7. Securing Networks¶
What is Network Security? 1¶
- Types of security protections:
- Firewalls.
- Network Segmentation.
- Intrusion Detection Systems (IDS).
- Intrusion Prevention Systems (IPS).
- Virtual Private Networks (VPNs).
LAN Security and How it is Hacked 2¶
- To check whether a given IT infrastructure is resilient and its LAN security strong, first, we need to run audits and penetration tests.
- Connecting any device to a network port most often enables us to dynamically obtain the IP address. Thus, it allows us to initiate any traffic or other activities in the company network.
- The number one problem occurs when the attacker’s connected device spoofs the address managing server (DHCP).
- Problems:
- Man-in-the-Middle (MitM) attacks.
- False DNS servers.
- In a broadcast network with Ethernet as a medium, we are dealing with phenomena such as loops, broadcast storms, and link flaps. The impact of these events can be reduced by using mechanisms like, e.g. Spanning Tree Protocol or limiting the L2 structures (routing to the edge), however, even approaching things in this manner will not completely eliminate the possibility of loops occurring in the network.
How to secure the LAN network (through wired attacks)¶
- Physical security:
- Room access control and central authentication would be the first barrier for the attacker to overcome.
- Develop detailed procedures for moving within the building’s zones and the business grounds and provide periodic training for the employees.
- Securing the wired access network: prevent the attacker access to the network ports, switches, ports, and patch panels.
- VLAN Segmentation:
- Logical separation of the network into smaller segments that are isolated from each other.
- When the attacker connects to the network, they will be able to access only the VLAN they are connected to and not the entire network.
- Use 802.1X authentication and authorization to control access to the network as it authorizes devices prior to granting access to the network.
- Micro-segmentation:
- Used in data centers.
- Create micro-segments for each application and service within the same VLAN.
- Example: Cisco TrustSec and the use of SGT (Security Group Tags) to define the security policies.
- Guest Access:
- Redirect an unknown user to the guest portal. Such activity puts greater security restrictions on our guests, but it grants Internet use.
How to Improve Your WAN Security 3¶
- Use a VPN for connecting a group of servers or computers to a private network.
- Use SD-WAN (Software-Defined Wide Area Network) to improve WAN security as it helps to monitor and centrally manage the WAN.
- Manage Mobile phones and tablets that are connected to the WAN as these devices are less secure than desktops or laptops.
- Keep everything up to date, including the software, hardware, operating systems, antivirus, encryption software, and firewalls.
The Future of Security: Surveying Your Cybersecurity Landscape 4¶
Zero Trust Security¶
- Zero trust security is a paradigm that leverages identity for access control and combines it with contextual data, continuous analysis, and automated response to ensure that the only network resources accessible to users and devices are those explicitly authorized for consumption.
- All devices, users, and resources are untrusted and considered compromised by default until explicitly expressed otherwise.
- Access control depends on context (user, device, location, and behavior) and policy-based rules to manage the expanding ecosystem of users and devices seeking access to corporate resources.
Ransomware¶
- How it works:
- Cybercriminals use social engineering tactics such as phishing, vishing, and smishing to gain access to a device and launch a cryptovirus.
- Phishing uses emails; vishing uses voice calls; smishing uses SMS.
- The cryptovirus encrypts all files on the system, or multiple systems, accessible by that user.
- The target (recipient) receives a message demanding payment for the decryption key needed to unlock their files.
- If the target (recipient) refuses to comply or fails to pay on time, the price of the decryption key increases exponentially, or the data is released and sold on the dark web.
Mobile Device Security¶
- 39% of businesses had a mobile-related breach in 2020.
- User threats, app threats, device threats, and network dangers were the top five mobile security threats identified in 2020.
Cloud Security Automation¶
- It is estimated that nearly half of all cybersecurity incidents are caused by human error, mitigated through automated security tools rather than manual processes.
- An auditor checks each process for changing firewall rules, which already go through change control, then spot-checks one out of thousands of rules versus validating the CI/CD pipeline.
- The evolution of SOAR (security, orchestration, automation, and response) tools and automation of security policy by code will open up a huge potential benefit for well-audited businesses in the future.
What is Wi-Fi Security? 5¶
- Change the default password that comes with the Wi-Fi router.
- Use Media Access Control (MAC) address filtering to allow or deny devices from connecting to the network; MACs can be spoofed.
- Use encryption; Wifi Protected Access (WPA) and WPA2 are the most secure.
- Use a Virtual Private Network (VPN) to encrypt the user’s connection or conceal the user’s IP address by using a virtual IP address provided by the VPN provider.
- Use Wifi security software to protect the network from malware and other threats.
Types of Wifi Security Protocols¶
- WEP (Wired Equivalent Privacy):
- The first security protocol for wireless networks.
- It is not secure and can be easily hacked.
- It was the standard security protocol from the 1990s to 2004.
- It was hard to configure and only uses 64/128-bit encryption.
- WPA (Wifi Protected Access):
- It was introduced in 2003.
- It uses the Temporal Key Integrity Protocol (TKIP) for encryption.
- It is more secure than WEP.
- It is widely compatible with older devices.
- It is still vastly used today.
- WPA2:
- It was introduced in 2004.
- It uses the Advanced Encryption Standard (AES) for encryption.
- WPA3: 6
- It was introduced in 2018.
- It uses the Simultaneous Authentication of Equals (SAE) protocol for encryption.
- It is NOT backward compatible with WPA2 or older devices.
Types of Wi-Fi network security devices¶
- Active Devices:
- It is hardware that is configured to block surplus network traffic.
- Firewalls.
- Antivirus Scanners.
- Content Filtering devices.
- Passive Devices:
- It is hardware that detects and reports unwanted network traffic.
- It uses less power.
- They can communicate with Wi-Fi routers only when the routers are seeking them, thus more secure.
- Preventive Devices:
- It is hardware that scans networks to identify potential threats.
- WIPS (Wireless Intrusion Prevention System).
- Unified Threat Management (UTM) Devices:
- It is hardware that combines multiple security features into one device.
- It is used to protect the network from security threats.
References¶
-
MS TECH. (2022, June 13). What is network security? | Network security explained [Video]. YouTube. https://www.youtube.com/watch?v=ijtOfjiOTF8 ↩
-
Bialy, M. (2022, August 1). LAN security and how it is hacked. Grandmetric. https://www.grandmetric.com/lan-security-attacks/ ↩
-
Cepero, R. (2020, August 23). How to improve your WAN security. Bleuwire. https://bleuwire.com/how-to-improve-your-wan-security/ ↩
-
Morillo, C. (2022, March 15). The future of security: Surveying your cybersecurity landscape. O’Reilly. https://www.oreilly.com/radar/the-future-of-security/ ↩
-
What is Wi-Fi security? (n.d.). Cisco. https://www.cisco.com/c/en/us/products/wireless/what-is-wi-fi-security.html ↩
-
What is WPA3 VS. WPA2? (2023, June 13). Portnox. https://www.portnox.com/cybersecurity-101/wpa3 ↩