Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : CCSP-Cisco Certified Security Professional : Security Threats

Security Threats

Feb 19,2010 by alperen

small font medium font large font
image

To protect your systems completely, you must first recognize who or what you’re protecting them from. What typically comes to mind when discussing network security is protecting the network from mysterious hackers operating from a dark room full of sophisticated computer systems. This is rarely the case. According to the FBI, up to 80 percent (1999) of all security breaches reported are from internal sources. Internal security threats range from a novice server administrator or user who unknowingly installs software or opens an e-mail attachment to a disgruntled employee who attempts to delete source code from a development server.

To prepare for and defend against threats properly, you must first understand the types of threats to your network security. Four basic network security threats exist.

  • Internal threats

  • External threats

  • Unstructured threats

  • Structured threats

Internal Threats

The term “internal attack” is used to describe an attack being implemented from a person or organization with some level of authorized access on your network. Internal attacks are performed from within the trusted area of the network. This type of threat can be more difficult to defend against because employees already have access to the network and private company data. To compound the internal threat further, most companies only have firewalls at the edge of their networks, and they rely strictly on access control lists (ACL) and server permission to regulate internal security. Server permissions typically protect resources located on the local servers, but provide little or no protection for the network. Internal threats are typically executed by disgruntled employee(s) who want to “get back” at the company.

Many, if not all, of the security measures are logically connected to the perimeter of the network, protecting the inside networks from the external connections, such as the Internet. While the perimeter of the network is secured, the inside or trusted portion of the network tends to be soft. Once an intruder has made it through the hard outer shell of the network, compromising one system after another is usually simple.

Wireless networks introduce a new area of concern for Security Administrators. Unlike cabled networks, wireless networks create a realm of coverage that can be intercepted and used by anyone with the right software and a wireless network adapter. Not only can all network data be viewed and recorded, but network attacks can also be launched from inside the network where the infrastructure is much more vulnerable. Because of the severe security implications, strong encryption should always be used with wireless networks.

External Threats

External threats are posed by any organization, government, or individual that attempts to gain access from outside the company’s network and includes anyone that doesn’t have authorized access to the internal network. Typically, external attackers attempt to gain access from dialup servers or Internet connections. External threats are what companies spend the most time and money trying to prevent.


 STUDY TIP 

External threats are from anyone that doesn’t have authorized access on the internal network.

Unstructured Threats

Unstructured threats are the most prevalent threats to a company’s system infrastructure. Novice hackers, commonly called script kiddies, download software developed by more advanced hackers and use this software to gain information, access, or perform a DoS attack against a target system or company. Script kiddies rely on the software and experience of the more advanced hackers.

While script kiddies don’t have much experience or knowledge, they can wreak havoc on an unsuspecting and/or unprepared company. What kiddies lack in sophistication, they make up for in shear numbers. While this might seem like a game to the kiddies, the companies that fall prey to these basic attacks stand to lose millions of dollars, as well as the public’s trust. If a company’s web server is broken into and defaced, the public believes hackers have successfully broken through the companies’ security, when hackers have only hacked into one vulnerable server. Web, FTP, SMTP, and any other servers offering services on the Internet are all much more vulnerable to attack, while more important and mission-critical servers reside behind multiple levels of security. The general public doesn’t understand that breaking into a company web site is much easier than cracking the company’s credit card database. The public has to trust that a company is competent in securing its private information.

Structured Threats

Structured threats are the hardest to prevent and defend against because they come from organizations or individuals that use some sort of methodology to gain unauthorized access. Intelligence organizations, organized crime, and governments are the potential backers of a structured threat. Hackers with advanced knowledge, experience, and equipment make up structured threats.

Experienced hackers understand how packets are formed and can develop code to exploit vulnerabilities within the protocol structure. Organizations or individuals that perform structured attacks are also aware of the countermeasures used to prevent unauthorized access, as well as the IDS systems and how they detect intruders. They know methods of evading those protective measures. These highly motivated and technically competent intruders can create customized code, use existing tools, or even modify existing applications to perform according to their methodology.


 STUDY TIP 

In some cases, a structured attack is performed by or with the assistance of someone on the inside. This is referred to as a structured internal threat. Structured and unstructured threats can be either internal threats or external threats.


1584 times read

Related news
» Structured Threats
by admin posted on Nov 24,2008
» External Threats
by admin posted on Nov 24,2008
» Unstructured Threats
by admin posted on Nov 24,2008
» Internal Threats
by admin posted on Nov 24,2008
» The Four Primary Types of Network Threats
by alperen posted on Jun 29,2009
Did you enjoy this article?
1 2 3 4 5
Rating: 5.00Rating: 5.00Rating: 5.00Rating: 5.00Rating: 5.00 (total 7 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

alperen

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.