Beruflich Dokumente
Kultur Dokumente
Term Paper
Second Semester
NETWORK SECURITY
SUBMITTED TO: Sir Usama Tariq
THEORY TEACHER: Sir Usama Tariq
GC University, Lahore
Submitted By
THEORY SECTION
G2
1
Network Security
Contents
Computer Network: 3
PURPOSE OF USING A NETWORK: 3
TYPES OF NETWORK 3
LOCAL AREA NETWORK 4
METROPOLITAN AREA NETWORK: 4
WIDE AREA NETWORK 5
NETWORK SECURITY 6
IMPORTANCE OF NETWORK SECURITY 6
TYPES OF NETWORK SECURITY ATTACKS 7
Unstructured Attacks 7
Structured Attacks 7
Phishing 7
Eavesdropping 8
DoS and DDoS Attacks 8
Password Attacks 9
Compromised-key Attack 9
Man in the middle Attack 9
IP Address spoofing 10
Application layer Attacks 10
Exploit Attacks 10
Protection from network security Attacks 10
Access control 10
Keep all software updated 11
Standardize Software 11
Use Network Protection Measures 11
2
Network Security
Computer Network:
A computer network is the group of two or more computers that are connected to each other.
Computers can be connected with cable media or also with wireless media. Every computer in
the network is known as NODE.
https://i.ytimg.com/vi/SGll9QHT-5g/hqdefault.jpg
1- Basically, network is used to connect devices. So, its major purpose is to share the data
between different devices of network.
2- In a network, Data is centralized and every authorized person can access it.
3- It is also use for hardware sharing resources like many computers of the network can
share only one printer.
TYPES OF NETWORK:
1- LAN (Local area network)
2- MAN(Metropolitan area network)
3- WAN(Wide area network)
3
Network Security
http://bankers-adda.com/wp-content/uploads/2014/12/lan.jpg
4
Network Security
https://networkschool.files.wordpress.com/2008/03/man.gif
http://slideplayer.com/slide/6151322/18/images/14/Wide+Area+Network+(WAN).jpg
5
Network Security
NETWORK SECURITY:
Now a days, everybody wants to protect his network by unauthorized person. System security
in any action intended to ensure the convenience and uprightness of your system and
information. It incorporates both equipment and programming innovations. Compelling system
security oversees access to the system. It focuses on an assortment of dangers and prevents
them from entering or spreading on your system. System security joins different layers of
resistances at the edge and in the system. Each system security layer executes arrangements
and controls. Approved clients access organize assets, however vindictive entertainers are shut
from doing endeavors and dangers. Digitization has changed our reality. How we live, work,
play, and learn have all changed. Each association that needs to convey the administrations that
clients and representatives request must secure its system. System security additionally
encourages you shield exclusive data from assault. At last it ensures your notoriety.
https://www.netcraftsmen.com/wp-content/uploads/2012/11/Network-Security-Number-1.jpg
6
Network Security
devices accessible on the Internet. There are a few phases that an aggressor needs to go
through to effectively complete an assault.
Unstructured Attacks:
Unstructured attacks made by incompetent programmers. People behind these assaults utilize
hacking apparatuses accessible on the Internet and are frequently not mindful of the earth they
are assaulting. These dangers ought not to be dismissed in light of the fact that they can open
valuable data to noxious clients.
Structured Attacks:
Organized attacks made by people who have propelled processing abilities. Such programmers
are specialists in abusing framework vulnerabilities. By sufficiently increasing data about an
organization's system, these people can make custom hacking apparatuses to rupture arrange
security. Most organized assaults are finished by people with great programming aptitudes and
a decent comprehension of working frameworks, organizing, etc.
Phishing:
7
Network Security
https://www.hoax-slayer.net/wp-content/uploads/2017/05/phishing-computer
-screen-5.jpg
Phishing is the act of attempting to acquire information such as usernames, passwords, and
credit card details (and sometimes indirectly, money) by masquerading as a trustworthy entity
in an electronic communication. Entire sites are known to be duplicated by hackers in an
attempt to steal precious information from users.
Eavesdropping:
https://i.ytimg.com/vi/A2tyA3wQr2E/maxresdefault.jpg
Eavesdropping is one of the basic kinds of attack. A pernicious client can increase basic data
from "tuning in" to arrange traffic. Since most correspondences are sent decoded, there are
numerous cases wherein traffic is powerless to capture attempt. The traffic can be examined
utilizing sniffing apparatuses (otherwise called snooping) to peruse data as it is sent into the
system. Remote systems are more powerless to block attempt than wired ones. Listening
stealthily can be forestalled by utilizing encryption calculations.
8
Network Security
https://www.cisco.com/c/dam/en_us/about/ac123/ac147/images/ipj/ipj_7-4/dos_figure_4.
gif
These attacks exploit arrange traffic to make strange conduct to organize administrations or
applications. Servers are regularly focused on and overwhelmed with information until they
become inaccessible. Center system hardware can be blocked and along these lines keep typical
traffic from streaming into the system. Circulated forswearing of administration assaults are
progressively risky on the grounds that assaults are produced using different sources.
Password Attacks:
https://zdnet4.cbsistatic.com/hub/i/r/2014/09/18/8d821e3e-3f38-11e4-b6a0-d
4ae52e95e57/thumbnail/770x578/0365fbb4f3194c3f15459e2461d0ea17/brute-
force-attacks-beyond-password-basics.jpg
These attacks depend on breaking client or gear passwords. They are a standout amongst the
most dreaded system assaults in light of the fact that once a client is undermined, the entire
system can be harmed, particularly on the off chance that we are discussing an area client or
system executive. Lexicon assaults use examples to figure passwords in numerous endeavors.
Basic data can be picked up by utilizing a traded off username. This is one of the fundamental
reasons organizations utilize solid passwords that are changed every now and again.
Compromised-key Attack:
9
Network Security
Compromised-key Attack by getting the private key of a sender, an aggressor can interpret
verified system traffic. This sort of assault is frequently difficult to be done effectively in light of
the fact that it requires great figuring assets and abilities.
https://blog.trustthesite.com/wp-content/uploads/2017/10/man-in-the-middle-attack.jpg
IP Address spoofing:
https://upload.wikimedia.org/wikipedia/commons/thumb/7/72/IP_spoofing_e
n.svg/1200px-IP_spoofing_en.svg.png
IP address spoofing – in this situation programmers use ridiculed IPs to mimic a real machine.
The aggressor would then be able to alter parcels making them look like genuine traffic to the
accepting system gadget.
10
Network Security
wide range of uses that keep running on machines and are vulnerable to assaults. Programmers
use infections, Trojans and worms to contaminate gadgets and addition significant data
Exploit Attacks:
Exploit attacks – these are typically made by people who have solid figuring abilities and can
exploit programming bugs or misconfigurations. By having enough data of a particular
programming, programmers can "misuse" a specific issue and use it to access private
information.
1- Access control:
Access control is a significant piece of security. Frail access control leaves your information and
frameworks helpless to unapproved get to. Lift get to control measures by utilizing a solid
secret word framework. You ought to have a blend of capitalized and lower case letters,
numbers, and unique characters. Additionally, dependably reset all default passwords.
3- Standardize Software:
Keep your frameworks securing by institutionalizing programming. Guarantee that clients can't
introduce programming onto the framework without endorsement.
Not comprehending what programming is on your system is an immense security
defenselessness. Ensure that all PCs utilize the equivalent:
Working framework
Program
Media player
Modules
Institutionalization likewise makes framework refreshes to a lesser degree an issue.
11
Network Security
12
Network Security
13