Помощь в написании студенческих работ
Антистрессовый сервис

The analysis of information security problems in the computer network, which is connected to the Internet

РефератПомощь в написанииУзнать стоимостьмоей работы

The first approach is to strengthen the protection of all existing systems, which have access to the Internet. This approach is called «security at the host level». It may include training of users and administrators work in a hostile environment, tightening password protection (tightening length, character, composition and password expiration). Also the tightening of access to the system, the… Читать ещё >

The analysis of information security problems in the computer network, which is connected to the Internet (реферат, курсовая, диплом, контрольная)

Ministry of Education and Science of the Russian Federation

State Educational Institution of Higher Professional Education

National Research Tomsk Polytechnic University

Institute of Cybernetics

Department: Control System Optimization

Specialization: Applied informatics in economics

THE ANALYSIS OF INFORMATION SECURITY PROBLEMS IN THE COMPUTER NETWORK, WHICH IS CONNECTED TO THE INTERNET

Group: 8592

Student: L.S.Kovina (______)

Supervised by: R.V.Deniko (______)

Tomsk — 2013

Content

Introduction

1. Information security problems of modern computer companies networks

2. The levels of network security of the company

3. Information Security in the Internet — Services

4. Methods of protection organization’s computer network from unauthorized access from the Internet. The use of firewalls

Conclusion

References

Introduction

Computers, networks, Internet are essential part of our everyday life. Our world day after day becomes more and more dependent from information technology. Today each company network has access to Internet, this creates big security problems, because for computer hacking does not requires physical access.

Computer Security Institute gets such data in result of last research: security systems of 70% companies were hacked.60% of these attempts have been engineered from outside via the Internet.

Considering these facts, we can say, that security network problems of most companies are not decided, so these companies have large financial losses. One of solution to security problems decide is the use firewalls.

1.

1. Information security problems of modern computer companies networks

The relevance and importance information security problems are explained by next factors:

· Development pace of network security technologies are lag far behind the information technologies advance generally.

· The sharp increase of the PC users worldwide

· High computer literacy of the general population

· A significant increase in the volume of information, which are stored and processed by computers and other automation equipment;

According to experts, at the present time about 70−90% information and documents of the companies are stored in digital format — text files, spreadsheets, databases.

· Numerous vulnerabilities in software and network platforms;

Because of competition, modern software products are gone on sale with errors and flaws. Developers include in product a large number of functions, but they have no time for debugging and testing created systems. Errors and omissions remaining in these systems lead to accidental and intentional breaches of information security.

· The rapid development of the Internet contributes to security breaches of information processing systems throughout the world.

Such globalization allows hackers to carry out an attack on the corporate network from anywhere in the world where there is Internet, not having physical access.

The hacking attack may have the following objectives:

* Breach of confidentiality of information.

Information, which are stored and processed in a computer network of company, may have great importance to its owner. Its use by others causes significant damage to the interests of the owner;

* Breach of the information integrity, discreditation and misinformation.

Because of information integrity loss, valuable information may be lost, spoiled, deleted or changed in result of unauthorized access. The damage from such actions can be a lot more than a breach of confidentiality;

* Breach of network performance (partial or complete).

Decommission incorrect modification of network nodes, their substitution may lead to incorrect results, the network failure. Keeping in mind that all important documents — reports, purchase orders, financial coordination — are processed in network, the damage can be significant.

Therefore, ensuring security of computer systems and networks is one of the leading areas of information technology.

jnternet security company networks

2. The levels of network security of the company

Corporate information system (network) — the information system, which has limited number of users, defined by the owner or the agreement of the participants of this information system (from the law on electronic digital signature).

Corporate network is a distributed computer systems, automated processing of information. The information security problem is central to such computer systems.

Ensuring the company network safety involves protection against unauthorized intrusion into the functioning process of network, as well as attempts to modify, disabling or destruction of its components. Other words, that is, the protection of all components of network — hardware, software, data and personnel.

Consider, how at the present time are deciding information security problems in the enterprise communications. Research firm Gartner Group identifies four levels of maturity in terms of information security (IS):

Level 0:

· No one in the company controls information security questions, the company is not aware of the importance of information security problems ;

· Funding is not available ;

· IS is implemented by regular means of operating systems, databases and applications (password protection, antivirus programs, concurrent access to resources and services).

· All technical issues are the responsibility of the network administrator, which is often a student. Here the important thing is that everything worked.

Level 1:

· IS is considered by management as a purely «technical» problem, there is no single program (concept, politics) of information security management system of the company;

· Funding is part of the overall IT — financing;

· IS is implemented by means of the zero-level backup, anti-virus tools, firewalls, VPN (traditional remedies).

Level 2:

· IB is regarded as a set of organizational and technical measures;

· there is awareness of the importance of information security for the production processes;

· is approved by the development of information security system;

· Funding is under a separate budget;

· IS is implemented by means of strong authentication, mail messages and web content analyzing, intrusion detection, security analysis tools, public key infrastructure;

· Arrangements — internal and external audits, risk analysis, information security policy, regulations, procedures, regulations and guidance.

3. Information Security in the Internet — Services

3.1 World Wide Web

Security problems HTTPclients are connected to their extensibility. Since the webservers provide data in many formats (text, HTML, gif-image and jpeg-image files, audio files, etc.) for playback of various formats browsers call external applications.

For example, to view the file format of Microsoft Word, the browser will cause Microsoft Word. Typically, browsers warn the user of calling an external program and this fact need to be confirmed, and, as a rule, people do not pay attention to these warnings. While many data formats may include executable code, such as macros in Microsoft Word and Microsoft Excel, a simple view with a kind of harmless materials may lead to the execution of threat code on a user’s machine.

It should also take into account the existence of «active ingredient» (active content), such as Javaapplets, Javascript, ActiveX, etc., which also contain code that runs on the user’s behalf.

Simple solution to the safety problems associated with the active components and other executable code, which is downloaded from WWW does not exist. Methods of dealing with the problems include user training and explaining to them the security issues associated with downloadable executable code of the network, disable the client software; you can upload performance of the active components, the timely update client software to fix bugs or errors in it.

3.2 E-mail

E-mail has widespread and heavily used by the service. In itself, it is a relatively small risk, but nevertheless, we should be careful.

The main problems associated with e-mail:

· Fake e-mails.

Protocol SMTP, used for sending e-mail to the Internet does not provide the means of authentication of the sender. Address of the sender can be easily tampered with. Fake e-mail address may be used for attacks such as «social engineering». For example, the user receives an email claiming to be from a system administrator with a request to change the password for the specified in the letter transmission of executable code in email messages. E-mail allows you to send different types of data, including programs, as well as documents that contain macros. Together with a fake sender addresses it can be used for all sorts of attacks.

· Interception of e-mail messages.

E-mail sent over the Internet unencrypted and can be intercepted and read.

· Spam.

Spam — called a mass mailing of spam messages advertising. Unlike conventional advertising on television or radio, for which the advertiser paid, payment transfer spam lies with the recipient. Spammers usually use the following scheme: a dial-up connection is established SMTP-connection to the host, which allowed relay mail to any hosts (open mail relay — an open relay). It sent a letter to multiple recipients, and usually with a forged sender address. The host was a victim, forwards the received message to all recipients.

· Errors in the software of mail servers.

E-mail Server (SMTP, POP3, IMAP) are notorious for a lot of mistakes, leading to cracking systems. Send mail, one of the most common SMTP-server has earned a reputation as the «leaky» program ever used, which allow a remote attacker to gain privileged access (root) to the system. According to CERT thousands of systems have been compromised because of these errors. The system administrator must closely monitor reports of bugs in the e-mail servers and timely install the corrected version.

3.3 FTP — file transfer protocol

The FTP protocol is used to transfer files. Most webbrowsers support transparent FTP. You can also use a special FTPClients.

The main problem as in the case of the program are the WWW, downloaded and installed by the user, which may be malicious in nature .

3.4 DNS — Domain Name System

DNS — Domain Name System — converts names to addresses and vice versa. All programs that are used to access remote hosts names are DNSclients. In this sense, almost any program that uses IP-based network use DNS, including webbrowsers, client e-mail programs, FTPclient, etc. .

Thus, DNS is a fundamental service that uses other services for their work.

Security problems DNS:

* Disclosure of information. DNS may report a potential attacker to more information than they should, such as names and addresses of the internal servers and workstations.

* DNS spoofing.

* Cache Poisoning. Attack is based on the following property: when one DNSserver addresses another with the request, the server is responsible, in addition to the information requested may report additional information. Hacker refers to the attacked DNSserver with a request for their particular record. The server makes a request to the server attacker receives an additional entry and caches it.

* Errors in the code DNSserver. In 1998, the widely used BIND DNSserver was found a few bugs, one of which allowed remote attackers to obtain privileged (root) access to the system. These errors have been corrected in the next version.

3.5

3.6 Other Internet services

In addition to the above services, there are many other common and used. I note the main issues that are specific to a great many of them.

Authentication. Most of the electronic information services (eg, ICQ, IRC) does not allow to make sure that the participants really are who they claim to be. It should be very careful about the information received from nonauthenticated source .

The transfer of executable code. Some information services (ICQ) allow sending arbitrary files, including files with executable code. The executable code received from an untrusted source can contain anything — viruses, Trojan horses, etc.

Software errors. Software bugs can lead to various problems — from denial of service to the execution on the user’s malicious code without his consent and knowledge.

2.

4. Methods of protection computer network from unauthorized access from the Internet. The use of firewalls

There are several approaches to solving the network protection problems, which is connected to the Internet, from unauthorized access.

1. The first approach is to strengthen the protection of all existing systems, which have access to the Internet. This approach is called «security at the host level» . It may include training of users and administrators work in a hostile environment, tightening password protection (tightening length, character, composition and password expiration). Also the tightening of access to the system, the tightening requirements of the software in use, including operating systems, and regular inspection of all of the requirements imposed.

This approach has several drawbacks:

* Complication some procedures for users, and may have some actions for which they are used, generally prohibited. This can lead to reduced user productivity, as well as to their discontent.

* Significant increase additional load for system administrators.

Even for relatively small systems containing a few dozen machines, the task of maintaining a given level of security may require a disproportionate effort.

* Security requirements may conflict with the requirements of using the system and one of them will have to give preference to the detriment of others. Typically, the functionality requirements of the system in preference to the detriment of the security requirements.

The advantage of this approach — as it protects from the «outside enemy», it also solves the problem of internal security system, so larger part of threats comes from employees or former employees of the company, this approach can be very effective to increase the overall security of the system.

2. The second approach is the most radical. In this case, network of company is not physically connected to the Internet. Interacting with the Internet is having via some machines that do not contain any confidential information. The advantages of this approach are obvious: as the network is not connected to the Internet, the threat of unauthorized access from the Internet is not possible in principle.

At the same time, this approach has certain limitations and disadvantages.

· Lack of access to the Internet from the workplace of employees.

· The presence of vulnerable systems connected to the Internet, which can be attacked like «denial of service» and theft of services (including can be used to hack into other systems).

3. The third approach is called «networklevel security «is administered access restrictions at the connection networks. It allows controlling protection means at the connection point of network to the Internet, for example, with special system — firewall.

Firewall controls the information exchange between the two networks and filters the information in accordance with specified procedures established by the company security policy. All communication that takes place between the Internet and the internal network passes through the firewall. Company can get significant benefit from such security model. Firewall can protect you from unauthorized access without imposing on them the additional safety requirements.

The advantage of this approach is the concentration protection devices and control at one point, the minimum change in the internal procedures of the users with the information system, easily administration and greater level of protection. A limitation of this approach is that it is designed solely to protect against external threats from remote attackers.

Conclusion

Information security is the ongoing process of exercising due care and due diligence to protect information, and information systems, from unauthorized access, use, disclosure, destruction, modification, or disruption or distribution. Use of firewalls is the optimal and reliable approach, they protect your computer network from any threats.

References

1. Information Technology Services [Electronic resource], 2013. — Access mode: http://www.utexas.edu/its/secure/articles/firewalls.php

2. The Washington Post [Electronic resource], 2013. — Access mode: http://articles.washingtonpost.com/keyword/information-security

3. Information System Security Associated [Electronic resource], 2013. — Access mode: http://www.issa.org

4. Secure Works Associated [Electronic resource], 2013. — Access mode: http://www.secureworks.com/resources/articles/other_articles/firewall-security/

5. Search Security [Electronic resource], 2013. — Access mode: http://searchsecurity.techtarget.com/feature/Beyond-the-page-Sept-2013;Next-generation-firewalls

Показать весь текст
Заполнить форму текущей работой