i want network security notes pls help me to get this notes for me bcos my internal exam is there on this moths so pls
Posts: 14,118
Threads: 61
Joined: Oct 2014
Security comes in all shapes and sizes, ranging from problems with software on a computer, to the integrity of messages and emails being sent on the Internet. Network Security is a term to denote the security aspects attributed to the use of computer networks. This involves the protection of the integrity of the communications that are sent over the network, who is able to access the network or information system present, and also what can be sent over the network. There are a multitude of scenarios and areas that a network and its use can be exploited. The problem is that given the OSI Network Model of: Application, Transport, Network, Datalink and Physical, where amongst this can security be deployed? Should everything be concentrated at the data page link or network or transport… layers? or should a Defense in Depth strategy be employed? These notes details the various ways in which networks can be made secure. The remainder of this chapter provides some introductory material in relation to networks and their security. First, some terminology:
Security Attack: Any action that compromises the security of information exchanges and systems.
Security Service: A service that enhances the security of information exchanges and systems. A sercurity service makes use of one or more security mechanisms.
Security Mechanism*: A mechanism that is designed to detect, prevent or recover from a security attack.
Security Attacks
There exist several attack types and they can be divided into two distinct category’s: Passive and Active, they denote the amount of work that an attacker must do.
Passive Attacks
A Passive Attack is one that involves either the eavesdropping or monitoring of data communications. The goal of the malicious entity is to acquire the information or learn more about the communication.
Release of Message Contents: This is when during the transmission of data from one party to another, a third and malicious party intercepts the message and learns its contents.
Traffic Analysis: Traffic analysis is concerned with the analysis of patterns generated by the actions of the parties involved. This may simply involve the detection of an encrypted message being sent from a single party.
Such attacks are difficult to detect, due to their inherent nature. Though one can use encryption in order to inhibit the success-fullness of such attacks.
Active Attacks
Active Attacks are those that involve the modification of the communication channel or the data being sent across the channel.
Masquerade: This is simply the impersonation of a legitimate entity in order to abuse or access the resources accessible by the entity.
Replay: Involves the retransmission of existing and already transmitted data in order to produce an unauthorised effect.
Message Modification: The delay, modification, reorder on a legitimate message such that it produces an unauthorised effect.
Denial of Service: This involves the prevention of or reduction in quality, of a legitimate service. Such attacks may target specific hosts or entire networks.
In contrast to passive attacks, active ones are easy to detect but harder to counter, as it would involve the protection of all the communication services offered.