Home Page

Personal

Photo Gallery

Music-Info

Ramble-on

Link-Me

Security

FAQ's


Table of Contents

1.Why are security features necessary?

2.What are the basic security risks of Internet communications?

3. If I have a firewall, my network is secure?

4. Network security is an ongoing process -- once it starts, it never ends.

5. Once someone breaks into my system, I can tell that they're there.

6. My network's safe because I have all the latest versions of my operating system with all the most up-to-date patches installed.

7. It's possible to disinguish a malicious attack from normal user behaviour.

8. If all the traffic on my network is encrypted, I am secure.

9. How often are security threats discovered and publicised.

10. For a much more comperhensive list of FAQ's on internet security, check this site out. Warning: It is huge.


Why are security features necessary?

Security is a basic requirement because the Internet is inherently unsecure. Millions of computers form a public network where communications can be intercepted. As data moves from sender to receiver, it almost always has to travel through several other connections. This is called routing. During routing, computers other than the sender and receiver can access the data. Even computers not directly involved in routing can access the data. Security is therefore a critical component of any Internet or intranet application.

Back to Top

What are the basic security risks of Internet communications?

Sending data across a network involves three basic security risks:

  1. Eavesdropping - intermediaries listen in on private conversations (one computer talking toanother).
  2. Manipulation - intermediaries change information in a private communication.
  3. Impersonation - a sender or receiver communicates under false identification.

The situation is analogous to purchasing mail-order goods over the telephone. Mail-order shoppers want to know that no third parties can hear their credit card number (eavesdropping); that no one can insert extra order information or change the delivery address (manipulation); and that it is actually the mail-order company on the other end of the line and not a credit card thief (impersonation).

Back to Top

If I have a firewall, my network is secure.

 

False. Firewalls do an excellent job protecting networks from external attack -- when they're properly installed and correctly maintained. Unfortunately, they are not a perfect solution. Misconfigurations and known weaknesses in certain versions of firewall software will leave systems vulnerable to an experienced cracker. Disgruntled employees and other sources of attack can still penetrate your security from within.

To fully protect your network, you need to regularly test your firewall's installation using an audit tool like Internet Scanner. You may also want to consider a real-time monitoring agent like RealSecure to prevent improper behaviour inside your firewall.

Back to Top

Network security is an ongoing process -- once it starts, it never ends.

True. Once you connect your networks to the Internet, security becomes an ongoing investment in protecting your mission-critical business assets. Joy-riding hackers and industrial espionage experts are constantly discovering new ways to bedevil your systems. They're always looking for the latest ways to make your life miserable. If you aren't equally diligent with your security, you put your entire business at risk.

Back to Top

Once someone breaks into my system, I can tell that they're there.

False. Actually, it's "true" if they're incompetent, but good hackers know how to delete network log entries as they go. They leave no tracks. Given enough access over a long period of time, and they can change your network access privileges until they have undetectable free reign throughout your systems. Even in the best of circumstances, rebuilding an attack from the logs is a tedious process. Your best line of defence after someone's gotten inside is a real-time monitoring tool like RealSecure, allowing you either to break their connection or follow them as they move through your network, secretly recording their movements for later use as evidence.

Back to Top

My network's safe because I have all the latest versions of my operating system with all the most up-to-date patches installed.

False. Though vendors work hard to build robust, secure products, they tend to respond to threats when they're publicised, not when they first appear. In addition, only the most serious problems receive immediate attention. This slight time lag creates a significant opportunity for people trying to get through your defences. Immediate knowledge and timely response are your best weapons against newly discovered vulnerabilities. That's why we host network security mailing lists and maintain a comprehensive security library.

Back to Top

It's possible to distinguish a malicious attack from normal user behaviour.

True. There are only a certain number of ways to circumnavigate a secure network. In each case, the attack carries certain characteristics that almost never occur during normal usage. Real-time monitoring products recognise these suspicious activities and report them to systems administration for appropriate response.

Back to Top


If all the traffic on my network is encrypted, I am secure.

False. Encryption and authentication are great ideas, but they're not always practical and frequently slow down network performance. There are some network services, SMTP (email) and HTTP (web traffic) in particular, that are nearly impossible to encrypt.

While encryption and authentication can make any piece of intercepted information useless to the unintended recipient, they don't account for misconfigurations and underlying system vulnerabilities. Your networks are still vulnerable to attack. If fact, one of the fastest growing areas of sabotage, Denial of Service, is in part a response to enhanced security technologies. The aim isn't to steal information. It's to frustrate or damage an organisation by making their networks completely inoperable for as long a period of time as possible.

Back to Top


Security threats are discovered and publicised about three times a week.

True. New holes in operating systems and Internet access and enabling software are appearing at a dizzying rate. With such an overflow of information, it's critically important to have a security partner who can send you the latest security news and co-ordinate product updates with all major security alerts.

Back to Top


 

Author information goes here.
Copyright � [OrganizationName]. All rights reserved.
Revised: June 16, 1998.