Network Security

In addition to securing hardware and securing software, securing communications matters...a lot.

Levels of Security

It’s sometimes helpful to focus separately on software security, network security, and web security.

Networking Basics

If you’re unfamiliar with the basics of networking, see these notes.

Network Attacks and Defenses

We want to secure networks much like we secure apps or secure information systems. It’s part of a security strategy. What kind of attacks are specific to the networks, or communication channels?

Confidentiality Attacks

Packet sniffing and Physical Line Tapping are the main ones here.

To ensure your communication channels are not tapped into, you can encrypt traffic.

Exercise: Is encrypting the data on the communication channel enough?
Exercise: Research Replay Attacks. How can they be used to compromise confidentiality? How can you defend against them?

Integrity Attacks

Connection Hijacking and Router Compromising are the main ones here.

Exercise: What other network attacks can compromise integrity?

Availability Attacks

Packet flooding attacks are the main approach to attacking availability over a network, as are sending very complicated packet sequences.

Exercise: Research and write a paragraph about, in your own words, the following: Smurf Attacks, Teardrop Attacks, Ping of Death Attacks, and SYN Flooding.

Tools

Network security engineers can employ tools like Wireshark, a network packet analyzer, to monitor traffic, troubleshoot problems, and look for suspicious activity.

Exercise: Try out Wireshark for a bit.

Recall Practice

Here are some questions useful for your spaced repetition learning. Many of the answers are not found on this page. Some will have popped up in lecture. Others will require you to do your own research.

  1. What are the three main categories of network attacks?
    Confidentiality Attacks, Integrity Attacks, and Availability Attacks.
  2. Give examples of confidentiality attacks in the realm of network security.
    Packet sniffing, Physical Line Tapping, Replay Attacks.
  3. What is the simplest way to mitigate confidentiality attacks?
    Encrypting the data on the communication channel.
  4. Give examples of integrity attacks in the realm of network security.
    Connection Hijacking, Router Compromising.
  5. Give examples of approaches to availability attacks in the realm of network security.
    Packet flooding attacks, sending very complicated packet sequences.
  6. What are some specific examples of availability attacks?
    Smurf Attacks, Teardrop Attacks, Ping of Death Attacks, SYN Flooding.
  7. What is Wireshark?
    A network packet analyzer used to monitor traffic, troubleshoot problems, and look for suspicious activity.

Summary

We’ve covered:

  • Topics in network security
  • Several well-known vulnerabilities and attacks
  • Network Security Tools