-

 

Week 8 – CST– 311 Intro to Computer Networks

Module 8 – Security in Computer Networks

In this short week 8, we continued with security in computer networks, specifically, firewalls and intrusion detection systems. Firewalls are a combination of hardware and software which separate an organization’s network from the rest of the internet.

A system administrator implements a firewall to accomplish three goals. The first goal is that all traffic from outside to inside and vice versa must pass through the firewall. This can be accomplished by placing the firewall at the boundary between the organization’s network and the rest of the internet. It is also easier to manage access when locating a firewall at a single access point to the network. The second goal allows access only to authorized traffic. If all traffic is coming and going through the firewall, it can restrict access to unauthorized traffic. Lastly, the third goal is for a firewall to be immune to penetration. For this goal, the administrator must design and install the firewall properly. Failure to do so will compromise the efficiency which will provide a false sense of security.

Firewalls can be further categorized into three classifications: traditional packet filters, stateful filters, and application gateways. A packet filter examines each datagram in isolation to determine if the datagram should be dropped because it does not meet administrator-specific rules. Stateful filters track TCP connections and use the information to make filtering decisions. An application gateway is an application-specific server where all data must pass. To provide greater security, firewalls must combine packet filters with application gateways.

Intrusion detection systems or IDS are devices that generate an alert when they observe potentially malicious traffic. IDSs provide deep packet inspection. They look at the contents of a packet such as character strings and compare them against a database of known viruses or attack strings. An IDS can detect a wide range of attacks such as network mapping, port scans, TCP stack scans, DoS bandwidth-flooding attacks, worms, viruses, OS vulnerability attacks, and application vulnerability attacks.

Comments

Post a Comment

Popular posts from this blog

-
Week 4 – CST – 300 Module 4 OLI – Module 4 and 5 This week’s OLI required us to meet with our team and discuss what we have learned from this unit. It was interesting to compare what I have learned to what the rest of my team learned from their experience with the unit. The assignment included an activity called “2 Truths, 1 Lie” which required each team member to share three strengths related to our group project. Of the three strengths, two were supposed to be truths and one a lie without disclosing which were truths and which was the lie. The rest of the team had to guess which of the three was the lie. For the most part, we were all able to pick out the lie from the strengths. That activity showed me that we are becoming familiar with our team members’ strengths which will help in assigning tasks during challenging projects. The last part of the assignment consisted of answering questions from what each of us shared. Everyone of our members agreed that it is a good idea to allo...
Read more
-
  Week 5 – CST – 300 Module 5 OLI – Module 6 and 7 The OLI for this week was interesting. It helped us recognize conflict and showed us how to deal with them using different conflict strategies. Module 6 showed us a video where Kurt and Freda had a conversation which quickly escalated into a conflict. Freda was questioning the level of a platform that had been checked already. Kurt told Freda that he didn’t trust her leveling phone app. After arguing for some time, Kurt noticed that the platform was not level because there was a piece of wood underneath it. I first noticed the conflict when Kurt told Freda that he did not trust her leveling app around the 15 second mark of the video. Module 7 was challenging, here we had to use the best conflict strategy to deal with conflict based on how important the relationship is and how much do we care about the problem. An example was in the scenario where you asked Taylor, a friend of a friend for a ride to get wood because your car...
Read more
-
Week 8 – CST – 300 Module 8 OLI – Post-Test This week we had to take the post-test which was a culmination of what we have learned throughout the course. It started off with opinion questions where you had to choose whether you agreed or disagreed with the statement. I compared my answers to the pre-test answers and, although they are not graded, I believe my answers improved. From the OLI modules, I learned that you must consider everyone’s opinions and to use conflict resolution techniques when there is difference of opinions. When someone is expressing their opinion, you must use active listening and let them know you understood by repeating to them what they told you in your own words. For dealing with conflicts, you must use active listening and then formulate an assertion message to deal with the conflict.   Part 1: Review Other Team’s Final Video Projects Gigabit Goon Squad Public Video – 1.       Is the topic well covered? Yes, I bel...
Read more