149
Chapter 11:
Securing Your Network
While it's important to plan for the worst when designing and administering
network security, you also need to realize that most of the time, security issues arise
from ignorance or other innocent causes, rather from malicious intent.
Understanding External Threats
External security is the process of securing the network from external threats. Before
the Internet, this process wasn't difficult. Most networks had only external modems
for users to dial in to the network, and it was easy to keep those access points secure.
However, now that nearly all networks are connected to the Internet, external security
becomes much more important and also much more difficult.
At the beginning of this chapter, I said that no network is ever totally secure. This
is especially true when dealing with external security for a network connected to the
Internet. Almost daily, crackers discover new techniques that they can use to breach the
security of a network through an Internet connection. Even if you were to find a book
that discussed all the threats to a specific type of network, the book would be out of
date soon after it was printed.
Three basic types of external security threats exist:
Front-door threats
These threats arise when a person from outside the
company somehow finds, guesses, or cracks a user password and then logs on to
the network. The perpetrator could be someone who had an association with the
company at some point or could be someone totally unrelated to the company.
Back-door threats
These are threats where software or hardware bugs in
the network's operating system and hardware enable outsiders to crack the
network's security. After accomplishing this, the outsiders often find a way to log
in to the administrative account and then can do anything they like. Back-door
threats can also be deliberately programmed into software you run.
Denial of service (DoS)
DoS attacks deny service to the network. Examples
include committing specific actions that are known to crash different types of
servers or flooding the company's Internet connection with useless traffic (such
as a flood of ping requests).
NOTE
Another type of external threat exists: computer viruses, Trojan horses, worms, and other
malicious software from outside the company. These threats are covered in their own section later in
the chapter.
Fortunately, you can do a number of things to implement strong external security
measures. They probably won't keep out a determined and extremely skilled cracker,
but they can make it difficult enough that most crackers will give up and go elsewhere.