cotemporary network should allow customers, remote employees as well as other relevant stakeholders to access the network. Thus the use of firewall and antivirus is not sufficient to guarantee the required security.
The security system employed should ensure that it is able to keep the information of the clients private and secure. Through this process the customers will be able to trust the organization network since it cannot expose their information to unwanted people (Curtin, 1997).
There are various techniques that hackers employ to access computer networks illegally. One of the processes they use is an attack of the Internet Protocol. Basically, an IP does not do any authentication of any form. This means that the computer network allows transmission of a packet within the network without finding out whether the address that it assumes to originate from is part of the network.
Therefore to control transmission of unwanted packets, the system administrator ensures that the network is able to offer authentication at the application layer.
Some of the strategies that hackers employ to access computer networks illegally are IP session hijacking. This process involves instances where unauthorized user takes over a user’s session. For instance, if a user is using an email, the intruder attacks the session and impersonates to be the real user.
To control IP snooping, system administrators should make sure that they install their network system with encryption programs. Subsequently, the computer users should therefore make sure that they encrypt their packets before transmission. Use of encryption mechanism has been noted to be a very effective strategy of overcoming IP snooping.
The encryption of packets makes sure that even if the hacker takes over a user’s session, he/she is not in a position to decrypt the transmitted packets in order to understand the kind of information being relayed since they do not have the required cryptographic key.
The system manager should advise the management accordingly on the right software and hardware to include in their systems in order to enhance the security of their computer networks. The computer system manager who works on a company that uses mostly telnet should advice the company management to use encrypted versions of telnet, instead of standard telnet that are highly prone to IP snooping.
Denial of service attack is a network attack whereby a network attacker sends a lot of request to a host computer which it cannot be able to manage. Most ‘DoS attacks like the Ping of Death’ and ‘Teardrop’ attacks take the advantage of the limitation of the TCP or IP protocols.
For example ,it is noted that for all DoS attacks, there are some software that have been designed to prevent these attacks, therefore system administrators should ensure that their computer networks are installed with appropriate software in order to control network attacks through denial of services. A network attacker executes a denial of service attack by sending a lot of request to a system than it can handle.
The attacker uses some tools to make it easier to run a program that request the host to send numerous messages. Through this process the attacker makes a connection by faking the packets header information that contains the information of where the packet is originating from and then drops the connecting (Raggo, 2003).).
Unauthorized Access is another form of network insecurity. Unauthorized access means an authorized user accessing some resources that ought not to come across. In a computer network, different workstations are given diverse rights on accessing various resources within the network.
This limitation is employed for security issues. For instance, in a situation where a host is a web server, it is programmed in a manner to give anyone with the rights to access the requested web pages. Nevertheless, that host should not offer command shell access before verifying that the request is originating from the right location such as from a local administrator.
For example, the system administrator should not allow un-trusted person to execute any command from the server. There exist two categories of this situation. They include the normal access user and administrator access. A normal user is given the right to execute a number of things over the network system. A normal user should be in a position to mail files as well as read those files that are shared over the network.
Similarly, the user is given the mandate to mail such files to other people. These rights are only limited to those authorized network users. Unauthorized users are not in a position to execute the aforementioned activities since they have not been given the access rights. Conversely, normal users are not given the permission to make configuration changes to a host.
Configuration alterations may involve changing the IP address as well as installing a start-up script that makes a system to shut down every time it boots up. It is only the system administrator that is given the right to execute the configuration changes such as changing the IP addresses or putting start-up scrip. For the normal user to access such privileges, he/she will seek permissions from the system administrator (Curtin, 1997).
The connection of an organization to the internet allows the movement of traffic in two ways. This jeopardizes the security of an organization since some proprieties information is freely accessible within a corporate intranet. To overcome this system administrators are using firewalls to create a separation between a company’s intranet and the internet.
A firewall is some components that are used to act as a barrier between two networks. There exist three kinds of firewalls namely; the Application Gateways which comprises of bastions hosts that run some software that behave like proxy server. Application Gateways operates at the application layer of the ISO/OSI Reference Model. It requires for the clients behind the firewall to be proxitized in order to employ Internet services.
The use of Application Gateway is not considered as the most preferred option since it is a very slow process. It is slow because it requires a number of subsequent processes to be initiated in order to have a request serviced. The other type of firewall that can be used to separate the company’s intranet with the internet is Packet Filtering. In this method, routers are fitted with Access Control Lists.
Thus, through this process, routers are only allowed to transmit only specific packets that they receive. The use of ACLs helps a company to leverage the information that they avail to the public and the information it considers private. This firewall takes place at the transport layer or the session layer. Packet filtering firewalls are faster than Application gateways firewalls.
Conversely, Packet filtering is not considered as a very effective security strategy since the TCP/IP that are associated with Packet Filtering do not have the ability to verify that the source address is really what it assumes to be.
In order to enhance the security of computer network while using packet filtering firewalls, the system administrator should use two packets of filtering in order to guarantee whether the packet originates from the internet or intranet. The most effective and efficient firewall is the Hybrid System.
This firewall combines the concepts of both the application gateway and packet filtering mechanism in order to boost the performance of firewalls. The system requires authentication and approval at the application layer. After the authentication and approval the packet is passed on to the session layer where the packet filtering ensures that it is only those packets that should be accessed by the public are passing on.
The coming of e-business has resulted to greater insecurity issues. Many businesses as well as people have lost a lot of their money due to existence of ineffective security measures within their network. Companies that sell their products online should make sure that they have secured their systems accordingly in order to avoid exposing the credit codes of their customers to hackers.
Expose of the credit numbers of their clients can result to hackers using these credit cards to make unwarranted purchases. The Sony Entertainment American is an example of a recent victim of hacking that resulted to expose of credit cards of many of their customers (Curtin, 1997).
In order to have very effective and efficient security systems, the system administrator should ensure that he/she updates the network accordingly. The security infrastructure should be able to provide authentication for the users that access the network. Being able to identify the users that visit the network is very paramount in establishing a successful network security.
The network should be able to authenticate its customers accurately and efficiently in order to create satisfying experiences with its customers and partners. After the authentication, the system should authorize the users appropriately. The system should give various accesses to diverse users depending on their level of authorization. The system should in addition offer the protection of assets. The network asset entails the information that is transmitted or stored in the network.
The computer network should make sure that it keeps information that is stored or transmitted in the network safe and confidential. Similarly, the network should be installed with programs that help in accountability processes. These programs should help the system administrator to know who are logged in, and what they are doing.
The system administrator should advise the management accordingly in order to ensure that they adapt appropriate security policies that will enhance the security of the system. Appropriate administration procedures will greatly boost the security of a network.
The security measures adapted should offer assurance that they are effective in meeting their objective. One sure method to verify their effectiveness is by the proactive detection of viruses as well as intrusions.
Reference List
Curtin, M. (1997).Introduction to Network Security. Web.
EcommercePrgrgram.com. E-business – Privacy and Security. Web.
Raggo, M. (2003). Hacking and Network Defense. Web.