Network Security

In addition to securing hardware and securing software, securing communications matters...a lot.

Levels of Security

It’s sometimes helpful to focus separately on software security, network security, and web security.

Networking Basics

If you’re unfamiliar with the basics of networking, see these notes.

Network Attacks and Defenses

We want to secure networks much like we secure apps or secure information systems. It’s part of a security strategy. What kind of attacks are specific to the networks, or communication channels?

Confidentiality Attacks

Packet sniffing and Physical Line Tapping are the main ones here.

To ensure your communication channels are not tapped into, you can encrypt traffic.

Exercise: Is encrypting the data on the communication channel enough?

Exercise: Research Replay Attacks. How can they be used to compromise confidentiality? How can you defend against them?

Integrity Attacks

Connection Hijacking and Router Compromising are the main ones here.

Exercise: What other network attacks can compromise integrity?

Availability Attacks

Packet flooding attacks are the main approach to attacking availability over a network, as are sending very complicated packet sequences.

Exercise: Research and write a paragraph about, in your own words, the following: Smurf Attacks, Teardrop Attacks, Ping of Death Attacks, and SYN Flooding.

Tools

Network security engineers can employ tools like Wireshark, a network packet analyzer, to monitor traffic, troublehoot problems, and look for suspicious activity.

Exercise: Try out Wireshark for a bit.

Summary

We’ve covered:

Topics in network security
Several well-known vulnerabilities and attacks
Network Security Tools