Networking Fundamentals, 3rd Edition page 453

Copyright Goodheart-Willcox Co., Inc. 453 Chapter 15 Network Security altogether. Never send personal information in response to e-mail, even if the e-mail looks legitimate. It is best to call the company fi rst to confi rm the legitimacy of the e-mail. Insider Threat Perhaps the most critical threat today is the insider. Th is threat manifests in two gen- eral ways. Th e fi rst is simply user error. A user on a network mistakenly picks a bad password, clicks on a link, visits a bad website, or some other accidental occurrence. Th ese activities have no malicious intent they are just mistakes. However, they can pose a signifi cant threat to a network. Th e second issue is the intentional malicious activity by an insider. An inside employee can choose to manipulate critical data, damage network resources, or even plant a logic bomb or other malware. Th is can be done for fi nancial reasons or be- cause the employee is simply disgruntled. Brute Force Possibly the simplest of all security attacks is a brute-force attack. A brute-force at- tack, also known as brute-force cracking, is one in which the attacker tries various password or passphrases until one is accepted. For example, if an attacker wanted to gain access to a person’s laptop, he or she could repeatedly try passwords until the correct one is found. If the correct phrase is never found, there is likely no trace the attack ever occurred. If the attack succeeds, access is granted to the network. Brute- force attacks can often be avoided by complex passwords, limiting the number of tries a person has to log in, and temporarily locking out users who exceed the num- ber of password attempts. Intrusion Detection and Intrusion Prevention Systems An intrusion detection system (IDS) and intrusion prevention system (IPS) are de- signed to monitor host and network systems for unauthorized activity. All security protection systems, both software and hardware, can be classifi ed as either IDS or IPS. An intrusion detection system (IDS) is a passive system that only detects un- authorized activity, as illustrated in Figure 15-6. For example, Microsoft Event Viewer is a type of IDS system. It monitors activities on a host computer but does not prevent unauthorized activity. An intrusion prevention system (IPS) is a reactive system that not only de- tects unauthorized activity, but also performs some function to stop the activity, shown in Figure 15-7. For example, most antivirus software programs not only detect unauthorized activity, such as an attempt to download and install malware, they can also remove malware. 4.4 NET 4.4 NET 2.3, 4.6 NET Legitimate Site Bogus Site Look At the Following in the Bogus Website: www.paypal.com www.paypa1.com The number 1 used in place of the letter l. firstfederal.com www.firstfedera1.com The letter l again. www.payonline.com www.pay0nline.com The number 0 for the letter O. Figure 15-5 A domain name can be disguised by making slight changes in the characters. Notice how a lowercase l looks similar to the number 1 and a capital O looks similar to the number 0. Goodheart-Willcox Publisher

Previous Page Next Page

Networking Fundamentals, 3rd Edition Page 453 (475 of 720)

Resources and Downloads

Help