COMPUTER AND COMPUTER NETWORK SECURITY

Computer Networks
1. A computer network or simply a network is a collection of connected computers. Two or
more computer systems are considered as connected, if they can send and receive data from each
other through a shared access medium. The communicating entities in a computer network are
generally known as principals, subjects or entities. These principals can be further divided into
users, hosts and processes.

(a) A user is a human entity, responsible for its actions in a computer network.
(b) A host is an addressable entity within a computer network. Each host has a unique
address within a network.
(c) A process is an instance of an executable program. It is used in a client/server
model, in order to distinguish between the client and the server processes.
(d) A client process is a process that makes requests of a network service. ƒ
(e) A server process is a process that provides a network service, for example as
daemon process running continuously in the background on behalf of a service

2. In order to formalize the way that networking is performed, network reference models
have been developed, which group similar functions into abstractions known as layers. Each
layer’s functions can communicate with the same layer’s functions of another network host. On
the same host, the functions of a particular layer have interfaces to communicate with the layers
bellow and above it. This abstraction simplifies and properly defines the necessary actions for
networking.

3. The International Standards Organization (ISO) Open Systems Interconnection (OSI)

Reference Model defines seven network layers, as well as their interfaces. Each layer depends on
the services provided by its intermediate lower layer all the way down to the physical network
interface card and the wiring. Then, it provides its services to its immediate upper layer, all the
way up to the running application. The network layers in the ISO/OSI Reference Model are the
following (from the lowest to the highest).

(a) The Physical Layer

(b) The Data Link Layer
(c) The Network Layer
(d) The Transport Layer
(e) The Session Layer
(f) The Presentation Layer
(g) The Application Layer
4. A network is considered as a wired or fixed network if the access medium is some kind
of physical cable connection between the computers, such as a copper cable or a fiber optic
cable. On the other hand, a network is considered as a wireless network, if the access medium
relies on some kind of signaling through the air, such as RF communication. A network can also
be divided according to its geographical coverage. Depending on its size, a network can be a
Personal Area Network (PAN), a Local Area Network (LAN), a Metropolitan Area Network
(MAN) or a Wide Area Network (WAN).

Telecommunication Networks
5. A telecommunication network is a collection of connected links, which allow messages
to pass from one part of the network to another, through the intermediate links. In the general
term, computer networks may be considered as telecommunication networks. However, the term
telecommunication networks are basically used to describe telephone networks. These include
fixed networks, such as the Public Switched Telecommunication Network (PSTN), which is
globally used for wire-line telephone communications. They also include mobile networks, such
as the Global System for Mobile communications (GSM), which is the most common cellular
phone network, or the next generation Unified Mobile Telecommunication System (UMTS)
network. The GSM is considered as second-generation (2G) mobile network, while UMTS is
considered as a third generation (3G) mobile communication network.

6. Security in telecommunication networks has in general the same requirements as in

computer networks, concerning the required security services and mechanisms, which are
discussed in the following sections. However, the security design in telecom networks shall take
into consideration several aspects and differences, such as the closed nature of telecom networks
in comparison with the open nature of the Internet, the wireless access of mobile
telecommunication networks and the end-user mobility, the particular security threats, the type of
information to be protected, and the complexity of the network architecture. The radio
transmission is by nature more vulnerable to eavesdropping, than fixed-line transmission. The
user mobility and the universal network access certainly provoke security treats. As the
telecommunication networks are converging towards IP-based communications (e.g. in the
GPRS and UMTS) and as computer (information) and telecommunication networks are getting
more and more interconnected, a holistic approach towards network security must be followed.

Goals of Network Security

7. Regardless of the access medium and the coverage of a network, network security can be
considered through the achievement of two security goals: computer system security and
communication security. The goal of computer systems security is to protect information assets
against unauthorized or malicious use, as well as to protect the information stored in computer
systems from unauthorized disclosure, modification or destruction. ƒ
8. The goal of communications security is to protect information during its transmission
through a communication medium, from unauthorized disclosure, modification or destruction. In
order to achieve the goals of network security in any network, the following steps must be
followed.

(a) Define the assets to be protected and the perimeter of the network. Before
implementing any security measures, the assets of the network must be identified and
assessed. Furthermore, the perimeter of the network to be protected must be defined, in
order to distinguish the internal or private network from the external or unreliable network.
(b) Define the possible security threats and attacks. After the network assets and the
network perimeter have been defined, the possible security attacks that threat the network
must be defined and evaluated. This will help in focusing on the protection from the most
possible threats. In this process it is very important to consult specialized Internet sites that
focus on network security and security threats, either of proprietary products or from
security threats and vulnerabilities databases.
(c) Evaluate the security risks and define the desired security level. The following
step is to evaluate the examined threats in conjunction with the existing vulnerabilities and
assets. This can be performed by using a risk analysis methodology. Then, after the risks
against network security have been identified, the desired security level must be defined, in
order to set up the suitable security measures.
(d) Define security policies that formally set up the desired security level. The desired
security level must then be formalized through network security policies. These policies
are a formal way to define what security services must be provided, in order to reach the
network security goals and to reduce the risk to the desired and acceptable level.
(e) Define the security services and implement the proper security mechanisms. The
security services define what security properties must be maintained in each part of the
network, such as authentication and access control. The security mechanism defines the
way that will implement the functionality of the defined security services. More details
about network security services and mechanisms are provided in the following sections.
Note however that the apart from the technical security mechanisms, other non technical
security measures are also defined in order to achieve the desired security level that is
formally described in the security policies. These non-technical measures are mostly
security procedures.
(f) Periodically assure that the proper security policies, services and mechanisms are
in place. Although the security threats may have been properly recognized and security
policies may enforce the desired security level with security mechanisms and controls, it is
important to periodically assure that everything is set up correctly. Problems may arise due
to new security threats and vulnerabilities, new security needs or attenuation of the existing
security mechanisms. The period that each of the above must be examined differs, since
due to technology changes it is usually required to examine the security mechanisms more
frequently than the security policies or services, or the desired security level.
Computer Network Troubleshooting
9. For troubleshooting information on dialup links or WAN connections, consult the
chapters in Part IV, “Troubleshooting Serial Lines and WAN Connections.” Even though it may
seem logical to first troubleshoot at the physical layer, problems can generally be found more
quickly by first troubleshooting at Layer 3 and then working backward when a physical problem
is found or suspected. Possible problems include the following.

(a) Configuration is incorrect.

(b) Cable is faulty or improperly connected.
(c) Wiring closet cross-connect is faulty or improperly connected.
(d) Hardware (interface or port) is faulty.
(e) Interface has too much traffic.

10. Some of the Physical Trouble shooting problems are listed below.

(a) Rule Out a Configuration Problem. Check to make sure that all cables are
connected to the appropriate ports. Make sure that all cross-connects are properly patched
to the correct location using the appropriate cable and method. Verify that all switch or
hub ports are set in the correct VLAN or collision domain and have appropriate options
set for spanning tree and other considerations.
(b) Check Cable Connections. Verify that the proper cable is being used. If this is a
direct connection between two end systems (for example, a PC and a router) or between
two switches, a special crossover cable may be required. Verify that the cable from the
source interface is properly connected and is in good condition. If you doubt that the
connection is good, reseat the cable and ensure that the connection is secure. Try
replacing the cable with a known working cable. If this cable connects to a wall jack, use
a cable tester to ensure that the jack is properly wired. Also check any transceiver in use
to ensure that it is the correct type, is properly connected, and is properly configured. If
replacing the cable does not resolve the problem, try replacing the transceiver if one is
being used.
(c) Check the Configuration. Verify that the interface on the device is configured
properly and is not shut down. If the device is connected to a hub or switch, verify that
the port on the hub or switch is configured properly and is not shut down. Check both
speed and duplex.
(d) Check the Network Interface. Most interfaces or NICs will have indicator lights
that show whether there is a valid connection; often this light is called the link light. The
interface may also have lights to indicate whether traffic is being sent (TX) or received
(RX). If the interface has indicator lights that do not show a valid connection, power off
the device and reseat the interface card.
11. When troubleshooting IP connectivity problems across large networks, it always helps to
have a network diagram handy so that you can understand the path that the traffic should take
and compare it to the path that it is actually taking. When IP packets are routed across a network,
there is the potential for problems at every hop between the source and the destination, so test
connectivity at each hop to determine where it is broken is the logical troubleshooting
methodology. The following could be wrong for the following IP connectivity and Routing
Problems.

(a) A router may not have a route to the source or destination.

(b) The network might have a routing loop or other routing protocol-related problem.
(c) A physical connectivity problem might have occurred.
(d) A resource problem on one router might be prohibiting proper router operation.
This could possibly be caused by lack of memory, lack of buffers, or lack of CPU.
(e) A configuration problem might have occurred on a router.
(f) A software problem might have occurred on a router.
(g) A packet filter or firewall might be preventing traffic from passing for an IP
address or protocol.
(h) An MTU mismatch problem might have occurred