By Stephen Bucaro
Network security starts with physical security. Network components such as servers,
hubs, and routers should be located in a secure equipment room. Part of physical
security is protecting your cable plant from damage and electronic eavesdropping.
Cable should be run inside walls or ceilings not laying around on the floor. It is
difficult to protect workstations because there are usually many of them spread
across a building. The only way to protect this equipment is to limit access to the
building and post a security guard or receptionist at all open entrances.
There are two basic security models: share-level security and user-level security.
Share-level security requires a password to access a network resource. You can assign
two separate passwords. One password provides full read/write access and the other
provides read-only access.
User-level security permits access based on a specific users security account and
the groups to which the user belongs. Some groups may have full access to a resource.
Other groups may have read-only access to the same resource. A user may belong to
By logging security events you can create an audit trail. You can then study the
logged security events to determine if your system is under attack by an unauthorized source.
Security can be increased by using good password procedures. The first component of
a password procedure is to require users to create secure passwords. Require passwords
to contain a minimum number of characters. The more characters used in a password, the
more secure it is. Using numbers along with letters in a password also ads to the
security. The user should not have a password that is easy to guess or is a word that
can be found in the dictionary. Enforce a company policy that does not permit the
sharing of passwords.
Security is increased when passwords are changed frequently. Configure your system
so that passwords expire periodically. The user should be warned to change the
password before it expires. If the user has not changed the password before the
expiration time, they are locked out of the system.
You should configure your system so that an account is locked out after a certain
number of failed attempts. This discourages hackers. You should also rename your
Administrator account, in Unix, your Root account, to discourage hackers.
Encryption uses a secret algorithm called a key to encipher data so that it is
unreadable. The encrypted data can then be safely sent over public communication
lines without the worry of eavesdropping. At the receiving end a secret decryption
key is used to decipher the data so that it is readable again.
Public-key encryption uses two keys, a private key and a public key. To send data
you use a copy of the public key of the person you want to send the data to. The
encrypted data can only be decrypted by use of the recipients private key.
A firewall is hardware and/or software that places a security barrier between your
network and outside networks. Firewalls are usually used between an organization and
the Internet. A packet filtering firewall examines each packet to determine if it
should be permitted to pass through to the network.
A server can be configured as a proxy to create a firewall. When a workstation
wants to communicate with the Internet it must make a request to the proxy server.
All communication between the internal network and the Internet must pass through
the proxy server.
More Network Security Articles:
• Firewall Perimeter Network (DMZ)
• How to Use the Open Source Intrusion Detection System SNORT
• The Use of HoneyPots and HoneyNets to Trick Hackers
• How to Secure Your Wireless Network
• Denial of Service Attack (DoS) Detection and Mitigation
• Remote Access Authentication Protocols
• Digital Signatures and Certificates
• ARP, MAC, Poisoning, and WiFi Security
• Data Encryption
• Firewall Rules