To date, a computer network is a familiar means of communication, as well as a tool for exchanging information. In connection with the creation of computer networks with a lot of user mode of operation in local and global networks, a number of interrelated problems exist to protect information stored in computers or servers on a computer network.
Modern network operating systems, which are already completely protected from attacks and threat, also represent a powerful means of protecting against unauthorized access to network resources.
However, there are cases when even such protection becomes vulnerable and software products do not work to protect information. Practice shows that an unauthorized user or software products, called viruses with sufficient experience in the field of system and network programming, set the goal to connect to the network, even with limited access to individual resources, sooner or later can still access some of the protected network resources.
Therefore, there is a problem of the need to create additional hardware and software to protect network resources from unauthorized access or connection .
The hardware protection includes various firewalls, firewalls, filters, antivirus programs, protocol encryption devices, and so on.
The software protection tools include: tracking network connections (network monitoring); data archiving tools; anti-virus programs; cryptographic means; means of identification and authentication of users; access control; logging and auditing.
As examples of combinations of the above measures can be cited:
– Database protection;
– protection of information when working in computer networks.
When creating large-scale (local, corporate, etc.) computer networks, there arises the problem of ensuring the interaction of a large number of computers, servers, subnets and networks, ie, the problem of finding and selecting optimal topologies becomes the main task.
The most important component of local and corporate networks is their system topology, which is determined by the architecture of inter computer communications.
It is known that critical information is to be processed in computer networks to ensure the security of information and the network. The term “critical information” is: certain facts about the intentions, abilities and actions vital for the effective management and operation of critical structures, effective implementation of standing strategic tasks with various secrets;
Information for official use; information constituting a trade secret or a secret of the firm; information that is the property of some organization or individual. In Fig. Threats are presented with wireless access to the local network.
Threats with wireless access to the local network (Basic vulnerabilities and threats of wireless networks: Beacon broadcast – WLAN detection – Eavesdropping – False access points to the network – Denial of service – Man-in-the-middle attacks.) Anonymous access to the Internet) .
In computer networks, authentication and encryption should be provided, but these security elements do not always provide reliable network security :
– the use of encryption reduces the transmission rate of the data several times over the channel, therefore, often, encryption is not consciously used by network administrators to optimize traffic;
– computer networks often use outdated encryption technology. There are programs that can quickly pick up keys to penetrate the network. Each node of the network is an independent computer system with all the problems added, connected with communication lines and the procedure for transmitting information. From a security point of view, computer networks have the following disadvantages :
– Insufficient control over client computers;
– the lack of a mechanism for configuring multiple users to access different resources on the same computer;
– the need for the user’s preparedness for various administrative measures
– updating the anti-virus database, archiving data, determining mechanisms for accessing the resources being distributed, and so on;
– the sharing of resources and downloading are distributed to different nodes of the network, many users have the potential to access the network as a single computer system;
– an operating system that represents a complex set of interacting programs. Because of this, it is difficult to formulate clear security requirements, especially to general-purpose networks that have been developed without regard to security;
– Undefined periphery strongly affects the impossibility of determining, in most cases, the exact limits of the network. The same node can work simultaneously in several networks, and therefore the resources of one network can be fully used from nodes that are part of another network. Such a large-scale division of resources is undoubtedly an advantage;
– Multiple attack points to the computer system, you can control access to the user system, since this access is done from the terminals of the computer system. The situation in the network is completely different: the so-called remote access from different nodes of the network can be requested to the same file. Therefore, if the administrator of a separate system can maintain a clear security policy with respect to his system, then the administrator of the network node is deprived of such an opportunity;
– undefined distribution of the access path. A user or an invader can request access to resources of some network node with which this node is not directly connected by the network. In such cases, access is through some intermediate node associated with both nodes, or even through several intermediate nodes. In computer networks, it is not easy to determine exactly where the access request came from, especially if the invader does not do much to hide it;
– weak security of the communication line. The network of topics differs from a separate system, which necessarily includes communication lines, through which data is transferred between nodes. It can be an elementary wire, and maybe a radio link, including a satellite channel. If there are certain conditions (and corresponding equipment) to the wire, you can seamlessly (or almost unnoticeable) connect, the radio link can be successfully listened-that is, nothing prevents you from “pumping” the transmitted messages from the communication lines and then allocating the required .
Based on the analysis of the threat to the security of computer networks, it is possible to draw conclusions about the features and functions that the security system of local and corporate networks (CS) must have.
- Identification of the protected resources, i.e. when connecting to computer networks the assignment of protected resources, which the system subsequently authenticates.
- Authentication of protected resources.
- Application of password protection of resources in the whole part of the computer network.
- Registering all actions: logging in to the network, logging out of the network, violating access rights to the protected resources, and so on.
- Ensuring the protection of information when conducting a network scan against malicious programs and maintenance.