Network Security and Access Control Internet Security

Question: You are a senior network security professional at your company. Your company has 150 employees. Each employee has his or her own terminal to access the companys network. There are also 15 wireless access points to support access for portable devices. You are charged with the task of assessing the current wireless network vulnerabilities and pointing out how threats can exploit theses vulnerabilities to launch security breaches. In addition, you are required to provide recommendations related to access control to reduce possible risks. Answer: Executive Summary This report deals with the internet security that are vulnerable towards attacks. There are several attacks such as viruses, worms, Trojan Horse, Payloads, Rootkits and Phishing that attack the network. In addition to this, the recommendations of these attacks such as use of antivirus, encryption and turning off identifier broadcasting are also discussed vividly. Introduction With the modernization of the internet, it has facilitated millions of employees, customers and business partners to get an easy access with each other. Hermann Fabian (2014) commented on the fact that the total organizations now days are totally dependent on the IT system for performing the work smoothly and effectively as well as to get a competitive advantage over other competitors. But with this access, the threats regarding the internet breaching has also increased considerably. The hackers and cyber criminals attack the websites, information systems as well as databases of the organization without even entering the organizations host country (Bradbury, 2010). This report will be dealing with the vulnerabilities regarding the wireless network and their ways of attack along with recommendations for reducing the effect of these attacks. Vulnerabilities regarding the current wireless network Viruses- These are the programs that affix themselves to the genuine programs on the machine of the victim. The viruses are spread through emails with attachments, file sharing programs from malicious websites. The virus programs targets the Operating Systems along with its applications for maximizing the damage. In addition to this Coppola et al. (2008) opinioned that through the network applications virus is also spread now days. Payloads- Barnes (2014) had commented that after the worms and viruses have propagated themselves payloads come into action that are the pieces of codes that damage the computer system. The payloads pop up the messages on the screen of the user that do substantial damage by clogging the network with high traffic and thereby shut down the internet. Trojan Horse- According to Farrell (2010) Trojan horses are also the programs that hide itself by erasing the system file and then taking up the name of the system file. They are difficult to detect since they look like the system files. Phishing- According to Karrenberg (2010) in this kind of attack, e-mails messages are sent to the victims that attack the computer system and gives out the sensitive information. The phishing attacks are the authentic looking emails as well as websites that are the major attacks. Rootkits- Rootkits are the programs that prevent the operating system from noticing their presence. Kociatkiewicz Kostera (2009) commented that these Rootkits generally attacks the root account that uses the privileges for hiding themselves. Ways that these vulnerabilities breach the security Denial of Service (DoS) Attack- According to Ramstetter, Yang Yao (2010) a Denial-of-Service attack happens when the attacker bombards a targeted access point continuously with failure messages, commands along with bogus requests. These kind of attacks that are prone to wireless networks. These kinds of attacks are totally based on the protocol abuse as per example Extensible Authentication Protocol (Yau et al. 2012). Here, the attacker attacks in such a way that it is unable to serve the legitimate users. These attacks are more prone towards the wireless networks. This attacks in such a way that a transmitter is set that covers the band where the wireless LAN operates. Teneyuca (2011) commented on the fact that this is done to ensure whether the transmitter is sufficiently powerful for overwhelming the weak. DOS attempts to make the server and network unavailable to provide service to the users by overflowing it with attack packets. Here, the internet hosts that include the clients , servers or both that flood the network and server with the attack packets (Kah Leng, 2015). Eavesdropping- Bradbury (2010) commented on the fact that wireless LANs broadcast network transfer into space where it becomes impossible to know who all are receiving the signals. As a result, the network traffic is subjected to eavesdropping as well as interception by the third parties. It is generally an unauthorized interception of a confidential communication that works on the real time basis. It is much easy to execute with IP based calls rather than TDM-based calls. It is a network layer attack that consists of capturing the packets from the network that is transmitted by others computers. Diagram regarding the network Figure 1: Network Structure (Source: As created by Author) Recommendations for reducing the risk Usage of Encryption- Coppola et al. (2008) commented that encryption is a modern way of securing the networks. In this process the wireless network are encrypted so that it is prevented from the outside intruders. Here, the plain text is transferred into cipher text by use of suitable algorithms. The receiver when receives the message decrypts it by using the secured key that is sent to the receiver by the sender. Turning off the identifier broadcasting- According to Yau et al. (2012) the wireless routers have identifier broadcasting which is necessary for sending out signals for announcing the presence. The hackers in order to hack and break the security, identifies the network and thereby attacks it. To prevent the hackers to identify the broadcasting, one should disable this mechanism in the wireless router. Using the antivirus, firewall and anti-spyware software- The antivirus, firewall etc. are need to be used for protecting the network from the virus attacks, worms, Trojan Horse etc. Teneyuca (2011) had opinioned that these also need to be installed and kept updated to protect the network from the attacks of the intruders. Downloads or surfing of unknown website also need to be reduced to certain extent for preventing the attacks of the intruders. Conclusion This report has dealt with the different kinds of attacks on network along with the procedure how the network is been attacked. In addition to this, the various ways of dealing these attacks are also discussed that help in protecting the wireless network to the maximum extent. The usage of this antivirus, firewalls and other measures helps the users I keeping the organization safe from the hands of the intruders. References Barnes, P. (2014). Using DNS to protect networks from threats within. Network Security, 2014(3), 9-11. doi:10.1016/s1353-4858(14)70030-3 Bradbury, D. (2010). A dogtag for the Internet. Computer Fraud Security, 2010(10), 10-13. doi:10.1016/s1361-3723(10)70132-9 Coppola, M., Jgou, Y., Matthews, B., Morin, C., Prieto, L., Snchez, . et al. (2008). Virtual Organization Support within a Grid-Wide Operating System. IEEE Internet Comput., 12(2), 20-28. doi:10.1109/mic.2008.47 Coppola, M., Jgou, Y., Matthews, B., Morin, C., Prieto, L., Snchez, . et al. (2008). Virtual Organization Support within a Grid-Wide Operating System. IEEE Internet Comput., 12(2), 20-28. doi:10.1109/mic.2008.47 Farrell, S. (2010). Why didn't we spot that? [Practical Security. IEEE Internet Comput., 14(1), 84-87. doi:10.1109/mic.2010.21 Hermann, S., Fabian, B. (2014). A Comparison of Internet Protocol (IPv6) Security Guidelines. Future Internet, 6(1), 1-60. doi:10.3390/fi6010001 Kah Leng, T. (2015). Internet defamation and the online intermediary. Computer Law Security Review, 31(1), 68-77. doi:10.1016/j.clsr.2014.11.009 Karrenberg, D. (2010). DNSSEC: Securing the global infrastructure of the Internet. Network Security, 2010(6), 4-6. doi:10.1016/s1353-4858(10)70080-5 Kociatkiewicz, J., Kostera, M. (2009). Experiencing the Shadow: Organizational Exclusion and Denial within Experience Economy. Organization, 17(2), 257-282. doi:10.1177/1350508409341114 Ramstetter, J., Yang, Y., Yao, D. (2010). Applications and Security of Next-Generation, User-Centric Wireless Systems. Future Internet, 2(3), 190-211. doi:10.3390/fi2030190 Teneyuca, D. (2011). Internet cloud security: The illusion of inclusion. Information Security Technical Report, 16(3-4), 102-107. doi:10.1016/j.istr.2011.08.005 Yau, W., Phan, R., Heng, S., Goi, B. (2012). Security models for delegated keyword searching within encrypted contents. J Internet Serv Appl, 3(2), 233-241. doi:10.1007/s13174-012-0063-1