C1006 Computer Networks Term 3 2007 Assignment – Part 4
V. Network and Internet Vulnerabilities
In this part, I will identify the Internet and network vulnerabilities of my small office network design. While, the prevention and the security measures needed to manage these vulnerabilities will be explained in the next part (part VI) about the network security measures and countermeasures.
Network vulnerabilities refer to the various threats that have chance to harm our network. Some threats may just cause minor effects which disturb our network’s function, while another threat may cause a serious damage to our network. So, in order to prevent these threats from harming our small office network, firstly, we need to know what our network’s vulnerabilities are, and also what kind of network enemies that we are up against.
Our network’s threats may come from two different sources:
1. Threats from the Internal Office
a. Disasters
b. Office’s staff
2. Threats from the Internet
a. Hacker
b. Virus and Trojan Horse
1. Threats from the Internal Office
a. Disasters
Firstly, the harmful threats may come from our internal office. Disaster is one possible threat that may happen. Disasters like fire, flood, or building collapse have chance to make a serious damage to our network. Fire from air conditioner system or short-circuited electrical system will not only burn our network equipments into ashes, but also its smoke is corrosive for our metal network equipments.
Beside fire, water from water pipe leak is very harmful to electronic equipments such as our network’s computers. Flooded network equipments may cause them to experience short-circuit which cause them to break down in seconds.
The third possible disaster that may harm our office’s network is the building collapse. It may be caused by structural error in the office’s building, earthquake, road accident, etc. The collapsed building will definitely damage our network’s equipments.
Those are disaster that may accidentally harm our network. Non-accidental disaster may also happen when there is someone does such sabotage to make a disaster to our office.
b. Office’s staff
The second possible threat that come from the internal office may caused by the office’s own staff. Even sometimes the biggest vulnerabilities faced by a company come from its own staffs. (Holden, 2003, p. 50). They may be either accidental or deliberate threat.
Accidental threats caused by the office’s staff can take form like a staff that doesn’t really understand the basic safety procedure to utilize the office’s network or maybe they forget what procedure they should follow to help to keep the office’s network functioning properly.
Deliberate threats caused by the office’s staff have chance to be more dangerous than the accidental one. Examples on this kind of threats include some activities such as data stealing, staffs that access information which they shouldn’t know, staffs who give out the company’s confidential information to outsider like the company’s rival, and many other form of threats that deliberately caused by the office’s staff.
2. Threats from the Internet
Beside the benefits that the company can get from its Internet connection, Internet security has become major network security concern today because many harmful threat may come from the Internet and disturb or even damage the company’s small office network.
Due to the fact that high speed DSL Internet connection which is used by the company is a broadband Internet connection that may be set to become an always-on Internet connection, there will be an Internet vulnerability created from this type of connection. An always-on Internet connection make a network connected to the Internet with the same IP address at all times as long as the network connected to the Internet. It will make the network to be an easy target for hackers trying to break in into the company’s network, especially if the Internet connection is not terminated after office hour, giving the hackers more time to do their stuff.
Two kind of harmful threats that come from the Internet are:
a. Hacker
Generally, hacker is a person with high computing knowledge that tries to break into a network or a computer system. A good hacker may try to hack into a computer system or a network in order to find the system’s weak points then repair it. On the other hand, a hacker who uses his/her ability in bad manners usually called as cracker. (TechTarget.com, 2006). But here, we associate the word hacker with the person who tries to break into our network with bad manners.
A hacker may try to breach in into our network system for some reason, he/she may wants to steal important data, damage our network and make it can’t do its function properly, or maybe he/she just try to hack in because they feel that it’s challenging to do so.
Aside from what a hacker actually wants to do with our office’s network, some hacker can cause a serious disturbance to our network. According to Holden (2003, p.49), a hacker may attack a network in many ways such as Denial of Service (DoS) attack that may bring down the network; remote procedure call abuses that allow the hacker to gain access to the network; man-in-the-middle attack which endangers communication privacy; or fragmented IP packets which used by the hacker to insert malicious software into our network.
i) Denial of Service (DoS)
In this type of attack, the hacker hack in into the network, gain access of the computers in the network, then it make all the computer under his/her control to make continuous request to the server. This will exhaust the network bandwidth and flood the server with so many requests till the server unable to do another service for the network.
ii) Remote Procedure Call Abuses
Remote procedure Call is one of important component in Windows Networking. In a RPC attack, an RPC packets containing spoofed address are sent to the server by the hacker. The spoofed address may make the server unable to process the packet and then send RPC REJECT packet to the client. When these packets are sent back and forth between the server and the clients, it will drain the network and the server’s bandwidth.
iii) Man-in-the-Middle Attack
Man-in-the-middle attack happens when a hacker intercepts a communication between the network and the other network. In this case, the hacker is able to listen to the information exchanged between the two networks while the sender and the receiver didn’t realize it.
iv) Fragmented IP Packets
By modifying a fragmented IP packet, the hacker may fool a network’s Internet security system to allow this kind of packet enters the network. The hacker may send harmful software such as malicious software into the network with this method.
b. Virus and Trojan Horse
Virus is software that may disturb our network system after it installed in our computer system. Nowadays, there are thousands variants of viruses in the Internet that ready to infiltrate our network or computer system. There are various way which a virus may enters our network system. It can be camouflaged as an e-mail attachment, hide in a website, etc. After a virus is installed in our system, it will make various possible effects according what kind of virus is infecting the system. Some virus may just make annoying disturbance like showing random texts, while another virus can cause total system damage.
Trojan horse is different from virus in the way they harm a network or computer system. While virus infect a system and make damage to the system, on the other hand, a Trojan horse installed to a system and make a system backdoors which can be used by a hacker to gain access to the infected system.
That’s all about the network and Internet vulnerabilities that I can identify in this fifth part. In this part, I have explained about the network and Internet vulnerabilities according to the source of the threats that may harm vulnerable points of the network. There are threats from the internal office which include disaster and office staff, and also the threats that come from the Internet which include hacker attacks, virus, and Trojan horse. In the next part, I will explain about the network security measure and countermeasures that is needed to manage the network and Internet vulnerabilities which identified in this part.
To be continued in the next post….
Do you have any comment on this? maybe you have something to ask me or want to discuss with me about this?Or maybe you are IDIC student and taking this module also?
Feel free to use the comment box below (click here if you cannot see the comment box).
