Content









14.2
Threats
to Network Security



14.2.1

Overview:
Internal/external security





As the networking industry has matured
over the last decade, security has become one of the greatest concerns
of Information Technology. Today, networks carry billions of financial
transactions, private documents, and personal records. Many sensitive
exchanges of such information occur over the public Internet.
From a security standpoint, the
Internet presents numerous challenges. First, the Internet relies on
the well-known open protocols that make up the Transmission Control
Protocol/Internet Protocol suite (TCP/IP). These protocols, including
IP itself, were not designed with a worldwide public network in mind.
Although the TCP/IP suite has scaled to meet the demands of the global
Internet of today, these protocols have a notorious lack of inherent
security.
In other words, the Internet
essentially works by following rules that are open to the public. If
one studies the rules enough, one is bound to find loopholes and
weaknesses that can be exploited. Unfortunately, there appears to be
no shortage of individuals willing to find and exploit these
weaknesses, either for profit or just for fun. A second security
concern surrounds the nature of Internet connections. The number of
individuals, organizations, and institutions connected to the Internet
are growing. These large groups of Internet connections have become
essential for businesses in many developed parts of the world. But
connecting to the Internet opens the door to network intruders.
Typically, an Internet connection is a two-way street. If a user
connects to the Internet, then the hosts on the Internet can connect
to that user.
Virtually all Network Operating Systems
(NOSs) have some degree of TCP/IP support. Windows 2000 and Red Hat
Linux offer a full compliment of IP services. This chapter focuses on
TCP/IP related security issues because TCP/IP is the dominant network
protocol today. By running TCP/IP and connecting to the Internet, a
company faces significant outside threats.
In addition to outside threats from the
Internet, corporate networks face numerous inside security concerns.
Common services such as file sharing and e-mail must be secured on a
corporate network. This measure is taken so that only authorized users
have access to sensitive and personal information. Just as
confidential paper files are kept in locked file cabinets in locked
offices, electronic records must also be secured.
Inside security lapses can also result
in outside attacks. Legitimate users can inadvertently infect the
corporate network with a virus just by reading e-mail or browsing the
web. Some corporate users may, intentionally or otherwise, install
unauthorized software that can open a system or an entire network up
to attack. And, of course, disgruntled or disloyal employees can pose
a security threat from both inside and outside the corporate network.
Well implemented security policies can minimize the risk posed by
these scenarios.