It is often said that Prevention is better than cure. This adage is definitely true in network security. Network attacks are better off prevented than cured. Network administrators have to do the necessary tasks to prevent network intrusion as much as possible and ensure that no damage has been done to the network at any point of time.
Topics
Network intrusion and damage threat is always present and network administrators have to be constantly on alert. Various practices have been employed today to ensure different types of attacks would not come through. Usually these practices would mean extra work and would cause an extra lag for productivity. But considering the effects of network attacks, the small inconvenience is tolerable.
The following are the popular practices by network administrators in implementing network security.
Virus Checking
Even in a non-network scenario, virus checking is always an imperative. A single virus released on a computer would affect different files and system and would cause considerable damage or inconvenience. Computers have a built in virus protection but depending on the time of manufacturing, virus checking would be outdated.
Newer viruses are released everyday that it is almost an imperative for owners of computers to update their system everyday. Unfortunately not all computers have the ability to update their list of possible viruses without a third party application for virus detection and prevention.
Networks can also have 3rd party applications that have the ability to check incoming files for virus prevention. Although it is not implemented in each computer, it will have the ability to prevent the transfer of dangerous files and prevent these files from getting into the server.
Checking for viruses is not the only task that should be implemented by network administrators. A single suspicion on a file should be prevented from entering the system. That is why network administrators often prevent certain files from accessing important computers, servers and application. The type of file, its size, date of creation and configuration are often screened so that no virus should be checking in.
Even if a file is not infected, it is important that protocols should be followed. Not only does this prevent network intrusion but it generally assists in the automation which speeds up data processing. It might be an extra task for the users but it generally assists the network to easily streamline the information and prevent anything out of the ordinary to be part of the network.
Buffer overflows should also be taken cared by network administrators. In gist, buffer overflow is a process wherein the file or a system is stored in the server or a personal computer that takes a bigger memory than what it should have. Buffer overflow is a tell tale sign that something is definitely wrong with the system that is about to be built or created. Malicious codes could be hidden which triggers the additional buffer requirement. Preventing this depends on the network administrators preferences. They could either use a program to check for buffer overflows or plainly use a tested library and language that is not often used for an attack.
Denial of Service Attack
Another popular attack in a network setting is the “denial of service” attack also known as DoS attack. The name itself tells the effect of the attack. The usual process of attackers to implement DoS is to stress the server with the number of information requests. The information requested is legitimate but when the machine is constantly requested for information in a large scale bases, the machine would almost come to a halt. This would affect other requests as the system will not be able to process them altogether.
The evolution of DoS has led to the creation of different types of DoS attacks. A well thought out and orchestrated attack will always cripple the server but this does not mean it is done by different hackers. It could come from a single computer which sends out spam messages and requests which will ultimately stress the network and deny service to legitimate users.
Preventing DoS also need concentrated efforts from the hardware and the application side for network administrators.
Routers and switches are two of the fail safe systems that could be used in preventing DoS attacks. Both of these devices has the ability to limit the information that is coming in and even out. Through these hardware devices, network administrators could manually set expected flow of information. However, the performance of these hardware devices differs considerably. Routers only have the capability of limiting bandwidth use however switches have more. A single switch could control information from getting in and could actually queue the requested information when necessary.
Another preventive measure that is usually implemented by network administrators to prevent this type of attack is to use intrusion-prevention system. Although quite limited on its function, IPS is useful in terms of identifying the attack and prevents it from getting in. Along with IPS, firewalls are also necessary in preventing network attacks. Not only this should be installed in the network but every user should have a native firewall installed in their computer.
Reducing Denial of Service Attacks
DoS attack which often results in websites being shut down for a certain period of time. While DoS attacks are well known among websites, they can be used in other ways as well. Virtually anyone can become a victim of a DoS attack, and what makes these attacks even more frustrating is that they are hard to separate from standard network activity. However, there are a number indicators which can allow you to determine whether or not you are a victim of DoS attacks.
With a DoS attack, the attacker will try to block authorized users from gaining access to specific services or important information. These attacks will typically focus on both a computer and any networks its connected to, as well as the computers or websites which you are attempting to access. Some of the services which you can be prevented from using include online banking, email, or various websites that you wish to access. Not only are DoS attacks frustrating to the person who is trying to access the information, but it is also frustrating to service providers as well.
Think of it this way. If you are the owner of a website that provides services to others, and you earn an income from these services, your income could reduced as a result of a DoS attack. If you make money from Google Adsense, for instance, but your website suddenly goes down as a result of a DoS attack, your earnings for that period of time could be completely cut off, eliminating a source of your income. Some argue that DoS attacks are perhaps one of the most frustrating attacks that a website can be subjected to.
How DoS Attacks Work
Typically, the person who launches a DoS attack will "fill up" a network with enormous amounts of information. When users type in the URL of a site they are trying to visit, they will essentially be sending a request to the server that they wish to see this page. However, there is a limit to how many requests the server can handle at any given time. What this means is that if an attacker hits the server with an abnormal number of requests, it will not be able to let legitimate people view the site. This is referred to as Denial of Service since you are being "denied" from accessing the site.
One method that many DoS attackers use is to utilize a bunch of spam message is to attack an email account. No matter what type of email account you have, whether it is a free account or one which is offered by an organization you are affilitated with, you will be given a certain quota for the amount of data you can have within your account.
By sending either a large number of emails to your account, or sending a few emails which are abnormally large, your quota can be bypassed, and you can be blocked from receiving messages which are legitimate. Another type of DoS attack that you should familiarize yourself with is the Distributed DoS.
With the Distributed DoS attack, the attacker will use a computer other than their own to attack other computers. The attacker will do this simply by taking advantage of the vulnerabilities they find on a target computer. Once they’ve taken control of a specific computer, they can force your system to send an enormous amount of data to websites, or they can use your system to spam specific email accounts. This attack is referred to as being "distributed" since the attacker is using more than one computer to carry out the attack. However, there are ways in which you can avoid becoming a victim of DoS.
Protect Yourself from DoS Attacks
We live in an age where computers have become an important part of our lives. As the Internet continues to be adopted more widely around the globe, DoS attacks will become much more severe, and the punishments for them will increase as well. The bad news about DoS attacks is that there is no concrete method of preventing them completely. However, you can dramatically reduce the chances that your computer or website is targeted. It is first important to install an anti-virus software. In addition to installing this software, you will also want to install a good firewall.
Once you have installed the firewall, you will want to reduce the amount of traffic that you allow to enter and leave your computer. As far as email addresses are concerned, you will want to avoid giving your email address out to too many sources, and you will also want to make use of email filters so that you can handle traffic which is unwanted. Note that not all issues that seem like DoS are truly denial of service attacks. There could be problems with a network, or a website or email account may simply be down for a certain period of time. However, if these issues persist, it is likely that a DoS attack has occurred.
