By
admin on Thursday, July 16th, 2009 |
No Comments
Web and FTP Servers
Every network that has an internet connection is at risk of being compromised. Whilst there are several steps that you can take to secure your LAN, the only real solution is to close your LAN to incoming traffic, and restrict outgoing traffic.
However some services such as web or FTP servers require incoming connections. If you require these services you will need to consider whether it is essential that these servers are part of the LAN, or whether they can be placed in a physically separate network known as a DMZ (or demilitarised zone if you prefer its proper name). Ideally all servers in the DMZ will be stand alone servers, with unique logons and passwords for each server. If you require a backup server for machines within the DMZ then you should acquire a dedicated machine and keep the backup solution separate from the LAN backup solution.
The DMZ will come directly off the firewall, which means that there are two routes in and out of the DMZ, traffic to and from the internet, and traffic to and from the LAN. Traffic between the DMZ and your LAN would be treated totally separately to traffic between your DMZ and the Internet. Incoming traffic from the internet would be routed directly to your DMZ.
Therefore if any hacker where to compromise a machine within the DMZ, then the only network they would have access to would be the DMZ. The hacker would have little or… Read the rest
By
admin on Saturday, July 11th, 2009 |
No Comments
Wireless networks use radio waves instead of wires to transmit data between computers. Here’s how:
The Binary Code: 1s and 0s
It’s well known that computers transmit information digitally, using binary code: ones and zeros. This translates well to radio waves, since those 1s and 0s can be represented by different kinds of beeps. These beeps are so fast that they’re outside the hearing range of humans.
Morse Code: Dots And Dashes
It works like Morse code, which is a way to transmit the alphabet over radio waves using dots (short beeps) and dashes (long beeps). Morse code was used manually for years via telegraph to get information from 1 place to another very quickly. More importantly for this example, though, it is a binary system, just as a computer system is.
Wireless networking, then, can be thought of as a Morse code for computers. You plug in a combined radio receiver and transmitter, and the computer is able to send out its equivalent of dots and dashes (bits, in computer-speak) to get your data from here to there.
Wavelengths And Frequencies
You might wonder how the computer can send and receive data at high speed without becoming garbled nonsense. The key to wireless networking is how it gets around this problem.
First, wireless transmissions are sent at very high frequencies, which allows more data to be sent per second. Most wireless connections use a frequency of 2.4 gigahertz (2.4 billion cycles per second) — a frequency similar to mobile… Read the rest
By
admin on Saturday, July 11th, 2009 |
No Comments
Scenario: You work in a corporate environment in which you are, at least partially, responsible for network security. You have implemented a firewall, virus and spyware protection, and your computers are all up to date with patches and security fixes. You sit there and think about the lovely job you have done to make sure that you will not be hacked.
You have done, what most people think, are the major steps towards a secure network. This is partially correct. What about the other factors?
Have you thought about a social engineering attack? What about the users who use your network on a daily basis? Are you prepared in dealing with attacks by these people?
Believe it or not, the weakest link in your security plan is the people who use your network. For the most part, users are uneducated on the procedures to identify and neutralize a social engineering attack. What’s going to stop a user from finding a CD or DVD in the lunch room and taking it to their workstation and opening the files? This disk could contain a spreadsheet or word processor document that has a malicious macro embedded in it. The next thing you know, your network is compromised.
This problem exists particularly in an environment where a help desk staff reset passwords over the phone. There is nothing to stop a person intent on breaking into your network from calling the help desk, pretending to be an employee, and asking to… Read the rest