Logo

Navigation
  • Home
  • Services
    • ERP Solutions
    • Implementation Solutions
    • Support and Maintenance Solutions
    • Custom Solutions
    • Upgrade Solutions
    • Training and Mentoring
    • Web Solutions
    • Production Support
    • Architecture Designing
    • Independent Validation and Testing Services
    • Infrastructure Management
  • Expertise
    • Microsoft Development Expertise
    • Mobile Development
    • SQL Server Database and BI
    • SAP BI, SAP Hana, SAP BO
    • Oracle and BI
    • Oracle RAC
  • Technical Training
    • Learn Data Management
      • Business Intelligence
      • Data Mining
      • Data Modeling
      • Data Warehousing
      • Disaster Recovery
    • Learn Concepts
      • Application Development
      • Client Server
      • Cloud Computing Tutorials
      • Cluster Computing
      • CRM Tutorial
      • EDI Tutorials
      • ERP Tutorials
      • NLP
      • OOPS
      • Concepts
      • SOA Tutorial
      • Supply Chain
      • Technology Trends
      • UML
      • Virtualization
      • Web 2.0
    • Learn Java
      • JavaScript Tutorial
      • JSP Tutorials
      • J2EE
    • Learn Microsoft
      • MSAS
      • ASP.NET
      • ASP.NET 2.0
      • C Sharp
      • MS Project Training
      • Silverlight
      • SQL Server 2005
      • VB.NET 2005
    • Learn Networking
      • Networking
      • Wireless
    • Learn Oracle
      • Oracle 10g
      • PL/SQL
      • Oracle 11g Tutorials
      • Oracle 9i
      • Oracle Apps
    • Learn Programming
      • Ajax Tutorial
      • C Language
      • C++ Tutorials
      • CSS Tutorial
      • CSS3 Tutorial
      • JavaScript Tutorial
      • jQuery Tutorial
      • MainFrame
      • PHP Tutorial
      • VBScript Tutorial
      • XML Tutorial
    • Learn Software Testing
      • Software Testing Types
      • SQA
      • Testing
  • Career Training
    • Career Improvement
      • Career Articles
      • Certification Articles
      • Conflict Management
      • Core Skills
      • Decision Making
      • Entrepreneurship
      • Goal Setting
      • Life Skills
      • Performance Development
      • Personal Excellence
      • Personality Development
      • Problem Solving
      • Relationship Management
      • Self Confidence
      • Self Supervision
      • Social Networking
      • Strategic Planning
      • Time Management
    • Education Help
      • Career Tracks
      • Essay Writing
      • Internship Tips
      • Online Education
      • Scholarships
      • Student Loans
    • Managerial Skills
      • Business Communication
      • Business Networking
      • Facilitator Skills
      • Managing Change
      • Marketing Management
      • Meeting Management
      • Process Management
      • Project Management
      • Project Management Life Cycle
      • Project Management Process
      • Project Risk Management
      • Relationship Management
      • Task Management
      • Team Building
      • Virtual Team Management
    • Essential Life Skills
      • Anger Management
      • Anxiety Management
      • Attitude Development
      • Coaching and Mentoring
      • Emotional Intelligence
      • Stress Management
      • Positive Thinking
    • Communication Skills
      • Conversation Skills
      • Cross Culture Competence
      • English Vocabulary
      • Listening Skills
      • Public Speaking Skills
      • Questioning Skills
    • Soft Skills
      • Assertive Skills
      • Influence Skills
      • Leadership Skills
      • Memory Skills
      • People Skills
      • Presentation Skills
    • Finding a Job
      • Etiquette Tips
      • Group Discussions
      • HR Interviews
      • Interview Notes
      • Job Search Tips
      • Resume Tips
      • Sample Resumes
 

Preventing Network Intrusion

By Chandra Vennapoosa | on November 24, 2011 |
Networking

It is often said that Prevention is better than cure. This adage is definitely true in network security. Network attacks are better off prevented than cured. Network administrators have to do the necessary tasks to prevent network intrusion as much as possible and ensure that no damage has been done to the network at any point of time.

Topics

  • Virus Checking
  • Denial of Service Attack
  • Reducing Denial of Service Attacks
  • How DOS Attacks Work
  • Protect Yourself from DOS Attacks

Network intrusion and damage threat is always present and network administrators have to be constantly on alert. Various practices have been employed today to ensure different types of attacks would not come through. Usually these practices would mean extra work and would cause an extra lag for productivity. But considering the effects of network attacks, the small inconvenience is tolerable.

The following are the popular practices by network administrators in implementing network security.

Virus Checking

Even in a non-network scenario, virus checking is always an imperative. A single virus released on a computer would affect different files and system and would cause considerable damage or inconvenience. Computers have a built in virus protection but depending on the time of manufacturing, virus checking would be outdated.

Newer viruses are released everyday that it is almost an imperative for owners of computers to update their system everyday. Unfortunately not all computers have the ability to update their list of possible viruses without a third party application for virus detection and prevention.

Networks can also have 3rd party applications that have the ability to check incoming files for virus prevention. Although it is not implemented in each computer, it will have the ability to prevent the transfer of dangerous files and prevent these files from getting into the server.

Checking for viruses is not the only task that should be implemented by network administrators. A single suspicion on a file should be prevented from entering the system. That is why network administrators often prevent certain files from accessing important computers, servers and application. The type of file, its size, date of creation and configuration are often screened so that no virus should be checking in.

Even if a file is not infected, it is important that protocols should be followed. Not only does this prevent network intrusion but it generally assists in the automation which speeds up data processing. It might be an extra task for the users but it generally assists the network to easily streamline the information and prevent anything out of the ordinary to be part of the network.

Buffer overflows should also be taken cared by network administrators. In gist, buffer overflow is a process wherein the file or a system is stored in the server or a personal computer that takes a bigger memory than what it should have. Buffer overflow is a tell tale sign that something is definitely wrong with the system that is about to be built or created. Malicious codes could be hidden which triggers the additional buffer requirement. Preventing this depends on the network administrators preferences. They could either use a program to check for buffer overflows or plainly use a tested library and language that is not often used for an attack.

Denial of Service Attack

Another popular attack in a network setting is the “denial of service” attack also known as DoS attack. The name itself tells the effect of the attack. The usual process of attackers to implement DoS is to stress the server with the number of information requests. The information requested is legitimate but when the machine is constantly requested for information in a large scale bases, the machine would almost come to a halt. This would affect other requests as the system will not be able to process them altogether.

The evolution of DoS has led to the creation of different types of DoS attacks. A well thought out and orchestrated attack will always cripple the server but this does not mean it is done by different hackers. It could come from a single computer which sends out spam messages and requests which will ultimately stress the network and deny service to legitimate users.

Preventing DoS also need concentrated efforts from the hardware and the application side for network administrators.

Routers and switches are two of the fail safe systems that could be used in preventing DoS attacks. Both of these devices has the ability to limit the information that is coming in and even out. Through these hardware devices, network administrators could manually set expected flow of information. However, the performance of these hardware devices differs considerably. Routers only have the capability of limiting bandwidth use however switches have more. A single switch could control information from getting in and could actually queue the requested information when necessary.

Another preventive measure that is usually implemented by network administrators to prevent this type of attack is to use intrusion-prevention system. Although quite limited on its function, IPS is useful in terms of identifying the attack and prevents it from getting in. Along with IPS, firewalls are also necessary in preventing network attacks. Not only this should be installed in the network but every user should have a native firewall installed in their computer.

Reducing Denial of Service Attacks

DoS attack which often results in websites being shut down for a certain period of time. While DoS attacks are well known among websites, they can be used in other ways as well. Virtually anyone can become a victim of a DoS attack, and what makes these attacks even more frustrating is that they are hard to separate from standard network activity. However, there are a number indicators which can allow you to determine whether or not you are a victim of DoS attacks. 

With a DoS attack, the attacker will try to block authorized users from gaining access to specific services or important information. These attacks will typically focus on both a computer and any networks its connected to, as well as the computers or websites which you are attempting to access. Some of the services which you can be prevented from using include online banking, email, or various websites that you wish to access. Not only are DoS attacks frustrating to the person who is trying to access the information, but it is also frustrating to service providers as well.

Think of it this way. If you are the owner of a website that provides services to others, and you earn an income from these services, your income could reduced as a result of a DoS attack. If you make money from Google Adsense, for instance, but your website suddenly goes down as a result of a DoS attack, your earnings for that period of time could be completely cut off, eliminating a source of your income. Some argue that DoS attacks are perhaps one of the most frustrating attacks that a website can be subjected to.

How DoS Attacks Work

Typically, the person who launches a DoS attack will "fill up" a network with enormous amounts of information. When users type in the URL of a site they are trying to visit, they will essentially be sending a request to the server that they wish to see this page. However, there is a limit to how many requests the server can handle at any given time. What this means is that if an attacker hits the server with an abnormal number of requests, it will not be able to let legitimate people view the site. This is referred to as Denial of Service since you are being "denied" from accessing the site.

One method that many DoS attackers use is to utilize a bunch of spam message is to attack an email account. No matter what type of email account you have, whether it is a free account or one which is offered by an organization you are affilitated with, you will be given a certain quota for the amount of data you can have within your account.

By sending either a large number of emails to your account, or sending a few emails which are abnormally large, your quota can be bypassed, and you can be blocked from receiving messages which are legitimate. Another type of DoS attack that you should familiarize yourself with is the Distributed DoS.

With the Distributed DoS attack, the attacker will use a computer other than their own to attack other computers. The attacker will do this simply by taking advantage of the vulnerabilities they find on a target computer. Once they’ve taken control of a specific computer, they can force your system to send an enormous amount of data to websites, or they can use your system to spam specific email accounts. This attack is referred to as being "distributed" since the attacker is using more than one computer to carry out the attack. However, there are ways in which you can avoid becoming a victim of DoS.

Protect Yourself from DoS Attacks

We live in an age where computers have become an important part of our lives. As the Internet continues to be adopted more widely around the globe, DoS attacks will become much more severe, and the punishments for them will increase as well. The bad news about DoS attacks is that there is no concrete method of preventing them completely. However, you can dramatically reduce the chances that your computer or website is targeted. It is first important to install an anti-virus software. In addition to installing this software, you will also want to install a good firewall.

Once you have installed the firewall, you will want to reduce the amount of traffic that you allow to enter and leave your computer. As far as email addresses are concerned, you will want to avoid giving your email address out to too many sources, and you will also want to make use of email filters so that you can handle traffic which is unwanted. Note that not all issues that seem like DoS are truly denial of service attacks. There could be problems with a network, or a website or email account may simply be down for a certain period of time. However, if these issues persist, it is likely that a DoS attack has occurred.

« « Creating and Developing Security Policies
Network Security Firewall and Architecture » »

Author Description

Chandra Vennapoosa

Chandra Vennapoosa, B.S Arch Graduate, Managing Director - Exforsys Inc, Founder of exforsys.com and geekinterview.com. Chandra's mission is "to provide quality career coaching and interview advice for aspiring candidates". She is an avid writer and is also very passionate to help others become professional freelancers. In addition to several online trainings, she has authored the popular book "How to Become a Successful Freelancer"

Free Training

RSSSubscribe 392 Followers
  • Popular
  • Recent
  • Bus Topology

    February 21, 2008 - 0 Comment
  • Fiber Distributed Data Interface (FDDI)

    March 6, 2008 - 0 Comment
  • Network Designs

    February 24, 2008 - 0 Comment
  • Point to Point Protocol (PPP)

    March 6, 2008 - 0 Comment
  • Network Management

    February 24, 2008 - 0 Comment
  • Network Topology

    February 25, 2008 - 0 Comment
  • Synchronous Data Link Control (SDLC)

    March 13, 2008 - 0 Comment
  • Linux Thin Client Networks Design and Deployment

    October 2, 2009 - 0 Comment
  • Home Networking

    February 25, 2008 - 0 Comment
  • Switched Multi Megabit Data Service (SMDS)

    March 13, 2008 - 0 Comment
  • How to use Hashes to Ensure Integrity

    November 30, 2011 - 0 Comment
  • Data Protection Protocols

    November 30, 2011 - 0 Comment
  • How to Effectively Protect Your System

    November 28, 2011 - 0 Comment
  • Network Security Firewall and Architecture

    November 26, 2011 - 0 Comment
  • Creating and Developing Security Policies

    November 23, 2011 - 0 Comment
  • Linux Thin Client Networks Design and Deployment

    October 2, 2009 - 0 Comment
  • High Level Data Link Control (HDLC)

    March 29, 2008 - 0 Comment
  • IPv6

    March 20, 2008 - 0 Comment
  • High-Speed Serial Interface (HSSI)

    March 20, 2008 - 0 Comment
  • Frame Relay

    March 17, 2008 - 0 Comment

Exforsys e-Newsletter

ebook
 

Related Articles

  • How to use Hashes to Ensure Integrity
  • Data Protection Protocols
  • How to Effectively Protect Your System
  • Network Security Firewall and Architecture
  • Creating and Developing Security Policies

Latest Articles

  • Project Management Techniques
  • Product Development Best Practices
  • Importance of Quality Data Management
  • How to Maximize Quality Assurance
  • Utilizing Effective Quality Assurance Strategies
  • Sitemap
  • Privacy Policy
  • DMCA
  • Trademark Information
  • Contact Us
© 2023. All Rights Reserved.IT Training and Consulting
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.AcceptReject Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT