The boom in information technology has revolutionized communications world wide. The exponential growth of the most popular public network, Internet, has made inter-communication fast and effective. The amount of data flow through e-mails, e-commerce etc has gained new peaks and is still growing. Business transactions on corporate networks, corporate data access facilities for mobile employees, e-banking and many other data access and electronic facilities have become the order of the day. Almost any function of sale, purchase, transfer or sharing of data, conduct of on line university examinations etc can be achieved at a click of a button.
The picture is not as rosy as it might appear. Though, networks have made life easier in a number of ways, but there are many underlying threats that can negate all the merits offered by the networking infrastructure. These security threats may cause damages to businesses, loss or destruction of sensitive data or network disability. Thus, there exists a need to provide adequate and sound protection to the networks, in order to safeguard information (data), services, users, applications and devices against disability, theft, modification or alteration or damage, thereby, ensuring the three fundamental tenets of security - integrity, confidentiality and availability of network and its associated applications and data. Even the legislation has realised the importance of network security and have implemented international laws against cyber crimes, more so because of the huge inflow of revenue from the networks.
The range of attacks on the networks includes unauthorised access to resources, denying the same to authorised users, modifying or stealing or destroying resources. Security of resources cannot be defined in general as the goals of security vary for different networks. Thus, while planning security of networks, a clear understanding of network vulnerabilities and the objective of security, assumes utmost importance.
In the subsequent paragraphs, it would be my endeavour to introduce different network vulnerabilities followed by methods for securing networks, highlighting their merits and demerits. Further, a brief discussion on evolving a security policy will be presented before concluding the paper.
Before planning for security of a network, it is mandatory to view its vulnerabilities or risks that it can be exposed to. One more important point to note here is the decision on the assets that are required to be protected along with the extent of protection warranted. Generally, the assets that need protection are workstations or PCs (user hardware), network devices (hubs, routers, switches etc), servers, software (operating system and client programs), services (applications like FTP or mailing and IP services), and data (please note that the list is not exhaustive) (McCabe, James D., 361).
There can be a number of ways in which an attacker can launch attacks on the network. Here, we consider only the technical attacks that relate to tools and methods adopted for compromising security by means of software or hardware, and not