Network security

Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer networkand network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator.

The networks are computer networks, both public and private, that are used every day to conduct transactions and communications among businesses, government agencies and individuals. The networks are comprised of "nodes", which are "client" terminals (individual user PCs) and one or more "servers" and/or "host" computers. They are linked by communication systems, some of which might be private, such as within a company, and others which might be open to public access. The obvious example of a network system that is open to public access is the Internet, but many private networks also utilize publicly-accessible communications.

Network security involves all activities that organizations, enterprises, and institutions undertake to protect the value and ongoing usability of assets and the integrity and continuity of operations. An effective network security strategy requires identifying threats and then choosing the most effective set of tools to combat them.

Threats to network security include:

Viruses : Computer programs written by devious programmers and designed to replicate themselves and infect computers when triggered by a specific event

Trojan horse programs : Delivery vehicles for destructive code, which appear to be harmless or useful software programs such as games

Vandals : Software applications or applets that cause destruction

Attacks : Including reconnaissance attacks (information-gathering activities to   collect data that is later used to compromise networks); access attacks (which exploit network vulnerabilities in order to gain entry to e-mail, databases, or the corporate network); and denial-of-service attacks (which prevent access to part or all of a computer system)

Data interception : Involves eavesdropping on communications or altering data packets being transmitted

Social engineering : Obtaining confidential network security information through nontechnical means, such as posing as a technical support person and asking for people's passwords

Network security tools include:

Antivirus software packages : These packages counter most virus threats if regularly updated and correctly maintained.

Secure network infrastructure : Switches and routers have hardware and software features that support secure connectivity, perimeter security, intrusion protection, identity services, and security management.

Dedicated network security hardware and software-Tools such as firewalls and intrusion detection systems provide protection for all areas of the network and enable secure connections.

Virtual private networks : These networks provide access control and data encryption between two different computers on a network. This allows remote workers to connect to the network without the risk of a hacker or thief intercepting data.

Identity services : These services help to identify users and control their activities and transactions on the network. Services include passwords, digital certificates, and digital authentication keys.

Encryption : Encryption ensures that messages cannot be intercepted or read by anyone other than the authorized recipient.

Security management : This is the glue that holds together the other building blocks of a strong security solution.

Referensi:

• ·         http://en.wikipedia.org/wiki/Network_security
• ·         http://www.cisco.com/cisco/web/solutions/small_business/resource_center/articles/secure_my_business/what_is_network_security/index.html
• ·         http://www.paloaltonetworks.com/
• ·         http://www.cc.boun.edu.tr/network_security.html
• ·         http://www.sophos.com/en-us/security-news-trends/security-hubs/network-security.aspx
• ·         http://www.networksecurity.ie/
• ·         http://www.linkedin.com/skills/skill/Network_Security
• ·         http://www.sourcefire.com/security-technologies/network-security
• ·         http://www.brocade.com/solutions-technology/enterprise/network-security/index.page
• ·         http://telconetworksecurity.com/

IP Address

IP Address

Internet Protocol Address (or IP Address) is an unique address that computing devices use to identify itself and communicate with other devices in the Internet Protocol network. Any device connected to the IP network must have an unique IP address within its network. An IP address is analogous to a street address or telephone number in that it is used to uniquely identify a network device to deliver mail message, or call ("view") a website.

An IP address is an exclusive number online devices use to identify and communicate with each other through computer networks. This process can best be compared to how we receive mail to our home address. An IP address would be most similar to a mailing address, while the network would be compared to the town you live in. Just like our home addresses, information cannot be sent or received by devices without a specific address.

Dotted Decimals

The traditional IP Addresses (IPv4) uses a 32-bit number to represent an IP address, and it defines both network and host address. Due to IPv4 addresses running out, a new version of the IP protocol (IPv6) has been invented to offer virtually limitless number of unique addresses. An IP address is written in "dotted decimal" notation, which is 4 sets of numbers separated by period each set representing 8-bit number ranging from (0-255). An example of IPv4 address is 216.3.128.12, which is the IP address assigned to topwebhosts.org.

An IPv4 address is divided into two parts: network and host address. The network address determines how many of the 32 bits are used for the network address, and remaining bits for the host address. The host address can further divided into subnetwork and host number.

Referensi :

•          http://en.wiktionary.org/wiki/IP_address
•         http://www.whatismyip.com/
•        http://www.iplocation.net/tools/ip-address.php
•          http://en.wikipedia.org/wiki/IP_address
•          http://www.internetsociety.org/ip-addressing?gclid=CLKfxPPoqbcCFWEC4godcEQAFQ
•          http://whois.net/ip-address-lookup/
•          http://www.opendns.com/opendns-ip-addresses
•         http://www.mystaticipaddress.com/?gclid=CJ7H8ZvpqbcCFeU34godAC4ArQ
•          http://findwhatismyipaddress.org/
•          http://www.techterms.com/definition/ipaddress

Physical Layer

Physical Layer

In the seven-layer OSI model of computer networking, the physical layer or layer 1 is the first (lowest) layer.  The implementation of this layer is often termed PHY.  Transmission and receipt of data from the physical medium (copper wire, fiber, radio frequencies, barbed wire, string etc.) is managed at this layer. Within the semantics of the OSI network architecture, the physical layer translates logical communications requests from the data link layer into hardware-specific operations to affect transmission or reception of electronic signals.

The Physical Layer receives data from the data link Layer, and transmits it to the wire. The physical layer controls the electrical and mechanical functions related to the transmission and receipt of a communications signal. It also manages the encoding and decoding of data contained within the modulated signal.

Note that for two devices to communicate, they must beconnected to the same type of physical medium (wiring). 802.3 Ethernet to 802.3 Ethernet, FDDI to FDDI, serial to serial etc. Two end stations using different protocols can only communicate through a multi-protocol bridge or a router.

The physical layer is responsible for:

Communication with the data link layer above it.

Fragmentation of data into frames

Reassembly of frames into data link Protocol Data Units.

Transmission to the physical media

Receiving from the physical media

It should be noted that in most modern network interface adaptors, the physical and data link functions are performed by the adaptor.

Example Physical Protocols

CSMA/CD - Carrier Sense Multiple Access / Collision Detect

CSMA/CA - Carrier Sense Multiple Access / Collision Avoid

FDMA - Frequency Division Multiple Access

MSK - Minimum Shift Keying

GFMSK - Gaussian-Fitered Minimum Shift Keying

TDMA - Time Division Multiple Access

CDMA - Code Division Multiple Access

B8ZS - Binary 8 Zero Substitution

2B1Q - 2 Binary 1 Quaternary

PCM - Pulse Code Modulation

QAM - Quadrature Amplitude Modulation

PSK - Phase Shift Keying

SONET - Synchronous Optical NETworking

  

At the Physical layer, data are transmitted using the type of signaling supported by the physical medium:

Ø  electric voltages

Ø  radio frequencies

Ø  pulses of infrared or ordinary light

Referensi :

• ·         http://en.wikipedia.org/wiki/Physical_layer
• ·         http://www.erg.abdn.ac.uk/~gorry/eg3561/phy-pages/phy.html
• ·         http://compnetworking.about.com/od/basicnetworkingconcepts/l/blbasics_osi1.htm
• ·         http://www.techopedia.com/definition/8866/physical-layer
• ·         http://www.inetdaemon.com/tutorials/basic_concepts/network_models/osi_model/physical.shtml
• ·         http://www.idt.com/products/interface-connectivity/physical-layer-products
• ·         http://www.tcpipguide.com/free/t_PhysicalLayerLayer1.htm
• ·         http://www.mrv.com/tap/physical-layer/
• ·         http://www.ti.com/analog/docs/microsite.tsp?sectionId=585&tabId=2203&micrositeId=10
• ·         http://www.can-cia.org/index.php?id=systemdesign-can-physicallayer