Category: Security

DoS – Denial of Service attack

The concept behind the design of DoS attack is interfering in the normal functions of a server, web site, or other resources of a network. The hackers and even the virus writers can use number of ways in order to get this job done. One of the most common methods is flooding a server with heavy traffic from network so that it becomes difficult to control it. As a result of this heavy traffic it is not possible to carry out the normal functions properly and sometimes this can further lead to server crash.

The only difference in case of DDoS attack is that multiple machines are used in order to conduct it. The master and zombie machines are used by hackers or virus writers in order to co-ordinate the attack across the other. These two machines usually exploit an application’s vulnerability on the machine, to install any malicious code like Trojan.

IPSec is basically a way to secure the data transfer between computers. IPSec is making data traffic between two nodes secure by making these things:

• Data Authentication
  • Authentication – The packets can be spoofed and not sent from the place they seem they are sent. Data origin authentication can be provided with configuration of IPSec. IPSec will enable us to ensure that received packet from a trusted party is really originating from that party.
  • Data integrity – IPSec can be configured to secure that the data packet are not changed when they are crossing the network.
  • Anti-replay protection – IPSec is able to check that the packets received are not duplicates of previous data packets.
• Encryption
  • IPSec is a technology that enables you to encrypt network data so that it cannot be captured and used by unauthorized persons.

Circuit-level firewalls are ok but if you want to make your network more secure these firewalls will not be enough for you. Better line of defense is to use new kind of firewall that are making deeper packet analyze, application layer firewalls. Application layer firewalls, also called application gateways or proxy firewalls. These firewalls are filtering traffic at 3, 4, 5, 7 OSI layer.

A firewall in terms of traditional network configurations serves as a default gateway for hosts connecting to one of its secured subnets. A transparent firewall acts like a “stealth firewall” and it is actually a Layer 2 firewall. In order to implement this, the connection of the security equipment is made to same network on both the internal and external ports. However, there is a separate VLAN for each interface.

Now let’s discuss the characteristics of transparent firewall mode:

• Transparent firewall mode supports outside interface and an inside interface.
• The best thing about transparent firewall mode is that it can run in both the single and multiple context modes.
• Instead of routing table lookups the MAC lookups are performed.

We all are familiar with the term ‘firewall’ but majority of us don’t know the source of its origination. It is actually a terminology used for describing a part of automobile that separated the automobile’s interior from the compartment of engine. In the world of network this term is used metaphorically to show the way internal networks are separated from the hazards of external world. With the help of firewalls the networks are divided into various physical networks and as a result of this the occurrence of potential damages can be controlled otherwise these damages can spread to different subnets.

This works in the same way as the original firewalls worked to stop the spreading of a fire.