Network security

From Wikipedia, the free encyclopedia

This article is part of a series on
Computer security
Computer security (main article)
Related security categories
Internet security
Cyberwarfare
Information security
Mobile security
Network security
Threats
Computer crime
Vulnerability
Eavesdropping
Exploits
Trojans
Viruses and worms
Denial of service
Malware
Payloads
Rootkits
Keyloggers
Defenses
Access Control Systems
Application security
Antivirus software
Secure coding
Security by design
Secure operating systems
Authentication
Multi-factor authentication
Two-factor authentication
Authorization
Data-centric security
Firewall (computing)
Intrusion detection system
Intrusion prevention system
Mobile secure gateway
v t e
Network security consists of the policies and practices adopted to prevent and m
onitor unauthorized access, misuse, modification, or denial of a computer networ
k and network-accessible resources. Network security involves the authorization
of access to data in a network, which is controlled by the network administrator
.[citation needed] Users choose or are assigned an ID and password or other auth
enticating information that allows them access to information and programs withi
n their authority. Network security covers a variety of computer networks, both
public and private, that are used in everyday jobs; conducting transactions and
communications among businesses, government agencies and individuals. Networks c
an be private, such as within a company, and others which might be open to publi

c access. Network security is involved in organizations, enterprises, and other

types of institutions. It does as its title explains: It secures the network, as
well as protecting and overseeing operations being done. The most common and si
mple way of protecting a network resource is by assigning it a unique name and a
corresponding password.
Contents
1 Network Security concepts
2 Security management
2.1 Types of Attacks
3 See also
4 References
5 Further reading
Network Security concepts
Network security starts with authenticating, commonly with a username and a pass
word. Since this requires just one detail authenticating the user name i.e., the p
assword this is sometimes termed one-factor authentication. With two-factor authen
tication, something the user 'has' is also used (e.g., a security token or 'dong
le', an ATM card, or a mobile phone); and with three-factor authentication, some
thing the user 'is' also used (e.g., a fingerprint or retinal scan).
Once authenticated, a firewall enforces access policies such as what services ar
e allowed to be accessed by the network users.[1] Though effective to prevent un
authorized access, this component may fail to check potentially harmful content
such as computer worms or Trojans being transmitted over the network. Anti-virus
software or an intrusion prevention system (IPS)[2] help detect and inhibit the
action of such malware. An anomaly-based intrusion detection system may also mo
nitor the network like wireshark traffic and may be logged for audit purposes an
d for later high-level analysis.
Communication between two hosts using a network may be encrypted to maintain pri
vacy.
Honeypots, essentially decoy network-accessible resources, may be deployed in a
network as surveillance and early-warning tools, as the honeypots are not normal
ly accessed for legitimate purposes. Techniques used by the attackers that attem
pt to compromise these decoy resources are studied during and after an attack to
keep an eye on new exploitation techniques. Such analysis may be used to furthe
r tighten security of the actual network being protected by the honeypot. A hone
ypot can also direct an attacker's attention away from legitimate servers. A hon
eypot encourages attackers to spend their time and energy on the decoy server wh
ile distracting their attention from the data on the real server. Similar to a h
oneypot, a honeynet is a network set up with intentional vulnerabilities. Its pu
rpose is also to invite attacks so that the attacker's methods can be studied an
d that information can be used to increase network security. A honeynet typicall
y contains one or more honeypots.[3]
Security management
Security management for networks is different for all kinds of situations. A hom
e or small office may only require basic security while large businesses may req
uire high-maintenance and advanced software and hardware to prevent malicious at
tacks from hacking and spamming.
Types of Attacks
Networks are subject to attacks from malicious sources. Attacks can be from two
categories: "Passive" when a network intruder intercepts data traveling through
the network, and "Active" in which an intruder initiates commands to disrupt the

network's normal operation.[4]

Types of attacks include:[5]
Passive
Network
Wiretapping
Port scanner
Idle scan
Active
Denial-of-service attack
DNS spoofing
Man in the middle
ARP poisoning
VLAN hopping
Smurf attack
Buffer overflow
Heap overflow
Format string attack
SQL injection
Phishing
Cross-site scripting
CSRF
Cyber-attack
See also
Cloud computing security
Crimeware
Cyber security standards
Data Loss Prevention
Greynet
Identity Based Security
Information Leak Prevention
Metasploit Project
Mobile security
Netsentron
Network Security Toolkit
TCP Gender Changer
TCP sequence prediction attack
Timeline of hacker history
Wireless LAN Security
Dynamic secrets
Low Orbit Ion Cannon
High Orbit Ion Cannon
References
A Role-Based Trusted Network Provides Pervasive Security and Compliance - interv
iew with Jayshree Ullal, senior VP of Cisco
Dave Dittrich, Network monitoring/Intrusion Detection Systems (IDS), University
of Washington.
"''Honeypots, Honeynets''". Honeypots.net. 2007-05-26. Retrieved 2011-12-09.
Wright, Joe; Jim Harmening (2009) "15" Computer and Information Security Handboo
k Morgan Kaufmann Publications Elsevier Inc p. 257
http://www.cnss.gov/Assets/pdf/cnssi_4009.pdf
Further reading

Case Study: Network Clarity, SC Magazine 2014

Cisco. (2011). What is network security?. Retrieved from cisco.com
pcmag.com
Security of the Internet (The Froehlich/Kent Encyclopedia of Telecommunicati
ons vol. 15. Marcel Dekker, New York, 1997, pp. 231 255.)
Introduction to Network Security, Matt Curtin.
Security Monitoring with Cisco Security MARS, Gary Halleen/Greg Kellogg, Cis
co Press, Jul. 6, 2007.
Self-Defending Networks: The Next Generation of Network Security, Duane DeCa
pite, Cisco Press, Sep. 8, 2006.
Security Threat Mitigation and Response: Understanding CS-MARS, Dale Tesch/G
reg Abelar, Cisco Press, Sep. 26, 2006.
Securing Your Business with Cisco ASA and PIX Firewalls, Greg Abelar, Cisco
Press, May 27, 2005.
Deploying Zone-Based Firewalls, Ivan Pepelnjak, Cisco Press, Oct. 5, 2006.
Network Security: PRIVATE Communication in a PUBLIC World, Charlie Kaufman |
Radia Perlman | Mike Speciner, Prentice-Hall, 2002. ISBN .
Network Infrastructure Security, Angus Wong and Alan Yeung, Springer, 2009.
Categories:
Computer network security
Navigation menu
Not logged in
Talk
Contributions
Create account
Log in
Article
Talk
Read
Edit
View history
Search
Main page
Contents
Featured content
Current events
Random article
Donate to Wikipedia
Wikipedia store
Interaction
Help
About Wikipedia
Community portal
Recent changes
Contact page
Tools
What links here
Related changes

Upload file
Special pages
Permanent link
Page information
Wikidata item
Cite this page
Print/export
Create a book
Download as PDF
Printable version
In other projects
Wikimedia Commons
Languages
???????
Az?rbaycanca
?????????
Ce tina
Deutsch
????????
Espaol
?????
???
Bahasa Indonesia
??????????
??????
Bahasa Melayu
Nederlands
???
Portugus
Romna
???????
?????? / srpski
??????????
??
Edit links
This page was last modified on 3 August 2016, at 22:47.
Text is available under the Creative Commons Attribution-ShareAlike License;
additional terms may apply. By using this site, you agree to the Terms of Use a
nd Privacy Policy. Wikipedia is a registered trademark of the Wikimedia Foundatio
n, Inc., a non-profit organization.
Privacy policy
About Wikipedia
Disclaimers
Contact Wikipedia
Developers
Cookie statement
Mobile view
Wikimedia Foundation
Powered by MediaWiki