Network Security
by Muhd Syafiq
1. Network Design 1) Subnetting : IP addressing are actually two addresses : one part is a network address and one part is a host address. 2) Subnetting or subnet addressing: Splits a large block of IP addresses into smaller groups
1.1. Advantage Subnetting: 1)Decreased network traffic 2)Flexibility 3)Improved troubleshooting 4)Improved utilization of addresses 5)Minimal impack on external routers
2. Network Convergence Convergence in networking occurs when one network provider delivers networking services for voice, data, and video in a single network offering, instead of providing a separate network for each of these services.
2.1. Cookie poisoning and snooping Cookie poisoning is the modification of a cookie (personal information in a Web user's computer) by an attacker to gain unauthorized information about the user for purposes such as identity theft.
2.2. SQL injection SQL injection is a code injection technique, used to attack data-driven applications, in which nefarious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).
2.3. Command injection Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application.
2.4. Buffer overflow A buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations.
2.5. Authentication hijacking Session hijacking is accomplished most commonly through the use of cross-site scripting (XSS), which when successful can grab the session token/key and send it to a waiting attacker. The attacker can then use the session token as if they were the original authenticated user, bypassing authentication controls and accessing the application.
2.6. Directory traversal/Unicode A directory traversal (or path traversal) consists in exploiting insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to parent directory" are passed through to the file APIs.
3. Network Address Translation (NAT) NAT stands for network address translation. It's a way to map multiple local private addresses to a public one before transferring the information. Organizations that want multiple devices to employ a single IP address use NAT, as do most home routers. • NAT is used in routers • translates a set of IP addresses to another set of IP addresses • hides the private IP addresses of network devices from attackers
4. Virtual Local Area Network (VLAN) A VLAN allows scattered users to be logically grouped together even though they may be attached to different switches. Can reduce network traffic and provide a degree of security similar to subnetting.
5. Demilitarized Zone (DMZ) A separate network that sits outside the secure network perimeter. Outside users can access the DMZ but cannot enter the secure network.