Networking

Network Security

As we see today, the Internet has grown and grown to reach several million units of computers that are connected in various parts of the world. From day to day information is also contained in the Internet network is more complete, accurate, and important. . Information has become such a valuable asset that needs to get a more specific treatment. Besides that, the progress made in the development of computer operating system itself and utulitasnya already so far in which the level of performance, reliability and flexibility of the software becomes a major criterion in the process of software development. With the increasingly important and valuable information and supported by advances in software development, certainly attract the breaker (hackers) and intruder (intruder) to continue experimenting to find and use any existing weaknesses of the system configuration information that has been established
Departing from the above facts, there is a concept that is more commonly referred to as Network Security. At first, this concept explains more about security (security) of a system of computer networks connected to the Internet against the threats and harassment directed against the system. The scope of the concept is increasingly widespread, so at this time not only talking about computer network security problems alone, but rather lead to security problems of a global information network system. Several European countries and even America has made network security into one central point of attention of military parties respectively.
Actually, this Network Security issue arising from the local computer network connectivity we have with the wide-area network (like internet). So, during our local network computer is not connected to wide-area network, network security problem is not so important. But this does not mean giving the sense that joining the wide-area network is a matter that 'scary' and full of danger. Network Security is only describe the possibilities that will arise from our local computer network connectivity with a wide-area network.
In general, there are 3 (three) of keywords in the concept of Network Security, namely:

    risk / hazard level,
    threats, and
    system fragility (vulnerability)
Risk or danger levelIn this case, the risk means how likely success of the intruders in order to gain access to the local computer network owned by a local network connectivity to a wide-area network. In general, the desired accesses are:

    Read Access: Ability to know the entire information network system.
    Write Access: Able to perform the process of writing or destroy the data contained in the system.
    Denial of Service: Closing the use of utilities to normal tissues by means spend a share of CPU, bandwidth and memory.
ThreatIn this case, the threat means that people who try to gain access to illegal access to computer networks owned as if he had the authority to access to computer networks.
Fragility System (Vulnerability)Fragility of the system has a sense of how much more protection that can be applied to the network owned by someone from outside the system from trying to gain illegal access to computer networks and the possibility of people from within the system gives access to the outside world the destructive nature of network systems.
To analyze a global information network system as a whole about the level of reliability and safety is not something easy to implement. Analysis of a network system must be detailed information ranging from policy level to the level of practical application.
For starters, it helps us see a network system that has become the main target point of the efforts of the burglary trial. In general, a computer network in the world using the Unix operating system as the platform. Unix has become an operating system that has high reliability and good performance level. However, Unix is ​​basically composed by the functions are quite complicated and complex. As a result, Unix also has some drawbacks such as bugs (programming algorithm mismatch) small sometimes not recognized by Unix programmers. In addition, utilities that use Unix as a platform, often have their own bugs as well. Well, these are things that are often exploited by hackers and intruders around the world.
To prevent successful exploits of hackers and intruders such, developed a concept known as UNIX Network Security Architecture. This architecture includes 7 layers of security at the network level. All seven layers are as follows:

    Ply to-7: Wisdom
    Ply to-6: Personnel
    Ply to-5: Local Area Network
    Ply to-4: Limit the Network
    Ply to-3: Gateway
    Ply to-2: Packets Filtering
    Ply to-1: Limit Foreign Network
WisdomLapis wisdom to be protective against overall network security and protection programs are implemented. This tier has the function of defining the policies of organizations ranging from the greatest risks which may occur up to how to implement the policy was taken against the basic procedures and equipment used. These layers become one of the major determinants of success of protection and security systems.
PersonnelThese layers define humans in terms of information network systems. Personnel who perform installation, configuration, operating up to the people who can run accesses are available in the system are included in this layers. Measures taken in this layer should basically reflect the objectives to be achieved in the protection and security of this program.
Local Area NetworkThe next layers define the tools and data that should get protection. In addition, this layer also includes procedures for the supervision and control that is often applied in the system.
Limit In Limit NetworkIn the network layer defines the physical system connected to the "buffer" which became a divider between the local information network systems with external networks. This limit is important because this point became the main target of exploitation attempts to gain illegal access. It's good buffer zone is concentrated at one point so that the implementation procedures of supervision and control becomes easier. Likewise, when the attacks come from outside the system, only there will be one of the most major entry point. Thus, the system will be easier to isolate possessed of connectivity to the outside when an interruption occurs.
GatewayDefine a gateway to and from the main door system owned. Wisdom of protection and security of a system that connected with wide-area network should direct more efforts are there to secure this layer as possible. Service-public service is better placed on those layers in order to minimize the possibility of further access into the system.
Filtering PackagesThese layers define a platform that sits between the network interface layer 3 (gateway) with a network interface into the application of the method Firewall. Lapis is seen more as a program that exercises oversight (monitoring) of data packets that enter or exit the system.
Outer Limits NetworksOuter Limits Networks defines the point where the system is connected with a wide-area network and we have no direct control over that point.
As already described above, layer-3 to be the main point and the most vulnerable in this security network. Implementation of policy taken at this layer can only be done in software. There are several types of security software that can be used to strengthen the protection and security systems business on this tier to-3. Among these are:
TCP WrapperThis program provides monitoring and control of network services. Basically, conducted by this program is to generate a log of activities occurring relationships. This program can be taken free of charge via anonymous FTP via ftp.cert.org located in the directory pub / tools / tcp_wrappers / tcp_wrappers .*
SwatchSwatch Program combines log lists that have been created by other utility programs in addition to the benefits that can be configured so that at the time of logging, Swatch can perform other actions based on certain priorities. Swatch is available via anonymous FTP from sierra.stanford.edu in the directory pub / sources.
SOCKS library and sockdThis program became an alternative to the implementation of the concept of "TCP Wrapper". The main usefulness of this program is to concentrate all common Internet services at a point. "Sockd" run by "inetd" at the demand for certain services appeared and only allow connections from hosts that have been registered. This program is of course also do the activity logs relating to the connection. This program can be obtained via anonymous FTP on host s1.gov in the directory / pub with the name socks.tar.Z.