The need for computer/network security:
Computer/network security includes:
Control of physical accessibility to computers/network
Accidental Data Prevention
Deletion, Modification, Compromise
detection and prevention of
Intentional breaches of internal security
Unauthorized external intrusions (hacking)
All three sides of the triangle must exist for a network intrusion to occur:
motivates
A reason to want to breach your security
medium
The ability
Chance
The opportunity to enter the network.
This last element is the only opportunity that the administrator has to control the events.
Network Security Principles:
Network security objectives are sometimes identified as Confidentiality.
Only the sender and recipient should “see” the Integrity message.
The sender and receiver want to ensure that the message is not altered in transit or after the words. authentication
The sender and recipient want to confirm the availability of each other’s identity.
Services and resources must be available and accessible.
Understand risk management:
A key principle of security is that no network is completely secure.
Information security is primarily concerned with risk management.
The more important an asset is, the more exposed it is to security threats, therefore the more resources you should put into protecting it.
Understanding risk management – 2:
Generally, without training, administrators respond to a security threat in one of three ways:
Ignore the threat or acknowledge it but do nothing to stop it from happening.
Address the threat in an ad hoc manner.
Attempt to fully protect all assets to the highest degree, regardless of ease of use or manageability.
None of these strategies take into account what the real risk is, and all will generally lead to failure in the long run.
What are some risks?
eavesdrop
message interception
Kidnapping
Take on the role of sender or receiver.
Insertion
Of messages on an active connection
Interpretation
Forging a source address in a packet or any field in a packet
Denial of Service (DOS).
Prevent others from gaining access to resources, usually by overloading the system.
Risk management:
Once the assets and their corresponding threats have been identified, risk management may consist of:
acceptance
Mitigation
Transfer
Avoidance
Accept the risk:
If you don’t take proactive steps, you accept the full exposure and consequences of threats to an asset’s security.
You should accept the risk only as a last resort when there are no other reasonable alternatives, or when the costs are extremely high.
When accepting the risk, it is always a good idea to create a contingency plan.
A contingency plan details a set of actions that will be taken after the risk materializes and will lessen the impact of the asset loss commitment.
Mitigating risk:
The most common method of securing computers and networks is to mitigate security risks.
By taking proactive steps to reduce an asset’s exposure to threats or reduce organizations’ dependency on the asset, you are mitigating security risk.
A simple example: install antivirus software.
Risk transfer:
Transferring security risk elsewhere has many benefits, including:
Economies of scale, such as insurance.
Using the expertise and services of another organization.
Example: use a web hosting service.
When undertaking this type of risk transfer, the details of the agreement must be clearly laid out in a contract known as a service level agreement (SLA).
Avoid risk:
The opposite of accepting risk is avoiding risk altogether.
To avoid risk, you must eliminate the source of the threat, the exposure to the threat, or your organization’s dependency on the asset.
In general, you avoid risk when there is little or no chance of mitigating or transferring the risk, or when the consequences of realizing the risk far outweigh the benefits gained by taking the risk.
An example might be a military or law enforcement database that, if compromised, could put lives in danger.
Implementing Security:
Think of security in terms of granting the fewest privileges necessary to accomplish the task.
Example: Consider the case of a network administrator who unknowingly opens an email attachment that initiates a virus.
If the administrator logs in as a domain administrator, the virus will have administrator privileges on all domain computers and thus have unrestricted access to almost all data on the network.
Defense in depth:
Think of your network security as a series of layers.
Each layer you remove brings you closer to the core, where the critical asset is located.
In your network, defend each layer as if the previous outer layer were ineffective or non-existent.
The overall security of your network will increase dramatically if you defend at all levels and increase security fault tolerance.
Example: To protect users from running an email-borne virus, in addition to antivirus software on users’ computers, you can use email client software that blocks potentially dangerous file types from running, blocks potentially dangerous attachments according to their file type and ensures that the user is running under a limited user account.
Reduced attack surface:
An attacker needs to know only one vulnerability to successfully attack your network, while you must identify all of your vulnerabilities to defend your network.
The smaller the attack surface, the more chances you have to account for all assets and their protection.
Attackers will have fewer targets and you will have less to monitor and maintain.
Example: To reduce the attack surface of individual computers on your network, you can disable services that are not used and remove software that is not needed.
Address security objectives:
Control of physical access to
servers
network workstations
network devices
wiring plant
Be aware of security considerations with wireless media related to laptop computers.
Recognize the security risk.
To allow the data to be printed.
Involving floppy disks, CDs, tapes, other removable media.
Recognition of threats to network security:
To protect your network, you should consider the following:
Question: from whom or what are you protecting if?
Who: types of network intruders and their motivations.
What: Types of network attackers and how they work.
These questions form the basis for performing a threat analysis.
A comprehensive threat analysis should be the product of brainstorming among people who know business processes, industry, security, etc.
Classification of specific types of attacks:
Social engineering attacks
DOS attacks
Scanning and counterfeiting
Source routing and other protocol exploits
SOFTWARE and system vulnerabilities
Trojans, Viruses and worms
It is important to understand the types of threats in order to deal with them properly.
Design of a Comprehensive Security Plan:
RFC2196, The Site Security Manual.
Identify what you are trying to protect.
Determine what you are trying to protect it from.
Determine how likely the anticipated threats are.
Implement measures that protect your assets profitably.
Continually review the process and make improvements whenever a weakness is discovered.
Steps to create a security plan:
Your security plan will generally consist of three different aspects to protect your network.
Prevention: the measures that are implemented to prevent your information from being modified, destroyed or compromised.
Detection: The measures that are implemented to recognize when a security breach has occurred or has been attempted, and possibly the source of the breach.
Reaction: The measures that are implemented to recover from a security breach to recover lost or corrupted data, to restore system or network operations, and to prevent future occurrences.
Security Ratings:
The US government provides specifications for the qualification of network security implementations in a publication often referred to as the Orange Book, formally called the Department of Defense Trusted Computing System.
Evaluation Criteria, or TCSEC.
The Red Book, or TCSEC Trusted Network Interpretation (TNI) explains how the TCSEC assessment.
criteria apply to computer networks.
Canada has security rating systems that work in a similar way.
CTPEC
Safety Ratings -2:
To obtain a government contract, companies are often required to obtain a C2 rating.
A C2 qualification has several requirements.
The operating system in use is capable of tracking data access, including who accessed it and when it was accessed.
That user access to objects be subject to control (access permissions).
That users are uniquely identified in the system (user account name and password).
That security-related events can be tracked and permanently recorded for audit (audit logging).