How is the Security of your Network Compromised?

Information is a valuable resource in the present day and unscrupulous people are using various means of computer security breach to cause damage to the systems that hold the information. This results in temporary loss and set back in time schedules before the companies restore data security. Also another dangerous criminal activity is that of obtaining private information and robbing people or even resorting to extortion.

The computer has become the major instrument of storage as well as of communication. Protecting the computer is therefore becoming important as all the information of any enterprise lies in the memory of the server hard disk. The information is at risk and Confidentiality, Integrity and Availability at the right time to the right people is necessary.

Computer physical security and computer data security is therefore paramount in any business organization. For large organizations with enterprise LAN’s and WAN’s security of their network is complex. There are many access points where the information and the network are vulnerable to attack.

Point of Vulnerability

Network security issues should be discussed from the point of view of every layer of the TCP/IP protocol structure. Computer security breach occurs due to the nature of the protocol used and the weakness in the protocol toward security.

Data Link Layer of IP

This layer of the internet protocols deals with switches and routers and the areas of network attacks are

• CAM-Content Addressable memory table overflow is a means of filling up this table with a number of invalid source MAC addresses. This causes all the imports to be flooded with traffic as they cannot get any valid address to which redirection takes place. This affects the local VLAN.
• VLAN hopping is where the attacker behaves like a switch and negotiates to send and receive traffic between other VLAN’s. At times it sends traffic to an invalid VLAN causing loss and flooding of network.
• Spanning-Tree Protocol manipulation is done by the attacker to spoof their system as the root of the topology and hence be able to see the frames of data sent over the network.
• Media Access Control is a means of rewriting the host MAC-Media Access Control table with address and taking over the MAC address of the host such that all the traffic to the host is now redirected to the attackers system.
• Address Resolution Protocol attacks when the attacker changes the ARP table of MAC and IP addresses. This helps in launching a Man-in-the-middle and Denial of Service Attacks.
• Private VLAN’s have their own communication policy between the ports. The network attack here involves the used of proxy to get through access restrictions to a Private VLAN
• DHCP starvation is done by broadcasting DHCP request with spoofed MAC addresses.

Continue to : IP layers and computer data security

Related Articles

Essentials of a Network: Network Security
How Secure is your Windows Network?
Network Security and Linux: Is it really better?
Is your Home Network Safe From Viruses and Hackers?
How Secure is Your Wireless Network?