In today’s topic, Intro to Network Security, I am going to discuss the different ways you keep yourself and your network safe. As criminals are always trying to penetrate your network, it is important to have a good foundation concerning security.
Basics Of Network Security
The basics of network security encompasses a lot of different areas. It ranges from giving users least privilege access to keeping physical doors locked so only proper people have access. So its the process of protecting the network. You take precautions to protect the data on your network. The best way to do this is by adding multiple layers of protection. Each layer means it adds a small bit of protection, each in a different way.
One of the easiest ways of protecting the network is using good passwords. What I mean by this is by using long passwords. They do not have to be overly complex. Really, they just need to be long as possible. Use letters and numbers, but not something that is easily found out. Try for 15-20 charcters if possible. Symbols are nice, but don't do such a complex password that you don't use it correctly. That is the important part.
This is really big. Most vulnerabilities that are exploited are because of outdated software. You should update applications at least once a month, if not more. This gets the latest security fixes for each of these applications. It is vital for network security. The best way to update is by using a package manager for your operating system. They exist for all operating systems so they should be used. I know they are in Linux, BSD, Mac, and Windows. This allows you to script updates, which can then be scheduled. When they are scheduled, they happen automatically. You don't have to remember to do them if they are scheduled. This means they will always get done.
I've touched on firewalls before in other articles. They are important enough to mention again. Firewalls can be hardware or software. Hardware versions are more expensive and are for people that don't know how to configure their own software firewall. Software firewalls can be configured to any degree and have almost unlimited flesibility. The downside is that you have to learn them. However, since they decide who and whats gets into your network at a traffic level, they are networking essentials.
Every operating system has logging capability. These logs show events that happen. It is important to learn how to interpret them. They give clues about potential intrusions and evidence if your network comes under attack. There are even powerful applications that can log even more than a typical operating system.
Most people are familiar with the term anitivirus. They vary from free to very expensive products. Large businesses usually get the expensive products. It is debatable whether every operating system needs antivirus but something minimal won't hurt at least. Some suites get so involved in your machine they actually have worse effects than the spyware they are supposed to protect from. So keep that in mind.
This stands for virtual private network. It is often used to securely connect to a network from an alternate location. There are other uses but this is one of the most common. It carries encrypted data that is being routed from one network to another. It uses the PPP protocol.
People often use public or home networks to connect back to their office. They use a VPN for this. It is software that establishes a point to point connection in a secure way.
You will need both a client and a server. The client is what you will install on your own machine, like a laptop. The server software will be installed by your administrator and maintained by him. You can use virtually any type of connection for a VPN.
It is good to use VPN’s because they are very cheap. There are many open source solution that are totally free and work very well. Adding users is trivial because often they are using public or home networks. They are also very easy to use, as its usually a matter of just putting in credentials and hitting connect. So you will rarely need any support for them.
To get everything working properly, the VPN software using a couple different protocols.One is PPTP which stands for point to point tunneling protocol. It is built off PPP and is what created the secure tunnel between the two networks. The other protocol is L2TP which stands for Layer 2 tunneling Protocol. It delivers the data through the secure tunnel.It does the authentication between both points of the tunnel.
The IP Security protocol provides secure communications between two networks. It consists of two sub-protocols. They are known as Authentication Header and the Encapsulating Security Payload protocols. Authentication Header provides authentication while Encapsulating Security Payload handles encryption.
An access control can be any of several different ways an administrator can control who gets on the network.
Mandatory access control is probably the most secure mechanism. With this system, administrators can control every aspect of their network and who accesses it. It works by assigning security attributes to every user and object within the network. If a user tries to access a shared drive, their access is compared to the access level assigned to that shared drive. If it’s the same or higher, then they can see the data.
Discretionary access control is a little different. This can be controlled by the creator of a file. They give permissions to the file which decides on who can access it. It uses an access control list, which is a list of attributes for everything.
Network Access Control
This is another way that network security can be managed. Network access control can restrict access based off of a posture. A posture is your machine’s current state regarding security. It wants certain attributes and up to date virus definitions for example. A posture assessment is an evaluation done by the network access control.
Remote desktop protocol is a good way access secure resources or machines. It is used on Windows machines. It uses a graphical environment to help users. It uses a client-server architecture. One machine must have an RDP client while the machine to be accessed will have a RDP server running. It uses the TCP port 3389. It is important to allow use of RDP on the machine you want to access. It should be off by default for security reasons.
Secure shell protocol is another very popular way of accessing remote machines. It is similar to RDP in that respect but done quite differently. It is often used on the command line as it is very flexible. It has every day use on Linux machines because of this. Windows can also use it with the OpenSSH software now available. It is mostly used to remotely connect to machines and execute any commands that you want. It uses port 22.
If a machine has access to the internet, it will have a network controller. Most machines do obviously. This network controller will have a unique address on that came from the manufacturer. There will be none like it with that address. This lets MAC filtering work. As an administrator, you can decide what machines can use your network resources or deny certain machines to them. This is an easy way to control who can access your network.