Cmgt 441 - Network Security

Network Security

Akinwunmi Sunday Akinyemi

CMGT 441

August 10, 2012

Vijaya Jonnalagadda

Network security

Introduction

With the rate of increase in Information Technology, this also increases the rate of internet crimes, whereby hackers targeted crucial information stored in databases. Businesses, organizations, and companies confidential information in their databases may lead to losses if illegally accessed by an unauthorized person.

It is very important that organization ensures that their database is well maintained and adequately secured. Security measures implemented must aim at focusing on detection of attack, prevention of attacks, and immediate response to any insecurity incidents detected.

The safest computers in an organization are one which has been unplugged from the network, thereby rendering it almost and totally useless. Network security is a necessity, and the type of security measures require across different organizations depends on the nature of its business.

Kudler's Fine Food wants to implement a wireless network in three locations. First, I would have each laptop, desktop, or better yet, each node with an 802.11n wireless card. If laptops are used, I would use a 802.11n usb. I would also add a 802.11 wireless router allowing the network to run on much higher speeds of up to a theoretical 600mbps. The data exchange frequency would be 5.75 and you have up to 1200 feet in range for data exchange. However, the farther you are from the wireless router the weaker the signal will get. Depleting your data transfer rate. Since you are using a 802.11n card, you will be compatible with 802.11a, 802.11b, and 802.11g. For securing your wireless devices the only option I would go with would be WPA2. WPA2 uses advanced encryption standard (AES) as the encryption method. This technology is similar and more secure than TKIP, but requires special hardware for performing the encryption methods. WPA2 can use a pre-shared key and 802.1x or you have the option to use a dynamic key. You will also need antivirus installed on each computer to help disable hackers from penetrating the network. Kudler's Fine Food will have Kaspersky Anti-Virus installed on every machine, with a valid license. Additional software may be needed to aid in keeping attackers at bay such as vulnerability scanning software and firewalls.

There are three locations inside of Kudler Fine Foods. These locations are, Encinitas, La Jolla, and Del Mar store has a Point of Sales Server with four Point of Sale terminals. La Jolla and Del Mar stores each have their own NT Server and a workstation for inventory accountability. Each of these stores connects through the internet using a 56Kbps dialup modem. All three locations use the Ethernet Bus topology network design. Each system is connected using a single cable that establishes the backbone of the network. The configuration described offers minimal security and makes expansion much more difficult. This configuration is hindering this company and business from growth, income, and competition. With an Ethernet Bus topology and a 56kbps network speed it is extremely hard to establish any kind of recovery plan. Finding existing components for outdated hardware on this network will be a task in itself. The entire network will need to be redesigned to offer a much faster and appreciated growth, income, and competition for Kudler Fine Foods.

Security Hardware and Software

The wireless network will be run using the WPA2 encryption standard. Special hardware will be implemented when using WPA2 to work properly. WPA2 has the option to use a pre-shared key inside the company and 802.1x or you have the option to use a dynamic key, which a dynamic key will be used. Each of the employee's laptops will run Kaspersky Anti-Virus. Kaspersky runs the update program inside Kaspersky whenever there is an update to be made. These updates usually come in files around 800kbs which will not congest the network. Kaspersky comes with a built in firewall inside the software. To keep the cost down, a contract will be made with the Kaspersky Company so we can legally keep the software on our systems. F-Secure will be a software package available for Smart phones inside the company and will be mandatory for connecting to the wireless router.

Kaspersky Firewall

Kaspersky includes a set of rules incorporated inside its software that allows you to set specific parameters inside specific software programs. You can create several permissions and block rules for each particular piece of software. Kaspersky will monitor specific IP octets to access specific programs and allow connections to be made on specific ports. If an attacker tries to connect to port 23, the firewall will not allow it because the Telnet session will be disabled. This will also leave a footprint behind allowing the network administrator to track the attackers IP address which will be saved in a log.

Security Analysis

The network systems inside KFF are far from secure if an outside intrusion were to occur. A simple DoS attack could leave a dial-up modem crippled and could take hours if not days to fix. There are no hardware or software antivirus or malware protections inside of the company. There is only a single 56kbps internet connection, which could limit the way attacks could come inside the business. However, this is not the only way malware, viruses, or Trojans could come in. Employees using media at any workstation could cause damage to the business. There are no firewalls used inside of KFF which leaves the network completely vulnerable for intrusion. Using multiple routers would create a higher sense of security inside the network. With the current setup of the network any employee is allowed to bring in media with Ethernet capable devices to connect to the network. Kudler Fine Foods have not designed any kind of policy for security. The supervisors need a reference point in which they can point their employees to the proper direction when it comes to network systems and the physical security of the building. There are no rules set in place about internet usage or the handling of components inside the network, which definitely need to be addressed. Offered below is a solution to the vulnerabilities described in this paragraph to bring Kudler Fine Foods up to date in the IT world and security.

Electronic and Physical Threats

There are many types of electronic attacks that

...