150
Networking: A Beginner's Guide
Front-Door Threats
Front-door threats, in which someone from outside the company is able to gain access
to a user account, are probably the most likely threats that you need to protect against.
These threats can take many forms. Chief among them is the disgruntled or terminated
employee who once had access to the network. Another example is someone guessing
or finding out a password to a valid account on the network or somehow getting a
valid password from the owner of the password.
Insiders, whether current or ex-employees, are potentially the most dangerous
overall. Such people have many advantages that some random cracker won't have.
They know the important user names on the network already, so they know what
accounts to go after. They might know other users' passwords from when they were
associated with the company. They also know the structure of the network, what the
server names are, and other information that makes cracking the network's security
easier.
Protecting against a front-door threat revolves around strong internal security
protection because, in this case, internal and external security are closely linked. This
is the type of threat where all the policies and practices discussed in the section on
internal security can help to prevent problems.
An additional effective way to protect against front-door threats is to keep network
resources that should be accessed from the LAN separate from resources that should
be accessed from outside the LAN, whenever possible. For example, if you never need
DEFINE-IT! Important Network Security Devices
Here are some important security devices you should be familiar with:
A
firewall is s system that enforces a security policy between two networks,
such as between a local area network (LAN) and the Internet. Firewalls can
use many different techniques to enforce security policies.
A
proxy server acts as a proxy (an anonymous intermediary), usually for
users of a network. For example, it might stand in as a proxy for browsing
web pages, so that the user's computer isn't connected to the remote
system except through the proxy server. In the process of providing proxy
access to web pages, a proxy server might also speed web access by caching
web pages that are accessed so that other users can benefit from having
them more quickly available from the local proxy server, and might also
provide some firewall protection for the LAN.
Usually built into a router or a firewall, a packet filter enables you to set
criteria for allowed and disallowed packets, source and destination
IP addresses, and IP ports.