Network Security Basics

“A botnet is comparable to compulsory military service for windows boxes” - Stromberg (http://project.honeynet.org/papers/bots/)

Botnets are networks of computers that hackers have infected and grouped together under their control to propagate viruses, send illegal spam, and carry out attacks that cause web sites to crash.

What makes botnets exceedingly bad is the difficulty in tracing them back to their creators as well as the ever-increasing use of them in extortion schemes. How are they used in extortion schemes? Imagine someone sending you messages to either pay up or see your web site crash. This scenario is starting to replay itself over and over again.

Botnets can consist of thousands of compromised machines. With such a large network, botnets can use Distributed denial-of-service (DDoS) as a method to cause mayhem and chaos. For example a small botnet with only 500 bots can bring corporate web sites to there knees by using the combined bandwidth of all the computers to overwhelm corporate systems and thereby cause the web site to appear offline.

Jeremy Kirk, IDG News Service on January 19, 2006, quotes Kevin Hogan, senior manager for Symantec Security Response, in his article “Botnets shrinking in size, harder to trace”, Hogan says “extortion schemes have emerged backed by the muscle of botnets, and hackers are also renting the use of armadas of computers for illegal purposes through advertisements on the Web.”

One well-known technique to combat botnets is a honeypot. Honeypots help discover how attackers infiltrate systems. A Honeypot is essentially a set of resources that one intends to be compromised in order to study how the hackers break the system. Unpatched Windows 2000 or XP machines make great honeypots given the ease with which one can take over such systems.

A great site to read up on this topic more is The Honeynet Project (http://project.honeynet.org) which describes its own site’s objective as “To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned.”

Wireless has changed the engagement of a mobile workforce and telecommuting has challenged IT departments. Among these changes is the proliferation of wireless networking. Today, virtually all notebook and mobile computers, and even many desktop computers, come equipped with wireless network cards. You can easily buy a wireless network access point for less than $50 and deploy wireless access to your network within an hour.

Wireless networks have truly changed the way we do business. Where would we be without wireless network today? So what is wireless and how do we make it secure? Wireless utilize radio waves and/or microwaves to maintain communication channels between computers. Wireless networking is a more modern alternative to wired networking that relies on copper and/or fiber optic cabling between network devices.

A wireless network offers advantages and disadvantages compared to a wired network. Advantages of wireless include mobility and elimination of unsightly cables. Disadvantages of wireless include the potential for radio interference due to weather, other wireless devices, or obstructions like walls. Network administrators need to take special consideration when setting up their wireless network security. From a security perspective, network administrator should look for the following features:

• Support for Wi-Fi Protected Access (WPA) and WPA2 to protect the wireless traffic

• Support for Remote Authentication Dial-In User Service (RADIUS) authentication so that you can use your centralized authentication system to provide strong, integrated authentication

• Support for MAC address filtering to limit which clients can access your network (great for smaller networks)

Wireless networks are now becoming more mainstream than ever. Wireless LANs now travel at Ethernet speeds with a greater range and built-in security. Wireless data networks are now providing Internet coverage to many of the large metropolitan areas. Businesses of all sizes and disciplines are now seizing upon the advantages provided by wireless networks. This growth will continue to increase in step with the growing mobile workforce. Stay on top of wireless security and your network will be limited to attacks.