counter measures
Besides there are many fatal attacks on a network are possible but, there is always a cure. For a fully secured network you must have to remember few points while configuring your network. Firewall is best tool to defend your network, but only if configured correctly. Many big companies also use IDS(Intrusion Detection System) for securing network. So here we are dealing with these two key factors:
firewall
A firewall is hardware, software, or a combination of both that is used to prevent unauthorized programs or Internet users from accessing a private network and/or a single computer.
hardware v/s software firewalls
hardware firewalls
Charateristics:
1) Protect an entire network
2) Implemented on the router level
3) Usually more expensive, harder to configure
4) Software Firewalls
5) Protect a single computer
6) Usually less expensive, easier to configure
2) Implemented on the router level
3) Usually more expensive, harder to configure
4) Software Firewalls
5) Protect a single computer
6) Usually less expensive, easier to configure
How does a software firewall works
1) Inspects each individual "packet" of data as it arrives at either side of the firewall
2) Inbound to or outbound from your computer
3) Determines whether it should be allowed to pass through or if it should be blocked
1) Inspects each individual "packet" of data as it arrives at either side of the firewall
2) Inbound to or outbound from your computer
3) Determines whether it should be allowed to pass through or if it should be blocked
firewall rules
Allow – traffic that flows automatically because it has been deemed as "safe" (Ex. Meeting Maker, Eudora, etc.)
Block – traffic that is blocked because it has been deemed dangerous to your computer
Ask – asks the user whether or not the traffic is allowed to pass through
Block – traffic that is blocked because it has been deemed dangerous to your computer
Ask – asks the user whether or not the traffic is allowed to pass through
advantages of firewall
1) Stop hackers from accessing your computer
2) Protects your personal information
3) Blocks "pop up" ads and certain cookies
4) Determines which programs can access the Internet
2) Protects your personal information
3) Blocks "pop up" ads and certain cookies
4) Determines which programs can access the Internet
intrusion detection systems
Firewalls allow traffic only to legitimate hosts and services. Traffic to the legitimate hosts/services can have attacks:-
CodeReds(Exploit) on IIS(Internet Information Services)
Solution
1) Intrusion Detection Systems
2) Monitor data and behavior
3) Report when identify attacks
CodeReds(Exploit) on IIS(Internet Information Services)
Solution
1) Intrusion Detection Systems
2) Monitor data and behavior
3) Report when identify attacks
types of IDS
1) Signature-based
2) Anomaly-based
3) Host-based
4) Network-based
2) Anomaly-based
3) Host-based
4) Network-based
signature based
Characteristics1) Uses known pattern matching
2) to signify attack
2) to signify attack
Advantages
1) Widely available
2) Fairly fast
3) Easy to implement
4) Easy to update
1) Widely available
2) Fairly fast
3) Easy to implement
4) Easy to update
Disadvantages
1) Cannot detect attacks for which it has no signature
1) Cannot detect attacks for which it has no signature
