Google Answers Logo
View Question
 
Q: Network Security ( Answered 4 out of 5 stars,   0 Comments )
Question  
Subject: Network Security
Category: Computers > Security
Asked by: creamyegg-ga
List Price: $15.00
Posted: 10 Nov 2002 08:31 PST
Expires: 10 Dec 2002 08:31 PST
Question ID: 104600
Investigate methods of addressing network security. Include what forms
of security are available to wireless networks and discuss the
effectiveness of these.
Answer  
Subject: Re: Network Security
Answered By: answerguru-ga on 10 Nov 2002 11:54 PST
Rated:4 out of 5 stars
 
Hi creamyegg-ga,

The following list below summarizes network security methods that are
currently in use in wired and wireless networks today. Since wireless
networking is a relatively young technology, there are some key
security standards that are used across various wireless products.
These will be identified in the individual methods.

Wired Equivalent Privacy (WEP) Encryption – allows for the encryption
of a signal by using a “key” of a predefined number of bits. The
purpose of this is to provide unidentified users from accessing
network signals without permission. It must be noted, however, that
there are many flaws in this method. This encryption method only
applies to wireless networks.

More information on WEP is available at this UC Berkley research page:

http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html

MAC Address Filtering – "Most access points offer a feature that
defines which clients may connect determined by their MAC address. A
MAC address (media access layer) is a hard-coded identifying address
on a network interface card that is different from an IP address. A
MAC address is usually static and never changes—even when the card is
removed from the computer. With MAC address filtering turned on, a
workstation will not be able to connect unless its MAC address has
been defined on the access point. This security feature is useful in
smaller networks, although keeping a list of updated MAC addresses for
a large network can be too difficult to manage."

MAC Address Filtering can be used on wired or wireless networks.

More information on MAC Address Filtering is available at:
http://www.infopeople.org/howto/security/network/wireless.html

SSID/Network ID - "The SSID is a 7-digit alphanumeric identifier that
is set on the access point. When a client connects to an access point,
it transmits a SSID to associate itself with that network."

SSID can be used in a wireless network environment. To optimize the
security, you can use do the following:

Change the default SSID 
Set the SSID mode to closed 
Set the access to not broadcast/advertise its SSID 

For more information on how to protect you network using SSID, go to:
http://www.infopeople.org/howto/security/network/wireless.html

IP Security (IPSec) Protocol – an extension of the IP protocol that
enables data to be encrypted and verified between two computers, even
if the data is being sent over an insecure network such as the
Internet. This can be used in wired and wireless network environments.
A diagram and example of how IPSec functions can be found within the
Windows 2000 resource kit (note that this protocol can be used on
other operating systems):

http://www.microsoft.com/windows2000/techinfo/reskit/en-us/default.asp?url=/windows2000/techinfo/reskit/en-us/cnet/cndb_ips_omdp.asp

Virtual Private Networking (VPN) – "..the extension of a private
network that encompasses links across shared or public networks like
the Internet. A VPN enables you to send data between two computers
across a shared or public internetwork in a manner that emulates the
properties of a point-to-point private link. The act of configuring
and creating a virtual private network is known as virtual private
networking."

This network security network can be used in wired and wireless
networks. Microsoft has a detailed paper outlining the details of VPN
and the protocols it uses:

http://www.microsoft.com/windows2000/techinfo/howitworks/communications/remoteaccess/vpnoverview.asp

Point-to-Point Tunneling Protocol (PPTP) – "a method for sending
network packets over an existing TCP/IP connection (called a tunnel).
A VPN requires that the client and server each have an active Internet
connection. The server typically has a permanent connection to the
Internet. The client connects to the Internet via an ISP and initiates
a PPTP connection to the PPTP server from a Dial-Up Networking (DUN)
entry. The connection request includes access credentials (i.e.,
username, password, and domain) and an authentication protocol. RRAS
adds the ability to provide server-to-server connections over PPTP, as
well as permanent network connections."

http://www.winnetmag.com/Articles/Index.cfm?ArticleID=4877

Detailed information on the PPTP is availble from the Microsoft
resource kit:

http://www.microsoft.com/windows2000/techinfo/reskit/en-us/default.asp?url=/windows2000/techinfo/reskit/en-us/intwork/inbe_vpn_naxe.asp

In summary, there are several network security measures that can be
implemented, though essentially all of them have potential "holes"
that compromise a network's security. A common tactic used by many
network administrators is to implement several of these measure in an
attempt to layer security features and cover up holes.

If you don't understand any of the information above, please feel free
to post a clarification :)

Hope that helps!

answerguru-ga
creamyegg-ga rated this answer:4 out of 5 stars
Excellent. Exactly the type of thing I was after. Thought there may
have been a little more detail though.

Comments  
There are no comments at this time.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  


Google Home - Answers FAQ - Terms of Service - Privacy Policy