Computer networks are increasingly vulnerable to security threats, and e-mail is perhaps the most critical threat.

Industry analyst IDC predicts that by 2005 there will be 1.2 billion e-mail boxes and 36 billion person-to-person e-mails each day. Virtual Private Networks (VPNs) permit remote workers to access company networks through high-speed broadband connections such as cable and DSL. The proliferation of remote PCs attached to company networks opens new holes, which can be exploited by hackers.

Security issues

The reality of Internet security was characterized by CERT, the Computer Emergency Response Team: 1) the expertise of intruders is increasing, 2) the sophistication of attacks and available tools and tool-kits is increasing, and 3) the effectiveness of intruders is increasing due to the amount of information passed to less knowledgeable intruders, making them more effective.

CERT lists the following as potential compromises to a network:

1) Trojan Horse (viruses) — There is an increase in incidents involving viruses, which can be difficult to control because users can easily take actions without understanding the consequences. 2) Internet sniffers can intercept traffic over a physical network, which permits intruders to examine network traffic between machines, gather user names and passwords and capture e-mails. 3) Large scale attacks are used by knowledgeable intruders to scan large numbers of hosts for vulnerabilities. 4) Distributed attack tools can scan large numbers of hosts and networks, identify machines with vulnerabilities, compromise the host and install distributed attack tools on the host machine, gaining information such as user names and passwords, which can then be sent invisibly to the intruder. 5) Distributed DoS (denial of service) attack tools amplify the ability of a hacker to propagate sufficient traffic over a network to effectively slow or stop any legitimate communication using multiple computers.

Network survivability

By definition, survivability is “the capability of a system to fulfill its mission, in a timely manner, in the presence of attacks, failures or accidents.” In practice, the result of a system's survivability is determined by the ultimate impact of an event, i.e. server failure, attack, rather than its specific cause.

As the complexity of potential threats increases, so must the measures taken to ensure system security.

For the purpose of evaluating the survivability of a network, determine the computing environment in which it operates — bounded or unbounded. Bounded systems are those that the user has total control over, such as a company network that is not connected to the Internet. Unbounded systems are those where each participant has an incomplete view of the whole. Unbounded systems are generally comprised of a connected group of unbound systems, i.e. different networks communicating through the Internet.

Firewall

One of the most effective methods to secure bounded networks that have an Internet connection (unbounded network) is to use a firewall. A firewall is typically a hardware device, but may also be software, which acts like a gatekeeper from the outside world and can filter certain data traffic entering the network. Firewalls can be based on three methods:

Packet filtering. Packets of data are compared to a filter specification. If the data contained within the packets match the criteria, then they may be allowed to pass or be rejected.

Stateful inspection. Uses a connection table to track data traffic over multiple flows of data traffic. Stateful inspection compares key portions of the packet against a database of trusted information. For example, the firewall might compare traffic originating from inside the firewall to incoming traffic.

Application proxy. This firewall does not permit data to go directly through, rather, it acts like a server to clients within the firewall and like a client to servers outside the firewall. This makes the resource within the firewall look invisible to the outside world.

---

McNamara, Radio's consultant on computer technology, is president of Applied Wireless Inc., New Market, MD.

---

All of the Networks articles have been approved by the SBE Certification Committee as suitable study material that may assist your preparation for the SBE Certified Broadcast Networking Technologist exam. Contact the SBE at (317) 846-9000 or go to www.sbe.org for more information on SBE Certification.

---